Linux: Reclaim Disk Space by Performing System Cleanups

All systems:
Check disk space usage
# check /var directory
du -a /var | sort -nr | head -n 10

# check all directories, filter by large sizes
du -xh / |grep '^\S*[0-9\.]\+G'|sort -rn

# Find the top 20 big files
find / -printf '%s %p\n'| sort -nr | head -20

# Find anything over 100MB
find / -xdev -type f -size +100M -exec ls -la {} \; | sort -nk 5
Debian based systems
# Get rid of unused packages
sudo apt-get autoremove

# Clean apt-cache
sudo apt-get clean

# Clean thumbnail cache
rm -rf ~/.cache/thumbnails/*
Redhat based systems
# Install yum cleaner
yum -y install yum-utils

# Trim log files
find /var -name "*.log" \( \( -size +50M -mtime +7 \) -o -mtime +30 \) -exec truncate {} --size 0 \;

# Clean yum cache
yum clean all
rm -rf /var/tmp/yum-*

# Delete orphanated data from removed repos
rm -rf /var/cache/yum
package-cleanup --quiet --leaves --exclude-bin

# Remove composer cache
rm -rf /root/.composer/cache
rm -rf /home/*/.composer/cache

# Remove core dumps
find -regex ".*/core\.[0-9]+$" -delete

# Remove error logs
find /home/*/public_html/ -name error_log -delete

# If there's NodeJS, clean its cache
rm -rf /root/.npm /home/*/.npm /root/.node-gyp /home/*/.node-gyp /tmp/npm-*

Linux User and Group General Operations

# Add new user
useradd tomcruise

# Create new group
groupadd webadmins

# Add user to group
usermod -a -G webadmins tomcruise

# Assign a specific UID to user
usermod -u 2000 tomcruise

# Please note that all files which are located in the user's home directory will have the file UID changed automatically as soon as you type above command. Symlinks outside of the home directory will require manual chown to prevent access issues after the change. Here's the fix:
find / -user 2000 -exec chown -h tomcruise {} \

# Verify stuff
grep tomcruise /etc/passwd # Check Tom's UID
ls -l /home/tomcruise/ # Check Tom Cruise's home
id -u tomcruise # Check Tom's UID

# Assign a specific GID to group
groupmod -g 3000 webadmins

# Similar to changing UID, GID modifications will need to be followed up with this command:
find / -group 3000 -exec chgrp -h webadmins {} \

# Note that the necessary -h option on the chgrp/chmod commands affect symbolic links instead of their referenced files/directories.

# Verify groupies
id -g webadmins # Check webadmins' GID
grep tomcruise /etc/group # Check Tom's group assignment

Creating a RAM Disk on a Linux Instance of AWS

This information has already been conveyed in another post regarding a method to overcome MySQL memory resource problems, especially when being installed on a CentOS system that is known for modest RAM allocations such as the micro instance of the AWS free tier. This work-around useful enough to be reiterated at this time with more details.

# Check memory & swap file

[root@1.1.1.1 kimconnect.com]# free -m
total used free shared buff/cache available
Mem: 990 272 83 12 634 530
 
# Check available disk space

[root@1.1.1.1 kimconnect.com]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/xvdb1 30G 16G 15G 53% /
devtmpfs 474M 0 474M 0% /dev
tmpfs 496M 0 496M 0% /dev/shm
tmpfs 496M 14M 483M 3% /run
tmpfs 496M 0 496M 0% /sys/fs/cgroup
overlay 30G 16G 15G 53% /var/lib/docker/overlay2/e00a170a94c1e18a1e7b41546cec6ddd68b7ea2fa5e0d8cf6dc81e645560a41f/merged
overlay 30G 16G 15G 53% /var/lib/docker/overlay2/7df0d56376a029799f7a73162371f98bfb481ed77e09fa18abad505587100fcc/merged
shm 64M 0 64M 0% /var/lib/docker/containers/f9b235680fa299980bda9aea59510a08e69491e108b4eeab40bf6416722e30ae/mounts/shm
shm 64M 0 64M 0% /var/lib/docker/containers/4a91a766b3dbd88df7bc7cb6813bdf0338216acf25ec5aeb8ce8733a3826f9df/mounts/shm
tmpfs 100M 0 100M 0% /run/user/1000
overlay 30G 16G 15G 53% /var/lib/docker/overlay2/1b9d1297df49c6d349e90e7c69187ab3bdeaefebed8f123e6af88380480e8418/merged
shm 64M 0 64M 0% /var/lib/docker/containers/6c65da0f8c1d399ff9b02f808ec5a9bf13ac098906dbfb9cce25fd8ec1efca27/mounts/shm
 
# Allocate swapfile, set appropriate permissions, create swapfile

sudo dd if=/dev/zero of=/swapfile count=4096 bs=1MiB    #allocate
chmod 600 /swapfile        #secure the directory
mkswap /swapfile        #make swapfile in the /swapfile directory
swapon /swapfile        #configure system to use /swapfile
 
# Check swapfile settings

[root@1.1.1.1 kimconnect.com]# swapon -s
Filename Type Size Used Priority
/swapfile file 4194300 550912 -1
# Make permanent by editing the fstab file
vim /etc/fstab

# add this line
/swapfile none swap defaults 0 0
# Verify that system is using the allocated swap file

[root@1.1.1.1 kimconnect.com]# free -m
total used free shared buff/cache available
Mem: 990 347 58 13 583 454
Swap: 4095 533 3562

Manually Create a SSL Certificate with LetsEncrypt

Step 1: Install certbot-auto

mkdir /etc/letsencrypt
cd /etc/letsencrypt/
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto

Step 2: Create the Cert

Part (a): run this command to initiate the process

/etc/letsencrypt/certbot-auto certonly –manual -d *.kimconnect.com -d kimconnect.com –preferred-challenges dns-01 –server https://acme-v02.api.letsencrypt.org/directory

The script will pause at the DNS TXT record deployment recommendation to allow the user an opportunity to create this entry within a control panel for the target domain

Sometimes, there’s mistake in command line where the double quotes ” are being transposed into a similarly appearing ” – the fix is to simply to correct the double-quote characters

[root@ip-1.1.1.1 kimconnect]# /etc/letsencrypt/certbot-auto --server https://acme-v02.api.letsencrypt.org/directory -d ”*.kimconnect.com” --manual --preferred-challenges dns-01 certonly
Non-ASCII domain names not supported. To issue for an Internationalized Domain Name, use Punycode.

Part (b): create a TXT record as suggested in the previous output

Part (c): ensure that enough time has passed to allow for the newly created TXT record to propagate through the Internet. The sequence to manually monitor this progress goes as follows:

Run CMD:

 nslookup -type=txt
_acme-challenge.kimconnect.com

Wait a few moments… and then query the TXT record again until the result reflects an updated entry. Below is an screenshot to illustrate this activity.

Part (d): proceed to complete the Cert generation script

Although it is beyond the scope of this article, let’s take a look at the process of applying the certificate above to KimConnect.com’s HTTP broker engine (HAProxy).

Search for letsencrypt/live certs as specified in the haproxy configuration file:

[root@ip-1.1.1.1 kimconnect]# grep '/etc/letsencrypt/live' /etc/opt/rh/rh-haproxy18/haproxy/haproxy.cfg bind 127.0.0.1:443 ssl crt /etc/letsencrypt/live/kimconnect.com/kimconnect.com.pem accept-proxy 

From the result of the grep command above, we can generalize that HAProxy is expecting the cert to be stored at ‘/etc/letsencrypt/live/kimconnect.com/kimconnect.com.pem’. The next step is to combine the fullchain.pem & privkey.pem of the newly generated/renewed SSL cert and place it into the expected directory with these two lines:

DOMAIN='kimconnect.com'
cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem /etc/letsencrypt/live/$DOMAIN/privkey.pem > /etc/letsencrypt/live/$DOMAIN/$DOMAIN.pem

It’s would then become necessary to reload HAProxy to apply the new settings.

systemctl restart rh-haproxy18-haproxy

Linux Filesystem Hierarchy Standard (FHS)

/bin : binaries to run fundamental Linux functions
/boot : boot partition
/cdrom : legacy mounting point
/dev : mount points
/etc : etcetera, stores configurations system-wide
/home : user folders (desktops, downloads, medias)
/lib : libraries
/lib32 : i386 libraries
/lib64 : x64 libraries
/media : mount points for external and secondary devices (e.g. USB thumb drives)
/mnt : mount points for devices that are manually configured by users
/opt : optional folders for manually installed software from various vendors
/proc : contains system processes or pseudo-files (e.g. cat /proc/cpuinfo)
/root : contains files that require root permissions to access, reserved for root user as its dedicated home folder
/run : stores run-time processes
/sbin : system binaries, similar to /bin with higher restrictions that are reserved for sudo access
/snap : snap packages or self contained apps
/srv : service directory, typically contains web service files
/sys : system folder, pseudo-files that are generated at boot time
/tmp : temp directory, system uses to store editing-in-progress files
/usr : user applications, non-system apps
/var : variables, holds directories and files are expected to grow in size

Linux: Remediate SSL Weak Cipher Suites

Description

The remote host supports the use of SSL ciphers that offer weak encryption.

Note: This is considerably easier to exploit if the attacker is on the same physical network.

Output
Here is the list of weak SSL ciphers supported by the remote server :

Low Strength Ciphers (<= 64-bit key)

DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-CBC(56) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}

Source: Tenable.IO

Solution


Reconfigure the affected application, if possible to avoid the use of weak ciphers.

Edit the following file:

sudo vim /etc/httpd/conf.d/ssl.conf

… with this content:

SSLProtocol -all -SSLv2 -SSLv3 -TLSv1 +TLSv1.1 +TLSv1.2

SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 !EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH-RSA-DES-CBC3-SHA !ECDHE-RSA-DES-CBC3-SHA !DES-CBC3-SHA !ECDHE-RSA-RC4-SHA !RC4-MD5 !RC4-SHA"

For Windows, follow this script: https://kimconnect.com/powershell-windows-2016-pristine-image

How to Install Virtualbox in Ubuntu

Simply run these two commands:

sudo add-apt-repository multiverse && sudo apt-get update
sudo apt -y install virtualbox virtualbox-ext-pack

Answer ‘OK’ and ‘Yes’ to accept licensing prompts from Oracle

When installation finishes, it’s often preferable to add a link to the application by navigating to the apps menu > search for virtualbox > right-click it > add to favorites

Trigger VirtualBox app to start using the almost freeware

Ubuntu 18.04: Network Configuration Utility

Prior to version 18.04, network configurations have been via these commands:

sudo vim /etc/network/interfaces 
sudo systemctl restart networking
# OR
sudo /etc/init.d/networking restart

Starting with Ubuntu 18.04, Netplan is the new tool. YAML is the language. Everyone is now well versed in this way of doing things to stay relevant with Linux, especially Ubuntu. Here is the sequence of commands:

Create a new file in the netplan directory:

Discover network interfaces of current system

kimconnect@nuc:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether b0:35:9f:11:28:a8 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.256/24 brd 192.168.100.255 scope global dynamic noprefixroute wlp2s0
valid_lft 86125sec preferred_lft 86125sec
inet 192.168.100.201/24 brd 192.168.100.255 scope global secondary noprefixroute wlp2s0
valid_lft forever preferred_lft forever
inet6 fe80::2b6:9cdb:4687:53c3/64 scope link noprefixroute
valid_lft forever preferred_lft forever

Create a new file inside the netplan directory

vim /etc/netplan/wlp2s0.yaml

Insert this content (be mindful of precise indentation)

network:
version: 2
renderer: networkd
ethernets:
wlp2s0:
addresses: [192.168.100.201/24]
dhcp4: true
nameservers:
addresses: [8.8.4.4,8.8.8.8]
# since sudo command was required, this error occurs:
"/etc/netplan/wlp2s0.yaml"
"/etc/netplan/wlp2s0.yaml" E212: Can't open file for writing
# Press Esc > Shift + : > then type this to save in vim without exiting
:w !sudo tee %

Verify that file now exists

kimconnect@nuc:~$ ls /etc/netplan
01-network-manager-all.yaml wlp2s0.yaml

Attempt to apply changes. If there’s any error, this message would appear

kimconnect@nuc:~$ sudo netplan apply
/etc/netplan/wlp2s0.yaml:1:1: Error in network definition: unknown key 'nameservers'
nameservers:
^

To edit the file and correct things, run the same edit command as a sudoer

sudo vim /etc/netplan/wlp2s0.yaml

Repeat issuing the sudo netplan apply command after every edit to ensure that there’s no errors.

Linux: How To Install Visual Studio Code

Intro

Bypassing any discussions about choosing Visual Studio Code (VS Code) over Atom or Sublime Text, here’s how to install VS Code on Linux.

Ubuntu / Mint
#Update system before installation
sudo apt -y update && sudo apt -y upgrade
#
#Install the prerequisites
sudo apt -y install software-properties-common apt-transport-https wget
#
# Import Microsoft GPG key
wget -q https://packages.microsoft.com/keys/microsoft.asc -O- | sudo apt-key add -
#
# Enable VS Code repository
sudo add-apt-repository "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main"
#
# Perform the install
sudo apt -y install code

# Bonus: Install DotNet Core
#
# Register with Microsoft
wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.asc.gpg
sudo mv microsoft.asc.gpg /etc/apt/trusted.gpg.d/
wget -q https://packages.microsoft.com/config/debian/9/prod.list
sudo mv prod.list /etc/apt/sources.list.d/microsoft-prod.list
sudo chown root:root /etc/apt/trusted.gpg.d/microsoft.asc.gpg
sudo chown root:root /etc/apt/sources.list.d/microsoft-prod.list
#
# Install the .NET SDK
sudo apt-get -y install apt-transport-https
sudo apt-get -y update
sudo apt-get -y install dotnet-sdk-2.2
# Associate DotNet with VS bash Code
scl enable rh-dotnet22 bash
scl enable rh-dotnet22 code
# Permanently enable .NET Core in your development environment
cat <<EOF > ~/.bashrc
# Add .NET Core 2.2 to my login environment
source scl_source enable rh-dotnet22
EOF
Red Hat Family (RHEL 7):
# Import Microsoft Repo
rpm --import https://packages.microsoft.com/keys/microsoft.asc
#
# Activate Repo with Microsoft GPG
sh -c 'echo -e "[code]\nname=Visual Studio Code\nbaseurl=https://packages.microsoft.com/yumrepos/vscode\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/yum.repos.d/vscode.repo
#
# Update before install
yum update
#
# Install VS Code
yum install code

# Bonus: Install Dot Net Core
#
# Subscribe to DotNet Core
subscription-manager repos --enable=rhel-7-server-dotnet-rpms
#
# Install DotNet Core
yum install -y rh-dotnetcore22
#
# Associate DotNet with VS bash Code
scl enable rh-dotnet22 bash
scl enable rh-dotnet22 code
# Permanently enable .NET Core in your development environment
cat <<EOF > ~/.bashrc
# Add .NET Core 2.2 to my login environment
source scl_source enable rh-dotnet22
EOF

Launch VSC from CLI

code &

Check that VS Code is running

kim@nuc:~$ pgrep code
16191
16193
16225
16240
16266
16283
[1]+ Done code
Adding Components

Launch VS Code > click on View > Extensions > Browse through the list and install any components required for the project (e.g. Docker, Python, JavaScript ES6, NodeJS Module Intellisense, Angular6, Angular7, Regex Previewer, HTML CSS Support)

Troubleshooting

Sometimes, this error would occur:

kim@nuc:~$ sudo apt update
InRelease [88.8 kB]
Fetched 275 kB in 1s (205 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
W: Target Packages (main/binary-amd64/Packages) is configured multiple times in /etc/apt/sources.list:58 and /etc/apt/sources.list.d/vscode.list:3
W: Target Packages (main/binary-all/Packages) is configured multiple times in /etc/apt/sources.list:58 and /etc/apt/sources.list.d/vscode.list:3

Reading the error code, it seems that /etc/apt/sources.list:58 & /etc/apt/sources.list.d/vscode.list:3 are containing duplicating records. After verifying this issue, the fix is to simply remove one of the two redundant entries.

kim@nuc:~$ cat /etc/apt/sources.list.d/vscode.list
### THIS FILE IS AUTOMATICALLY CONFIGURED ###
# You may comment out this entry, but any other modifications may be lost.
deb [arch=amd64] http://packages.microsoft.com/repos/vscode stable main

kim@nuc:~$ grep -i vscode /etc/apt/sources.list
deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main
# deb-src [arch=amd64] https://packages.microsoft.com/repos/vscode stable main

kim@nuc:~$ rm -f /etc/apt/sources.list.d/vscode.list
rm: cannot remove '/etc/apt/sources.list.d/vscode.list': Permission denied
kim@nuc:~$ sudo rm -f /etc/apt/sources.list.d/vscode.list

kim@nuc:~$ sudo apt -y update
Ign:1 http://dl.google.com/linux/chrome/deb stable InRelease
Hit:2 http://us.archive.ubuntu.com/ubuntu disco InRelease
Hit:3 http://dl.google.com/linux/chrome/deb stable Release
Get:4 http://us.archive.ubuntu.com/ubuntu disco-updates InRelease [97.5 kB]
Get:5 http://security.ubuntu.com/ubuntu disco-security InRelease [88.4 kB]
Hit:6 https://packages.microsoft.com/repos/vscode stable InRelease
Get:8 http://us.archive.ubuntu.com/ubuntu disco-backports InRelease [88.8 kB]
Fetched 275 kB in 1s (206 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.

Ubuntu: Install VMWare WorkStation

Easy. Run these three commands:

wget -O ~/vmware.bin https://www.vmware.com/go/getWorkstation-linux
sudo apt install build-essential
sudo bash ~/vmware.bin

Output:

kim@nuc:~$ wget -O ~/vmware.bin https://www.vmware.com/go/getWorkstation-linux
--2019-05-04 15:01:13-- https://www.vmware.com/go/getWorkstation-linux
Resolving www.vmware.com (www.vmware.com)... 104.100.84.79, 2600:1406:e800:193::2ef, 2600:1406:e800:19d::2ef
Connecting to www.vmware.com (www.vmware.com)|104.100.84.79|:443... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: https://download3.vmware.com/software/wkst/file/VMware-Workstation-Full-15.0.4-12990004.x86_64.bundle [following]
--2019-05-04 15:01:14-- https://download3.vmware.com/software/wkst/file/VMware-Workstation-Full-15.0.4-12990004.x86_64.bundle
Resolving download3.vmware.com (download3.vmware.com)... 184.29.106.37, 2600:1406:3c:382::2ef, 2600:1406:3c:386::2ef
Connecting to download3.vmware.com (download3.vmware.com)|184.29.106.37|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 495666124 (473M) [application/x-octet-stream]
Saving to: ‘/home/kim/vmware.bin’

/home/kim/vmware.bi 100%[===================>] 472.70M 2.39MB/s in 3m 0s

2019-05-04 15:04:14 (2.62 MB/s) - ‘/home/kim/vmware.bin’ saved [495666124/495666124]

kim@nuc:~$ sudo apt install build-essential
[sudo] password for kim:
Reading package lists... Done
Building dependency tree
Reading state information... Done
build-essential is already the newest version (12.6ubuntu1).
build-essential set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.

kim@nuc:~$ sudo bash ~/vmware.bin
Extracting VMware Installer...done.
[AppLoader] Use shipped Linux kernel AIO access library.
An up-to-date "libaio" or "libaio1" package from your system is preferred.

(vmware-installer.py:10054): IBUS-WARNING **: 15:04:53.937: The owner of /home/kim/.config/ibus/bus is not root!

Follow the WMWare Workstation Installer Wizard to install it

After VMWare Workstation has been installed, it will become available from a search result

First run of this application will be met with a module updater window

This updating process requires a sudo password  

The end. Cool story ha.

Wait-a-minute, what’s this?…

kim@nuc:/usr/lib/vmware/modules/source$ sudo vmware &
[3] 24367
kim@nuc:/usr/lib/vmware/modules/source$ [AppLoader] Use shipped Linux kernel AIO access library.
An up-to-date "libaio" or "libaio1" package from your system is preferred.
Stopping VMware services:
VMware Authentication Daemon done
VM communication interface socket family done
Virtual machine communication interface done
Virtual machine monitor done
Blocking file system done
make: Entering directory '/tmp/modconfig-FLsLK6/vmmon-only'
Using kernel build system.
/usr/bin/make -C /lib/modules/5.0.0-13-generic/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. \
MODULEBUILDDIR= modules
make[1]: Entering directory '/usr/src/linux-headers-5.0.0-13-generic'
Makefile:203: ================= WARNING ================
Makefile:204: 'SUBDIRS' will be removed after Linux 5.3
Makefile:205: Please use 'M=' or 'KBUILD_EXTMOD' instead
Makefile:206: ==========================================
CC [M] /tmp/modconfig-FLsLK6/vmmon-only/linux/driver.o
CC [M] /tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.o
CC [M] /tmp/modconfig-FLsLK6/vmmon-only/linux/driverLog.o
CC [M] /tmp/modconfig-FLsLK6/vmmon-only/common/memtrack.o
CC [M] /tmp/modconfig-FLsLK6/vmmon-only/common/apic.o
CC [M] /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.o
CC [M] /tmp/modconfig-FLsLK6/vmmon-only/common/cpuid.o
In file included from /tmp/modconfig-FLsLK6/vmmon-only/./common/vmx86.h:32,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/driver.h:32,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/driver.c:47:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86msr.h:130: warning: "MSR_MISC_FEATURES_ENABLES" redefined
#define MSR_MISC_FEATURES_ENABLES 0x140

In file included from ./arch/x86/include/asm/nospec-branch.h:11,
from ./arch/x86/include/asm/paravirt_types.h:46,
from ./arch/x86/include/asm/ptrace.h:94,
from ./arch/x86/include/asm/math_emu.h:5,
from ./arch/x86/include/asm/processor.h:12,
from ./arch/x86/include/asm/cpufeature.h:5,
from ./arch/x86/include/asm/thread_info.h:53,
from ./include/linux/thread_info.h:38,
from ./arch/x86/include/asm/preempt.h:7,
from ./include/linux/preempt.h:78,
from ./include/linux/spinlock.h:51,
from ./include/linux/wait.h:9,
from ./include/linux/wait_bit.h:8,
from ./include/linux/fs.h:6,
from ./include/linux/highmem.h:5,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/driver.c:25:
./arch/x86/include/asm/msr-index.h:661: note: this is the location of the previous definition
#define MSR_MISC_FEATURES_ENABLES 0x00000140

In file included from /tmp/modconfig-FLsLK6/vmmon-only/./common/vmx86.h:32,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/driver.h:32,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/driver.c:47:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86msr.h:466: warning: "MSR_K7_HWCR_SMMLOCK" redefined
#define MSR_K7_HWCR_SMMLOCK 0x00000001ULL // Lock SMM environment

In file included from ./arch/x86/include/asm/nospec-branch.h:11,
from ./arch/x86/include/asm/paravirt_types.h:46,
from ./arch/x86/include/asm/ptrace.h:94,
from ./arch/x86/include/asm/math_emu.h:5,
from ./arch/x86/include/asm/processor.h:12,
from ./arch/x86/include/asm/cpufeature.h:5,
from ./arch/x86/include/asm/thread_info.h:53,
from ./include/linux/thread_info.h:38,
from ./arch/x86/include/asm/preempt.h:7,
from ./include/linux/preempt.h:78,
from ./include/linux/spinlock.h:51,
from ./include/linux/wait.h:9,
from ./include/linux/wait_bit.h:8,
from ./include/linux/fs.h:6,
from ./include/linux/highmem.h:5,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/driver.c:25:
./arch/x86/include/asm/msr-index.h:470: note: this is the location of the previous definition
#define MSR_K7_HWCR_SMMLOCK BIT_ULL(MSR_K7_HWCR_SMMLOCK_BIT)

In file included from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm_x86.h:41,
from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm_x86_64.h:40,
from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm.h:46,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/driver.c:49:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86_basic_defs.h:78: warning: "CR3_PCID_MASK" redefined
#define CR3_PCID_MASK 0xFFF

In file included from ./arch/x86/include/asm/processor.h:5,
from ./arch/x86/include/asm/cpufeature.h:5,
from ./arch/x86/include/asm/thread_info.h:53,
from ./include/linux/thread_info.h:38,
from ./arch/x86/include/asm/preempt.h:7,
from ./include/linux/preempt.h:78,
from ./include/linux/spinlock.h:51,
from ./include/linux/wait.h:9,
from ./include/linux/wait_bit.h:8,
from ./include/linux/fs.h:6,
from ./include/linux/highmem.h:5,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/driver.c:25:
./arch/x86/include/asm/processor-flags.h:39: note: this is the location of the previous definition
#define CR3_PCID_MASK 0xFFFull

In file included from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm.h:43,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:60:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86msr.h:130: warning: "MSR_MISC_FEATURES_ENABLES" redefined
#define MSR_MISC_FEATURES_ENABLES 0x140

In file included from ./arch/x86/include/asm/nospec-branch.h:11,
from ./arch/x86/include/asm/paravirt.h:10,
from ./arch/x86/include/asm/irqflags.h:68,
from ./include/linux/irqflags.h:16,
from ./include/linux/rcupdate.h:39,
from ./include/linux/rculist.h:11,
from ./include/linux/pid.h:5,
from ./include/linux/sched.h:14,
from ./include/linux/binfmts.h:5,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:32:
./arch/x86/include/asm/msr-index.h:661: note: this is the location of the previous definition
#define MSR_MISC_FEATURES_ENABLES 0x00000140

In file included from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm.h:43,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:60:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86msr.h:466: warning: "MSR_K7_HWCR_SMMLOCK" redefined
#define MSR_K7_HWCR_SMMLOCK 0x00000001ULL // Lock SMM environment

In file included from ./arch/x86/include/asm/nospec-branch.h:11,
from ./arch/x86/include/asm/paravirt.h:10,
from ./arch/x86/include/asm/irqflags.h:68,
from ./include/linux/irqflags.h:16,
from ./include/linux/rcupdate.h:39,
from ./include/linux/rculist.h:11,
from ./include/linux/pid.h:5,
from ./include/linux/sched.h:14,
from ./include/linux/binfmts.h:5,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:32:
./arch/x86/include/asm/msr-index.h:470: note: this is the location of the previous definition
#define MSR_K7_HWCR_SMMLOCK BIT_ULL(MSR_K7_HWCR_SMMLOCK_BIT)

In file included from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm_x86.h:41,
from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm_x86_64.h:40,
from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm.h:46,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:60:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86_basic_defs.h:78: warning: "CR3_PCID_MASK" redefined
#define CR3_PCID_MASK 0xFFF

In file included from ./arch/x86/include/asm/irqflags.h:5,
from ./include/linux/irqflags.h:16,
from ./include/linux/rcupdate.h:39,
from ./include/linux/rculist.h:11,
from ./include/linux/pid.h:5,
from ./include/linux/sched.h:14,
from ./include/linux/binfmts.h:5,
from /tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:32:
./arch/x86/include/asm/processor-flags.h:39: note: this is the location of the previous definition
#define CR3_PCID_MASK 0xFFFull

/tmp/modconfig-FLsLK6/vmmon-only/linux/driver.c:986:1: warning: always_inline function might not be inlinable [-Wattributes]
LinuxDriverSyncReadTSCs(uint64 *delta) // OUT: TSC max - TSC min
^~~~~~~~~~~~~~~~~~~~~~~
In file included from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.h:32,
from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.c:43:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86msr.h:130: warning: "MSR_MISC_FEATURES_ENABLES" redefined
#define MSR_MISC_FEATURES_ENABLES 0x140

In file included from ./arch/x86/include/asm/nospec-branch.h:11,
from ./arch/x86/include/asm/paravirt.h:10,
from ./arch/x86/include/asm/irqflags.h:68,
from ./include/linux/irqflags.h:16,
from ./include/linux/rcupdate.h:39,
from ./include/linux/rculist.h:11,
from ./include/linux/pid.h:5,
from ./include/linux/sched.h:14,
from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.c:31:
./arch/x86/include/asm/msr-index.h:661: note: this is the location of the previous definition
#define MSR_MISC_FEATURES_ENABLES 0x00000140

In file included from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.h:32,
from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.c:43:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86msr.h:466: warning: "MSR_K7_HWCR_SMMLOCK" redefined
#define MSR_K7_HWCR_SMMLOCK 0x00000001ULL // Lock SMM environment

In file included from ./arch/x86/include/asm/nospec-branch.h:11,
from ./arch/x86/include/asm/paravirt.h:10,
from ./arch/x86/include/asm/irqflags.h:68,
from ./include/linux/irqflags.h:16,
from ./include/linux/rcupdate.h:39,
from ./include/linux/rculist.h:11,
from ./include/linux/pid.h:5,
from ./include/linux/sched.h:14,
from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.c:31:
./arch/x86/include/asm/msr-index.h:470: note: this is the location of the previous definition
#define MSR_K7_HWCR_SMMLOCK BIT_ULL(MSR_K7_HWCR_SMMLOCK_BIT)

In file included from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm_x86.h:41,
from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm_x86_64.h:40,
from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm.h:46,
from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.c:46:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86_basic_defs.h:78: warning: "CR3_PCID_MASK" redefined
#define CR3_PCID_MASK 0xFFF

In file included from ./arch/x86/include/asm/irqflags.h:5,
from ./include/linux/irqflags.h:16,
from ./include/linux/rcupdate.h:39,
from ./include/linux/rculist.h:11,
from ./include/linux/pid.h:5,
from ./include/linux/sched.h:14,
from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.c:31:
./arch/x86/include/asm/processor-flags.h:39: note: this is the location of the previous definition
#define CR3_PCID_MASK 0xFFFull

CC [M] /tmp/modconfig-FLsLK6/vmmon-only/common/task.o
/tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c: In function ‘HostIF_EstimateLockedPageLimit’:
/tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:1641:25: error: ‘totalram_pages’ redeclared as different kind of symbol
extern unsigned long totalram_pages;
^~~~~~~~~~~~~~
In file included from /tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:42:
./include/linux/mm.h:52:29: note: previous definition of ‘totalram_pages’ was here
static inline unsigned long totalram_pages(void)
^~~~~~~~~~~~~~
/tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c: In function ‘HostIFReadUptimeWork’:
/tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:1787:4: error: implicit declaration of function ‘do_gettimeofday’; did you mean ‘do_settimeofday64’? [-Werror=implicit-function-declaration]
do_gettimeofday(&tv);
^~~~~~~~~~~~~~~
do_settimeofday64
/tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c: In function ‘HostIF_MapUserMem’:
/tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:3408:40: error: macro "access_ok" passed 3 arguments, but takes just 2
if (!access_ok(VERIFY_WRITE, p, size)) {
^
/tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:3408:9: error: ‘access_ok’ undeclared (first use in this function)
if (!access_ok(VERIFY_WRITE, p, size)) {
^~~~~~~~~
/tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.c:3408:9: note: each undeclared identifier is reported only once for each function it appears in
cc1: some warnings being treated as errors
make[2]: *** [scripts/Makefile.build:286: /tmp/modconfig-FLsLK6/vmmon-only/linux/hostif.o] Error 1
make[2]: *** Waiting for unfinished jobs....
In file included from ./arch/x86/include/asm/processor.h:5,
from ./arch/x86/include/asm/cpufeature.h:5,
from ./arch/x86/include/asm/thread_info.h:53,
from ./include/linux/thread_info.h:38,
from ./arch/x86/include/asm/preempt.h:7,
from ./include/linux/preempt.h:78,
from ./include/linux/spinlock.h:51,
from ./arch/x86/include/asm/mmu.h:5,
from ./arch/x86/include/asm/desc.h:7,
from /tmp/modconfig-FLsLK6/vmmon-only/common/task.c:70:
./arch/x86/include/asm/processor-flags.h:39: warning: "CR3_PCID_MASK" redefined
#define CR3_PCID_MASK 0xFFFull

In file included from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm_x86.h:41,
from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm_x86_64.h:40,
from /tmp/modconfig-FLsLK6/vmmon-only/./include/vm_asm.h:46,
from /tmp/modconfig-FLsLK6/vmmon-only/common/task.c:53:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86_basic_defs.h:78: note: this is the location of the previous definition
#define CR3_PCID_MASK 0xFFF

In file included from ./arch/x86/include/asm/nospec-branch.h:11,
from ./arch/x86/include/asm/paravirt_types.h:46,
from ./arch/x86/include/asm/ptrace.h:94,
from ./arch/x86/include/asm/math_emu.h:5,
from ./arch/x86/include/asm/processor.h:12,
from ./arch/x86/include/asm/cpufeature.h:5,
from ./arch/x86/include/asm/thread_info.h:53,
from ./include/linux/thread_info.h:38,
from ./arch/x86/include/asm/preempt.h:7,
from ./include/linux/preempt.h:78,
from ./include/linux/spinlock.h:51,
from ./arch/x86/include/asm/mmu.h:5,
from ./arch/x86/include/asm/desc.h:7,
from /tmp/modconfig-FLsLK6/vmmon-only/common/task.c:70:
./arch/x86/include/asm/msr-index.h:470: warning: "MSR_K7_HWCR_SMMLOCK" redefined
#define MSR_K7_HWCR_SMMLOCK BIT_ULL(MSR_K7_HWCR_SMMLOCK_BIT)

In file included from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.h:32,
from /tmp/modconfig-FLsLK6/vmmon-only/common/task.c:51:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86msr.h:466: note: this is the location of the previous definition
#define MSR_K7_HWCR_SMMLOCK 0x00000001ULL // Lock SMM environment

In file included from ./arch/x86/include/asm/nospec-branch.h:11,
from ./arch/x86/include/asm/paravirt_types.h:46,
from ./arch/x86/include/asm/ptrace.h:94,
from ./arch/x86/include/asm/math_emu.h:5,
from ./arch/x86/include/asm/processor.h:12,
from ./arch/x86/include/asm/cpufeature.h:5,
from ./arch/x86/include/asm/thread_info.h:53,
from ./include/linux/thread_info.h:38,
from ./arch/x86/include/asm/preempt.h:7,
from ./include/linux/preempt.h:78,
from ./include/linux/spinlock.h:51,
from ./arch/x86/include/asm/mmu.h:5,
from ./arch/x86/include/asm/desc.h:7,
from /tmp/modconfig-FLsLK6/vmmon-only/common/task.c:70:
./arch/x86/include/asm/msr-index.h:661: warning: "MSR_MISC_FEATURES_ENABLES" redefined
#define MSR_MISC_FEATURES_ENABLES 0x00000140

In file included from /tmp/modconfig-FLsLK6/vmmon-only/common/vmx86.h:32,
from /tmp/modconfig-FLsLK6/vmmon-only/common/task.c:51:
/tmp/modconfig-FLsLK6/vmmon-only/./include/x86msr.h:130: note: this is the location of the previous definition
#define MSR_MISC_FEATURES_ENABLES 0x140

make[1]: *** [Makefile:1584: _module_/tmp/modconfig-FLsLK6/vmmon-only] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-5.0.0-13-generic'
make: *** [Makefile:110: vmmon.ko] Error 2
make: Leaving directory '/tmp/modconfig-FLsLK6/vmmon-only'
make: Entering directory '/tmp/modconfig-FLsLK6/vmnet-only'
Using kernel build system.
/usr/bin/make -C /lib/modules/5.0.0-13-generic/build/include/.. SUBDIRS=$PWD SRCROOT=$PWD/. \
MODULEBUILDDIR= modules
make[1]: Entering directory '/usr/src/linux-headers-5.0.0-13-generic'
Makefile:203: ================= WARNING ================
Makefile:204: 'SUBDIRS' will be removed after Linux 5.3
Makefile:205: Please use 'M=' or 'KBUILD_EXTMOD' instead
Makefile:206: ==========================================
CC [M] /tmp/modconfig-FLsLK6/vmnet-only/driver.o
CC [M] /tmp/modconfig-FLsLK6/vmnet-only/hub.o
CC [M] /tmp/modconfig-FLsLK6/vmnet-only/userif.o
CC [M] /tmp/modconfig-FLsLK6/vmnet-only/netif.o
In file included from ./include/linux/pci.h:37,
from /tmp/modconfig-FLsLK6/vmnet-only/compat_netdevice.h:27,
from /tmp/modconfig-FLsLK6/vmnet-only/netif.c:43:
./include/linux/pci_ids.h:2278: warning: "PCI_VENDOR_ID_VMWARE" redefined
#define PCI_VENDOR_ID_VMWARE 0x15ad

In file included from /tmp/modconfig-FLsLK6/vmnet-only/net.h:38,
from /tmp/modconfig-FLsLK6/vmnet-only/vnetInt.h:26,
from /tmp/modconfig-FLsLK6/vmnet-only/netif.c:42:
/tmp/modconfig-FLsLK6/vmnet-only/vm_device_version.h:56: note: this is the location of the previous definition
#define PCI_VENDOR_ID_VMWARE 0x15AD

In file included from ./include/linux/pci.h:37,
from /tmp/modconfig-FLsLK6/vmnet-only/compat_netdevice.h:27,
from /tmp/modconfig-FLsLK6/vmnet-only/netif.c:43:
./include/linux/pci_ids.h:2279: warning: "PCI_DEVICE_ID_VMWARE_VMXNET3" redefined
#define PCI_DEVICE_ID_VMWARE_VMXNET3 0x07b0

In file included from /tmp/modconfig-FLsLK6/vmnet-only/net.h:38,
from /tmp/modconfig-FLsLK6/vmnet-only/vnetInt.h:26,
from /tmp/modconfig-FLsLK6/vmnet-only/netif.c:42:
/tmp/modconfig-FLsLK6/vmnet-only/vm_device_version.h:73: note: this is the location of the previous definition
#define PCI_DEVICE_ID_VMWARE_VMXNET3 0x07B0

/tmp/modconfig-FLsLK6/vmnet-only/userif.c: In function ‘VNetUserIfMapPtr’:
/tmp/modconfig-FLsLK6/vmnet-only/userif.c:145:52: error: macro "access_ok" passed 3 arguments, but takes just 2
if (!access_ok(VERIFY_WRITE, (void *)uAddr, size) ||
^
/tmp/modconfig-FLsLK6/vmnet-only/userif.c:145:9: error: ‘access_ok’ undeclared (first use in this function)
if (!access_ok(VERIFY_WRITE, (void *)uAddr, size) ||
^~~~~~~~~
/tmp/modconfig-FLsLK6/vmnet-only/userif.c:145:9: note: each undeclared identifier is reported only once for each function it appears in
make[2]: *** [scripts/Makefile.build:286: /tmp/modconfig-FLsLK6/vmnet-only/userif.o] Error 1
make[2]: *** Waiting for unfinished jobs....
make[1]: *** [Makefile:1584: _module_/tmp/modconfig-FLsLK6/vmnet-only] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-5.0.0-13-generic'
make: *** [Makefile:110: vmnet.ko] Error 2
make: Leaving directory '/tmp/modconfig-FLsLK6/vmnet-only'
Starting VMware services:
Virtual machine monitor failed
Virtual machine communication interface done
VM communication interface socket family done
Blocking file system done
Virtual ethernet failed
VMware Authentication Daemon done

That’s it. I’m not going to spend time going down this rabbit trail at this time. The original intention of adding this to my Linux box is to install Windoze. Well, the real goal is to play Roblox with my kids as they hog my other machines. Perhaps, VirtualBox, WINEHQ, or dual-boot would be more viable. Who would have thought that playing Roblox on Linux is this big of a challenge even to an IT guy?

Linux: Useful GUI Tools

Terminator

– Connect to multiple machines
– Run same commands on multiple machines SIMULTANEOUSLY!
– Useful for synchronized & manually triggered installs and backups

HTOP

– Better than Top. No kidding.
– F4 (filter) > type APPNAME > select an item > F9 (Kill)

IFTop

– Shows real-time incoming/outgoing traffic
– Keys-combo: SRD > display port info

Socket Statistics (ss)

– command: ss -t -u (shows TCP/UDP connections)

Speedometer

– Quickly view network I/O on the host

LSHW (lshw-gtk)

– Shows systems hardware information

Sysinfo

– Another GUI system hardware management utility

Hardware Info (hardinfo)

– A alternative version of system info

System Profiler Benchmark

– Similar to Sysinfo with more drill-downs and benchmark functions
– Also display network info

Disks (gnome-disk-utility)

– GUI version to manage hard drives, except partitioning
– Create ISO
– Details about disk health
– Benchmark drives

BleachBit

– System cleaner: browser, apt cache
– Backup files

Grsync

– Rsync will transport files over the network with traffic encryption
– GUI version of Rsync with some feature enhancements
– Synchronize between different machines/directories
– Reminder: (a) /home/user/ (inside the ‘user’ directory) is not the same as (b) /home/user (include ‘user’ directory). Source should be following format (b), and destination should be following format (a). Kaprish?

Linux: A Quick Sequence of Starting and Stopping an App

Check to see if SeaHorse is broken

kimconnect@nuc:# seahorse
Gtk-Message: 08:52:44.606: Failed to load module "canberra-gtk-module"
Gtk-Message: 08:52:44.608: Failed to load module "canberra-gtk-module"

Resolve dependency

sudo apt install libcanberra-gtk-module

Run an instance in a disjointed session

nohup seahorse </dev/null >/dev/null 2>&1 &

Explain:

nohup :no hangup
seahorse :some program
</dev/null :direct file descriptors (fd0,fd1,fd2) to the left
>/dev/null 2>&1 :Send standard output to /dev/null and then send standard errors to wherever standard output is going (which is also /dev/null). In short, throw away whatever this command writes to either file descriptor.
& :trigger Ctrl+C equivalent

Kill all sessions with its name to release memory

pkill seahorse

Linux: More Basic Commands

Networking

Ping 1 Time

ping google.com -c 1 #c is abbreviation for count

Check Networking

ifconfig
ip addr

How to Check Open Ports

sudo netstat -tulpn #Shows address and port
System Admin

Emulate root

sudo -s #This prevents the system from asking for the sudo password after timer expires
exit #exit sudo mode

Emulate another user

su kimconnect #To become the user kimconnect
exit #end user masquerade

How to check kernel version

uname -a

Trigger a system checkup on next reboot

sudo touch /forcefsck

Timed Shutdown

sudo shutdown -h 5 #Shutdown. Halt everything in 5 minutes

Cancel Shutdown timer

sudo shutdown -c

Check CPU usage of PHP

ps aux | grep apached

Check CPU/Memory Usage of All Processes

top #preinstalled in most systems
htop #new top package, human readable

Check Services

service SERVICENAME status #Older unix command
systemctl status SERVICENAME #Systemd command

Stop Processes

killall PROCESSNAME #instantly halt a process and its related
pkill #similar to killall with more chances of success
File & Folder Manipulations

List hidden files

ls -la #long format, all files

Check Disk Space

df -ah #disk free all human readable

Check folder/directory size

du -sh /var/www/html #disk usage sum human readable

Find Universal Identifier for Drives (UUID)

sudo blkid

Check for Existing Mounts

mount

How to Create a Mount

mount /dev/sda2 /mnt #sda2 = disk 1 partition 2

Check for Persistent Mounts (Mounts at Bootup)

less /etc/fstab

Create a file

touch testfile.txt #This command also updates the last modified time attribute

Move and rename a file

mv file1.txt ~/file1.txt_backup #Move file1.txt into home directory and rename it with a _backup suffix

Find the directory where an App is installed

which google-chrome

less is the same as more + cat

less somefile.txt
cat somefile.txt | more

Search for a phrase inside a file

grep -i kimconnect.com domains.txt  #Ignore case during grep
strings domains.txt | grep kimconnect.com | less #Alternative method

Count lines, words, and letters

wc domains.txt

Switch between different files

vi text1.txt
Keys Combo: Control+Z
vi text2.txt
Keys Combo: Control+Z
jobs  #Shows tasks in the background
fg %2  #Join the job index

 

Ubuntu 19.04: How to Install Adobe Acrobat Reader

Back  in the days when Adobe Acrobat Reader for Linux was supported and available on the main/extra repos, this command would have done the job

apt install adobereader-enu

As hinted in the previous comment, such install command had no longer produced the desired result as shown below

kimconnect@nuc:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 19.04
Release: 19.04
Codename: disco
kimconnect@nuc:~$ sudo apt install adobereader-enu
[sudo] password for kimconnect:
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package adobereader-enu

Instructions to Install Acrobat Reader 9.5.5 on Ubuntu 19.04

Check for the latest versions of Acrobat here: 
ftp://ftp.adobe.com/pub/adobe/reader/unix

Acrobat 9.5.5 is the latest Linux version as of this writing:

cd ~/Downloads && wget -c ftp://ftp.adobe.com/pub/adobe/reader/unix/9.x/9.5.5/enu/AdbeRdr9.5.5-1_i386linux_enu.deb
# Install
sudo dpkg -i AdbeRdr9.5.5-1_i386linux_enu.deb

There will be errors indicating that a direct dependency is missing. Install that

# Installing a dependency - expecting "missing dependencies" error
sudo apt install libgtk2.0-0:i386

# Run this command to fix any missing dependencies the previous install has missed
sudo apt install -f

Output:
kimconnect@nuc:~/Downloads$ sudo apt install libgtk2.0-0:i386
Reading package lists... Done
Building dependency tree
Reading state information... Done
You might want to run 'apt --fix-broken install' to correct these.
The following packages have unmet dependencies:
libgtk2.0-0:i386 : Depends: libgtk2.0-common:i386
Depends: libatk1.0-0:i386 (>= 1.32.0) but it is not going to be installed
Depends: libc6:i386 (>= 2.28) but it is not going to be installed
Depends: libcairo2:i386 (>= 1.6.4-6.1) but it is not going to be installed
Depends: libcups2:i386 (>= 1.6.2) but it is not going to be installed
Depends: libfontconfig1:i386 (>= 2.12.6) but it is not going to be installed
Depends: libgdk-pixbuf2.0-0:i386 (>= 2.22.0) but it is not going to be installed
Depends: libglib2.0-0:i386 (>= 2.41.1) but it is not going to be installed
Depends: libpango-1.0-0:i386 (>= 1.28.3) but it is not going to be installed
Depends: libpangocairo-1.0-0:i386 (>= 1.28.3) but it is not going to be installed
Depends: libpangoft2-1.0-0:i386 (>= 1.28.3) but it is not going to be installed
Depends: libx11-6:i386 (>= 2:1.4.99.1) but it is not going to be installed
Depends: libxcomposite1:i386 (>= 1:0.3-1) but it is not going to be installed
Depends: libxcursor1:i386 (> 1.1.2) but it is not going to be installed
Depends: libxdamage1:i386 (>= 1:1.1) but it is not going to be installed
Depends: libxext6:i386 but it is not going to be installed
Depends: libxfixes3:i386 but it is not going to be installed
Depends: libxi6:i386 but it is not going to be installed
Depends: libxinerama1:i386 but it is not going to be installed
Depends: libxrandr2:i386 (>= 2:1.5.0) but it is not going to be installed
Depends: libxrender1:i386 but it is not going to be installed
Recommends: libgail-common:i386 but it is not going to be installed
Recommends: libgtk2.0-bin:i386
E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).
# Retry the Install
sudo dpkg -i AdbeRdr9.5.5-1_i386linux_enu.deb

# Set as default for pdf extensions
mimeopen -d *.pdf

This output shows that there are further missing dependencies


kimconnect@nuc:~/Downloads$ mimeopen -d *.pdf
Please choose a default application for files of type application/pdf

1) Document Viewer (org.gnome.Evince)
2) LibreOffice Draw (libreoffice-draw)
3) Adobe Reader 9 (AdobeReader)
4) Other...

use application #3
Opening "Consumer Report.pdf", "Python Tutorials.pdf" with Adobe Reader 9 (application/pdf)
/opt/Adobe/Reader9/Reader/intellinux/bin/acroread: error while loading shared libraries: libxml2.so.2: cannot open shared object file: No such file or directory

# Fix missing dependency named in previous error
sudo apt install libxml2:i386

# Retried and see more errors
Gtk-Message: 08:05:53.229: Failed to load module "atk-bridge"

(acroread:19368): Gtk-WARNING **: 08:05:53.247: Unable to locate theme engine in module_path: "adwaita",

(acroread:19368): Gtk-WARNING **: 08:05:53.247: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.250: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.250: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.251: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.251: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.251: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.252: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.252: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.252: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.253: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.253: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.253: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.253: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.253: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.254: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.254: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.254: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.254: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.254: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.255: Unable to locate theme engine in module_path: "pixmap",

(acroread:19368): Gtk-WARNING **: 08:05:53.256: Unable to locate theme engine in module_path: "adwaita",
Gtk-Message: 08:05:53.257: Failed to load module "canberra-gtk-module"
/opt/Adobe/Reader9/Reader/intellinux/bin/SynchronizerApp-binary: error while loading shared libraries: libidn.so.11: cannot open shared object file: No such file or directory
/opt/Adobe/Reader9/Reader/intellinux/bin/SynchronizerApp-binary: error while loading shared libraries: libidn.so.11: cannot open shared object file: No such file or directory
/opt/Adobe/Reader9/Reader/intellinux/bin/SynchronizerApp-binary: error while loading shared libraries: libidn.so.11: cannot open shared object file: No such file or directory

Fix the additional dependency errors:

sudo apt install libidn11:i386 libpangox-1.0:i386 libcanberra-gtk-module:i386 libgtk2.0-0:i386 libxml2:i386 libxslt1.1:i386 libstdc++6:i386 gtk2-engines-pixbuf:i386 libatk-adaptor:i386 libgail-common:i386 gnome-themes-extra:i386

Ubuntu: Adding and Remove Repositories (Repos)

The following is a blunder I’ve made while attempting to install Acrobat Reader on Ubuntu 19. Hence, let this be a learning experience in dealing with Ubuntu repos and software signatures.

Added the precise repo:

sudo add-apt-repository "deb http://archive.canonical.com/ precise partner"

Error:

W: GPG error: http://archive.canonical.com precise Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5
E: The repository 'http://archive.canonical.com precise Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Manually imported the keys from Ubuntu keyserver

sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 40976EAF437D05B5

Output

Executing: /tmp/apt-key-gpghome.ilULdPGG23/gpg.1.sh --recv-keys --keyserver keyserver.ubuntu.com 40976EAF437D05B5
gpg: key 40976EAF437D05B5: 59 signatures not checked due to missing keys
gpg: key 40976EAF437D05B5: public key "Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>" imported
gpg: Total number processed: 1
gpg: imported: 1

Attempted update

sudo apt-get -y update

Next error

W: GPG error: http://archive.canonical.com precise Release: The following signatures were invalid: 630239CC130E1A7FD81A27B140976EAF437D05B5
E: The repository 'http://archive.canonical.com precise Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Reverse changes: since this repo has been added as a URL, the roll-back is simply to run the same command with the –remove switch

sudo add-apt-repository --remove "deb http://archive.canonical.com/ precise partner"

To perform PPAs roll-backs, use one of these options: 

# Option 1: runt the same command with the --remove flag
sudo add-apt-repository --remove ppa:BAD-REPO/ppa

# Option 2: use ppa-purge to remove undesired repos while gracefully downgrade installed packages if necessary
sudo apt-get install ppa-purge
sudo ppa-purge ppa:BAD-REPO/ppa

# Option 3: manual removal of the REPO.list file
ls /etc/apt/sources.list.d
rm -rf /etc/apt/sources.list.d/BAD-REPO.list
sudo apt update

This has been an exercise to demonstrate Linux repository manipulations. To bring closure to the original task of installing Acrobat, that is completed in this post here.

Logical Volume Manager (LVM) in Red Hat

Overview

Most modern Linux versions are compatible with LVM, an open source equivalent to Storage Spaces in the Microsoft world. Of course, many are aware of the traditional methods of partitioning a disk (Linux gparted or Microsft diskpart) and formatting that partition with a filesystem (NTFS, ReFS, exFAT, ZFS, xFS, etc.). LVM brings forth these advantages: on-demand RAID partitioning, flexible volume moving and resizing, snapshots, abstracted physical volumes management.   

LVM can be thought of as a software RAID with the baseline of Just a Bunch of Disks (JBOD) in conjunction with federation. Storage Space is carved from a set of available physical drives. Redundancy (deduplication) and/or parity-based resiliency are the seamless features of this technology.

The application of “thin provisioning” improves resource utilization and capacity planning. Physical hard drives can be removed from the pool, provided that sufficient disk space exists in the pool to copy the present contents elsewhere. Hence, failed or healthy drives can be added or removed with true plug and play if redundancy or parity based storage has been etched into the design.

Theories and semantics aside, let’s dive into a real-world example (use case) as shown in the table below:

Mount /home/ /backup/
Logical Volumes SHARE01 (RAID10) SHARE02 (RAID6)
Volume Groups VOLUMEGROUP01
Physical Volumes /dev/sdb /dev/sdc /dev/sdd /dev/sde

The drawing above represents the 3 ‘layers’ of volume abstractions and 1 layer of data access on a Linux system with LVM being applied. Items from any of these layers can be added or removed without affecting computer up time. Here is how to deploy this design.

Clear a new disk’s partitioning table by filling the first 512 bytes with zeros. This is effectively cleaning the Master Boot Record (MBR)

dd if=/dev/zero of=/dev/sdb bs=512 count=1

Explain:

# 'dd' :instream data & data sets
# 'if=/dev/zero' :in file location /dev/zero, which means copy from a volume that is filled with zeros
# 'of=/dev/sdb' :out file location /dev/sdb, which means second physical volume
# 'bs=512' :block size 512 [KB]
# 'count=1' :execute 1 pass

Define LVM Physical Volumes

pvcreate /dev/sdb

View existing LVM Volumes

pvscan -v

Output explain:

# PV :Physical Volume
# VG :Volume Group

Assign Physical Volume to Volume Group

vgcreate VOLUMEGROUP01 /dev/sdb

Explain:

# Create volume group named 'VOLUMEGROUP01' on 2nd physical volume

Add the other physical volumes onto the same volume group

vgextend VOLUMEGROUP01 /dev/sdc /dev/sdd /dev/sde

You can create, resize, and remove RAID10/RAID6 volumes in LVM, where striping is laid out across an array of disks. For large sequential reads and writes, creating a striped logical volume can improve the efficiency of the data I/O.

To create a RAID 10 logical volume, use the following form of the lvcreate command

lvcreate --type raid10 -m 1 -i 4 -L 100G -n SHARE01 VOLUMEGROUP01

Explain:

# create type=raid10 mirrors=1 stripes=4 size=100GB named='SHARE01' using VOLUMEGROUP01 pool

Format Logical Volume as XFS (Red Hat 7.5 default)

mkfs.xfs /dev/VOLUMEGROUP01/SHARE01

Mount the LV into /home directory – the trailing ‘/’ is necessary

mount /dev/VOLUMEGROUP01/SHARE01 /home/

# Check free space on ‘home’ folder

df -h /home/

Explain:

#'df -h /home/' :disk free, human readable, directory /home/
# Check for result such as "Mounted on /dev/VOLUMEGROUP01"

Check available space on VOLUMEGROUP01

vgdisplay VOLUMEGROUP01

Expand ‘home’ folder by 2GB and resize immediately

lvextend -L +2G /dev/VOLUMEGROUP01 -r

Extend LV ‘SHARE01’ by 100% of free space on VG ‘VOLUMEGROUP01’

lvextend -l +100%FREE /dev/VOLUMEGROUP01/SHARE01

LVM treats M or m as Megabytes, where each ascension level is by a multiplier of 1024 (instead of 1000). This is consistent with the storage industry’s standard of measurement.

Summary

Although the illustration above is hasn’t demonstrated some other advanced functionalities, these are some of the takeaway notes from a LVM implementation.

The Pros:

1. This is JBOD to the extreme! A mix of multi-speed hard drives with varying capacities will achieve read/write at their aggregated capabilities.

2. Deduplication is a must for mission critical data! LVM performs deduplication automatically when configured.

3. Storage Pool Tiering (not yet covered in this post) with these great features: Write Back Cache size, Tier Optimization, File pinning.

The Cons:

1. True RAID 10 cannot be achieved with a two way mirrored Storage Pool, even though that concept hasn’t been shown in the example above. Let’s just accept what I say as true because I’m good at blah blah without supporting evidence.

2. Parity Storage Pools will significantly affect performance.

3. Combining Hardware RAID with Storage Pools (software RAID) will result in… abadi… abadi… slow I/O performance. I’ll just say that putting RAID on RAID is whats-that-word… vacuous.

Yet Another Quick List of Linux Commands

Here’s a quick list of useful Linux lines that Admins should be committing to muscle memory – yeah, Linux guys have muscles, too:

# Watch the file size changes as it's being uploaded
watch -n 1 du -h /var/www/upload/incomingfile.iso

# Run a program (Chrome) in disjointed mode or different shell and return focus to current shell session
exec google-chrome

# Create folder and parent directory in 1 line
mkdir -p ~/grandparent/parent/folder1

# Generate a 100 folders with 1000 files in each one: 100,000 files
touch ~/grandparent/parent/folder{1..100}/{1..1000}.txt

# Exit terminal without killing all child processes
disown -a && exit

# redo last command as root:
sudo !!

# Create RAM disk using memory
mkdir -p /mnt/ram && cd /mnt/ram
mount -t tmpfs tmpfs /mnt/ram -o size=10240M

# Run benchmark of write speed on current disk: use /dev/zero (a Linux empty file generator), filename=benchmark, blocksize 1M, filesize=10240MB
dd if=/dev/zero of=benchmark.file bs=1M count=10240

# Run command without including it in history
[space] COMMAND

# Create a quick tunnel to an obscure port on remote host
ssh -L 2222:127.0.0.1:48684 remoteuser@kimconnect.com -N

# Access tunnel
ssh -p2222 user1@kimconnect.com

# Rerun the last exited process in the background
process
ctrl z
bg

# Run process in quiet mode
ls > /dev/null

# Record output of a command while issue Word Count command to return the count of items
ls | tee directoryContents.txt | wc -l

# Elevate while editing a file
:w !sudo tee %

# Run process in the background via '&' marker, no hangup mode. Direct output to 'null' while writing into a log file
nohup processName </dev/null >processName.log 2>&1 &

# Search the logs directory for files with time written in the last minute
find /var/log -type f -mtime +1

# Examining log file
tail -f /var/log/syslog

# Examining large log file - load the end of file first and load only enough for the screen
less +F /var/log/syslog

# multi-threaded traceroute
mtr --curses kimconnect.com

# clear screen
clear

# reinitialize session and reload changed environmental variables without a logout
reset

# open text editor to compose a set of commands that will execute upon exiting text editor
KEYs COMBO: Ctrl x e

# Repeat previous command
KEYs COMBO: alt .

# While typing command, cut everything to the right of cursor
KEYs COMBO: ctrl K

# While typing command, cut everything to the left of cursor
KEYs COMBO: Ctrl U

# Pasting in Shell (Put back what was yanked)
KEYs COMBO: Ctrl Y

# While following file, detach from tailing
KEYs COMBO: Ctrl C

# While detached from tailing, re-attach to tailing
KEYs COMBO: Ctrl F

Git / Github / Gitlab

1. Install Git/Github/Gitlab

This utility enables cloning of source codes to the local machine, among other advanced functions.

# CentOS 7 - Git CLI
sudo yum udpate && sudo yum install git

# show version
git --version
# Install Github Desktop GUI on CentOS 7 - Minimal
yum groupinstall "X Window System"
yum install gnome-classic-session gnome-terminal nautilus-open-terminal control-center liberation-mono-fonts
unlink /etc/systemd/system/default.target
ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
# If this instance is a VM
yum -y install open-vm-tools-desktop
systemctl enable vmtoolsd.service
reboot
# Ubuntu - Git CLI
sudo apt update &&s udo apt install git

How to Copy and Paste in VIM / VI

While reading or in editing mode, press ESC twice

Move the cursor to the desired location

Press ‘v’ to enter Visual mode

Use the up/down/left/right buttons to select text or entire lines

Press ‘y’ to yank (copy)

Move cursor over to the desired pasting location

Press ‘p’ to paste

Press ESC twice to exit editing mode

Type ‘:wq’ to write and quit vim editor

Linux: How to Create a User and Add to Group in a Single Line?

This is a common question for Linux Admins. It would be necessary to memorize the syntax of this command (assuming non Active Directory or LDAP integrated machines):

sudo adduser <username> -g <groupname>

This similar keyword command would also work

sudo useradd <username> <groupname>

Which can also be achieved using a related command:

sudo usermod -aG <groupname> <username>

Beyond answering the basic question, it’s important to understand the application and implication of those commands. Let’s discuss that below.

In the real world, Linux Admins receive onboarding requests often. Besides creating a user, it’s also important to set the home directory, shell environment, group memberships, etc.  Therefore, it would be necessary to have a bash shell handy to automate accounts generation such as this one:

#!/bin/bash

# Declare an array of string called username.
# Note that bash shell interprets comma or space as delimiters
usernames=("kimconnect" "somethingconnect")

# group
group = "permitssh"

# use openssl to generate md5 hash string as password
password=$(openssl passwd -1 "DEFAULT_INIT_PASSWORD")

# iterate through the array
for user in "${usernames[@]}"
do
# Create user with password, group, home directory, and login bash environment.
useradd $user -p $password -g $group -d /home/$user -s /bin/bash
done

When dealing with multiple servers, use this method to add users to multiple machines.

a. Create a List of users:

General format:

username:passwd:UID:GID:"Full_Name","Room_Number","Work_Phone","Home_Phone","Other":"Home_Directory":"Shell_Environment"

Example (null values for UID & GID to assume defaults):

kimconnect:passy1:::"Kim Connect","001","555-555-5555","555-555-5555","Accounting":"/home/kimconnect":"/bin/bash"
dragoncoin:passy2:::"Jimmy Bond","007","555-555-5555",,"Information Technology":"home/dragoncoin":"/bin/bash"

b. Create a list of Servers

cat << ENDCAT > /home/kimconnect/servers.txt
192.166.166.1
192.166.166.15
webserver007.kimconnect.com
ENDCAT

b. Create shell script, set it as executable, and run it

# Create Shell File
cat << ENDCAT > /home/kimconnect/addusers.sh
#!/bin/bash
ssh-keygen -t rsa
while read server;
do ssh-copy-id -i ~/.ssh/id_rsa.pub root@$server;
done < servers.txt
ENDCAT

# Set script as executable
chmod a+x /home/kimconnect/addusers.sh

# Execute the script on the predetermined list of servers
addusers.sh < servers.txt

The usage of scripting to generate domain or LDAP accounts is outside the scope of this document. That should be covered it this blog somewhere.