Différences sudo, su et su -

Comments

https://www.linuxtricks.fr/wiki/differences-sudo-su-et-su

#sysadmin #linux

Je vais redémarrer #diaspora-fr pour mettre à jour le noyau linux, l'interruption devrait durer moins de 3 minutes.

#diaspora #sysadmin

Scripted shortcut caused double-click #disaster of #sysadmin's own making

source: https://www.theregister.com/2023/10/09/who_me/

Rather than right-clicking on the script and selecting "Edit" to make his small change, Ricardo had instead executed the script. On his production machine. The machine that stored all of his carefully constructed scripting – not to mention absolutely everything else he needed to do his job.

And of course there was no "Are you sure Y/N?" to save Ricardo's skin, was there? With a fraction of a second, the script merrily started eating away the hard drive … and Ricardo's livelihood.

#software #script #fail #administrator #omg #wtf #configuration

Happy #SysAdmin day to all

You know who you are 😄

https://sysadminday.com/

Simplifier la génération de certificats SSL avec Let's Encrypt

Comments

https://jolicode.com/blog/simplifier-la-generation-de-certificats-ssl-avec-lets-encrypt

#sysadmin

I'm okay, right? #SysAdmin #SysAdmining

# ls -al friendica/log
total 641075504
drwxr-xr-x  2 friendica friendica         4096 Jan 26 04:47 .
drwxr-xr-x 22 friendica friendica         4096 Feb 20 13:47 ..
-rw-r--r--  1 friendica friendica       307536 Mar  8 14:35 db_log.sql
-rw-r--r--  1 friendica friendica    939041091 Feb 19 08:17 debug.log
-rw-r--r--  1 friendica friendica 521392713728 Mar  8 13:17 error.log
-rw-r--r--  1 friendica friendica 134123690097 Mar  8 15:01 friendica.log
-rw-r--r--  1 friendica friendica            1 Mar 25  2019 php.out
-rw-r--r--  1 friendica friendica      3489792 Mar  7 20:33 slow_queries.log
-rw-r--r--  1 friendica friendica            1 Sep 17  2020 slow_queries_sorted.log

How to Boot ISO Files From GRUB2 Boot Loader - LinuxBabe

#linux #hacking #sysadmin

https://www.linuxbabe.com/desktop-linux/boot-from-iso-files-using-grub2-boot-loader

How to Boot ISO Files From GRUB2 Boot Loader - LinuxBabe

This post explains a very neat trick that can help you boot ISO files directly from hard drive. Many Linux distributions can be booted directly from ISO

Bonjour tout le monde, un nouveau kernel linux est disponible donc je dois redémarrer #diaspora-fr, la coupure ne devrait durer que quelques minutes.

Bonne journée !

#sysadmin

Test de charge d'un Peertube en Live avec Auposte

Comments

https://www.octopuce.fr/test-de-charge-dun-peertube-en-live-avec-auposte/

#sysadmin #vidéo

Je vais redémarrer #diaspora-fr pour mettre à jour le noyau #linux

#diaspora #sysadmin

https://f-droid.org/en/packages/juloo.keyboard2

A non-modal, no-nonsense Android keyboard with big ass keys providing all writable characters with swipe gestures, Control/Alt/Tab/Arrow keys, and more. Free As in Freedom software and available from the F-Droid app repository.

#android #F-Droid #Keyboard #development #sysadmin #hacker #FreeSoftware

Unexpected Keyboard | F-Droid - Free and Open Source Android App Repository

A lightweight virtual keyboard for developers.

Installer Rocky Linux 8 dans VirtualBox

Comments

https://blog.microlinux.fr/install-rl8-virtualbox/

#sysadmin #virtualisation #formation

Installer un poste de travail Linux

Comments

https://blog.microlinux.fr/poste-de-travail-linux-formation/

#sysadmin #opensuse #formation

I just released a new version of ksh (the Korn shell), of which I took on the maintenance in May 2020 after AT&T abandoned it and other community efforts went nowhere. The new ksh 93u+m/1.0.0 has roughly a thousand bugs fixed compared to the last decade-old stable release, as well as a good number of enhancements. It is still highly portable; it builds and runs on every Unix-like system under the sun that is not a complete museum piece (and on some that are).
https://github.com/ksh93/ksh/releases/
#KornShell #ksh #Unix #shell #sysadmin

Releases · ksh93/ksh

ksh 93u+m: KornShell lives! | Latest release: https://github.com/ksh93/ksh/releases/tag/v1.0.0 (2022-08-01) | Tweety stuff: https://twitter.com/ksh93um - ksh93/ksh

Happy SysAdmin Day!

https://www.youtube.com/watch?v=udhd9fmOdCs

#admin #sysadmin #congrats

Had anyone used serverpartdeals.com?
The drives are attractively priced, though I feel would be best placed in a RAID array. What's the risk delta using refurbished vs new drives?
#SysAdmin

Mozilla Firefox is slow even if hardware acceleration is enabled?

Try enabling gfx.x11-egl.force-enabled in about:config to force the use of EGL¹ and then restart the web browser.
If this works, enabling layers.acceleration.force-enabled can boost your performance even more by enabling OpenGL alongside EGL. ²
This also works on Flatpak if the security permissions are correct (use Flatseal³ if needed).

Tags: #linux #gnulinux #sysadmin #gpu #gpu-linux #gpuacceleration #egl #opengl #x11 #xorg #mozilla #firefox #hack #flatpak #flatseal

https://www.khronos.org/egl/
https://flathub.org/apps/details/com.github.tchx84.Flatseal
https://linuxreviews.org/HOWTO_Make_Mozilla_Firefox_Blazing_Fast_On_Linux

EGL - Native Platform Interface

EGL™ is an interface between Khronos rendering APIs such as OpenGL ES or OpenVG and the underlying native platform window system. It handles graphics context management, surface/buffer binding, and rendering synchronization and enables...

Gain unprivileged access to an overlapped directory in Flatpak

Issue

/usr and other hierarchies on the host cannot be accessed from Flatpak, because they conflict with the sandbox. Instead, you are presented with a fake, overlapped filesystem hierarchy. Currently, Flatpak alone has no working options to solve this issue, as configuration overrides have no effect on those special filesystem hierarchies. As Linux does not support directory hard links, this is a serious nuisance!

Solution

Luckily, there is a workaround to safely access the original directory without having root access, if your sysadmin (or you, if you own the system) installed the bindfs package.

The bindfs command uses a FUSE filesystem to mirror the contents of a directory to another directory:

bindfs /overlapped ~/.overlapped

If high performance is needed:

bindfs -o multithreaded /overlapped ~/.overlapped

If security (read-only access) is needed:

bindfs -o ro /overlapped ~/.overlapped

Example

TASK: access the documentation on a Debian system from a Flatpak app.

user@localhost:~$ mkdir .doc
user@localhost:~$ bindfs -o ro,multithreaded /usr/share/doc .doc
user@localhost:~$ ls .doc

…will grant you fast, read-only access to /usr/share/doc by visiting .doc in your user home.
ls .doc will list the contents of /usr/share/doc, while .doc is not a symlink but a simple directory created by you.
You can now eg. use the Flatpak version of Mozilla Firefox to browse file:///home/yourusername/.doc and it will let you read the files in /usr/share/doc, which are normally inaccessible under Flatpak.

Note: this is not an official workaround, I've found by accident. If you know better alternatives please feel free to comment so other users can benefit. Thank you.

Tags: #linux #gnulinux #debian #flatpak #sandbox #virtualization #security #hacking #filesystem #fs #docs #sysadmin #sys #documentation

Solution to a common issue with ELF executables

Are you having difficulty executing a file on 64 bit Linux because the executable crashes yelling it cannot find itself?

$ ls
cat.jpg executable* secret.txt
$ ./executable -argument param -argument2  param
./executable: file not found

This is not an existential issue of your filesystem, instead your system is missing the correct libc for the architecture of the software you are trying to execute.
You can verify it by executing:

$ file ./executable
exeutable: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.24, BuildID[sha1]=11e741041c519dd5aee726c7170d345a6abf542c, not stripped

Modern, standard 64 bits executables will have a binary interpreter under /lib64 (eg. /lib64/ld-linux-x86-64.so.2) and not /lib (eg. /lib/ld-linux.so.2); in addition, the file utility reports explicitly the architecture at the beginning of the output line.
Now you are sure the executable which cannot find itself requires another ELF interpreter!

SOLUTION: install libc6-i386 using apt and the issue will disappear instantly!

#Debian #Android #Linux #androidstudio #sysadmin #system #tip

I've been using CrowdSec for a few weeks now and it's pretty good, if occasionally a little rough round the edges. I particularly like the console which gives nice visualisations and stats on attack types, countries, ASNs, targets and so on. Dual running with fail2ban, CrowdSec didn't miss any of the usual SSH brute force attempts (in fact it seems to pick up more, out of the box) and the shared community blocklist (currently 11k IPs) is a killer feature.

I haven't turned off fail2ban entirely only because CrowdSec doesn't yet have collections for exim and sendmail - if nobody else adds them I might contribute them myself when time permits. However there's-out-of-the-box setup for lots of other common server apps. The installer does a reasonable job of detecting what's running and configuring it for you on first install, and you can install more collections with a single command.

It's worth remembering to update collections from the hub regularly as new attack detections are periodically added. That's just a couple of commands with cscli, the provided CLI client, which is the main way of seeing what it's doing and configuring it. I've made a few manual tweaks to the config (YAML) to match my setup (log file locations, and ignoring my own IPs for safety) and that's it.

#CrowdSec #fail2ban #sysadmin

CrowdSec, the open-source & collaborative IPS

CrowdSec is an open-source and collaborative IPS leveraging the crowd power. Analyze behaviors, respond to attacks & share signals across the community. Let's make the Internet safer, together.