5333 private links
Systemd is a system and service manager and like most major Linux distributions the init deamon was replaced by systemd in CentOS 7. One of the main functions of systemd is to manage the services, devices, mount points, sockets and other entities in a Linux system. Each of these entity that are managed by systemd is called a unit. Each unit is defined by a unit file (configuration file) which is located in one of the following directories.
DWService is an open source project which offers a service to allow access to remote systems (Windows, Mac, Linux, Raspberry...) using a standard web browser - no client-side download required!
Wherever you may be in the world, you may need to access your home computer. You can connect to the DWService website from any device and immediately gain control of the computer (Screen + Files + Running processes).
Votes:
93 ISPConfig
82 Webmin
73 Vesta
-- Virtualmin
-- plesk onyx
Virtualmin is a powerful and flexible web hosting control panel for Linux and BSD systems. Available in an open-source community-supported version, and a more feature-filled version with premium support, Virtualmin is the cost-effective and comprehensive solution to virtual web hosting management. And, Virtualmin is the most popular and most comprehensive open-source control panel with over 150,000 installations worldwide.
Free and Paid support
opensource & free web hosting control panels
Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more. Webmin removes the need to manually edit Unix configuration files like /etc/passwd, and lets you manage a system from the console or remotely. See the standard modules page for a list of all the functions built into Webmin.
How to delete the repositories that are listed in yum repolist?
It's either a file in /etc/yum.repos.d/ (new way) or an entry in /etc/yum.conf (old way). See https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sec-Configuring_Yum_and_Yum_Repositories.html for details.
chmod u-s is the more technically correct way to do it, as you just want to remove the suid bit and not touch the read-write-execute permissions (which are 0755 by default but may or may not have been changed). And pkexec may or may not live in /usr/bin depending on your particular distro. //
You know what’s great about blinking an LED with a 555 instead of a raspi? 555s don’t need security updates. //
So to appropriately neuter pkexec and prevent it from ever being used in an attack chain I issued the following command (Debian based Linux ONLY):
$ sudo dpkg-statoverride –update –add root root 0711 /usr/bin/pkexec
WARN: This is essentially a permanent change until you reverse the procedure (see dpkg-statoverride(8)). No future install/upgrade of the PolicyKit package will change the permissions from those specified. One could also reformat and install another OS. If some program on your system actually needs to use pkexec to change users that program will be broken. But for the life of me I can’t figure out why my printer would need to masquerade as another user. Smells like malware to me.
More important than the mechanics of the system is the rationale...
Debian provides the two separate directories so that if you're automatically managing your Apache configs, you can just have all of the vhosts drop into sites-available on all your machines, and then individual vhosts can be enabled on the server that will actually serve them. It also means you can near-instantaneously disable a site if it's causing problems //
Important information:
You should edit files only in sites-available directory.
Do never edit files inside the sites-enabled directory, otherwise you can have problems if your editor runs out of memory or, for any reason, it receives a SIGHUP or SIGTERM. //
the file in sites-enabled is a symlink to the sites-available file: ///
after manipulating symlinks in sites-enabled, run sudo service [httpd | nginx ] restart
We all know how to enable a website using apache on Linux. I'm pretty sure that we all agree on using the a2ensite command.
Unfortunately, there is no default equivalent command that comes with Nginx, but it did happen that I installed some package on ubuntu that allowed me to enable/disable sites and list them.
The problem is I don't remember the name of this package.
Does anybody know what I'm talking about?
Please tell me the name of this package and the command name.
A heap overflow bug was recently discovered in the Linux kernel. The patch is available now in most major Linux distributions. //
In this one, there's a heap overflow bug in the legacy_parse_param in the Linux kernel's fs/fs_context.c program. This parameter is used in Linux filesystems during superblock creation for mount and superblock reconfiguration for a remount. The superblock records all of a filesystem's characteristics such as file size, block size, empty and filled storage blocks. So, yeah, it's important.
The legacy_parse_param() "PAGE_SIZE - 2 - size" calculation was mistakenly made an unsigned type. This means a large value of "size" results in a high positive value instead of a negative value as expected. Whoops.
A local attacker can use it to escalate their user privileges or crash the system. This can be done with a specially crafted program that triggers this integer overflow. That done, it's trivial to execute arbitrary code and give the attacker root privileges.
To exploit it requires the CAP_SYS_ADMIN privilege to be enabled. If that's the case, an unprivileged local user can open a filesystem that does not support the File System Context application programming interface (API). In this situation, it drops back to legacy handling, and from there, the flaw can escalate an attacker's system privileges.
The most effective debugging tool is still careful thought, coupled with judiciously placed print statements. – Brian Kernighan, “Unix for Beginners” (1979)
When writing shell scripts, the programming logic tends to be shorter and is often contained within a single file. So there are a few built-in debugging options we can use to see what is going wrong. The first option to mention is probably the most useful too – the xtrace option. This can be applied to a script by invoking Bash with the -x switch.
$ bash -x <scriptname>
first let’s contrast -x with its opposite -v, which shows each line before it is evaluated instead of after.
you can use getfacl other_file | setfacl -bnM - file_to_change to copy the permissions. This doesn't copy the ownership; you can do that with careful parsing of ls -l other_file, assuming that you don't have user or group names containing whitespace.
acls
One of the most commonly used string operations is concatenation. String concatenation is just a fancy programming word for joining strings together by appending one string to the end of another string.
In this tutorial, we will explain how to concatenate strings in Bash.
Concatenating Strings
The simplest way to concatenate two or more string variables is to write them one after another:
VAR1="Hello,"
VAR2=" World"
VAR3="$VAR1$VAR2"
echo "$VAR3"
ebooks on Linux topics
Q:
I often see tutorials online that connect various commands with different symbols. For example:
command1 | command2
command1 & command2
command1 || command2
command1 && command2
Others seem to be connecting commands to files:
command1 > file1
command1 >> file1
What are these things? What are they called? What do they do? Are there more of them?
A:
These are called shell operators and yes, there are more of them. I will give a brief overview of the most common among the two major classes, control operators and redirection operators, and how they work with respect to the bash shell.
Note that all of these are operators, not commands:
- && — this is a logical AND and is used to chain multiple commands; commands to the right of the operator are executed if the command to the left succeeds
- || — this is the logical OR and is used to chain multiple commands; commands to the right of the operator are executed if the command to the left fails
- / — not a command, not an operator. Period.
- ; — this is a command delineator or separator; you use it to separate commands where you want all of them to execute
- {} (and () ) — operators that do a bunch of stuff; I tend to use () for grouping commands into one “unit”, and use {} for its command line expansions (a bit complicated to go into right here)
To summarize (non-exhaustively) bash's command operators/separators:
- | pipes (pipelines) the standard output (stdout) of one command into the standard input of another one. Note that stderr still goes into its default destination, whatever that happen to be.
- |&pipes both stdout and stderr of one command into the standard input of another one. Very useful, available in bash version 4 and above.
- && executes the right-hand command of && only if the previous one succeeded.
- || executes the right-hand command of || only it the previous one failed.
- ; executes the right-hand command of ; always regardless whether the previous command succeeded or failed. Unless set -e was previously invoked, which causes bash to fail on an error.
ou may have noticed that there is a trailing slash (/) at the end of the first argument in the above commands:
rsync -a dir1/ dir2
This is necessary to mean “the contents of dir1”. The alternative, without the trailing slash, would place dir1, including the directory, within dir2. This would create a hierarchy that looks like:
~/dir2/dir1/[files]
Always double-check your arguments before executing an rsync command. Rsync provides a method for doing this by passing the -n or --dry-run options. The -v flag (for verbose) is also necessary to get the appropriate output:
The -P flag is very helpful. It combines the flags --progress and --partial. The first of these gives you a progress bar for the transfers and the second allows you to resume interrupted transfers:
rsync -azP source destination
Microsoft has traditionally made installing WSL more of a hassle than it should be, but the company finally got the process right in Windows 10 build 2004. Just open an elevated Command prompt (start --> type cmd --> click Run as Administrator), type wsl --install at the prompt, and you're good to go. Windows 11, thankfully, carries this process forward unchanged.
A simple wsl --install with no further arguments gets you Hyper-V and the other underpinnings of WSL, along with the current version of Ubuntu. If you aren't an Ubuntu fan, you can see what other easily installable distributions are available with the command wsl --list --online. If you decide you'd prefer a different distro, you can install it instead with—for example—wsl --install -d openSUSE-42.
If you're not sure which distribution you prefer, don't fret. You can install as many as you like, simply by repeating wsl --list --online to enumerate your options and wsl --install -d distroname to install whichever you like.
Installing a second distribution doesn't uninstall the first; it creates a separate environment, independent of any others. You can run as many of these installed environments as you like simultaneously, without fear of one messing up another. //
Finally, Ubuntu's excellent baked-in OpenZFS support is missing. You can apt install zfsutils-linux without difficulty, but that package depends on Canonical's in-house kernel with built-in ZFS support, which Microsoft has not picked up in its own WSL2 kernel.