Administration
Inhaltsverzeichnis
-
Administration
- SSl-Zertifikate erneuern
- Upgrade Postgresql unter Debian
- Upgrade Zwinger
- Waffenkammer neustrukturieren
- Screen blank
- sshuttle
- ssmtp
- Addons
- 2015-05-02 20:03:47 root@waffenkammer ~ # fdisk -l /dev/sda
- SIS-Graphiktreiber
- vimdiff
- Virtualbox-Kram
- VirtualBox VRDE Server aktivieren
- VirtualBox "CD" einlegen
- TLS und SSL im Firefox/Iceweasel
- Aptitude
- NFS
- Multiarch
- update-alternatives
- etc network interfaces
- wpa_supplicant
- Verschlüsselten Datenträger vergrößern
- Swapspeicher
SSl-Zertifikate erneuern
cd /var/lib/dehydrated/ systemctl stop monit apache2 python -m SimpleHTTPServer 80& dehydrated -c chmod g+rx -R /var/lib/dehydrated/certs/ chown -R www-data.ssl /var/lib/dehydrated/certs/ systemctl restart prosody.service systemctl start monit apache2
Upgrade Postgresql unter Debian
The PostgreSQL version 9.4 is obsolete, but the server or client packages are still installed. Please install the latest packages (postgresql-9.6 and postgresql-client-9.6) and upgrade the existing clusters with pg_upgradecluster (see manpage). Please be aware that the installation of postgresql-9.6 will automatically create a default cluster 9.6/main. If you want to upgrade the 9.4/main cluster, you need to remove the already existing 9.6 cluster (pg_dropcluster --stop 9.6 main, see manpage for details). The old server and client packages are no longer supported. After the existing clusters are upgraded, the postgresql-9.4 and postgresql-client-9.4 packages should be removed. Please see /usr/share/doc/postgresql-common/README.Debian.gz for details.
Upgrade Zwinger
01:00.0 VGA compatible controller: NVIDIA Corporation G72M [Quadro NVS 110M/GeForce Go 7300] (rev a1)
p nvidia-legacy-304xx-kernel-dkms <keine> 304.125-1
p nvidia-legacy-304xx-kernel-source <keine> 304.125-1
--\ libs - Bibliotheken (2)
--\ non-free - Programme, die Nicht-freie Software sind (2)
p libgl1-nvidia-legacy-304xx-glx <keine> 304.125-1
p nvidia-legacy-304xx-alternative <keine> 304.125-1
--\ x11 - Das X11-Fenstersystem (3)
--\ contrib - Programme, die von Nicht-Debian-Software abhängen (1)
p nvidia-settings-legacy-304xx <keine> 304.123-2
--\ non-free - Programme, die Nicht-freie Software sind (2)
p nvidia-legacy-304xx-driver <keine> 304.125-1
p xserver-xorg-video-nvidia-legacy-304xx <keine> 304.125-1 i A nvidia-kernel-common 20120630+3 20120630+3
--\ non-free - Programme, die Nicht-freie Software sind (1)
i nvidia-kernel-dkms 304.125-1 304.125-1
--\ libs - Bibliotheken (4)
--\ contrib - Programme, die von Nicht-Debian-Software abhängen (1)
i glx-alternative-nvidia 0.2.2 0.2.2
--\ non-free - Programme, die Nicht-freie Software sind (3)
i A libgl1-nvidia-glx 304.125-1 304.125-1
i A libxvmcnvidia1 304.125-1 304.125-1
i nvidia-alternative 304.125-1 304.125-1
--\ misc - Sonstige Software (2)
--\ contrib - Programme, die von Nicht-Debian-Software abhängen (2)
i nvidia-installer-cleanup 20120630+3 20120630+3
i nvidia-support 20120630+3 20120630+3
--\ oldlibs - Veraltete Bibliotheken (3)
--\ non-free - Programme, die Nicht-freie Software sind (3)
i A libgl1-nvidia-alternatives 304.125-1 304.125-1
i A libglx-nvidia-alternatives 304.125-1 304.125-1
i nvidia-glx 304.125-1 304.125-1
--\ video - Utilities to record, view, edit, and stream video files (1)
--\ non-free - Programme, die Nicht-freie Software sind (1)
i A nvidia-vdpau-driver 304.125-1 304.125-1
--\ x11 - Das X11-Fenstersystem (2)
--\ contrib - Programme, die von Nicht-Debian-Software abhängen (1)
i nvidia-settings 304.88-1 304.88-1
--\ non-free - Programme, die Nicht-freie Software sind (1)
i xserver-xorg-video-nvidia
Waffenkammer neustrukturieren
root@debstick:~# mount /dev/sda1 /mnt root@debstick:~# mount /dev/sda5 /mnt/usr/ root@debstick:~# mount /dev/sda3 /mnt/tmp/ root@debstick:~# mount /dev/sda6 /mnt/var/ root@debstick:~# mount /dev/sda7 /mnt/home/ root@debstick:~# df -h /dev/sda1 251M 222M 16M 94% /mnt /dev/sda5 9.1G 6.2G 2.5G 72% /mnt/usr /dev/sda3 2.5G 3.9M 2.4G 1% /mnt/tmp /dev/sda6 2.7G 1.1G 1.5G 42% /mnt/var /dev/sda7 132G 118G 7.2G 95% /mnt/home root@debstick:~# df /dev/sda1 256253 227037 15563 94% /mnt /dev/sda5 9484844 6452436 2544040 72% /mnt/usr /dev/sda3 2585516 3960 2430504 1% /mnt/tmp /dev/sda6 2820244 1121952 1551704 42% /mnt/var /dev/sda7 138287184 123727236 7512320 95% /mnt/home root@debstick:~# fdisk -l /dev/sda Disk /dev/sda: 149.1 GiB, 160041885696 bytes, 312581808 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x000d9460 Device Boot Start End Sectors Size Id Type /dev/sda1 * 63 546209 546147 266.7M 83 Linux /dev/sda2 546210 307194929 306648720 146.2G 5 Extended /dev/sda3 307194930 312581807 5386878 2.6G 83 Linux /dev/sda5 546273 20081249 19534977 9.3G 83 Linux /dev/sda6 20081313 25944974 5863662 2.8G 83 Linux /dev/sda7 25945038 307194929 281249892 134.1G 83 Linux root@debstick:~# blkid /dev/sda1 /dev/sda1: UUID="ee2901cd-05b1-474a-841e-1c6e5dda6f39" SEC_TYPE="ext2" TYPE="ext3" PARTUUID="000d9460-01" root@debstick:~# blkid /dev/sda3 /dev/sda3: UUID="7584e407-2574-4ee1-9eb1-8442880c3089" TYPE="ext4" PARTUUID="000d9460-03" root@debstick:~# blkid /dev/sda5 /dev/sda5: UUID="8fde9843-a8bc-4b00-a0cc-dc3508bad336" SEC_TYPE="ext2" TYPE="ext3" PARTUUID="000d9460-05" root@debstick:~# blkid /dev/sda6 /dev/sda6: UUID="db59655b-17eb-45e1-bc62-7612fbc8d672" SEC_TYPE="ext2" TYPE="ext3" PARTUUID="000d9460-06" root@debstick:~# blkid /dev/sda7 /dev/sda7: UUID="221301a4-d2d8-46cb-8231-ac606862cd2a" TYPE="ext4" PARTUUID="000d9460-07"
fstab
# /etc/fstab: static file system information. # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc defaults 0 0 # /dev/sda1 / ext3 noatime,errors=remount-ro 0 1 UUID=ee2901cd-05b1-474a-841e-1c6e5dda6f39 / ext3 noatime,errors=remount-ro 0 1 # /dev/sda7 /home ext3 defaults,noatime 0 2 UUID=221301a4-d2d8-46cb-8231-ac606862cd2a /home ext4 defaults,noatime 0 2 # /dev/sda9 /tmp ext3 defaults,noatime 0 2 #UUID=c5e46e76-b7c4-454d-a1ce-d82890611e26 /tmp ext4 defaults,noatime 0 2 # /dev/sda5 /usr ext3 defaults,noatime 0 2 UUID=8fde9843-a8bc-4b00-a0cc-dc3508bad336 /usr ext4 defaults,noatime 0 2 # /dev/sda6 /var ext3 defaults,noatime 0 2 UUID=db59655b-17eb-45e1-bc62-7612fbc8d672 /var ext4 defaults,noatime 0 2 #tmpfs /var/log tmpfs size=128M 0 0 tmpfs /var/cache/apt tmpfs defaults,noatime,size=50% 0 0 tmpfs /var/tmp tmpfs defaults,noatime,size=50% 0 0 # /dev/sda8 none swap sw 0 0 #UUID=5a2984ec-81d7-4da7-a8b4-6af79b1c47a7 none swap sw 0 0 #UUID=c12dfb16-532c-456e-9d41-ac0c3d3da26a none swap sw 0 0 # /dev/hda /media/cdrom0 udf,iso9660 user,noauto 0 0 /dev/cdrom /media/cdrom0 udf,iso9660 user,noauto 0 0 /dev/sdb1 /media/usb auto rw,users,noauto,noatime 0 0 /dev/sdb2 /media/usb-2 auto rw,users,noauto,noatime 0 0 /dev/sdb1 /media/olympus auto ro,users,noauto,noatime 0 0 /dev/sdc1 /media/usb2 auto rw,users,noauto,noatime 0 0 /dev/sdc2 /media/usb2-2 auto rw,users,noauto,noatime 0 0 /dev/sdd1 /media/usb3 auto rw,users,noauto,noatime 0 0 /dev/sdd2 /media/usb3-2 auto rw,users,noauto,noatime 0 0 /dev/sdb /media/mstick auto rw,users,noauto,noatime,uid=1000,gid=1000 0 0 /dev/sdc /media/mstick2 auto rw,users,noauto,noatime 0 0 https://mediacenter.gmx.net /media/gmx davfs rw,users,noauto 0 0 https://webdav.apfelreich.net /media/webdav davfs rw,users,noauto 0 0 https://familiepommrich.webdav.hidrive.strato.com /media/strato davfs rw,users,noauto 0 0 LABEL=SICHERUNG /media/sicherung ext4 rw,user,noauto,noatime 0 0 LABEL=BACKUP /media/backup ext4 rw,user,noauto,noatime 0 0 LABEL=Backup /media/backup ext4 rw,user,noauto,noatime 0 0 LABEL=BigOne /media/bigone ext4 rw,user,noauto,noatime 0 0 UUID=3066-6330 /media/ge vfat ro,users,noauto,noatime 0 0 192.168.2.59:/Fuelme /media/fuelme nfs4 ro,users,noauto,noatime 0 0 192.168.2.224:/filme /media/filme nfs4 ro,users,noauto,noatime 0 0 # 192.168.2.59:/private.data2/Fuelme /media/fuelme nfs ro,users,noauto,noatime 0 0 # 192.168.2.59:/private/Filme /media/filme nfs ro,users,noauto,noatime 0 0 #192.168.2.59:/private.data2/income /media/nfs_income nfs rw,users,noauto,noatime 0 0 192.168.2.48:/incoming /media/nfs_income nfs4 rw,users,noauto,noatime 0 0 192.168.2.50:/musik /media/musik nfs4 rw,users,noauto,noatime 0 0
Screen blank
emacs /etc/kbd/config
# screen blanking timeout. monitor remains on, but the screen is cleared to # range: 0-60 min (0==never) kernels I've looked at default to 10 minutes. # (see linux/drivers/char/console.c) BLANK_TIME=0 (Was 30) # Powerdown time. The console will go to DPMS Off mode POWERDOWN_TIME # minutes _after_ blanking. (POWERDOWN_TIME + BLANK_TIME after the last input) POWERDOWN_TIME=0 (I think it was 15) service kbd restart
sshuttle
sshuttle -H -D -v -r robert@apfelreich.net:2102 192.168.2.0/24
ssmtp
revaliases
# sSMTP aliases # # Format: local_account:outgoing_address:mailhub # # Example: root:your_login@your.domain:mailhub.your.domain[:port] # where [:port] is an optional port number that defaults to 25. root:user@example.com:smtp.example.com:587 robert:user@example.com:smtp.example.com:587
ssmtp.conf
# # Config file for sSMTP sendmail # # The person who gets all mail for userids < 1000 # Make this empty to disable rewriting. root=user@example.com # The place where the mail goes. The actual machine name is required no # MX records are consulted. Commonly mailhosts are named mail.domain.com mailhub=smtp.example.com:587 # Where will the mail seem to come from? rewriteDomain=example.com # The full hostname hostname=host.tld # Are users allowed to set their own From: address? # YES - Allow the user to specify their own From: address # NO - Use the system generated From: address FromLineOverride=YES AuthUser=user@example.com AuthPass=password UseTLS=Yes UseSTARTTLS=Yes
Für GMX:
# /etc/ssmtp/ssmtp.conf root=youremail@gmx.com mailhub=mail.gmx.com:587 rewriteDomain=gmx.com hostname=gmx.com rewriteDomain=gmx.com FromLineOverride=YES AuthUser=youremail@gmx.com AuthPass=yourpassword UseSTARTTLS=YES
Addons
Iceweasel/Firefox
- Firemacs
- Flagfox
- Link Alert
- Noscript
- Password Exporter
- Tree Style Tab
- User Agent Switcher
Icedove/Thunderbird
- Display Mail User Agent
- Display Contact Photo
- Enigmail
- Extra Folder Columns
- Lightning/Iceowl
- Manually Sort Folders
- Mail Redirect
- New Mail Attention
- Timeline
- Toggle Word Wrap
2015-05-02 20:03:47 root@waffenkammer ~ # fdisk -l /dev/sda
Disk /dev/sda: 160.0 GB, 160041885696 bytes 255 heads, 63 sectors/track, 19457 cylinders, total 312581808 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x000d9460 Device Boot Start End Blocks Id System /dev/sda1 * 63 546209 273073+ 83 Linux /dev/sda2 546210 307194929 153324360 5 Extended /dev/sda3 307194930 312581807 2693439 83 Linux /dev/sda5 546273 20081249 9767488+ 83 Linux /dev/sda6 20081313 25944974 2931831 83 Linux /dev/sda7 25945038 307194929 140624946 83 Linux
SIS-Graphiktreiber
https://github.com/gununu/xf86-video-sis-stable
autoreconf -i ./configure --disable-static make
vimdiff
do - Get changes from other window into the current window. dp - Put the changes from current window into the other window. ]c - Jump to the next change. [c - Jump to the previous change. Ctrl W + w - Switch to the other split window (CTRL-W CTRL-W does the same thing, in case you let go of the CTRL key a bit later)
Virtualbox-Kram
http://download.virtualbox.org/virtualbox/4.3.36
VirtualBox VRDE Server aktivieren
VBoxManage setproperty vrdeextpack "Oracle VM VirtualBox Extension Pack"
VirtualBox "CD" einlegen
VBoxManage storageattach "64ee42b4-a781-4a01-a09e-f8ba6747ed39" --medium additions --storagectl "IDE" --port 1 --device 0 --type dvddrive
TLS und SSL im Firefox/Iceweasel
about:config
security.tls.version.max 3 security.tls.version.min 1 security.ssl3.rsa_fips_des_ede3_sha false
Aptitude
Keine recommends und suggests
$ cat /etc/apt/apt.conf.d/50user APT::Install-Suggests "0"; APT::Install-Recommends "0";
Installierte Pakete nach Quellen
aptitude search '~S ~i ~O "Debian Backports"' aptitude search '~S ~i ~O "Unofficial Multimedia Packages"'
NFS
Pakete Server
i A libnfsidmap2 - Bibliothek zur Abbildung von NFS-IDs i A nfs-common - NFS-Dateien, die von Client und Server benutzt werden i nfs-kernel-server - Unterstützung für den NFS-Kernel-Server
etc fstab Server
/private.data2/income /exports/income none bind,auto,rw 0 0 /private/Filme /exports/Filme none bind,auto,ro 0 0 /private.data2/Fuelme /exports/Fuelme none bind,auto,ro 0 0
cat /etc/exports # /etc/exports: the access control list for filesystems which may be exported # to NFS clients. See exports(5). # # Example for NFSv2 and NFSv3: # /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) # # Example for NFSv4: # /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) # /exports 192.168.2.0/24(fsid=0,rw,subtree_check,secure,nohide) #/var/nfs 192.168.2.44(rw,no_subtree_check) 192.168.2.29(ro,no_subtree_check) #/private/Filme 192.168.2.0/24(ro,subtree_check) /exports/Filme 192.168.2.0/24(ro,subtree_check,secure,nohide) #/private.data2/Fuelme 192.168.2.0/24(ro,subtree_check) /exports/Fuelme 192.168.2.0/24(ro,subtree_check,secure,nohide) #/private.data2/income 192.168.2.0/24(rw,subtree_check) /exports/income 192.168.2.0/24(rw,subtree_check,secure,nohide) #/private.archive/income 192.168.2.*(rw,subtree_check) #/private.data/exchange 192.168.2.*(rw,subtree_check)
# exportfs
exportfs
/exports 192.168.2.0/24
/exports/Filme 192.168.2.0/24
/exports/Fuelme
192.168.2.0/24
/exports/income
192.168.2.0/24
Multiarch
dpkg --add-architecture i386 apt-get update
update-alternatives
update-alternatives --install /usr/bin/mencoder mencoder /usr/bin/mencoder-mt 20 update-alternatives --install /usr/bin/x-terminal-emulator x-terminal-emulator /usr/bin/urxvtcd 40
etc network interfaces
cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface #allow-hotplug eth0 #auto eth0 #iface eth0 inet dhcp #iface eth0 inet static #address 192.168.2.53 #netmask 255.255.255.0 #gateway 192.168.2.1 #broadcast 192.168.2.255 #auto wlan0 #iface wlan0 inet dhcp auto wlan0 iface wlan0 inet static address 192.168.2.53 netmask 255.255.255.0 gateway 192.168.2.1 broadcast 192.168.2.255 wpa-driver wext wpa-conf /etc/wpa_supplicant/wpa_psk.conf iface dsl-provider inet ppp pre-up /sbin/ifconfig eth0 up # line maintained by pppoeconf provider dsl-provider
wpa_supplicant
network={
ssid="SSID"
scan_ssid=1
key_mgmt=WPA-PSK
psk="passwort"
}
Verschlüsselten Datenträger vergrößern
Beste: https://help.ubuntu.com/community/ResizeEncryptedPartitions http://ubuntuforums.org/showthread.php?t=726724
fdisk -l /dev/sdb fdisk /dev/sdb cryptsetup luksOpen /dev/sdb5 crypt1 mount /dev/mapper/crypt1 /mnt vgscan --mknodes vgchange -ay cryptsetup resize crypt1 pvresize /dev/mapper/crypt1 pvchange -x y /dev/mapper/crypt1 lvresize -l +100%FREE /dev/mapper/debstick-root pvchange -x n /dev/mapper/crypt1 e2fsck -f /dev/mapper/debstick-root resize2fs -p /dev/mapper/debstick-root sync cryptsetup luksClose /dev/sdb5 crypt1
Swapspeicher
#!/bin/bash
# Get current swap usage for all running processes
# Erik Ljungstrom 27/05/2011
SUM=0
OVERALL=0
for DIR in `find /proc/ -maxdepth 1 -type d | egrep "^/proc/[0-9]"` ; do
PID=`echo $DIR | cut -d / -f 3`
PROGNAME=`ps -p $PID -o comm --no-headers`
for SWAP in `grep Swap $DIR/smaps 2>/dev/null| awk '{ print $2 }'`
do
let SUM=$SUM+$SWAP
done
echo "PID=$PID - Swap used: $SUM - ($PROGNAME )"
let OVERALL=$OVERALL+$SUM
SUM=0
done
echo "Overall swap used: $OVERALL"#!/bin/bash
# find-out-what-is-using-your-swap.sh
# -- Get current swap usage for all running processes
# --
# -- rev.0.3, 2012-09-03, Jan Smid - alignment and intendation, sorting
# -- rev.0.2, 2012-08-09, Mikko Rantalainen - pipe the output to "sort -nk3" to get sorted output
# -- rev.0.1, 2011-05-27, Erik Ljungstrom - initial version
SCRIPT_NAME=`basename $0`;
SORT="kb"; # {pid|kB|name} as first parameter, [default: kb]
[ "$1" != "" ] && { SORT="$1"; }
[ ! -x `which mktemp` ] && { echo "ERROR: mktemp is not available!"; exit; }
MKTEMP=`which mktemp`;
TMP=`${MKTEMP} -d`;
[ ! -d "${TMP}" ] && { echo "ERROR: unable to create temp dir!"; exit; }
>${TMP}/${SCRIPT_NAME}.pid;
>${TMP}/${SCRIPT_NAME}.kb;
>${TMP}/${SCRIPT_NAME}.name;
SUM=0;
OVERALL=0;
echo "${OVERALL}" > ${TMP}/${SCRIPT_NAME}.overal;
for DIR in `find /proc/ -maxdepth 1 -type d -regex "^/proc/[0-9]+"`;
do
PID=`echo $DIR | cut -d / -f 3`
PROGNAME=`ps -p $PID -o comm --no-headers`
for SWAP in `grep Swap $DIR/smaps 2>/dev/null| awk '{ print $2 }'`
do
let SUM=$SUM+$SWAP
done
if (( $SUM > 0 ));
then
echo -n ".";
echo -e "${PID}\t${SUM}\t${PROGNAME}" >> ${TMP}/${SCRIPT_NAME}.pid;
echo -e "${SUM}\t${PID}\t${PROGNAME}" >> ${TMP}/${SCRIPT_NAME}.kb;
echo -e "${PROGNAME}\t${SUM}\t${PID}" >> ${TMP}/${SCRIPT_NAME}.name;
fi
let OVERALL=$OVERALL+$SUM
SUM=0
done
echo "${OVERALL}" > ${TMP}/${SCRIPT_NAME}.overal;
echo;
echo "Overall swap used: ${OVERALL} kB";
echo "========================================";
case "${SORT}" in
name )
echo -e "name\tkB\tpid";
echo "========================================";
cat ${TMP}/${SCRIPT_NAME}.name|sort -r;
;;
kb )
echo -e "kB\tpid\tname";
echo "========================================";
cat ${TMP}/${SCRIPT_NAME}.kb|sort -rh;
;;
pid | * )
echo -e "pid\tkB\tname";
echo "========================================";
cat ${TMP}/${SCRIPT_NAME}.pid|sort -rh;
;;
esac
rm -fR "${TMP}/";