# The documentation website of PostgreSQL is www.postgresql.org/docs.
$ sudo addgroup sql
[sudo] password for testuser:
Adding group `sql' (GID 1005) ...
Done.
$ sudo adduser pgsqlown --ingroup sql
$ sudo apt-get update
$ sudo apt-get upgrade
# For the software download, you may choose a more recent version of the database with the following section of this write-up, or skip ahead.
# If you want to install a more recent version:
$ sudo apt-get install curl ca-certificates gnupg
$ curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 4812 100 4812 0 0 4105 0 0:00:01 0:00:01 --:--:-- 4105
OK
# Create /etc/apt/sources.list.d/pgdg.list with a line for the repository version for your Linux version.
$ lsb_release -c
Codename: bionic
$ cat /etc/apt/sources.list.d/pgdg.list
deb http://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main
$ sudo apt-get update
$ sudo apt-get install postgresql-11
# Use this for the quick install of whatever version is provided at the time of the Ubuntu release. Do one or the other of the prior install or the following install.
$ sudo apt install postgresql postgresql-contrib
# If you are watching /var/log/syslog during the install, you will see entries like:
Apr 16 22:19:16 dell990 systemd[1]: Starting PostgreSQL RDBMS...
Apr 16 22:19:16 dell990 systemd[1]: Started PostgreSQL RDBMS.
Apr 16 22:19:19 dell990 systemd[1]: Reloading.
Apr 16 22:19:19 dell990 systemd[1]: message repeated 2 times: [ Reloading.]
Apr 16 22:19:20 dell990 systemd[1]: Created slice system-postgresql.slice.
Apr 16 22:19:20 dell990 systemd[1]: Starting PostgreSQL Cluster 10-main...
Apr 16 22:19:22 dell990 systemd[1]: Started PostgreSQL Cluster 10-main.
$ ps -ef | grep sql
postgres 6118 1 0 22:19 ? 00:00:00 /usr/lib/postgresql/10/bin/postgres -D /var/lib/postgresql/10/main -c config_file=/etc/postgresql/10/main/postgresql.conf
# You should take a moment to review the config file.
$ more /etc/postgresql/10/main/postgresql.conf
$ grep -v ^\# /etc/postgresql/10/main/postgresql.conf | grep -v ^$ | grep -v $'\t'
# Note the install made the postgres user, with a home directory in /var/lib.
$ tail -1 /etc/passwd
postgres:x:122:123:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash
# As configured, the postgres unix account does not allow a direct login, nor "su", because of the "*" (asterisk/star) in the second field of the actual password file.
$ sudo tail -1 /etc/shadow
postgres:*:18369:0:99999:7:::
# The software install made a unix group for the postgres user.
$ tail -1 /etc/group
postgres:x:123:
# All of the running processes for the database owner.
$ ps -fu postgres
UID PID PPID C STIME TTY TIME CMD
postgres 6118 1 0 22:19 ? 00:00:00 /usr/lib/postgresql/10/bin/postgres -D /var/lib/postgresql/10/main -c config_file=/etc/postgresql/10/main/postgresql.conf
postgres 6128 6118 0 22:19 ? 00:00:00 postgres: 10/main: checkpointer process
postgres 6129 6118 0 22:19 ? 00:00:00 postgres: 10/main: writer process
postgres 6130 6118 0 22:19 ? 00:00:00 postgres: 10/main: wal writer process
postgres 6131 6118 0 22:19 ? 00:00:00 postgres: 10/main: autovacuum launcher process
postgres 6133 6118 0 22:19 ? 00:00:00 postgres: 10/main: stats collector process
postgres 6135 6118 0 22:19 ? 00:00:00 postgres: 10/main: bgworker: logical replication launcher
# Note the line with PID 6118. That started the database server and shows the configuration file.
# The software install may have been placed in /usr/share.
$ ls -ld /usr/share post*
drwxr-xr-x 3 root root 4096 Apr 16 22:19 postgresql
drwxr-xr-x 5 root root 4096 Apr 16 22:19 postgresql-common
drwxr-xr-x 253 root root 12288 Apr 16 22:19 /usr/share
# Check if automatic database startup was configured with systemctl. Looks like it was not configured, as there are no new files in /etc/systemd/system.
$ ls -ltr /etc/systemd/system
# Yet there is a systemctl entry.
$ systemctl status postgresql
● postgresql.service - PostgreSQL RDBMS
Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: enabled)
Active: active (exited) since Thu 2020-04-16 22:19:16 MDT; 1 day 1h ago
Main PID: 5093 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4915)
CGroup: /system.slice/postgresql.service
# It is running from systemctl, so look further for systemctl files.
$ sudo grep -i post /etc/systemd/system/*/* 2>/dev/null
/etc/systemd/system/multi-user.target.wants/postgresql.service:# systemd service for managing all PostgreSQL clusters on the system. This
/etc/systemd/system/multi-user.target.wants/postgresql.service:Description=PostgreSQL RDBMS
# Check if jobs were added in cron. Can we "su" to login to the new account... Is there a password for the user?
$ sudo grep postgres /etc/shadow
postgres:*:18369:0:99999:7:::
# The second field has an asterisk (*), so it is not possible to "su" and enter a password.
# Let's use sudo to become the user and look for a crontab entry.
$ sudo su - postgres
postgres@dell990:~$ id
uid=122(postgres) gid=123(postgres) groups=123(postgres),112(ssl-cert)
postgres@dell990:~$ crontab -l
no crontab for postgres
# We have determined nothing is configured cron, and the database start and stop is configured in systemctl.
# Let's try to log in with the sql interpreter, and then log out.
$ psql
psql (10.12 (Ubuntu 10.12-0ubuntu0.18.04.1))
Type "help" for help.
postgres=# \q
# Exit the sql interpreter with "\q" and press ENTER.
# Confirm which version of the database we are connecting to. Press "q" when you have finished reading the output from the SELECT command.
$ psql
psql (10.12 (Ubuntu 10.12-0ubuntu0.18.04.1))
Type "help" for help.
postgres=# select version();
version
----------------------------------------------------------------------------------------------------------------------------------------
PostgreSQL 10.12 (Ubuntu 10.12-0ubuntu0.18.04.1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 7.4.0-1ubuntu1~18.04.1) 7.4.0, 64-bit
(1 row)
(END) version
----------------------------------------------------------------------------------------------------------------------------------------
PostgreSQL 10.12 (Ubuntu 10.12-0ubuntu0.18.04.1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 7.4.0-1ubuntu1~18.04.1) 7.4.0, 64-bit
(1 row)
(END)
# Another way to show the database software version while in the sql interpreter.
postgres=# show server_version;
server_version
---------------------------------------
10.12 (Ubuntu 10.12-0ubuntu0.18.04.1)
(1 row)
# We can also ask the postgres executable which version it is.
$ postgres -V
Command 'postgres' not found, did you mean:
command 'postgrey' from deb postgrey
Try: apt install <deb name>
# Confirm we are using the unix login of the software owner, and look at the PATH environment variable.
$ whoami
postgres
$ echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
# Find where "postgres" was installed in the filesystem.
$ sudo find / -name postgres -print 2>/dev/null
/run/sudo/ts/postgres
/usr/lib/postgresql/10/bin/postgres
# The directory in that second line of output should be added to our PATH shell environment variable. Add just the directory path, not the actual "postgres" command.
$ echo 'export PATH=$PATH:/usr/lib/postgresql/10/bin' >> /var/lib/postgresql/.bashrc
# Login again, or "source" the login file. Type this in the "home" directory.
$ . ./.bashrc
# Check the new setting of PATH shell environment variable.
$ echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/usr/lib/postgresql/10/bin/postgres:/usr/lib/postgresql/10/bin
# Try the version command again.
$ postgres -V
postgres (PostgreSQL) 10.12 (Ubuntu 10.12-0ubuntu0.18.04.1)
# Log in and find out which role is in use. In this case, it is the same as the unix login.
$ psql
psql (10.12 (Ubuntu 10.12-0ubuntu0.18.04.1))
Type "help" for help.
postgres=# \conninfo
You are connected to database "postgres" as user "postgres" via socket in "/var/run/postgresql" at port "5432".
# List table names in this database. In this case, there are none.
postgres=# \d
Did not find any relations.
### Use PostgreSQL perl wrapper to determine what is running. Similar, though different than the earlier "ps" command.
$ pg_lsclusters
Ver Cluster Port Status Owner Data directory Log file
10 main 5432 online postgres /var/lib/postgresql/10/main /var/log/postgresql/postgresql-10-main.log
$ pg_ctlcluster 10 main status
pg_ctl: server is running (PID: 6118)
/usr/lib/postgresql/10/bin/postgres
"-D" "/var/lib/postgresql/10/main" "-c"
"config_file=/etc/postgresql/10/main/postgresql.conf"
# Stop the server. You may want to simultaneously run unix "top" in another window to watch the process.
# While you can use pg_ctlcluster with "stop", you should use the already-configured systemctl.
### Set up a backup. This is a client program which may be run from a different machine.
$ which pg_dumpall
/usr/bin/pg_dumpall
# The command to backup all databases should run quickly because nothing has been added yet.
$ pg_dumpall > /tmp/postgres.backup
# The curious may want to look at the backup file.
$ file /tmp/postgres.backup
/tmp/postgres.backup: ASCII text
$ more /tmp/postgres.backup
--
-- PostgreSQL database cluster dump
--
... and the backup file continues and ends with ...
--
-- PostgreSQL database cluster dump complete
--
# Add the following line in unix user postgres crontab.
$ crontab -l
* 1 * * * /usr/lib/postgresql/10/bin/pg_dumpall > /tmp/postgres.backup.$(/bin/date +%Y%m%d.%H%M%S) 1>>/tmp/postgres.cron 2>>&1
Showing posts with label Linux. Show all posts
Showing posts with label Linux. Show all posts
Friday, April 17, 2020
Sunday, April 12, 2020
VNC On Ubuntu Linux
How to set up VNC (virtual network computing) on Ubuntu Linux and Microsoft Windows 10 to transport an X display over a network. This will allow you to connect "X" graphical displays across machines so you can run a program on Linux and view the program graphical display on Microsoft Windows PC. This example sets up a direct VNC connection, which is not secure. Once these examples are in place and working, you can configure the VNC connection to go through an SSH tunnel. Let's go one step at a time, and start with a plain VNC connection.
This example uses TightVNC from www.tightvnc.com/download.php and sourceforge.net/projects/vnc-tight.
In these examples, the lines that begin with a $ (dollar sign) indicate you should type what is after the dollar sign in to your Linux command prompt. Do not type the leading dollar sign.
### For first time setup on the Linux machine, have your system adminstrator install the packages.
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
$ uname -a
Linux dell990 4.15.0-96-generic #97-Ubuntu SMP Wed Apr 1 03:25:46 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
# System administrator should add this line to end of /etc/apt/sources.list "deb http://mirrors.kernel.org/ubuntu bionic main universe"
$ grep mirrors /etc/apt/sources.list
deb http://mirrors.kernel.org/ubuntu bionic main universe
# System administrator should install the VNC package. Also install xterm.
$ sudo apt update
$ sudo apt install tightvncserver
$ sudo apt install xterm
### As the user of VNC on the Linux machine, do the following.
# Log in to Linux. In your Linux home directory, create the password file (~/.vnc/passwd) by running the vncpasswd program.
# From Windows, press the Start button, type cmd, and open a command prompt. In the Windows PC command prompt type "ssh testuser@ip_address" and log in to your Linux account.
# Press the Start button, type "cmd", and open a command prompt.
# In the command prompt window, using your user name, type: ssh testuser@ip_address
# For the first ssh connection, accept the ssh key fingerprint if you are prompted. Your system administrator will tell you the account name (testuser in this example) and the IP address or host name (192.168.1.9 in this example).
# Once you are logged in to the Linux machine, set up your VNC password. You only need to do this one time.
$ vncpasswd
Using password file /home/testuser/.vnc/passwd
VNC directory /home/testuser/.vnc does not exist, creating.
Password:
Warning: password truncated to the length of 8.
Verify:
Would you like to enter a view-only password (y/n)? n
# Start the VNC server on the Linux machine.
$ vncserver
xauth: file /home/testuser/.Xauthority does not exist
New 'X' desktop is dell990:1
Creating default startup script /home/testuser/.vnc/xstartup
Starting applications specified in /home/testuser/.vnc/xstartup
Log file is /home/testuser/.vnc/dell990:1.log
# Note the display number is "1".
# Remember in this example, the IP address is 192.168.1.9. Your IP or hostname is likely different than this example.
# The VNC server is running as a process with your username and is listening for an incoming connection.
$ ps -ef | grep vnc
testuser 6312 1 0 20:24 pts/1 00:00:00 Xtightvnc :1 -desktop X -auth /home/testuser/.Xauthority -geometry 1024x768 -depth 24 -rfbwait 120000 -rfbauth /home/testuser/.vnc/passwd -rfbport 5901 -fp /usr/share/fonts/X11/misc/,/usr/share/fonts/X11/Type1/,/usr/share/fonts/X11/75dpi/,/usr/share/fonts/X11/100dpi/ -co /etc/X11/rgb
This example uses TightVNC from www.tightvnc.com/download.php and sourceforge.net/projects/vnc-tight.
In these examples, the lines that begin with a $ (dollar sign) indicate you should type what is after the dollar sign in to your Linux command prompt. Do not type the leading dollar sign.
### For first time setup on the Linux machine, have your system adminstrator install the packages.
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
$ uname -a
Linux dell990 4.15.0-96-generic #97-Ubuntu SMP Wed Apr 1 03:25:46 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
# System administrator should add this line to end of /etc/apt/sources.list "deb http://mirrors.kernel.org/ubuntu bionic main universe"
$ grep mirrors /etc/apt/sources.list
deb http://mirrors.kernel.org/ubuntu bionic main universe
# System administrator should install the VNC package. Also install xterm.
$ sudo apt update
$ sudo apt install tightvncserver
$ sudo apt install xterm
### As the user of VNC on the Linux machine, do the following.
# Log in to Linux. In your Linux home directory, create the password file (~/.vnc/passwd) by running the vncpasswd program.
# From Windows, press the Start button, type cmd, and open a command prompt. In the Windows PC command prompt type "ssh testuser@ip_address" and log in to your Linux account.
# Press the Start button, type "cmd", and open a command prompt.
# In the command prompt window, using your user name, type: ssh testuser@ip_address
# For the first ssh connection, accept the ssh key fingerprint if you are prompted. Your system administrator will tell you the account name (testuser in this example) and the IP address or host name (192.168.1.9 in this example).
# Once you are logged in to the Linux machine, set up your VNC password. You only need to do this one time.
$ vncpasswd
Using password file /home/testuser/.vnc/passwd
VNC directory /home/testuser/.vnc does not exist, creating.
Password:
Warning: password truncated to the length of 8.
Verify:
Would you like to enter a view-only password (y/n)? n
# Start the VNC server on the Linux machine.
$ vncserver
xauth: file /home/testuser/.Xauthority does not exist
New 'X' desktop is dell990:1
Creating default startup script /home/testuser/.vnc/xstartup
Starting applications specified in /home/testuser/.vnc/xstartup
Log file is /home/testuser/.vnc/dell990:1.log
# Note the display number is "1".
# Remember in this example, the IP address is 192.168.1.9. Your IP or hostname is likely different than this example.
# The VNC server is running as a process with your username and is listening for an incoming connection.
$ ps -ef | grep vnc
testuser 6312 1 0 20:24 pts/1 00:00:00 Xtightvnc :1 -desktop X -auth /home/testuser/.Xauthority -geometry 1024x768 -depth 24 -rfbwait 120000 -rfbauth /home/testuser/.vnc/passwd -rfbport 5901 -fp /usr/share/fonts/X11/misc/,/usr/share/fonts/X11/Type1/,/usr/share/fonts/X11/75dpi/,/usr/share/fonts/X11/100dpi/ -co /etc/X11/rgb
# On your PC, download the VNC viewer from www.tightvnc.com/download.php. If your Windows PC has 4GB of RAM or less, you probably will choose the 32-bit version.
# You only need the viewer. Choose the CUSTOM setup and install the viewer.
# On the Windows PC, run the TightVNC viewer app. Make the remote host the Linux machine with two colons and the VNC display number. In this example, it is 192.168.1.9:11.
# Press "Connect" and it will open a TightVNC Viewer window on the Windows PC. At this point, the VNC Viewer window is like an empty display container.
# If you try to run a graphical program on the Linux machine, it likely will not work. For example:
$ xterm
PuTTY X11 proxy: unable to connect to forwarded X server: Network error: Connection refused
xterm: Xt error: Can't open display: localhost:10.0
$ echo $DISPLAY
localhost:10.0
$ echo $TERM
xterm
# It likely didn't work because the Linux machine needs to know where to send the display output. This is set in your Linux shell environment variable DISPLAY. Type the following in the Linux shell. The number "1" is used in this example because that was the number from the earlier "vncserver" command.
$ export DISPLAY=localhost:1
$ echo $DISPLAY
localhost:1
# If the Linux shell environment variable TERM is not set to "xterm" or similar, do that now.
$ export TERM=xterm
# Test the clock program to display the output in the VNC Viewer on your Windows PC by running the clock program in the Linux shell. In the Linux shell type "xclock".
$ xclock
# Switch back to your Linux shell. You should notice that you can't type anything; it is not accepting input. Press the ENTER key a few times to test this.
# In the Linux shell, press CTRL-c to end the clock program. The clock in the VNC Viewer on your PC should close.
# Try to run the clock again. This time, put an & (ampersand) after the command. The clock should display, the shell will show the process ID (PID) of the clock process, and you will also be able to type in the Linux shell.
$ xclock &
[1] 10904
# Open a new shell window and display it in the VNC Viewer app on your Windows PC.
$ xterm &
[2] 10907
# In the new shell window which is displayed on the PC, type a quick command. Ensure your Windows PC mouse is over the window where you want to type.
$ uname -a
Linux dell990 4.15.0-96-generic #97-Ubuntu SMP Wed Apr 1 03:25:46 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
# In the window on your PC, type "exit". It should disappear. Go back to your first Linux connection and press ENTER. The shell should tell you that process has ended.
$
[2]+ Done xterm
# End the clock program. In Linux use the "kill" command with the process ID (PID) that it displayed when you started the clock program. The press ENTER again and the Linux shell will tell you the process has terminated.
$ kill -term 10904
testuser@dell990:~$
[1]+ Terminated xclock
# Start a web browser on the Linux machine and it will display in the VNC Viewer on your Windows PC.
$ firefox &
[1] 10959
# In the web browser that should have appeared in the VNC viewer, go to a website which shows the IP address. The IP address will be the public facing IP address of the Linux machine, not the IP address of your Windows PC.
# When using an xterm window, try pressing CTRL+leftMouseButton to show an options menu.
# You should be able to close the Linux terminal session and still have the programs displayed in VNC on the PC continue to run.
# To completely stop the VNC server, on the Linux machine type:
$ vncserver -kill :1
Killing Xtightvnc process ID 503
# Customize the window settings by creating file .Xresources in your home directory. Then kill and restart the vncserver.
$ cat .Xresources
! Type "man xterm" for all settings.
! Set window size.
XTerm.vt100.geometry: 80x32
XTerm.vt100.reverseVideo: true
! Type "fc-list :scalable=true: family | sort | more" to show available fonts.
! Set a font and size.
XTerm.vt100.faceName: Ubuntu Mono:size=12:antialias=false
XTerm.vt100.faceSize: 12
! Double-click selects whole word.
XTerm.VT100.charClass: 33:48,35-37:48,43:48,45-47:48,64:48,126:48
! Scroll bar on right side. Use left or right mouse button on top of scroll bar to move it.
XTerm.vt100.scrollBar: true
XTerm.vt100.rightScrollBar: true
XTerm.vt100.scrollbar.width: 8
XTerm.vt100.saveLines: 2048
! Allow window resize.
XTerm.vt100.allowWindowOps: true
# You only need the viewer. Choose the CUSTOM setup and install the viewer.
# On the Windows PC, run the TightVNC viewer app. Make the remote host the Linux machine with two colons and the VNC display number. In this example, it is 192.168.1.9:11.
# Press "Connect" and it will open a TightVNC Viewer window on the Windows PC. At this point, the VNC Viewer window is like an empty display container.
# If you try to run a graphical program on the Linux machine, it likely will not work. For example:
$ xterm
PuTTY X11 proxy: unable to connect to forwarded X server: Network error: Connection refused
xterm: Xt error: Can't open display: localhost:10.0
$ echo $DISPLAY
localhost:10.0
$ echo $TERM
xterm
# It likely didn't work because the Linux machine needs to know where to send the display output. This is set in your Linux shell environment variable DISPLAY. Type the following in the Linux shell. The number "1" is used in this example because that was the number from the earlier "vncserver" command.
$ export DISPLAY=localhost:1
$ echo $DISPLAY
localhost:1
# If the Linux shell environment variable TERM is not set to "xterm" or similar, do that now.
$ export TERM=xterm
# Test the clock program to display the output in the VNC Viewer on your Windows PC by running the clock program in the Linux shell. In the Linux shell type "xclock".
$ xclock
# Switch back to your Linux shell. You should notice that you can't type anything; it is not accepting input. Press the ENTER key a few times to test this.
# In the Linux shell, press CTRL-c to end the clock program. The clock in the VNC Viewer on your PC should close.
# Try to run the clock again. This time, put an & (ampersand) after the command. The clock should display, the shell will show the process ID (PID) of the clock process, and you will also be able to type in the Linux shell.
$ xclock &
[1] 10904
# Open a new shell window and display it in the VNC Viewer app on your Windows PC.
$ xterm &
[2] 10907
# In the new shell window which is displayed on the PC, type a quick command. Ensure your Windows PC mouse is over the window where you want to type.
$ uname -a
Linux dell990 4.15.0-96-generic #97-Ubuntu SMP Wed Apr 1 03:25:46 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
# In the window on your PC, type "exit". It should disappear. Go back to your first Linux connection and press ENTER. The shell should tell you that process has ended.
$
[2]+ Done xterm
# End the clock program. In Linux use the "kill" command with the process ID (PID) that it displayed when you started the clock program. The press ENTER again and the Linux shell will tell you the process has terminated.
$ kill -term 10904
testuser@dell990:~$
[1]+ Terminated xclock
# Start a web browser on the Linux machine and it will display in the VNC Viewer on your Windows PC.
$ firefox &
[1] 10959
# In the web browser that should have appeared in the VNC viewer, go to a website which shows the IP address. The IP address will be the public facing IP address of the Linux machine, not the IP address of your Windows PC.
# When using an xterm window, try pressing CTRL+leftMouseButton to show an options menu.
# You should be able to close the Linux terminal session and still have the programs displayed in VNC on the PC continue to run.
# To completely stop the VNC server, on the Linux machine type:
$ vncserver -kill :1
Killing Xtightvnc process ID 503
# Customize the window settings by creating file .Xresources in your home directory. Then kill and restart the vncserver.
$ cat .Xresources
! Type "man xterm" for all settings.
! Set window size.
XTerm.vt100.geometry: 80x32
XTerm.vt100.reverseVideo: true
! Type "fc-list :scalable=true: family | sort | more" to show available fonts.
! Set a font and size.
XTerm.vt100.faceName: Ubuntu Mono:size=12:antialias=false
XTerm.vt100.faceSize: 12
! Double-click selects whole word.
XTerm.VT100.charClass: 33:48,35-37:48,43:48,45-47:48,64:48,126:48
! Scroll bar on right side. Use left or right mouse button on top of scroll bar to move it.
XTerm.vt100.scrollBar: true
XTerm.vt100.rightScrollBar: true
XTerm.vt100.scrollbar.width: 8
XTerm.vt100.saveLines: 2048
! Allow window resize.
XTerm.vt100.allowWindowOps: true
Friday, April 10, 2020
After-Install Setup Tasks On Ubuntu 18
After Ubuntu 18 is running, you may want to do additional setup: setup a group and user, set colors, configure a firewall, setup dynamic DNS, and remove unused packages and services.
### Which version of the operating system. Also use "uname -a".
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
### Become familiar with what is booting and running by watching the system log.
$ sudo tail -f /var/log/syslog
### Modify the shell login files in your home directory.
$ cd ~
$ cp -p .bashrc .bashrc.orig
$ mv .profile .profile.orig
$ mv .bashrc .bash_profile
### Set a default editor.
# Choose your editor
$ select-editor
# The editor may be set in your login files.
EDITOR=vi
### Remove colorization.
# Using your file editor (such as vi) comment out all of the code with "color".
$ vi .bash_profile
# Also, put the present working directory at the end of the PATH variable by adding to end of file .bash_profile
PATH=$PATH:.
# Log in again. Alternatively, "source" your logon file.
$ . ./.bash_profile
### Remove software until you are ready to use it
$ sudo apt-get remove openvpn
$ sudo systemctl disable openvpn
Synchronizing state of openvpn.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable openvpn
Unit /etc/systemd/system/openvpn.service is masked, ignoring.# Then disable the openvpn startup file
$ cd /etc/default
$ sudo mv openvpn openvpn.20170702
### Alternatively, find and disable services you may not be using
$ systemctl list-units --all --type=service --no-pager
# Some services you may want to disable are
cups-browsed.service loaded active running Make remote CUPS printers
cups.service loaded active running CUPS Scheduler
ModemManager.service loaded active running Modem Manager
# Check the service, stop the service, then disable the service
$ systemctl status cups-browsed
cups-browsed.service - Make remote CUPS printers available locally
Loaded: loaded (/lib/systemd/system/cups-browsed.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2020-04-05 00:05:14 MDT; 14h ago
Main PID: 21137 (cups-browsed)
Tasks: 3 (limit: 4915)
CGroup: /system.slice/cups-browsed.service
└─21137 /usr/sbin/cups-browsed
Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
$ sudo systemctl stop cups-browsed
$ sudo systemctl disable cups-browsed
$ sudo systemctl stop cups
$ sudo systemctl disable cups
$ sudo systemctl stop ModemManager
$ sudo systemctl disable ModemManager
# After the next machine restart, verify the services are not runing.
$ sudo reboot
# Or alternatively use systemctl to restart the machine.
$ sudo systemctl reboot
$ systemctl list-units --all --type=service --no-pager
# Another example of disabling a service, for the Let's Encrypt https certbot service.
$ systemctl status certbot.service
● certbot.service - Certbot
Loaded: loaded (/lib/systemd/system/certbot.service; static; vendor preset: enabled)
Active: inactive (dead) since Fri 2020-04-10 16:43:44 MDT; 5h 40min ago
Docs: file:///usr/share/doc/python-certbot-doc/html/index.html
https://letsencrypt.readthedocs.io/en/latest/
Main PID: 31598 (code=exited, status=0/SUCCESS)
$ sudo systemctl stop certbot
Warning: Stopping certbot.service, but it can still be activated by:
certbot.timer
$ sudo systemctl disable certbot
### When you log on you will see messages about software updates.
38 packages can be updated.
34 updates are security updates.
$ Install the software updates.
$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt-get dist-upgrade
$ When you next logon, the upgrade counter should drop. Not all can take effect until after a reboot.
0 packages can be updated.
0 updates are security updates.
*** System restart required ***
$ sudo shutdown -r
### Setup a user and group. In this example, the new users is "testuser" and the new group is "minec".
$ sudo addgroup minec
$ cat /etc/group | grep minec
# Create new user.
$ sudo adduser testuser --ingroup minec
# At this point, you may want to log in as the user and run command "groups" to confirm the group is set up appropriately.
# Allow logon via ssh. Put user in /etc/ssh/sshd_config on the "AllowUsers" line
# Use "vi" or "vim" or similar editor to edit file /etc/ssh/sshd_config and add "testuser" to the "AllowUsers" line.
# After editing, it will look like this:
$ grep -i allowusers /etc/ssh/sshd_config
AllowUsers testuser
# You may want to review the security implications of the following settings in sshd_config:
# Protocol, PermitRootLogin, AuthorizedKeysFile, PermitEmptyPasswords
# IgnoreRhosts, PermitTunnel, ciphers.
$ grep -i ^permitrootlogin /etc/ssh/sshd_config
PermitRootLogin no
# Have ssh reread the configuration file. First get the process ID, then send HUP signal to that PID.
$ ps -ef | grep 'bin/sshd'$ sudo kill -hup <sshd_pid>
# Alternatively use service manager to restart ssh
$ sudo systemctl restart ssh
# View the effective settings of sshd
$ sshd -T
# Maybe put testuser in sudoers. Careful with this, as it provides root access.
$ sudo usermod -aG sudo testuser
# Maybe modify defaults of sudo
$ sudo visudo
### Configure firewall
# "Uncomplicated FireWall", known as ufw, should already be installed. If not, run:
$ sudo apt install ufw
# Ensure the filtering of IPv6 firewall is on, even if you are not using IPv6 at this time
$ sudo vi /etc/default/ufw
# Ensure this line exists without a leading comment character:
$ IPV6=yes
# Setup ufw services
$ sudo ufw allow ssh
$ sudo ufw allow http
$ sudo ufw allow https
# Deny outgoing SMTP mail
$ sudo ufw deny out 25
# Consider a block on geographic network address ranges.
# Start the firewall.
$ sudo ufw enable
# Look at the ufw settings
### If you have a changing IP (typical consumer-grade internet) and want to more easily host an incoming service, setup up dynamic DNS. Go to www.duckdns.org and configure a sub-domain for your host. Using the information from your sign up at duckdns.org, configure the following on the Linux machine.
$ cat /var/opt/duckdns/duck.sh
#!/bin/sh
DOMAINFQ="YOUR_DOMAIN.duckdns.org"
curl_out=$(echo url="https://www.duckdns.org/update?domains=YOUR_DOMAIN&token=YOUR_TOKEN" | /usr/bin/curl --insecure --silent --config - )
# Whatever is running this script (cron?) may want to direct output to a file in /tmp.
/bin/echo
/bin/date
/bin/echo duckdns updated $curl_out
/bin/echo 'dig output:'
/usr/bin/dig $DOMAINFQ | /bin/grep ^$DOMAINFQ
if [ $curl_out = "OK" ]; then
/usr/bin/logger -p daemon.info "duckdns update ok. rc=" $curl_out
else
/usr/bin/logger -p daemon.err "duckdns update failed. rc=" $curl_out
fi
# Run script every twenty minutes from cron. As the duckdns user, add a line to the crontab.
$ crontab -e
*/20 * * * * /var/opt/duckdns/duck.sh >>/tmp/duckdns.log 2>&1
# Watch the duckdns log file from cron which should be in /tmp.
### When you logon to the machine, the message displayed is from motd.dynamic.
$ ls -l /run/motd.dynamic
-rw-r--r-- 1 root root 753 Apr 11 17:58 /run/motd.dynamic
# If you do not yet have data backups configured, add a message to your users.
$ sudo vi /etc/update-motd.d/60-backup-warning
$ sudo chmod +x /etc/update-motd.d/60-backup-warning
# Add the following lines to this new file.
$ cat 60-backup-warning
#!/bin/sh
printf "\n"
printf "*** Warning: This machine is not on regular backups. Plan accordingly.\n"
# Consider disabling the live patch message, and others. Remove the execute permission.
$ sudo chmod -x /etc/update-motd.d/80-livepatch
$ sudo chmod -x /etc/update-motd.d/10-help-text
### Which version of the operating system. Also use "uname -a".
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
### Become familiar with what is booting and running by watching the system log.
$ sudo tail -f /var/log/syslog
### Modify the shell login files in your home directory.
$ cd ~
$ cp -p .bashrc .bashrc.orig
$ mv .profile .profile.orig
$ mv .bashrc .bash_profile
### Set a default editor.
# Choose your editor
$ select-editor
# The editor may be set in your login files.
EDITOR=vi
### Remove colorization.
# Using your file editor (such as vi) comment out all of the code with "color".
$ vi .bash_profile
# Also, put the present working directory at the end of the PATH variable by adding to end of file .bash_profile
PATH=$PATH:.
# Log in again. Alternatively, "source" your logon file.
$ . ./.bash_profile
### Remove software until you are ready to use it
$ sudo apt-get remove openvpn
$ sudo systemctl disable openvpn
Synchronizing state of openvpn.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable openvpn
Unit /etc/systemd/system/openvpn.service is masked, ignoring.# Then disable the openvpn startup file
$ cd /etc/default
$ sudo mv openvpn openvpn.20170702
### Alternatively, find and disable services you may not be using
$ systemctl list-units --all --type=service --no-pager
# Some services you may want to disable are
cups-browsed.service loaded active running Make remote CUPS printers
cups.service loaded active running CUPS Scheduler
ModemManager.service loaded active running Modem Manager
# Check the service, stop the service, then disable the service
$ systemctl status cups-browsed
cups-browsed.service - Make remote CUPS printers available locally
Loaded: loaded (/lib/systemd/system/cups-browsed.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2020-04-05 00:05:14 MDT; 14h ago
Main PID: 21137 (cups-browsed)
Tasks: 3 (limit: 4915)
CGroup: /system.slice/cups-browsed.service
└─21137 /usr/sbin/cups-browsed
Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
$ sudo systemctl stop cups-browsed
$ sudo systemctl disable cups-browsed
$ sudo systemctl stop cups
$ sudo systemctl disable cups
$ sudo systemctl stop ModemManager
$ sudo systemctl disable ModemManager
# After the next machine restart, verify the services are not runing.
$ sudo reboot
# Or alternatively use systemctl to restart the machine.
$ sudo systemctl reboot
$ systemctl list-units --all --type=service --no-pager
# Another example of disabling a service, for the Let's Encrypt https certbot service.
$ systemctl status certbot.service
● certbot.service - Certbot
Loaded: loaded (/lib/systemd/system/certbot.service; static; vendor preset: enabled)
Active: inactive (dead) since Fri 2020-04-10 16:43:44 MDT; 5h 40min ago
Docs: file:///usr/share/doc/python-certbot-doc/html/index.html
https://letsencrypt.readthedocs.io/en/latest/
Main PID: 31598 (code=exited, status=0/SUCCESS)
$ sudo systemctl stop certbot
Warning: Stopping certbot.service, but it can still be activated by:
certbot.timer
$ sudo systemctl disable certbot
### When you log on you will see messages about software updates.
38 packages can be updated.
34 updates are security updates.
$ Install the software updates.
$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt-get dist-upgrade
$ When you next logon, the upgrade counter should drop. Not all can take effect until after a reboot.
0 packages can be updated.
0 updates are security updates.
*** System restart required ***
$ sudo shutdown -r
### Setup a user and group. In this example, the new users is "testuser" and the new group is "minec".
$ sudo addgroup minec
$ cat /etc/group | grep minec
# Create new user.
$ sudo adduser testuser --ingroup minec
# At this point, you may want to log in as the user and run command "groups" to confirm the group is set up appropriately.
# Allow logon via ssh. Put user in /etc/ssh/sshd_config on the "AllowUsers" line
# Use "vi" or "vim" or similar editor to edit file /etc/ssh/sshd_config and add "testuser" to the "AllowUsers" line.
# After editing, it will look like this:
$ grep -i allowusers /etc/ssh/sshd_config
AllowUsers testuser
# You may want to review the security implications of the following settings in sshd_config:
# Protocol, PermitRootLogin, AuthorizedKeysFile, PermitEmptyPasswords
# IgnoreRhosts, PermitTunnel, ciphers.
$ grep -i ^permitrootlogin /etc/ssh/sshd_config
PermitRootLogin no
# Have ssh reread the configuration file. First get the process ID, then send HUP signal to that PID.
$ ps -ef | grep 'bin/sshd'$ sudo kill -hup <sshd_pid>
# Alternatively use service manager to restart ssh
$ sudo systemctl restart ssh
# View the effective settings of sshd
$ sshd -T
# Maybe put testuser in sudoers. Careful with this, as it provides root access.
$ sudo usermod -aG sudo testuser
# Maybe modify defaults of sudo
$ sudo visudo
### Configure firewall
# "Uncomplicated FireWall", known as ufw, should already be installed. If not, run:
$ sudo apt install ufw
# Ensure the filtering of IPv6 firewall is on, even if you are not using IPv6 at this time
$ sudo vi /etc/default/ufw
# Ensure this line exists without a leading comment character:
$ IPV6=yes
# Setup ufw services
$ sudo ufw allow ssh
$ sudo ufw allow http
$ sudo ufw allow https
# Deny outgoing SMTP mail
$ sudo ufw deny out 25
# Consider a block on geographic network address ranges.
# Start the firewall.
$ sudo ufw enable
# Look at the ufw settings
$ sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
25 DENY OUT Anywhere
25 (v6) DENY OUT Anywhere (v6)
### If you have a changing IP (typical consumer-grade internet) and want to more easily host an incoming service, setup up dynamic DNS. Go to www.duckdns.org and configure a sub-domain for your host. Using the information from your sign up at duckdns.org, configure the following on the Linux machine.
$ cat /var/opt/duckdns/duck.sh
#!/bin/sh
DOMAINFQ="YOUR_DOMAIN.duckdns.org"
curl_out=$(echo url="https://www.duckdns.org/update?domains=YOUR_DOMAIN&token=YOUR_TOKEN" | /usr/bin/curl --insecure --silent --config - )
# Whatever is running this script (cron?) may want to direct output to a file in /tmp.
/bin/echo
/bin/date
/bin/echo duckdns updated $curl_out
/bin/echo 'dig output:'
/usr/bin/dig $DOMAINFQ | /bin/grep ^$DOMAINFQ
if [ $curl_out = "OK" ]; then
/usr/bin/logger -p daemon.info "duckdns update ok. rc=" $curl_out
else
/usr/bin/logger -p daemon.err "duckdns update failed. rc=" $curl_out
fi
# Run script every twenty minutes from cron. As the duckdns user, add a line to the crontab.
$ crontab -e
*/20 * * * * /var/opt/duckdns/duck.sh >>/tmp/duckdns.log 2>&1
# Watch the duckdns log file from cron which should be in /tmp.
### When you logon to the machine, the message displayed is from motd.dynamic.
$ ls -l /run/motd.dynamic
-rw-r--r-- 1 root root 753 Apr 11 17:58 /run/motd.dynamic
# If you do not yet have data backups configured, add a message to your users.
$ sudo vi /etc/update-motd.d/60-backup-warning
$ sudo chmod +x /etc/update-motd.d/60-backup-warning
# Add the following lines to this new file.
$ cat 60-backup-warning
#!/bin/sh
printf "\n"
printf "*** Warning: This machine is not on regular backups. Plan accordingly.\n"
# Consider disabling the live patch message, and others. Remove the execute permission.
$ sudo chmod -x /etc/update-motd.d/80-livepatch
$ sudo chmod -x /etc/update-motd.d/10-help-text
Sunday, April 05, 2020
Minecraft Setup On Linux Using systemctl
With schools and the economy shut down, all the cool kids are talking about their Minecraft "server" and the "IP. Help your children be cool and get them a Minecraft server!
In this posting we will:
- set up unix group and user
- configure ssh
- install Minecraft software
- start and configure Minecraft to run as a unix service (daemon)
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
### Setup a user and group. In this example, the new users is "testuser" and the new group is "minec".
$ sudo addgroup minec
$ cat /etc/group | grep minec
# Create new user for the software install.
$ sudo adduser minec --ingroup minec
# At this point, you may want to log in as the user and run command "groups" to confirm the group is set up appropriately.
# Allow logon via ssh. Put user in /etc/ssh/sshd_config on the "AllowUsers" line
# Use "vi" or "vim" or similar editor to edit file /etc/ssh/sshd_config and add "testuser" to the "AllowUsers" line.
# After editing, it will look like this:
$ grep -i allowusers /etc/ssh/sshd_config
AllowUsers minec
# Have ssh reread the configuration file. First get the process ID, then send HUP signal to that PID.
$ ps -ef | grep 'bin/sshd'$ sudo kill -hup <sshd_pid>
# Alternatively use service manager to restart ssh
$ sudo systemctl restart ssh
### If java is not installed, install java now.
$ which java
$ sudo apt update
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Get:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease [107 kB]
Get:3 http://archive.ubuntu.com/ubuntu focal-backports InRelease [98.3 kB]
Get:4 http://archive.ubuntu.com/ubuntu focal-security InRelease [107 kB]
Fetched 312 kB in 1s (252 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
$ sudo apt install openjdk-11-jdk
...
$ which java
/usr/bin/java
### Install Minecraft.
# Good instructions are at minecraft.gamepedia.com/Tutorials/Setting_up_a_server
# After downloading the software, the directory structure will look like this.
$ pwd
/home/minec/Minecraft_Server
$ ls -l
total 35368
-rw-r----- 1 minec minec 2 Apr 4 12:56 banned-ips.json
-rw-r----- 1 minec minec 2 Apr 4 12:56 banned-players.json
-rw-r----- 1 minec minec 180 Mar 29 19:21 eula.txt
drwxr-x--- 2 minec minec 4096 Apr 5 09:55 logs
-rw-r----- 1 minec minec 140 Apr 4 12:56 ops.json
-rw-r----- 1 minec minec 36175593 Mar 29 19:01 server.jar
-rw-r----- 1 minec minec 940 Apr 4 12:56 server.properties
-rwxr-x--- 1 minec minec 67 Apr 4 10:01 startminecraft.sh
-rw-r----- 1 minec minec 1645 Apr 5 16:13 usercache.json
-rw-r----- 1 minec minec 2 Mar 29 19:21 whitelist.json
drwxr-x--- 11 minec minec 4096 Apr 5 17:46 world
# In preparation for starting the server unattended, the startup commands are in the executable shell file "startminecraft.sh".
This script first backs up the Minecraft configuration.
If you want to run it from the console and watch the log in the GUI, run the java command without "-nogui".
#!/bin/sh
umask 026
cd /home/minec/Minecraft_Server
/bin/tar -cvf /tmp/worldDirs.$(date +%Y%m%d.%H%M%S).tar /home/minec/Minecraft_Server/world
echo "Finished tar of worldDirs."
/usr/bin/java -jar /home/minec/Minecraft_Server/server.jar -nogui &
/bin/echo $! > /home/minec/Minecraft_Server/minecraft.service.pid
# Set up the service. Create file /etc/systemd/system/minecraft.service with these contents.
$ cd /etc/systemd/system
$ sudo vi minecraft.service
[Unit]
Description=Minecraft server
After=network.target
[Service]
User=minec
Group=minec
ExecStart=/home/minec/Minecraft_Server/startminecraft.sh
#PIDFile=/var/run/minecraft.service.pid
#ExecStop=/bin/kill -s TERM $MAINPID
KillMode=process
Restart=on-failure
Type=forking
TimeoutStartSec=120
TimeoutStopSec=30
RuntimeMaxSec=infinity
[Install]
WantedBy=multi-user.target
# Reload systemctl configurations.
$ sudo systemctl daemon-reload
# Enable the service.
$ sudo systemctl enable minecraft.service
Created symlink /etc/systemd/system/multi-user.target.wants/minecraft.service → /etc/systemd/system/minecraft.service.
# If the prior line output is not "Created symlink ..." then something is not correct.
# Start the minecraft service.
$ sudo systemctl start minecraft.service
$ sudo systemctl status minecraft.service
# After the machine restarts, look in /var/log/syslog for messages, check the status of the service, and look for the process.
$ sudo tail -44 /var/log/syslog
$ ps -ef | grep mine
In this posting we will:
- set up unix group and user
- configure ssh
- install Minecraft software
- start and configure Minecraft to run as a unix service (daemon)
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
### Setup a user and group. In this example, the new users is "testuser" and the new group is "minec".
$ sudo addgroup minec
$ cat /etc/group | grep minec
# Create new user for the software install.
$ sudo adduser minec --ingroup minec
# At this point, you may want to log in as the user and run command "groups" to confirm the group is set up appropriately.
# Allow logon via ssh. Put user in /etc/ssh/sshd_config on the "AllowUsers" line
# Use "vi" or "vim" or similar editor to edit file /etc/ssh/sshd_config and add "testuser" to the "AllowUsers" line.
# After editing, it will look like this:
$ grep -i allowusers /etc/ssh/sshd_config
AllowUsers minec
# Have ssh reread the configuration file. First get the process ID, then send HUP signal to that PID.
$ ps -ef | grep 'bin/sshd'$ sudo kill -hup <sshd_pid>
# Alternatively use service manager to restart ssh
$ sudo systemctl restart ssh
### If java is not installed, install java now.
$ which java
$ sudo apt update
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Get:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease [107 kB]
Get:3 http://archive.ubuntu.com/ubuntu focal-backports InRelease [98.3 kB]
Get:4 http://archive.ubuntu.com/ubuntu focal-security InRelease [107 kB]
Fetched 312 kB in 1s (252 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
$ sudo apt install openjdk-11-jdk
...
$ which java
/usr/bin/java
### Install Minecraft.
# Good instructions are at minecraft.gamepedia.com/Tutorials/Setting_up_a_server
# After downloading the software, the directory structure will look like this.
$ pwd
/home/minec/Minecraft_Server
$ ls -l
total 35368
-rw-r----- 1 minec minec 2 Apr 4 12:56 banned-ips.json
-rw-r----- 1 minec minec 2 Apr 4 12:56 banned-players.json
-rw-r----- 1 minec minec 180 Mar 29 19:21 eula.txt
drwxr-x--- 2 minec minec 4096 Apr 5 09:55 logs
-rw-r----- 1 minec minec 140 Apr 4 12:56 ops.json
-rw-r----- 1 minec minec 36175593 Mar 29 19:01 server.jar
-rw-r----- 1 minec minec 940 Apr 4 12:56 server.properties
-rwxr-x--- 1 minec minec 67 Apr 4 10:01 startminecraft.sh
-rw-r----- 1 minec minec 1645 Apr 5 16:13 usercache.json
-rw-r----- 1 minec minec 2 Mar 29 19:21 whitelist.json
drwxr-x--- 11 minec minec 4096 Apr 5 17:46 world
# In preparation for starting the server unattended, the startup commands are in the executable shell file "startminecraft.sh".
This script first backs up the Minecraft configuration.
If you want to run it from the console and watch the log in the GUI, run the java command without "-nogui".
#!/bin/sh
umask 026
cd /home/minec/Minecraft_Server
/bin/tar -cvf /tmp/worldDirs.$(date +%Y%m%d.%H%M%S).tar /home/minec/Minecraft_Server/world
echo "Finished tar of worldDirs."
/usr/bin/java -jar /home/minec/Minecraft_Server/server.jar -nogui &
/bin/echo $! > /home/minec/Minecraft_Server/minecraft.service.pid
# Set up the service. Create file /etc/systemd/system/minecraft.service with these contents.
$ cd /etc/systemd/system
$ sudo vi minecraft.service
[Unit]
Description=Minecraft server
After=network.target
[Service]
User=minec
Group=minec
ExecStart=/home/minec/Minecraft_Server/startminecraft.sh
#PIDFile=/var/run/minecraft.service.pid
#ExecStop=/bin/kill -s TERM $MAINPID
KillMode=process
Restart=on-failure
Type=forking
TimeoutStartSec=120
TimeoutStopSec=30
RuntimeMaxSec=infinity
[Install]
WantedBy=multi-user.target
# Reload systemctl configurations.
$ sudo systemctl daemon-reload
# Enable the service.
$ sudo systemctl enable minecraft.service
Created symlink /etc/systemd/system/multi-user.target.wants/minecraft.service → /etc/systemd/system/minecraft.service.
# If the prior line output is not "Created symlink ..." then something is not correct.
# Start the minecraft service.
$ sudo systemctl start minecraft.service
$ sudo systemctl status minecraft.service
# Restart the machine to test if the Minecraft server starts ok. $ sudo reboot
# After the machine restarts, look in /var/log/syslog for messages, check the status of the service, and look for the process.
$ sudo tail -44 /var/log/syslog
$ ps -ef | grep mine
$ systemctl status minecraft.service
● minecraft.service - Minecraft server
Loaded: loaded (/etc/systemd/system/minecraft.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2020-04-10 21:26:31 MDT; 3min 26s ago
Process: 7622 ExecStart=/home/minec/Minecraft_Server/startminecraft.sh (code=exited, status=0/SUCCESS)
Main PID: 7632 (java)
Tasks: 36 (limit: 4915)
CGroup: /system.slice/minecraft.service
└─7632 /usr/bin/java -jar /home/minec/Minecraft_Server/server.jar -nogui
# You can stop the service. To prohibit the service from restarting upon machine reboot, also disable the service.$ sudo systemctl stop minecraft.service $ sudo systemctl disable minecraft.service Removed /etc/systemd/system/multi-user.target.wants/minecraft.service.
Thursday, April 05, 2018
Short Guide To Configure Linux X On Microsoft Windows
This post contains minimal instructions to run X programs on Microsoft Windows from a Ubuntu Linux machine.
On Windows, install PuTTY from https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
On Windows, install Xming from https://sourceforge.net/projects/xming/?source=directory
or http://www.straightrunning.com/XmingNotes
On Windows, run XLaunch (was installed by Xming) and go through prompts:
Display Settings "Multiple Windows"
Session Type "Start no client"
Additional Parameters "Check Clipboard box"
On Windows run PuTTY.
Load a session profile or create a session profile for a Linux machine.
In left panel, go to Connection, SSH, X11.
Click "Enable X11 Forwarding"
X display location "localhost:0.0"
Save that connection profile in PuTTY, so the X11 configuration will be there tomorrow.
On Windows, run Xming. It will run in the background without a Windows display.
On Windows, open the configured PuTTY connection that was previously configured for X11. This should open a command-window on the Linux machine. Enter the following in the command window:
$ echo $TERM
xterm
$ echo $DISPLAY
localhost:10.0
Test X by typing "xclock". A GUI clock from the Linux machine should display on the Windows machine.
Typing "xclock&" will allow you to continue to type in the command window while the xclock GUI also runs.
On Windows, install PuTTY from https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
On Windows, install Xming from https://sourceforge.net/projects/xming/?source=directory
or http://www.straightrunning.com/XmingNotes
On Windows, run XLaunch (was installed by Xming) and go through prompts:
Display Settings "Multiple Windows"
Session Type "Start no client"
Additional Parameters "Check Clipboard box"
On Windows run PuTTY.
Load a session profile or create a session profile for a Linux machine.
In left panel, go to Connection, SSH, X11.
Click "Enable X11 Forwarding"
X display location "localhost:0.0"
Save that connection profile in PuTTY, so the X11 configuration will be there tomorrow.
On Windows, run Xming. It will run in the background without a Windows display.
On Windows, open the configured PuTTY connection that was previously configured for X11. This should open a command-window on the Linux machine. Enter the following in the command window:
$ echo $TERM
xterm
$ echo $DISPLAY
localhost:10.0
Test X by typing "xclock". A GUI clock from the Linux machine should display on the Windows machine.
Typing "xclock&" will allow you to continue to type in the command window while the xclock GUI also runs.
Sunday, July 09, 2017
Install Ubuntu 17.04 Linux
Download Ubuntu desktop version 17.04. Burn the .iso file to a DVD. Boot the DVD and install Ubuntu. Click YES to install updates during the installation. Remove the DVD and restart the machine to finish the installation process.
After the machine has restarted, log in as the installation user.
In the upper-left of the screen, press the "Dash" button and type "terminal". Click on the terminal icon to start a terminal window.
Show information about the operating system:
List the PCI devices:
$ lspci
00:00.0 Host bridge: Intel Corporation 4th Gen Core Processor DRAM Controller (rev 06)
00:01.0 PCI bridge: Intel Corporation Xeon E3-1200 v3/4th Gen Core Processor PCI Express x16 Controller (rev 06)
00:14.0 USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB xHCI (rev 05)
00:16.0 Communication controller: Intel Corporation 8 Series/C220 Series Chipset Family MEI Controller #1 (rev 04)
00:1a.0 USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB EHCI #2 (rev 05)
00:1b.0 Audio device: Intel Corporation 8 Series/C220 Series Chipset High Definition Audio Controller (rev 05)
00:1c.0 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #1 (rev d5)
00:1c.2 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #3 (rev d5)
00:1c.3 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #4 (rev d5)
00:1d.0 USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB EHCI #1 (rev 05)
00:1f.0 ISA bridge: Intel Corporation C220 Series Chipset Family H81 Express LPC Controller (rev 05)
00:1f.2 SATA controller: Intel Corporation 8 Series/C220 Series Chipset Family 6-port SATA Controller 1 [AHCI mode] (rev 05)
00:1f.3 SMBus: Intel Corporation 8 Series/C220 Series Chipset Family SMBus Controller (rev 05)
00:1f.6 Signal processing controller: Intel Corporation 8 Series Chipset Family Thermal Management Controller (rev 05)
01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Tobago PRO [Radeon R7 360 / R9 360 OEM] (rev 81)
01:00.1 Audio device: Advanced Micro Devices, Inc. [AMD/ATI] Tobago HDMI Audio [Radeon R7 360 / R9 360 OEM]
03:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 11)
04:00.0 Network controller: Qualcomm Atheros AR9462 Wireless Network Adapter (rev 01)
Install updates:
$ sudo apt-get -y update
$ sudo apt-get -y upgrade -f
If the machine has a hard-wired Ethernet connection, optionally permanently disable wifi:
$ nmcli
enp3s0: connected to Wired connection 1
"Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller"
ethernet (r8169), 44:8A:5B:8D:64:7B, hw, mtu 1500
ip4 default
inet4 192.168.1.114/24
route4 169.254.0.0/16
inet6 fe80::ef1d:8dc6:a887:bf4a/64
wlp4s0: disconnected
"Qualcomm Atheros AR9462 Wireless Network Adapter"
wifi (ath9k), D2:82:2A:A3:D0:FD, hw
lo: unmanaged
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
Use "nmcli device show" to get complete information about known devices and
"nmcli connection show" to get an overview on active connection profiles.
Consult nmcli(1) and nmcli-examples(5) manual pages for complete usage details.
$ nmcli radio wifi off
$ nmcli
enp3s0: connected to Wired connection 1
"Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller"
ethernet (r8169), 44:8A:5B:8D:64:7B, hw, mtu 1500
ip4 default
inet4 192.168.1.114/24
route4 169.254.0.0/16
inet6 fe80::ef1d:8dc6:a887:bf4a/64
wlp4s0: unavailable
"Qualcomm Atheros AR9462 Wireless Network Adapter"
wifi (ath9k), 66:BA:1D:E2:60:B2, hw, mtu 1500
lo: unmanaged
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
Use "nmcli device show" to get complete information about known devices and
"nmcli connection show" to get an overview on active connection profiles.
Consult nmcli(1) and nmcli-examples(5) manual pages for complete usage details.
Optionally, permanently disable Bluetooth. Check the status, stop, disable, and check status:
$ sudo systemctl status bluetooth.service
● bluetooth.service - Bluetooth service
Loaded: loaded (/lib/systemd/system/bluetooth.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2017-07-09 13:46:54 MDT; 29min ago
Docs: man:bluetoothd(8)
Main PID: 813 (bluetoothd)
Status: "Running"
Tasks: 1 (limit: 4915)
CGroup: /system.slice/bluetooth.service
└─813 /usr/lib/bluetooth/bluetoothd
Jul 09 13:46:54 TC605 bluetoothd[813]: Bluetooth management interface 1.14 initialized
Jul 09 13:46:54 TC605 bluetoothd[813]: Failed to obtain handles for "Service Changed" characteristic
Jul 09 13:46:54 TC605 bluetoothd[813]: Sap driver initialization failed.
Jul 09 13:46:54 TC605 bluetoothd[813]: sap-server: Operation not permitted (1)
Jul 09 13:47:05 TC605 bluetoothd[813]: Endpoint registered: sender=:1.87 path=/MediaEndpoint/A2DPSource
Jul 09 13:47:05 TC605 bluetoothd[813]: Endpoint registered: sender=:1.87 path=/MediaEndpoint/A2DPSink
Jul 09 14:08:58 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.87 path=/MediaEndpoint/A2DPSource
Jul 09 14:08:58 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.87 path=/MediaEndpoint/A2DPSink
Jul 09 14:09:03 TC605 bluetoothd[813]: Endpoint registered: sender=:1.125 path=/MediaEndpoint/A2DPSource
Jul 09 14:09:03 TC605 bluetoothd[813]: Endpoint registered: sender=:1.125 path=/MediaEndpoint/A2DPSink
$ sudo systemctl stop bluetooth.service
$ sudo systemctl disable bluetooth.service
Synchronizing state of bluetooth.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable bluetooth
Removed /etc/systemd/system/dbus-org.bluez.service.
$ sudo systemctl status bluetooth.service
● bluetooth.service - Bluetooth service
Loaded: loaded (/lib/systemd/system/bluetooth.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:bluetoothd(8)
Jul 09 13:47:05 TC605 bluetoothd[813]: Endpoint registered: sender=:1.87 path=/MediaEndpoint/A2DPSink
Jul 09 14:08:58 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.87 path=/MediaEndpoint/A2DPSource
Jul 09 14:08:58 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.87 path=/MediaEndpoint/A2DPSink
Jul 09 14:09:03 TC605 bluetoothd[813]: Endpoint registered: sender=:1.125 path=/MediaEndpoint/A2DPSource
Jul 09 14:09:03 TC605 bluetoothd[813]: Endpoint registered: sender=:1.125 path=/MediaEndpoint/A2DPSink
Jul 09 14:17:11 TC605 systemd[1]: Stopping Bluetooth service...
Jul 09 14:17:11 TC605 bluetoothd[813]: Terminating
Jul 09 14:17:11 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.125 path=/MediaEndpoint/A2DPSource
Jul 09 14:17:11 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.125 path=/MediaEndpoint/A2DPSink
Jul 09 14:17:11 TC605 systemd[1]: Stopped Bluetooth service.
Restart the machine to confirm Bluetooth and/or wifi does not start.
Install networking tools:
$ sudo apt install net-tools
Show the network interfaces:
Install ssh to allow remote connections into this machine:
$ sudo apt-get install ssh
$ ssh $LOGNAME@localhost
By default, the firewall is off:
Turn on the firewall, and rate-limit incoming ssh connections:
$ sudo ufw enable
Firewall is active and enabled on system startup
$ sudo ufw status
Status: active
$ sudo ufw limit ssh
Rule added
Rule added (v6)
$ sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp LIMIT Anywhere
22/tcp (v6) LIMIT Anywhere (v6)
Check which drivers have been installed:
$ ubuntu-drivers devices
== cpu-microcode.py ==
driver : intel-microcode - distro non-free
Optionally use the built-in test application to test the Ubuntu Linux installation:
Press the upper-left "Dash" icon and type "system testing". Click on the "Checkbox" application, which will start the "System Testing" program. Start the testing for the graphics device (and test other areas of the installation, if you would like).
Optionally benchmark the graphics GPU:
$ sudo apt-get install glmark2
$ glmark2
=======================================================
glmark2 2014.03+git20150611.fa71af2d
=======================================================
OpenGL Information
GL_VENDOR: X.Org
GL_RENDERER: Gallium 0.4 on AMD BONAIRE (DRM 2.49.0 / 4.10.0-26-generic, LLVM 4.0.0)
GL_VERSION: 3.0 Mesa 17.0.3
=======================================================
[build] use-vbo=false: FPS: 4949 FrameTime: 0.202 ms
[build] use-vbo=true: FPS: 8144 FrameTime: 0.123 ms
[texture] texture-filter=nearest: FPS: 7018 FrameTime: 0.142 ms
[texture] texture-filter=linear: FPS: 7143 FrameTime: 0.140 ms
[texture] texture-filter=mipmap: FPS: 7413 FrameTime: 0.135 ms
[shading] shading=gouraud: FPS: 7253 FrameTime: 0.138 ms
[shading] shading=blinn-phong-inf: FPS: 7127 FrameTime: 0.140 ms
[shading] shading=phong: FPS: 7068 FrameTime: 0.141 ms
[shading] shading=cel: FPS: 7036 FrameTime: 0.142 ms
[bump] bump-render=high-poly: FPS: 5507 FrameTime: 0.182 ms
[bump] bump-render=normals: FPS: 7736 FrameTime: 0.129 ms
[bump] bump-render=height: FPS: 7480 FrameTime: 0.134 ms
[effect2d] kernel=0,1,0;1,-4,1;0,1,0;: FPS: 6653 FrameTime: 0.150 ms
[effect2d] kernel=1,1,1,1,1;1,1,1,1,1;1,1,1,1,1;: FPS: 4252 FrameTime: 0.235 ms
[pulsar] light=false:quads=5:texture=false: FPS: 7263 FrameTime: 0.138 ms
[desktop] blur-radius=5:effect=blur:passes=1:separable=true:windows=4: FPS: 2895 FrameTime: 0.345 ms
[desktop] effect=shadow:windows=4: FPS: 4709 FrameTime: 0.212 ms
[buffer] columns=200:interleave=false:update-dispersion=0.9:update-fraction=0.5:update-method=map: FPS: 958 FrameTime: 1.044 ms
[buffer] columns=200:interleave=false:update-dispersion=0.9:update-fraction=0.5:update-method=subdata: FPS: 702 FrameTime: 1.425 ms
[buffer] columns=200:interleave=true:update-dispersion=0.9:update-fraction=0.5:update-method=map: FPS: 1021 FrameTime: 0.979 ms
[ideas] speed=duration: FPS: 4194 FrameTime: 0.238 ms
[jellyfish] <default>: FPS: 5232 FrameTime: 0.191 ms
[terrain] <default>: FPS: 687 FrameTime: 1.456 ms
[shadow] <default>: FPS: 4451 FrameTime: 0.225 ms
[refract] <default>: FPS: 931 FrameTime: 1.074 ms
[conditionals] fragment-steps=0:vertex-steps=0: FPS: 8083 FrameTime: 0.124 ms
[conditionals] fragment-steps=5:vertex-steps=0: FPS: 7976 FrameTime: 0.125 ms
[conditionals] fragment-steps=0:vertex-steps=5: FPS: 8070 FrameTime: 0.124 ms
[function] fragment-complexity=low:fragment-steps=5: FPS: 8065 FrameTime: 0.124 ms
[function] fragment-complexity=medium:fragment-steps=5: FPS: 8030 FrameTime: 0.125 ms
[loop] fragment-loop=false:fragment-steps=5:vertex-steps=5: FPS: 8059 FrameTime: 0.124 ms
[loop] fragment-steps=5:fragment-uniform=false:vertex-steps=5: FPS: 7852 FrameTime: 0.127 ms
[loop] fragment-steps=5:fragment-uniform=true:vertex-steps=5: FPS: 7934 FrameTime: 0.126 ms
=======================================================
glmark2 Score: 5814
=======================================================
After the machine has restarted, log in as the installation user.
In the upper-left of the screen, press the "Dash" button and type "terminal". Click on the terminal icon to start a terminal window.
Show information about the operating system:
$ uname -a
Linux TC605 4.10.0-26-generic #30-Ubuntu SMP Tue Jun 27 09:30:12 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Linux TC605 4.10.0-26-generic #30-Ubuntu SMP Tue Jun 27 09:30:12 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
List the PCI devices:
$ lspci
00:00.0 Host bridge: Intel Corporation 4th Gen Core Processor DRAM Controller (rev 06)
00:01.0 PCI bridge: Intel Corporation Xeon E3-1200 v3/4th Gen Core Processor PCI Express x16 Controller (rev 06)
00:14.0 USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB xHCI (rev 05)
00:16.0 Communication controller: Intel Corporation 8 Series/C220 Series Chipset Family MEI Controller #1 (rev 04)
00:1a.0 USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB EHCI #2 (rev 05)
00:1b.0 Audio device: Intel Corporation 8 Series/C220 Series Chipset High Definition Audio Controller (rev 05)
00:1c.0 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #1 (rev d5)
00:1c.2 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #3 (rev d5)
00:1c.3 PCI bridge: Intel Corporation 8 Series/C220 Series Chipset Family PCI Express Root Port #4 (rev d5)
00:1d.0 USB controller: Intel Corporation 8 Series/C220 Series Chipset Family USB EHCI #1 (rev 05)
00:1f.0 ISA bridge: Intel Corporation C220 Series Chipset Family H81 Express LPC Controller (rev 05)
00:1f.2 SATA controller: Intel Corporation 8 Series/C220 Series Chipset Family 6-port SATA Controller 1 [AHCI mode] (rev 05)
00:1f.3 SMBus: Intel Corporation 8 Series/C220 Series Chipset Family SMBus Controller (rev 05)
00:1f.6 Signal processing controller: Intel Corporation 8 Series Chipset Family Thermal Management Controller (rev 05)
01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Tobago PRO [Radeon R7 360 / R9 360 OEM] (rev 81)
01:00.1 Audio device: Advanced Micro Devices, Inc. [AMD/ATI] Tobago HDMI Audio [Radeon R7 360 / R9 360 OEM]
03:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 11)
04:00.0 Network controller: Qualcomm Atheros AR9462 Wireless Network Adapter (rev 01)
Install updates:
$ sudo apt-get -y update
$ sudo apt-get -y upgrade -f
If the machine has a hard-wired Ethernet connection, optionally permanently disable wifi:
$ nmcli
enp3s0: connected to Wired connection 1
"Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller"
ethernet (r8169), 44:8A:5B:8D:64:7B, hw, mtu 1500
ip4 default
inet4 192.168.1.114/24
route4 169.254.0.0/16
inet6 fe80::ef1d:8dc6:a887:bf4a/64
wlp4s0: disconnected
"Qualcomm Atheros AR9462 Wireless Network Adapter"
wifi (ath9k), D2:82:2A:A3:D0:FD, hw
lo: unmanaged
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
Use "nmcli device show" to get complete information about known devices and
"nmcli connection show" to get an overview on active connection profiles.
Consult nmcli(1) and nmcli-examples(5) manual pages for complete usage details.
$ nmcli radio wifi off
$ nmcli
enp3s0: connected to Wired connection 1
"Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller"
ethernet (r8169), 44:8A:5B:8D:64:7B, hw, mtu 1500
ip4 default
inet4 192.168.1.114/24
route4 169.254.0.0/16
inet6 fe80::ef1d:8dc6:a887:bf4a/64
wlp4s0: unavailable
"Qualcomm Atheros AR9462 Wireless Network Adapter"
wifi (ath9k), 66:BA:1D:E2:60:B2, hw, mtu 1500
lo: unmanaged
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
Use "nmcli device show" to get complete information about known devices and
"nmcli connection show" to get an overview on active connection profiles.
Consult nmcli(1) and nmcli-examples(5) manual pages for complete usage details.
Optionally, permanently disable Bluetooth. Check the status, stop, disable, and check status:
$ sudo systemctl status bluetooth.service
● bluetooth.service - Bluetooth service
Loaded: loaded (/lib/systemd/system/bluetooth.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2017-07-09 13:46:54 MDT; 29min ago
Docs: man:bluetoothd(8)
Main PID: 813 (bluetoothd)
Status: "Running"
Tasks: 1 (limit: 4915)
CGroup: /system.slice/bluetooth.service
└─813 /usr/lib/bluetooth/bluetoothd
Jul 09 13:46:54 TC605 bluetoothd[813]: Bluetooth management interface 1.14 initialized
Jul 09 13:46:54 TC605 bluetoothd[813]: Failed to obtain handles for "Service Changed" characteristic
Jul 09 13:46:54 TC605 bluetoothd[813]: Sap driver initialization failed.
Jul 09 13:46:54 TC605 bluetoothd[813]: sap-server: Operation not permitted (1)
Jul 09 13:47:05 TC605 bluetoothd[813]: Endpoint registered: sender=:1.87 path=/MediaEndpoint/A2DPSource
Jul 09 13:47:05 TC605 bluetoothd[813]: Endpoint registered: sender=:1.87 path=/MediaEndpoint/A2DPSink
Jul 09 14:08:58 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.87 path=/MediaEndpoint/A2DPSource
Jul 09 14:08:58 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.87 path=/MediaEndpoint/A2DPSink
Jul 09 14:09:03 TC605 bluetoothd[813]: Endpoint registered: sender=:1.125 path=/MediaEndpoint/A2DPSource
Jul 09 14:09:03 TC605 bluetoothd[813]: Endpoint registered: sender=:1.125 path=/MediaEndpoint/A2DPSink
$ sudo systemctl stop bluetooth.service
$ sudo systemctl disable bluetooth.service
Synchronizing state of bluetooth.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable bluetooth
Removed /etc/systemd/system/dbus-org.bluez.service.
$ sudo systemctl status bluetooth.service
● bluetooth.service - Bluetooth service
Loaded: loaded (/lib/systemd/system/bluetooth.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:bluetoothd(8)
Jul 09 13:47:05 TC605 bluetoothd[813]: Endpoint registered: sender=:1.87 path=/MediaEndpoint/A2DPSink
Jul 09 14:08:58 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.87 path=/MediaEndpoint/A2DPSource
Jul 09 14:08:58 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.87 path=/MediaEndpoint/A2DPSink
Jul 09 14:09:03 TC605 bluetoothd[813]: Endpoint registered: sender=:1.125 path=/MediaEndpoint/A2DPSource
Jul 09 14:09:03 TC605 bluetoothd[813]: Endpoint registered: sender=:1.125 path=/MediaEndpoint/A2DPSink
Jul 09 14:17:11 TC605 systemd[1]: Stopping Bluetooth service...
Jul 09 14:17:11 TC605 bluetoothd[813]: Terminating
Jul 09 14:17:11 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.125 path=/MediaEndpoint/A2DPSource
Jul 09 14:17:11 TC605 bluetoothd[813]: Endpoint unregistered: sender=:1.125 path=/MediaEndpoint/A2DPSink
Jul 09 14:17:11 TC605 systemd[1]: Stopped Bluetooth service.
Restart the machine to confirm Bluetooth and/or wifi does not start.
Install networking tools:
$ sudo apt install net-tools
Show the network interfaces:
$ ifconfig
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.114 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::7974:b964:efcc:600b prefixlen 64 scopeid 0x20<link>
ether 44:8a:5b:8d:64:7b txqueuelen 1000 (Ethernet)
RX packets 15862865 bytes 20511944183 (20.5 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8095668 bytes 1703946514 (1.7 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 664 bytes 68332 (68.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 664 bytes 68332 (68.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp3s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.114 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::7974:b964:efcc:600b prefixlen 64 scopeid 0x20<link>
ether 44:8a:5b:8d:64:7b txqueuelen 1000 (Ethernet)
RX packets 15862865 bytes 20511944183 (20.5 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8095668 bytes 1703946514 (1.7 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 664 bytes 68332 (68.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 664 bytes 68332 (68.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Install ssh to allow remote connections into this machine:
$ sudo apt-get install ssh
$ ssh $LOGNAME@localhost
By default, the firewall is off:
$ sudo ufw status
Status: inactive
Status: inactive
Turn on the firewall, and rate-limit incoming ssh connections:
$ sudo ufw enable
Firewall is active and enabled on system startup
$ sudo ufw status
Status: active
$ sudo ufw limit ssh
Rule added
Rule added (v6)
$ sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp LIMIT Anywhere
22/tcp (v6) LIMIT Anywhere (v6)
Check which drivers have been installed:
$ ubuntu-drivers devices
== cpu-microcode.py ==
driver : intel-microcode - distro non-free
Optionally use the built-in test application to test the Ubuntu Linux installation:
Press the upper-left "Dash" icon and type "system testing". Click on the "Checkbox" application, which will start the "System Testing" program. Start the testing for the graphics device (and test other areas of the installation, if you would like).
Optionally benchmark the graphics GPU:
$ sudo apt-get install glmark2
$ glmark2
=======================================================
glmark2 2014.03+git20150611.fa71af2d
=======================================================
OpenGL Information
GL_VENDOR: X.Org
GL_RENDERER: Gallium 0.4 on AMD BONAIRE (DRM 2.49.0 / 4.10.0-26-generic, LLVM 4.0.0)
GL_VERSION: 3.0 Mesa 17.0.3
=======================================================
[build] use-vbo=false: FPS: 4949 FrameTime: 0.202 ms
[build] use-vbo=true: FPS: 8144 FrameTime: 0.123 ms
[texture] texture-filter=nearest: FPS: 7018 FrameTime: 0.142 ms
[texture] texture-filter=linear: FPS: 7143 FrameTime: 0.140 ms
[texture] texture-filter=mipmap: FPS: 7413 FrameTime: 0.135 ms
[shading] shading=gouraud: FPS: 7253 FrameTime: 0.138 ms
[shading] shading=blinn-phong-inf: FPS: 7127 FrameTime: 0.140 ms
[shading] shading=phong: FPS: 7068 FrameTime: 0.141 ms
[shading] shading=cel: FPS: 7036 FrameTime: 0.142 ms
[bump] bump-render=high-poly: FPS: 5507 FrameTime: 0.182 ms
[bump] bump-render=normals: FPS: 7736 FrameTime: 0.129 ms
[bump] bump-render=height: FPS: 7480 FrameTime: 0.134 ms
[effect2d] kernel=0,1,0;1,-4,1;0,1,0;: FPS: 6653 FrameTime: 0.150 ms
[effect2d] kernel=1,1,1,1,1;1,1,1,1,1;1,1,1,1,1;: FPS: 4252 FrameTime: 0.235 ms
[pulsar] light=false:quads=5:texture=false: FPS: 7263 FrameTime: 0.138 ms
[desktop] blur-radius=5:effect=blur:passes=1:separable=true:windows=4: FPS: 2895 FrameTime: 0.345 ms
[desktop] effect=shadow:windows=4: FPS: 4709 FrameTime: 0.212 ms
[buffer] columns=200:interleave=false:update-dispersion=0.9:update-fraction=0.5:update-method=map: FPS: 958 FrameTime: 1.044 ms
[buffer] columns=200:interleave=false:update-dispersion=0.9:update-fraction=0.5:update-method=subdata: FPS: 702 FrameTime: 1.425 ms
[buffer] columns=200:interleave=true:update-dispersion=0.9:update-fraction=0.5:update-method=map: FPS: 1021 FrameTime: 0.979 ms
[ideas] speed=duration: FPS: 4194 FrameTime: 0.238 ms
[jellyfish] <default>: FPS: 5232 FrameTime: 0.191 ms
[terrain] <default>: FPS: 687 FrameTime: 1.456 ms
[shadow] <default>: FPS: 4451 FrameTime: 0.225 ms
[refract] <default>: FPS: 931 FrameTime: 1.074 ms
[conditionals] fragment-steps=0:vertex-steps=0: FPS: 8083 FrameTime: 0.124 ms
[conditionals] fragment-steps=5:vertex-steps=0: FPS: 7976 FrameTime: 0.125 ms
[conditionals] fragment-steps=0:vertex-steps=5: FPS: 8070 FrameTime: 0.124 ms
[function] fragment-complexity=low:fragment-steps=5: FPS: 8065 FrameTime: 0.124 ms
[function] fragment-complexity=medium:fragment-steps=5: FPS: 8030 FrameTime: 0.125 ms
[loop] fragment-loop=false:fragment-steps=5:vertex-steps=5: FPS: 8059 FrameTime: 0.124 ms
[loop] fragment-steps=5:fragment-uniform=false:vertex-steps=5: FPS: 7852 FrameTime: 0.127 ms
[loop] fragment-steps=5:fragment-uniform=true:vertex-steps=5: FPS: 7934 FrameTime: 0.126 ms
=======================================================
glmark2 Score: 5814
=======================================================
Wednesday, December 12, 2012
Recover Windows Vista Password
A friend had two laptops from his son (who died). He didn't know the passwords and wants to retrieve the photos on the laptops.
Download the free Ophcrack live CD and burn it with ISO Recorder. ISO Recorder can be found by right-clicking the file iso file to burn:
Boot the Ophcrack CD and let it run. It can quickly use rainbow tables, those this won't break every possible password. Brute force is needed to break every possible password. If it doesn't find a password, make sure all of the tables are installed.
Download the free Ophcrack live CD and burn it with ISO Recorder. ISO Recorder can be found by right-clicking the file iso file to burn:
Boot the Ophcrack CD and let it run. It can quickly use rainbow tables, those this won't break every possible password. Brute force is needed to break every possible password. If it doesn't find a password, make sure all of the tables are installed.
Subscribe to:
Posts (Atom)