systemd by example - the systemd playground Jan. 27, 2022, 11:32 a.m.

The playground allows you to learn about systemd interactively, right from your browser! Create examples without the danger of breaking your system, and without being distracted by hundreds of unrelated unit files.

tutorial linux

Microsoft Defender for Endpoint (mdatp) on Debian Sid Nov. 8, 2021, 9:10 a.m.

I've spent quite a few hours learning how to wrangle auditd around exclusions. Here's what I've learned.

linux security

How To Use Rsync to Sync Local and Remote Directories Feb. 11, 2021, 10:26 p.m.

Rsync, which stands for “remote sync”, is a remote and local file synchronization tool. It uses an algorithm that minimizes the amount of data copied by only moving the portions of files that have changed.

tutorial linux rsync

How to use special permissions: the setuid, setgid and sticky bits Sept. 26, 2019, 10:22 a.m.

Ownership of files and directories is based on the uid (user-id) and gid (group-id) of the user who created them. The same thing happens when a process is launched: it runs with the effective uid and gid of the user who started it, and with the corresponding privileges.

The setuid bit modifies this behaviour so that an executable runs with the privileges of the executable file’s owner. This can be identified by an s in the executable bit for the file’s owner, eg:

ls -l /bin/passwd
-rwsr-xr-x. 1 root root 27768 Feb 11  2017 /bin/passwd

The setgid bit can be identified by an s in the executable bit of the file or directory’s group, eg:

drwxrwsr-x. 2 egdoc egdoc 4096 Nov  1 17:25 test

When set on an executable, the setgid bit causes it to run with the privileges of the executable’s group. When set on a directory, the setgid bit causes the group of files created inside the directory to be the group of the directory, not the user who created them.

When used on a directory, the sticky bit causes all files to be modifiable only by their owner, eg:

ls -ld /private/tmp
drwxrwxrwt  11 root  wheel  352 26 Sep 09:04 /private/tmp

Self updating OSMC Distribution Sept. 10, 2019, 11:22 a.m.

Here is a small tutorial on how to get OSMC / linux self-updating.

tutorial linux documentation

Run a command before & after ubuntu apt upgrade & unattended-upgrades Sept. 10, 2019, 11:21 a.m.

There are three hooks you can use for this:

  • DPkg::Pre-Invoke is run once, before all the package manipulation sequences in one apt invocation
  • DPkg::Pre-Install-Pkgs is also run once, before the package manipulation sequences, after the Pre-Invoke hook, and with a list of all the packages which will be installed
  • DPkg::Post-Invoke is run once, after the package manipulation sequences.
linux documentation

APT Configuration Sept. 10, 2019, 11:20 a.m.

/etc/apt/apt.conf is the main configuration file shared by all the tools in the APT suite of tools, though it is by no means the only place options can be set. The suite also shares a common command line parser to provide a uniform environment.

linux documentation

How to access both subnets (dual NIC) on Ubuntu server from third subnet? May 8, 2019, 10:31 a.m.

If the router is filtering too, ubuntu has to be aware of the gateway's existence for both interfaces and use table and rule settings for a correct routing.

linux networking homelab

Two Default Gateways on One System May 8, 2019, 10:29 a.m.

Normally, a Linux system only has one routing table, in which only one default gateway can make entries. With iproute2, you have the ability to setup an additional routing table, for one thing, and allow this table to be used by the system based on rules, for another.

linux networking homelab

An introduction to services, runlevels, and rc.d scripts April 13, 2018, 8:28 a.m.

A symlink, /etc/rc2.d/S91apache2, points to /etc/init.d/apache2. This tells init to start Apache 2 in runlevel 2, but only after other services with lower S numbers.

When the system is shut down, there is another symlink in the /etc/rc0.d and /etc/rc6.d directories (halt and reboot, respectively) that starts with a K instead of an S, which tells init to shut down the process.


CentOS Wiki - IPTables April 12, 2018, 8:46 a.m.

Iptables places rules into predefined chains - INPUT, OUTPUT and FORWARD - that are checked against any network traffic relevant to those chains and a decision is made about what to do with each packet based upon the outcome of those rules. These actions are referred to as targets, of which the two most common predefined targets are DROP and ACCEPT.

  • INPUT - All packets destined for the host computer.
  • OUTPUT - All packets originating from the host computer.
  • FORWARD - All packets neither destined for nor originating from the host computer, but passing through (routed by) the host computer. This chain is used if you are using your computer as a router.
linux networking

Linux Load Averages: Solving the Mystery Aug. 11, 2017, 1:31 p.m.

Load averages are an industry-critical metric – my company spends millions auto-scaling cloud instances based on them and other metrics – but on Linux there's some mystery around them. Linux load averages track not just runnable tasks, but also tasks in the uninterruptible sleep state. Why? I've never seen an explanation. In this post I'll solve this mystery, and summarize load averages as a reference for everyone trying to interpret them.

linux devops

Fix Broken Sudo Dec. 15, 2014, 2:23 p.m.

ubuntu sudo linux troubleshooting