Enable automatic updates on CentOS 8 , CentOS 9 Stream Linux with dnf-automatic and Cockpit Web GUI package management tool


January 15th, 2025

centos-8-and-centos-9-linux-enable-automatic-rpm-yum-updates-with-dnf-automatic-logo

Security for any OS is critical nowadays, thus as a CentOS legacy system admin at work or using CentOS Stream releases 8 and 9 that are to be around for the coming years

CentOS 8 and CentOS 9 Stream Lifecycle


CentOS Stream follows the same lifecycle as Red Hat Enterprise Linux. From version 8 onward this means every version is supported for 10 years, split into 5 years of Full Support and 5 years of maintenance support. Users also have the option to purchase an additional 3 years of Extended Life Cycle Support (ELS) as an add-on.

Version    General Availability    Full Support Ends    Maintenance Support Ends    Extended Life Cycle Support (ELS) Ends
8    May 7, 2019    May 31, 2024    May 31, 2029    May 31, 2032
9    May 18, 2022    May 31, 2027    May 31, 2032    May 31, 2035


In this article, you are going to learn how to enable automatic software updates on CentOS 8 and CentOS 9 ( Stream ) Linux OS-es. I'll show how to set up your system to download and apply  security and other updates without user intervention.

It is really useful to use the CentOS automatic updates OS capability, turning on updates and instead typing all the time yum update && yum upgrade (and wasting time to observe the process) as it takes usually some 5 to 10 minutes to make the OS automatically install updates in the background and notify you once all is done so you can periodically check what the dnf-automatic automatic update tool has done that in most cases of success would save you at least few minutes per host. Automatic updates is critical especially if you have to maintain an infrastructure of CentOS virtual servers at version 8 or 9.

Those who use heavily used CentOS might have already enabled and used dnf-automatic, but I guess just like me until recently, most people using CentOS 8 don’t know how to enable and apply CentOS Linux updates automatically and those article might be helpful.
 

1. Enable Automatic CentOS 8 / 9 Updates Using DNF Automatic RPM Package


Install the DNF-automatic RPM package, it will provide a DNF component that enables start automatically the update process. 
To install it on both CentOS 8 / 9.

[root@centos ~]# yum install dnf-automatic
CentOS Stream 9 – BaseOS                                                                                                                                   78 kB/s |  14 kB     00:00
CentOS Stream 9 – AppStream                                                                                                                                28 kB/s |  15 kB     00:00
CentOS Stream 9 – Extras packages                                                                                                                          81 kB/s |  18 kB     00:00
Dependencies resolved.
======================================================
 Package                                         Architecture                             Version                                          Repository                                Size
======================================================
Installing:
 dnf-automatic                                   noarch                                   4.14.0-23.el9                                    baseos                                    33 k
Upgrading:
 dnf                                             noarch                                   4.14.0-23.el9                                    baseos                                   478 k
 dnf-data                                        noarch                                   4.14.0-23.el9                                    baseos                                    37 k
 python3-dnf                                     noarch                                   4.14.0-23.el9                                    baseos                                   461 k
 yum                                             noarch                                   4.14.0-23.el9                                    baseos                                    88 k

Transaction Summary
=======================================================
Install  1 Package
Upgrade  4 Packages

Total download size: 1.1 M
Is this ok [y/N]: y
Downloading Packages:
(1/5): dnf-data-4.14.0-23.el9.noarch.rpm                                                                                                                  556 kB/s |  37 kB     00:00
(2/5): dnf-automatic-4.14.0-23.el9.noarch.rpm                                                                                                             406 kB/s |  33 kB     00:00
(3/5): yum-4.14.0-23.el9.noarch.rpm                                                                                                                       1.4 MB/s |  88 kB     00:00
(4/5): python3-dnf-4.14.0-23.el9.noarch.rpm                                                                                                               4.9 MB/s | 461 kB     00:00
(5/5): dnf-4.14.0-23.el9.noarch.rpm                                                                                                                       2.6 MB/s | 478 kB     00:00
——————————————————————————————————
Total                                                                                                                                                     1.1 MB/s | 1.1 MB     00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                  1/1
  Upgrading        : dnf-data-4.14.0-23.el9.noarch                                                                                                                                    1/9
  Upgrading        : python3-dnf-4.14.0-23.el9.noarch                                                                                                                                 2/9
  Upgrading        : dnf-4.14.0-23.el9.noarch                                                                                                                                         3/9
  Running scriptlet: dnf-4.14.0-23.el9.noarch                                                                                                                                         3/9
  Installing       : dnf-automatic-4.14.0-23.el9.noarch                                                                                                                               4/9
  Running scriptlet: dnf-automatic-4.14.0-23.el9.noarch                                                                                                                               4/9
  Upgrading        : yum-4.14.0-23.el9.noarch                                                                                                                                         5/9
  Cleanup          : yum-4.14.0-9.el9.noarch                                                                                                                                          6/9
  Running scriptlet: dnf-4.14.0-9.el9.noarch                                                                                                                                          7/9
  Cleanup          : dnf-4.14.0-9.el9.noarch                                                                                                                                          7/9
  Running scriptlet: dnf-4.14.0-9.el9.noarch                                                                                                                                          7/9
  Cleanup          : python3-dnf-4.14.0-9.el9.noarch                                                                                                                                  8/9
  Cleanup          : dnf-data-4.14.0-9.el9.noarch                                                                                                                                     9/9
  Running scriptlet: dnf-data-4.14.0-9.el9.noarch                                                                                                                                     9/9
  Verifying        : dnf-automatic-4.14.0-23.el9.noarch                                                                                                                               1/9
  Verifying        : dnf-4.14.0-23.el9.noarch                                                                                                                                         2/9
  Verifying        : dnf-4.14.0-9.el9.noarch                                                                                                                                          3/9
  Verifying        : dnf-data-4.14.0-23.el9.noarch                                                                                                                                    4/9
  Verifying        : dnf-data-4.14.0-9.el9.noarch                                                                                                                                     5/9
  Verifying        : python3-dnf-4.14.0-23.el9.noarch                                                                                                                                 6/9
  Verifying        : python3-dnf-4.14.0-9.el9.noarch                                                                                                                                  7/9
  Verifying        : yum-4.14.0-23.el9.noarch                                                                                                                                         8/9
  Verifying        : yum-4.14.0-9.el9.noarch                                                                                                                                          9/9

Upgraded:
  dnf-4.14.0-23.el9.noarch                   dnf-data-4.14.0-23.el9.noarch                   python3-dnf-4.14.0-23.el9.noarch                   yum-4.14.0-23.el9.noarch
Installed:
  dnf-automatic-4.14.0-23.el9.noarch

Complete!
[root@centos ~]#

Here is info on what dnf-automatic package will do: 

[root@centos ~]# rpm -qi dnf-automatic
Name        : dnf-automatic
Version     : 4.14.0
Release     : 23.el9
Architecture: noarch
Install Date: Wed 15 Jan 2025 08:00:47 AM -03
Group       : Unspecified
Size        : 57937
License     : GPLv2+
Signature   : RSA/SHA256, Thu 02 Jan 2025 01:19:43 PM -03, Key ID 05b555b38483c65d
Source RPM  : dnf-4.14.0-23.el9.src.rpm
Build Date  : Thu 12 Dec 2024 07:30:24 AM -03
Build Host  : s390-08.stream.rdu2.redhat.com
Packager    : builder@centos.org
Vendor      : CentOS
URL         : https://github.com/rpm-software-management/dnf
Summary     : Package manager – automated upgrades
Description :
Systemd units that can periodically download package upgrades and apply them.


Next up is configuring the dnf-automatic updates. The configuration file is located at /etc/dnf/automatic.conf. Once you have opened the file, you can to set the required values to fit your software requirements.
The values you might want to modify are as so:

 

[root@centos ~]# grep -v \# /etc/dnf/automatic.conf|sed '/^$/d'
[commands]
upgrade_type = default
random_sleep = 0
network_online_timeout = 60
download_updates = yes
apply_updates = no
reboot = never
reboot_command = "shutdown -r +5 'Rebooting after applying package updates'"
[emitters]
emit_via = stdio
[email]
email_from = root@example.com
email_to = root
email_host = localhost
[command]
[command_email]
email_from = root@example.com
email_to = root
[base]
debuglevel = 1
[root@centos ~]#

 

The most important things you need to tune in automatic.conf are:

[root@centos ~]# vim /etc/dnf/automatic.conf

apply_updates = no


should be changed to yes 

apply_updates = yes

for automatic updates to start by dnf-automatic service

It is nice to set the email server to use configuration values, as well as email from, email to and the way for
email to be set emit_via = stdio is default (check out the other options if to be used inside the commented lines)

Finally, you can now run dnf-automatic, execute the following command to schedule DNF automatic updates for your CentOS 8 machine.

[root@centos ~]# systemctl enable –now dnf-automatic.timer


The command above enables and starts the system timer. To check the status of the dnf-automatic service, run the following.

[root@centos ~]#  systemctl list-timers *dnf-*
NEXT                        LEFT       LAST                        PASSED      UNIT                ACTIVATES
Wed 2025-01-15 09:31:52 -03 13min left –                           –           dnf-makecache.timer dnf-makecache.service
Thu 2025-01-16 06:21:20 -03 21h left   Wed 2025-01-15 08:09:20 -03 1h 8min ago dnf-automatic.timer dnf-automatic.service

2 timers listed.
Pass –all to see loaded but inactive timers, too.

[root@centos ~]#

 

Enable and Manage Automatic updates with Cockpit GUI web interface


Sooner or later even hard core sysadmins has to enter the 21 century and start using a Web interfaces for server or Desktop Linux management to offload your head for more important stuff.
Cockpit is a great tool to help you automatically manage and update your servers with no need to use the Linux console most of the time.

Cockpit is a very powerful tool you can use to manage remotely updates through a web interface, it is very handy tool for system admins as it gives you overview over updates and supports automatic updates and set RPM package management tasks through web-based console. 
Cockpit allows updates over multiple servers and it makes it a kind of server orchestration tool that allows yo to update many same versioned operating system software.


If you haven't it already pre-installed in CentOS 8 / 9 depending on the type ofinstall you have done, you might need to install Cockpit.

To install cockpit

[root@centos ~]# yum install cockpit -y

To make the web service accessible in a browser you'll have to start it with cmds:

[root@centos ~]# systemctl start cockpit
[root@centos ~]# systemctl status cockpit

To access cockpit you'll either have to access it on https://localhost:9090 in case you need to access it locally via https://SERVER_IP:9090/.
Note that of course you will have to have firewalld enabling traffic to SERVER_IP PORT 9090.

 

centos-steam-cockpit-web-gui-autoupdate-tool-linux-screenshot1

By default cockpit will run with self signed certificate, if you need you can set up a certbot certificate or regenerate the self signed one for better managed security risk. For a first time if you haven't changed the certificate simply use the browser exclusion menu and login to Cockpit.

Once logged in you can check the available updates.

 

centos-steam-cockpit-web-gui-autoupdate-tool-linux-screenshot0

By default you will have to login with non-root account, preferably that should be an account who is authorized to become root via sudo.
To elevate to administrative privileges while in cockpit clock on 'Administrative access' and grant cockpit your superuser privileges.

centos-steam-cockpit-web-gui-autoupdate-tool-linux-screenshot2

Once authorized you can run the upgrade and enojy a coffee or beer in the mean time 🙂

centos-steam-cockpit-web-gui-autoupdate-tool-linux-screenshot-update-ongoing

Among the useful cockpit options, is also the Terminal through which you can run commands like over a normal Web SSH service.

The 'Logs' section is also very useful as it shows you clearly synthesized information on failed services and modules, since last OS system boot.

 

https://pc-freak.net/images/centos-steam-cockpit-web-gui-autoupdate-tool-linux-screenshot3

To add and manage updates for multiple hosts use the 'Add new host' menu that is a expansion of the main machine on which cockpit runs.


centos-steam-cockpit-web-gui-autoupdate-tool-linux-automatic-updates-settings

In the next window, turn automatic updates ON. You can now select the type of updates you want (Apply All Updates or Apply Security Updates), the day and time you want the updates applied, and the server rebooted.

CentOS 9's cockpit even have support for the innovative Kernel live patching, so the machine kernel can be updated even Live and you can save the reboot after complete patching of OS including the kernel.

centos-steam-cockpit-web-gui-autoupdate-tool-linux-kernel-live-patching-menu

Note that you cannot set up automatic updates without rebooting the system. Therefore, make sure your server can be rebooted at the time you’ve selected for the updates.

Sum it up


In this post, we learned have learned how to set up automatic updates for your CentOS 8 / 9 Linux. There are two main stream ways you can do it.
1. By using DNF automatic updates tool.
By enabling DNF automatic updates on CentOS 8 Linux the machine updated is faster, seemless and frequent as compared to manual updates.

This protects the OS more about crackers cyber-attacks. Secondly for the more lazy admins or for better structuring of updates (if it has to be executed on multiple hosts), the Cockpit web console is available.

With Cockpit, it’s much easy to enable automatic updates as the GUI is self-explanatory graphical user interface (GUI) as opposed to the DNF automatic updates, which would waste you more time on CLI ( shell ).
 

Enable Debian Linux automatic updates to keep latest OS Patches / Security Up to Date


January 13th, 2025

Enable Debian Linux automatic updates to keep latest OS Patches / Security Up to Date

Debian: Entenda a Importância Para o Mundo GNU/LINUX

I'm not a big fan of automatism on GNU / Linux as often using automatic updates could totally mess things especially with a complex and a bit chatic OS-es like is Linux nowadays. 
Nevertheless as Security is becoming more and more of a problem especially the browser security, having a scheduled way to apply updates like every normal modern Windows and MAC OS as an option is becoming essential to have a fully manageble Operating system.

As I use Debian GNU / Linux for desktop for my own personal computer and I have already a lot of Debian servers, whose OS minor level and package version maintenance takes up too big chunk of my time (a time I could dedicated to more useful activities). Thus I found it worthy at some cases to trigger Debian's way to keep the OS and security at a present level, the so called Debian "unattended upgrades".

In this article, I'll explain how to install and Enable Automatic (" Unattended " ) Updates on Debian, with the hope that other Debian users might start benefiting from it.
 

Pros of  enabling automatic updates, are:

  • Debian OS Stay secure without constant monitoring.
  • You Save much time by letting your system handle updates.
  • Presumably Enjoying more peace of mind, knowing your system is more protected.

Cons of enabling automatic updates:

  • Some exotic and bad maintained packages (might break after the update)
  • Customizations made on the OS /etc/sysctl.conf or any other very custom server configs might disappear or not work after the update
  • At worst scenario (a very rare but possible case) OS might fail to boot after update 🙂

Regular security updates patch vulnerabilities that could otherwise be exploited by attackers, which is especially important for servers and systems exposed to the internet, where threats evolve constantly.

1. Update Debian System to latest

Before applying automatic updates making any changes, run apt to update package lists and upgrade any outdated packages,to have automatic updates for a smooth configuration process.

# apt update && apt upgrade -y

2. Install the Unattended-Upgrades deb Package 

# apt install unattended-upgrades -y

Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
The following additional packages will be installed:
  distro-info-data gir1.2-glib-2.0 iso-codes libgirepository-1.0-1 lsb-release python-apt-common python3-apt python3-dbus python3-distro-info python3-gi
Suggested packages:
  isoquery python-apt-doc python-dbus-doc needrestart powermgmt-base
The following NEW packages will be installed:
  distro-info-data gir1.2-glib-2.0 iso-codes libgirepository-1.0-1 lsb-release python-apt-common python3-apt python3-dbus python3-distro-info python3-gi unattended-upgrades
0 upgraded, 11 newly installed, 0 to remove and 0 not upgraded.
Need to get 3,786 kB of archives.
After this operation, 24.4 MB of additional disk space will be used.
Do you want to continue? [Y/n]

 

 

# apt install apt-listchanges
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
The following package was automatically installed and is no longer required:
  linux-image-5.10.0-30-amd64
Use 'apt autoremove' to remove it.
The following additional packages will be installed:
  python3-debconf
The following NEW packages will be installed:
  apt-listchanges python3-debconf
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 137 kB of archives.
After this operation, 452 kB of additional disk space will be used.
Do you want to continue? [Y/n]
Get:1 http://deb.debian.org/debian bookworm/main amd64 python3-debconf all 1.5.82 [3,980 B]
Get:2 http://deb.debian.org/debian bookworm/main amd64 apt-listchanges all 3.24 [133 kB]
Fetched 137 kB in 0s (292 kB/s)
Preconfiguring packages …
Deferring configuration of apt-listchanges until /usr/bin/python3
and python's debconf module are available
Selecting previously unselected package python3-debconf.
(Reading database … 84582 files and directories currently installed.)
Preparing to unpack …/python3-debconf_1.5.82_all.deb …
Unpacking python3-debconf (1.5.82) …
Selecting previously unselected package apt-listchanges.
Preparing to unpack …/apt-listchanges_3.24_all.deb …
Unpacking apt-listchanges (3.24) …
Setting up python3-debconf (1.5.82) …
Setting up apt-listchanges (3.24) …

Creating config file /etc/apt/listchanges.conf with new version

 

Example config for apt-listchanges would be like:

# vim /etc/apt/listchanges.conf
[apt]
frontend=pager
email_address=root
confirm=0
save_seen=/var/lib/apt/listchanges.db
which=both

3. Enable Automatic unattended upgrades

Once installed, enable automatic updates with the following command, which will prompt asking if you want to enable automatic updates. Select Yes and press Enter, which will confirm that the unattended-upgrades service is active and ready to manage updates for you.

# dpkg-reconfigure unattended-upgrades

Configure-Unattended-Upgrades-on-Debian_Linux-dpkg-reconfigure-screenshot

Or non-interactively by running command:

# echo unattended-upgrades unattended-upgrades/enable_auto_updates boolean true | debconf-set-selections
dpkg-reconfigure -f noninteractive unattended-upgrades


4. Set the Schedule for Automatic Updates on Debian

By default, unattended-upgrades runs daily, to verify or modify the schedule, check the systemd timer:

# sudo systemctl status apt-daily.timer
# sudo systemctl status apt-daily-upgrade.timer
# systemctl edit apt-daily-upgrade.timer

Current apt-daily.timer config as of Debian 12 (bookworm) is as follows

root@haproxy2:/etc/apt/apt.conf.d# cat  /lib/systemd/system/apt-daily.timer
[Unit]
Description=Daily apt download activities

[Timer]
OnCalendar=*-*-* 6,18:00
RandomizedDelaySec=12h
Persistent=true

[Install]
WantedBy=timers.target
root@haproxy2:/etc/apt/apt.conf.d#


 

# systemctl edit apt-daily-upgrade.timer

[Timer]
OnCalendar=
OnCalendar=03:00
RandomizedDelaySec=0

 

At Line  num 2 above is needed to reset (empty) the default value shown below in line  num 5.
Line 4 is needed to prevent any random delays coming from the defaults.


Now both timers should be active, if not, activate them with:

# systemctl enable –now apt-daily.timer
# systemctl enable –now apt-daily-upgrade.timer


These timers ensure that updates are checked and applied regularly, without manual intervention.

5.Test one time Automatic Updates on Debian works

To ensure everything is working, simulate an unattended upgrade with a dry run:

# unattended-upgrade –dry-run

 

You can monitor automatic updates by checking the logs.

# less /var/log/unattended-upgrades/unattended-upgrades.log

Log shows details of installed updates and any issues that occurred. Reviewing logs periodically can help you ensure that updates are being applied correctly and troubleshoot any problems.

6. Advanced Configuration Options

If you’re a power user or managing multiple systems, you might want to explore these additional settings in the configuration file:

# vim /etc/apt/apt.conf.d/50unattended-upgrades


Configure unattended-upgrades to send you an email whenever updates are installed.

Unattended-Upgrade::Mail "your-email-address@email-address.com";


Enable automatic reboots after kernel updates
by adding the line:

Unattended-Upgrade::Automatic-Reboot "true";

To schedule reboots after package upgrade is applied  at a specific time:

Unattended-Upgrade::Automatic-Reboot-Time "02:00";

Specify packages you don’t want to be updated by editing the Unattended-Upgrade::Package-Blacklist section in the configuration file.

 

Here is alternative way to configure the unattended upgrade, by using apt configuration options:

# vim /etc/apt/apt.conf.d/02periodic

// Control parameters for cron jobs by /etc/cron.daily/apt-compat //


// Enable the update/upgrade script (0=disable)
APT::Periodic::Enable "1";


// Do "apt-get update" automatically every n-days (0=disable)
APT::Periodic::Update-Package-Lists "1";


// Do "apt-get upgrade –download-only" every n-days (0=disable)
APT::Periodic::Download-Upgradeable-Packages "1";


// Run the "unattended-upgrade" security upgrade script
// every n-days (0=disabled)
// Requires the package "unattended-upgrades" and will write
// a log in /var/log/unattended-upgrades
APT::Periodic::Unattended-Upgrade "1";


// Do "apt-get autoclean" every n-days (0=disable)
APT::Periodic::AutocleanInterval "21";


// Send report mail to root
//     0:  no report             (or null string)
//     1:  progress report       (actually any string)
//     2:  + command outputs     (remove -qq, remove 2>/dev/null, add -d)
//     3:  + trace on
APT::Periodic::Verbose "2";

If you have to simultaneously update multiple machines and you're on a limited connection line, configure download limits if you’re on a metered connection by setting options in /etc/apt/apt.conf.d/20auto-upgrades.

7. Stop Automatic Unattended Upgrade

Under some circumstances if it happens the unattended upgrades are no longer required and you want to revert back to manual package updates, to disable the updates you have to disable the unattended-upgrades service

# systemctl stop unattended-upgrades


8.  Stop an ongoing apt deb package set of updates applied on Debian server

Perhaps not often, but it might be you have run an automated upgrade and this has broke a server system or a service and for that reason you would like to stop the upcoming upgrade (some of whose might have started on other servers) immediately, to do so, the easiest way (not always safe thogh) is to kill the unattended-upgrades daemon.
 

# pkill –signal SIGKILL unattended-upgrades


Note that this a very brutal way to kill it and that might lead to some broken package update, that you might have to later fix manually.

If you have the unattended-upgrade process running on the OS in the process list backgrounded and you want to stop the being on the fly upgrade on the system more safely for the system, you can stop and cancel the ongoing apt upgrade  it by running the ncurses prompt interface, through dpkg-reconfigure

# dpkg-reconfigure unattended-upgrades


Then just select No, press Enter. In my case, this has promptly stopped the ongoing unattended upgrade that seemed blocked (at least as promptly as the hardware seemed to allow 🙂 ).

If you want to disable it for future, so it doesn't automatically gets enabled on next manual update, by some update script disable service as well.
 

# systemctl disable unattended-upgrades

 

Close up

That’s all ! Now, your Debian system will automatically handle security updates, keeping your system secure without you having to do a thing.
The same guide should be good for most Deb based distributions such as Ubuntu / Mint and there rest of other Debian derivative OS-es.
You’ve now set up a reliable way to ensure your system stays protected from vulnerabilities, but anyways it is a good practice to always login and check what the update has done to the system, otherwise expect the unexpected. 

Flush DNS on Mac OS X ,Windows and Linux from command line


January 8th, 2025

MAC OSX DNS Configuration | DNSFLEX

 

MAC OS X flush DNS cache


Open macOS /Mac OS X terminal application and type the following command under OS X version 10.5 and above:

# dscacheutil -flushcache

Mac OS X Tiger (v10.4) user, enter:

# lookupd -flushcache

macOS 11 Big Sur or 12 Monterey user, try:

# sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

 

macOS 10.11 El Capitan, 10.12 Sierra, 10.13 High Sierra, 10.14 Mojave, or 10.15 Catalina user try:

# sudo killall -HUP mDNSResponder

 

On Mac OS X version 10.6 and onwards to dump DNS cached records
 

$ dscacheutil -cachedump -entries

Display your DNS cached records on Windows
 
Implement Windows Server DNS - Training | Microsoft Learn

  DNS cached records are stored to offload the DNS from querying it all the time in order to resolve the questionable site domain IP.

To view most recent cached DNS records on Windows use cmd:
 

c:\Windows\> ipconfig /displaydns

 

Windows IP Configuration

    array805.prod.do.dsp.mp.microsoft.com
    —————————————-
    Record Name . . . . . : array805.prod.do.dsp.mp.microsoft.com
    Record Type . . . . . : 1
    Time To Live  . . . . : 1894
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 52.143.124.236


    telemetry-incoming.r53-2.services.mozilla.com
    —————————————-
    Record Name . . . . . : telemetry-incoming.r53-2.services.mozilla.com
    Record Type . . . . . : 1
    Time To Live  . . . . : 444
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 34.120.208.123


    tunnel.googlezip.net
    —————————————-
    Record Name . . . . . : tunnel.googlezip.net
    Record Type . . . . . : 1
    Time To Live  . . . . : 36756
    Data Length . . . . . : 4

Use up/down scroll array to see the cached record you need to view in the DNS cache.
 

Flush DNS Cache on Windows OS

 


Open the terminal (Start > Run > type cmd and press the [Enter] key) and type the following command to flush DNS on Win XP/2000/7/10 etc:

# ipconfig /flushdns

 

How to Flush DNS local cache queries on Linux

How to Flush DNS Cache on Linux | Linux How to Flush DNS Guide

 

If you’re using a Linux distro such as Ubuntu, here’s how to flush the DNS cache:

Open the terminal by pressing Ctrl + Alt + T or searching for “Terminal” in the Activities menu.
Run the following command:
If you are running Ubuntu 20.04 LTS Linux or older Linux distro using systemd-resolve, use: sudo systemd-resolve –flush-caches.
If you are running Ubuntu 22.04 LTS or newer, use: sudo resolvectl flush-caches.
Enter your administrator password when prompted, and the DNS cache will be flushed.

To check the change in the DNS record is real, you can check the DNS cache statistics:

# resolvectl statistics

On older Linux distributions where /etc/resolv.conf nameserver directives are used to set the DNS for the server, to flush the cache
only options is to either flush the server used cache or change the nameserver inside the file.

 

Check the DNS cache records on older Linux distros (requires NSCD daemon)

Assuming the nscd daemon is UP and running (if not you have to install it) to check the cached local DNS records on Linux do

# service nscd status 


Reviewing Your DNS Cache on modern Linux distros

The systemd-resolved daemon reacts to USR1 by writing its cache to the system logs. We can then use the journalctl command to filter out the DNS entries.

We'll use the killall command with USR1 To send the signal to the systemd-resolved daemon. Note that although we're using the killall command, the systemd-resolved daemon continues to run. This isn't a termination signal that we're sending.

$ sudo killall -USR1 systemd-resolved

Now we'll use the journalctl command with the -u (filter by systemd unit) option to extract the log entries that have been generated by systemd-resolved . We'll redirect that output into a text files called "dns.txt."

$ sudo journalctl -u systemd-resolved > dns.txt

Then check the DNS records

$ less dns.txt

 

Then find the cached mappings between domain names and IP addresses in.

How to Flush the dnsmasq Cache on Linux

The dnsmasq application provides a DNS cache and a DHCP server.

dnsmasq is popular among with users who want to run their own DNS server, especially on non-systemd installations.

Flushing the dnsmasq DNS cache is easy. We need to send the SIGHUP signal, which tells the dnsmasq daemon to effectively reinitialize. Doing so clears its DNS cache. To send the signal we use the killall command with the -HUP flag, and the name of the application.

$ sudo killall -HUP dnsmasq

Saint Barbara of Bulgarian Origin, Spring that came by her prayer situated in a Bulgarian village Eleshnica


December 4th, 2024

A sensational legend, prooved by modern Theologist to be a fact is the famous Great Martyr Barbara (Varvara as known in Slavonic realm) is of Bulgarian origin and her martyrdom has occured in country territory of contemporary Bulgaria.

Saint_Barbara-tower-orthodox-christian-icon

Saint Barbara and her famous Tower where her father kept her imprisoned

From very ancient times Saint Barbara is highly venerated in both Eastern Church and Western Church. The Barbara is a common baby name till this very date, there are countless hospis and hospitals, and institutions all arount the world in her name. Her Living has been an inspiration for the civillized world for many centuries, she is
After the Church Schism in 1054, when Roman-Catholics seperated from the Church and the Pope started to claim rulership over the whole church heresy and many other erronous, believe slowly the great veneration for Saint Barbara, started to deteriorate especially in the early 20th century in Pan-Roman Calendar in the 1969 revision after the Second Vatican assembly although she remains on the list of saints of the Catholic Church, her veneration in Catholicism fade away with claims, there is not enough historical data to proove the living of the saint is not just a pious legend.

Saint Baraba is well known for being the protector of young Children and all people who are in danger of sudden and unexpected death.
Saint Barbara feast day is always celebrated on 4th of December.


For that reason, the representatives of the most risky professions like:
miners, gunners, firefighters, sappers, pyrotechnicians – celebrate December 4, when it is the feast of the Great Martyr, all over the world.

The personality of the saint is shrouded in mystery. Her appearance on the historical scene came too late, nearly five centuries after her martyrdom.
That is why it is not surprising that in our country a village keeps an ancient early Christian legend about the saint.

вяра - ВЯРА: Извор на Св. Варвара лекува край Елешница

The old chapel place of St. Barbara and the rebuild chapel built on the site

Those legend tells us, she wandered the lands near Razlog, where she lived and where she was martyrdom.
There on those martyrdom place is built a chapel in honor of the saint and a miraculous spring called by local citizens for ages "the Myrrh".
It is believed that whoever washes with the medicinal water in it can be cured of any disease.

According to a fascinating study by famous Bulgarian Theologian researcher Doctor. Vencislav Karavalchev, St. Varvara was not born in Nicomedia (Bythinia) in the 3rd century, as her life dictates, but the actual location for that historical place is in the village of Eleshnitsa (near Blagoevgrad), which in ancient times was called Iliopolis (Ilioupoli). Her father Dioscorus was a high-ranking administrator. Because she was of fabulous beauty, out of jealousy he locked her in a tower. When he was away on state affairs,
Barbara (Varvara) converted to Christianity.

The martyr was sentenced to death by beheading by her father and the governor of the city. They cut off her head in front of the baths, and her blood turned into healing mineral water. Locals say that the water started gushing out where her blood soaked into the ground.

Today, the gushing spring has a temperature of 57-58 degrees. The Myrrh is lined with stones, and people come from all over the country and abroad for healing baths.

Prayer-in-from-of-Saint-Barbara-Chapel-entry-in-Eleshnica-Village-near-Blagoevgrad-Bulgaria-martyrdom-place
Church Akathist Service in honor of saint Barbara in her Chapen , who is honored in Eleshnica on the fourth day after Easter.

It is assumed that there was a pagan sanctuary near the healing spring, which later grew into a Christian shrine. It can be seen near the built chapel. The entire area has long been known by the name of St. Barbara. Large stones can be seen above, piled up like a herd.
It is assumed that these are the remains of the tower in which the saint stood, who paid with her head for the acceptance of the Christian faith.

It is believed that the legend that Varvara was born here started from a Russian monk from Mount Athos, who was treated in the spring near the village of Eleshnitsa. In 1856 in Moscow, the memories and notes of monk Parthenius were published in several volumes, who, as he himself wrote, did so at the request and with the blessing of Bishop Athanasius. In four voluminous volumes, Parthenius set forth what he saw and heard during his travels and residence on the Holy Mountain, as well as in Russia, Moldavia, Turkey, Jerusalem, and the Holy Land. The fourth volume of these memories contains the information that confirms the legend of St. Barbara living in Eleshnica.

Here is what the Russian Monk Parthenius writes back then:

"I will announce something else, which for us, Russians, is very important, but its credibility has not yet been proven, it has not been investigated, and therefore causes confusion in me. And this thing is the following: the Bulgarians affirm that the great martyr Varvara was more Bulgarian by birth, Slavic by language, from the Macedonian side. That's what Bulgarian monks told me in our Russian monastery on Mount Athos, not one and not two, but more than twenty people.And they received this tradition from ancient times and from their forefathers.

They say thus: In Macedonia there is a city of Nevrokop, six days' journey from the Athonian woods; and from the city of Nevrokop there is a village one day's journey, in Bulgarian called Leshnitsa (Eleshnitsa – b.r.), and in Greek – the former Iliopolis. In this village there is a bathhouse, next to the bathhouse flows a strong source of hot water, which has healing powers, and when it cools, it becomes sweet and delicious like milk. This bath is called Dioskorova, after the father of St. Barbara; and it would be better to say – banya sv. Varvara. On the day in which the memory of the saint is celebrated, a large number of people, Bulgarians, gather here, and a prayer is performed and a great celebration takes place, and they drink from the water and bathe there in the font. There is also a ruined tower in the same village; they say that St. lived there. Barbara and that the tower was built by her father'.

According to the official biography, these events took place in Nicomedia.
The belief says that God's retribution overtakes Varvara's father and the governor of the city – they are both struck by lightning.
The young woman was buried by the Christian Valentine, and her tomb became a source of miracles of faith. In the 6th century, the relics of Saint Barbara were transferred to Constantinople. In the 12th century they were moved to the Mikhailovsky Zlatoverkh Monastery by Svyatopolk II, and from 1930 rest in the Patriarchal Cathedral "St. Vladimir" in Kyiv. Fragments of the miraculous relics of the saint can be found in the Transfiguration Church in Sofia. In the Troyan monastery "Assumption", along with the miraculous icon "The Virgin of Troeruchitsa", relics of St. Varvara.

Saint-Barbara-depicted-on-United-States-Artillerymen-coins

The saint is of the Order of the United States State Artillerymen.

Protectors for Artillery man and Gunners

Every year on December 4, artillerymen in the armies of a number of Christian countries honor their patron – the holy great martyr Barbara. In the French Army, this day has been celebrated since 1671. during the reign of Louis XIV with the creation of the Regiment of Royal Fusiliers, the first commander of which was the King himself. In the West, the saint is called Barbara. In the US Army, this day is usually accompanied by an official military dinner with the solemn presentation of orders established in the name of St. Varvara. Orders can be awarded not only to military personnel, but also to civilians for services to the artillery corps. The saint was called upon to assist in accidents resulting from the explosion of the first samples of artillery guns. That is why, at the dawn of artillery, the ancient gunners, addressing their prayers to St. Varvara, they accepted her as their patron. The history of the cult of the saint goes back to the time when China invented gunpowder. As expected, the first cannons began to be produced soon. They made their way from Asia to Europe, and the fear of the new weapon proved just as sinister as the fear of the wrath of St. Varvara. The cannon killed suddenly and from a distance like the lightning that pierced the murderers of the Christian martyr. But there was something else. In the initial period of its development, fire artillery was very far from perfection. The first guns were made of iron. When fired, it was distorted in the body, and some of the elements of the projectiles were soldered to the channel of the cannon. A frequent phenomenon under these conditions was instead of firing the projectile, its spraying, which struck not the enemy, but its own soldiers. In such cases, the artillerymen looked for hope, protection and protection in such misfortunes from St. Barbara, patroness of lightning and thunder. Over time, the artillerymen had the feeling that they were always under the protection of the saint. Miners in Poland, the Czech Republic and Germany celebrate the saint's day. Even in faraway Australia, miners honor her with an annual parade.
 

old-picture-of-traditional-Eleshnica-village-Assembly-on-saint-Barbara--martyrdom-place-near-Razlog-in-Eleshnica-village

Since ancient times, a feast assembly is held in the area of ​​St. Varvara, near Razlog (Razlozhko).

Cities and early Medicine tranquility Pills bear name in her honour

Barbiturates, one of the oldest sedatives group of medicines used in medical practice, are named after the saint known in the West as Barbara.
The story goes that in the distant 1864 the chemist Adolf von Bayer entered a tavern. He had just discovered a group of substances acting on the central nervous system in a wide range from sedative to anesthetic.
An artilleryman celebrated his holiday there. In his honor (knowing saint Barbara is protector of artillerists), for providence reason the chemist decided to named his discovery after the saint.

Many cities and temples all over the world bear her name. Today, part of the California coast, now occupied by the city of Santa Barbara, is named after the saint. It was named in 1602 after the sea explorer Sebastian Vizcaino survived a storm at sea just before her feast day. Other Spanish and Portuguese settlements named Santa Barbara were established in Brazil, Chile, Colombia, Honduras, Mexico, Venezuela, and the Philippines.

Source of Research prooving Saint Barbara of (Bulgarian origin):

St. Barbara of Iliopol – following the trail of a legend (Research in Bulgarian by Ventzislav Karavylchev)

Zabbix Power Shell PS1 script to write zero or one if string is matched inside log file


December 2nd, 2024

How to Install and Configure Zabbix Server and Client on Rocky Linux 9 - Cộng Đồng Linux

At work we had setup zabbix log file processing for few servers for a service that is doing a Monitoring Health Checks for a a special application via an encrypted strong encrypted tunnel. The app based on the check reports whether the remote side has processed data or not.
As me and my team are not maintainers of the zabbix-server where the zabbix-agents are sending the data, there is a multiple content of data being sent in simply "" empty strings via a zabbix Item setup. Those empty strings however gets stored in the zabbix-server database and since this check is made frequently about 500 hundred records of empty string lines are being written to the zabbix server, we got complaint by the zabbix adminsitrators, that we have to correct our Monitoring setup to not flood the zabbix-server.

Since zabbix cannot catch up the "" empty string and we cannot supress the string from being written in the Item, we needed a way to change the monitoring so that the configured Application check returns 1 (on error) and 0 (on success).

Zabbix even though advanced has a strange when zabbix log[] function, e.g. 

log[/path/to/log,,,,skip]

log function, used to analyze a log file and cut out last or first lines of a file simmilar to UNIX's  head and tail over log files this is described in the zabbix log file monitoring here . If a string is matched it can return string 1, but if nothing gets matched the result is empty string "" and this empty string cannot be used in a way to analyze the data with Item is used.

There is plenty of discussions online for this weird behavior and many people do offer different approaches to solve the strange situation, but as we have tried with our colleagues sys admins  none of those really worked out.

Thus we decided to use the classical way to work around, e.g. to simply use a powershell script that would check a number of lines inside a provided log file analyze if a string gets found and print out value of "1" if the string is matched or "0" "if not and this PS1 script to be set to run via a standard zabbix userparameter script.

This worked well, as all of us are mainly managing Linux systems, and we don't have enough knowledge on powershell we have used our internal Aartificial Intelligence (AI) clone tool to LibreChat – A free and open source ChatGPT clone.

LibreChat includes OpenAI's models, but also others — both open-source and closed-source — and its website promises "seamless integration" with AI services from OpenAI, Azure, Anthropic, and Google — as well as GPT-4, Gemini Vision, and many others. ("Every AI in one place," explains LibreChat's home page.) Plugins even let you make requests to DALL-E or Stable Diffusion for image generations. (LibreChat also offers a database that tracks "conversation state" — making it possible to switch to a different AI model in mid-conversation…)

$logfile = "C:\path\to\your\logfile.log"
$searchString = "-1"
 
# Get the last 140 lines
$lines = Get-Content $logfile -Tail 140
 
# Filter lines containing the search string
$found = $lines | Where-Object { $_ -match [regex]::Escape($searchString) }
 
# Output found lines or 0 if none were found
if ($found) {
    $found | ForEach-Object { $_ }
} else {
    Write-Host 0
}

You can download and the return_zero_or_one-if-string-matches-in-log-powershell.ps1 script here

How to install and use WSL 2 Windows native Linux emulation Debian and Ubuntu Linux on Windows 10 / Windows 11


October 31st, 2024

start-with-wsl-windows-emulation-linux-install-and-use-easily-linux-and-windows-together-with-no-external-software-tux-penguin-logo

WSL (Windows Subsystem for Linux) is perhaps relatively rarely known to the old school sys admins rats who usually use stuff like QEMU / KVM for Windows or Virtualbox / VMWare for Host machine.
However most people most lileky heard but never used or heard about the native (container like) virtualization WSL which was introduced in Windows 10 and Windows 11  as an attempt from Microsoft to improve the interoperability between Windows and Linux.
WSL version 1 and ver 2 allows Microsoft Windows for using a Linux environment without the need for a separate virtual machine.

In Windows 10, it is existing in Windows 10 Professional version can be installed either by joining the Windows Insider program or manually via Microsoft Store or Winget.
Hence perhaps you don't know that WSL virtualization can be used by those who want to mix Linux and Windows or for example get an advantages against dual-boot (installing Linux and Windows on the same computer).
Even better most significant WSL pros is you can literally running both systems at the same time without the need to run or stop every software that’s running and reboot to another system.

Procedure to set up a WSL is simple and similar to setting up a real Linux OS, therefore this guide can also be used as a reference to Linux setup.The specifications of WSL setup procedure are mainly in Install WSL and then setup any packages you would like to use for example if you want to be able to access remotely the WSL emulated Debian / Ubuntu or other of the installable distros via OpenSSH server.

1. Requirements to install and use WSL Linux emulation

To have the wsl subsystem used on Windows 10 or Windows 11 requirements:

You must be running Windows 10 version 2004 and higher (Build 19041 and higher) or Windows 11 to use the commands below. If you are on earlier versions please see the manual install page.

2. List available installable Linux distributions
 

WSL subsystem has ported only a certain set of Linux distributions, so if you need a very specific and unique Linux distribution, you would perhaps need to use Hyper-V virtualization or Virtualbox / VMWare.
However for people like me who are mainly using Debian GNU / Linux on daily basis as well as some OracleLinux admins / SUSE it is a perfect solution.

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –list –online
The following is a list of valid distributions that can be installed.
Install using 'wsl.exe –install <Distro>'.

NAME                            FRIENDLY NAME
Ubuntu                          Ubuntu
Debian                          Debian GNU/Linux
kali-linux                      Kali Linux Rolling
Ubuntu-18.04                    Ubuntu 18.04 LTS
Ubuntu-20.04                    Ubuntu 20.04 LTS
Ubuntu-22.04                    Ubuntu 22.04 LTS
Ubuntu-24.04                    Ubuntu 24.04 LTS
OracleLinux_7_9                 Oracle Linux 7.9
OracleLinux_8_7                 Oracle Linux 8.7
OracleLinux_9_1                 Oracle Linux 9.1
openSUSE-Leap-15.6              openSUSE Leap 15.6
SUSE-Linux-Enterprise-15-SP5    SUSE Linux Enterprise 15 SP5
SUSE-Linux-Enterprise-15-SP6    SUSE Linux Enterprise 15 SP6
openSUSE-Tumbleweed             openSUSE Tumbleweed


 

3. Install Linux distribution for a first time

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –install

wsl2-windows-virtualization-install-virtual-machine-debian1

The default Linux distribution that will get installed inside WLS Virtlualization is Ubuntu.

4. Install Debian GNU / Linux distribution as a second distro

 

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –install Debian

windows-wsl-linux-emulation/wsl2-windows-virtualization-install-virtual-machine-debian3

That second installed distro would make Debian now the default one to boot by WSL.

To run the fresh installed Debian GNU / Linux distribution, run only wsl command with no arguments.

# wsl

 

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –set-version Debian 2
For information on key differences with WSL 2 please visit https://aka.ms/wsl2
Conversion in progress, this may take a few minutes.
The distribution is already the requested version.
Error code: Wsl/Service/WSL_E_VM_MODE_INVALID_STATE
PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –set-version 2
There is no distribution with the supplied name.
Error code: Wsl/Service/WSL_E_DISTRO_NOT_FOUND
PS C:\Windows\System32\WindowsPowerShell\v1.0>

Simply pressting CTRL + D from the actively running WSL emulated Linux (that is pretty much like a native Windows docker container if we have to compare to Linux) would stop the VM.
 

5. List runnable / installed VM Linux distributions
 

To list the available runnable Linux VMs on your Windows  status on Windows Subsystem for Linux:

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –list –verbose
  NAME      STATE           VERSION
* Debian    Stopped         2
  Ubuntu    Stopped         2

PS C:\Windows\System32\WindowsPowerShell\v1.0>


6. Run and check recent installed Linux distribution version

wsl2-windows-virtualization-install-virtual-machine-debian4

To run the newly install Debian Virtualized Linux (which as you can see is the default set distribution to run by WSL virtualization) simply type 

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl

hipo@PC2LP3:/mnt/c/Windows/System32/WindowsPowerShell/v1.0$hipo@WL-2SLPWL3:/mnt/c/Windows/System32/WindowsPowerShell/v1.0$ cd ~
hipo@PC2LP3:~$

 

hipo@PC2LP3:~$ cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
NAME="Debian GNU/Linux"
VERSION_ID="12"
VERSION="12 (bookworm)"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
hipo@WL-2SLPWL3:~$

 

7. Update the Debian distribuion packages to latest available

hipo@PC2LP3:~$ sudo su – root
hipo@PC2LP3:~# apt update –fix-missing


8. Install openssh server to be able to connect to the WSL hosted Virtual Machine

hipo@PC2LP3:/home/hipo# apt install openssh-server –yes


windows-wsl-linux-emulation

 

root@PC2LP3:/home/hipo# systemctl start openssh-server telnet
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to connect to bus: Host is down
root@WL-2SLPWL3:/home/hipo# /etc/init.d/ssh start
Starting OpenBSD Secure Shell server: sshd.
root@WL-2SLPWL3:/home/hipo# ps -ef|grep -i ssh
root        30     9  0 18:19 ?        00:00:00 sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups
root        32    15  0 18:20 pts/1    00:00:00 grep -i ssh

 

windows-wsl-linux-emulation

By default a fresh new installed VM would have a process list like below:

root@PC2LP3:/home/hipo# ps axuwef


wsl2-windows-virtualization-install-virtual-machine-debian7

To be able to have ifconfig and a number of other network tools it is useful to install net-tools package

root@PC2LP3:/home/hipo# apt install net-tools –yes

root@PC2LP3:/home/hipo# /sbin/ifconfig

Once the WSL VM and OpenSSHD is run you can try to telnet or ssh to the VM locally or remotely.

root@PC2LP3:/home/hipo# telnet localhost 22
Trying 127.0.0.1…
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u3

9. Run commands directly from Windows command line or Powershell
 

You can also use the powershell to run commands via the virtualized Linux environment using simple syntax

# wsl [cmd-to-run]

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl ls /
bin   dev  home  lib    lost+found  mnt  proc  run   srv  tmp  var
boot  etc  init  lib64  media       opt  root  sbin  sys  usr
PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl ps -ef
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0 18:07 hvc0     00:00:00 /init
root         5     1  0 18:07 hvc0     00:00:00 plan9 –control-socket 5 –log-level 4 –server-fd 6 –pipe-fd 8 –log-t
root         8     1  0 18:07 ?        00:00:00 /init
root         9     8  0 18:07 ?        00:00:00 /init
hipo        10     9  0 18:07 pts/0    00:00:00 ps -ef

PS C:\Windows\System32\WindowsPowerShell\v1.0>

10. Enable systemd on Linux distribution in WSL 2

Once you boot into the WSL installed distro shell edit /etc/wsl.conf:

$ vim /etc/wsl.conf

[boot]
systemd=true

11. Setting extra useful variables to boot the WSL emulated Linux VM 
 

root@debian-wsl:/home/hipo# cat /etc/wsl.conf
[boot]
systemd=true

# Automatically mount Windows drive when the distribution is launched
[automount]

# Set to true will automount fixed drives (C:/ or D:/) with DrvFs under the root directory set above. Set to false means drives won't be mounted automatically, but need to be mounted manually or with fstab.
enabled = true

# Sets the directory where fixed drives will be automatically mounted. This example changes the mount location, so your C-drive would be /c, rather than the default /mnt/c.
root = /

# DrvFs-specific options can be specified.
options = "metadata,uid=1003,gid=1003,umask=077,fmask=11,case=off"

# Sets the `/etc/fstab` file to be processed when a WSL distribution is launched.
mountFsTab = true

# Network host settings that enable the DNS server used by WSL 2. This example changes the hostname, sets generateHosts to false, preventing WSL from the default behavior of auto-generating /etc/hosts, and sets generateResolvConf to false, preventing WSL from auto-generating /etc/resolv.conf, so that you can create your own (ie. nameserver 1.1.1.1).
[network]
hostname = debian-wsl
generateHosts = true
generateResolvConf = true

# Set whether WSL supports interop processes like launching Windows apps and adding path variables. Setting these to false will block the launch of Windows processes and block adding $PATH environment variables.
[interop]
enabled = false
appendWindowsPath = false

# Set the user when launching a distribution with WSL.
[user]
default = hipo

# Set a command to run when a new WSL instance launches. This example starts the Docker container service.
#[boot]
#command = service docker start

root@debian-wsl:/home/hipo#

To learn about on Advanced settings configuration in WSL check out official Microsoft documentation here

12. Shutting down a running emulated Linux VM

If you have run a WSL VM and you want to shut it down do:

# wsl shutdown


If you at a point want to delete / uninstall the installed distribution you can do

# wsl –terminate Distro_Name
# wsl –uninstall Distro_Name


Or you if you want to do a cleanup of the stored files inside the installed distribution (if you have stored files), do:

# wsl –unregister Distro_Name


For more in depth details check out the manual
 

PS C:\Windows\System32\WindowsPowerShell\v1.0> wsl –help
Copyright (c) Microsoft Corporation. All rights reserved.
For privacy information about this product please visit https://aka.ms/privacy.

Usage: wsl.exe [Argument] [Options…] [CommandLine]

Arguments for running Linux binaries:

    If no command line is provided, wsl.exe launches the default shell.

    –exec, -e <CommandLine>
        Execute the specified command without using the default Linux shell.

    –shell-type <standard|login|none>
        Execute the specified command with the provided shell type.

    —
        Pass the remaining command line as-is.

Options:
    –cd <Directory>
        Sets the specified directory as the current working directory.
        If ~ is used the Linux user's home path will be used. If the path begins
        with a / character, it will be interpreted as an absolute Linux path.
        Otherwise, the value must be an absolute Windows path.

    –distribution, -d <Distro>
        Run the specified distribution.

    –user, -u <UserName>
        Run as the specified user.

    –system
        Launches a shell for the system distribution.

Arguments for managing Windows Subsystem for Linux:

    –help
        Display usage information.

    –debug-shell
        Open a WSL2 debug shell for diagnostics purposes.

    –install [Distro] [Options…]
        Install a Windows Subsystem for Linux distribution.
        For a list of valid distributions, use 'wsl.exe –list –online'.

        Options:
            –no-launch, -n
                Do not launch the distribution after install.

            –web-download
                Download the distribution from the internet instead of the Microsoft Store.

            –no-distribution
                Only install the required optional components, does not install a distribution.

            –enable-wsl1
                Enable WSL1 support.

    –manage <Distro> <Options…>
        Changes distro specific options.

        Options:
            –move <Location>
                Move the distribution to a new location.

            –set-sparse, -s <true|false>
                Set the vhdx of distro to be sparse, allowing disk space to be automatically reclaimed.

    –mount <Disk>
        Attaches and mounts a physical or virtual disk in all WSL 2 distributions.

        Options:
            –vhd
                Specifies that <Disk> refers to a virtual hard disk.

            –bare
                Attach the disk to WSL2, but don't mount it.

            –name <Name>
                Mount the disk using a custom name for the mountpoint.

            –type <Type>
                Filesystem to use when mounting a disk, if not specified defaults to ext4.

            –options <Options>
                Additional mount options.

            –partition <Index>
                Index of the partition to mount, if not specified defaults to the whole disk.

    –set-default-version <Version>
        Changes the default install version for new distributions.

    –shutdown
        Immediately terminates all running distributions and the WSL 2
        lightweight utility virtual machine.

    –status
        Show the status of Windows Subsystem for Linux.

    –unmount [Disk]
        Unmounts and detaches a disk from all WSL2 distributions.
        Unmounts and detaches all disks if called without argument.

    –uninstall
        Uninstalls the Windows Subsystem for Linux package from this machine.

    –update
        Update the Windows Subsystem for Linux package.

        Options:
            –pre-release
                Download a pre-release version if available.

    –version, -v
        Display version information.

Arguments for managing distributions in Windows Subsystem for Linux:

    –export <Distro> <FileName> [Options]
        Exports the distribution to a tar file.
        The filename can be – for stdout.

        Options:
            –vhd
                Specifies that the distribution should be exported as a .vhdx file.

    –import <Distro> <InstallLocation> <FileName> [Options]
        Imports the specified tar file as a new distribution.
        The filename can be – for stdin.

        Options:
            –version <Version>
                Specifies the version to use for the new distribution.

            –vhd
                Specifies that the provided file is a .vhdx file, not a tar file.
                This operation makes a copy of the .vhdx file at the specified install location.

    –import-in-place <Distro> <FileName>
        Imports the specified .vhdx file as a new distribution.
        This virtual hard disk must be formatted with the ext4 filesystem type.

    –list, -l [Options]
        Lists distributions.

        Options:
            –all
                List all distributions, including distributions that are
                currently being installed or uninstalled.

            –running
                List only distributions that are currently running.

            –quiet, -q
                Only show distribution names.

            –verbose, -v
                Show detailed information about all distributions.

            –online, -o
                Displays a list of available distributions for install with 'wsl.exe –install'.

    –set-default, -s <Distro>
        Sets the distribution as the default.

    –set-version <Distro> <Version>
        Changes the version of the specified distribution.

    –terminate, -t <Distro>
        Terminates the specified distribution.

    –unregister <Distro>
        Unregisters the distribution and deletes the root filesystem.
PS C:\Windows\System32\WindowsPowerShell\v1.0>

Once wsl is installed you can run it directly from Windows start menu, by searching for the name of the distribution you would like to run for example to run my Debian WSL running emulator::

Sum it up

What was shown up is how to run in parallel virtualized Linux distribution on Windows 10 and Windows 11 and how to install update to latest and run opensshd server to be able to ssh into the WSL Linux virtual machine remotely.
.Also i've shown you, How to test ssh is reachable and how to stop / start or destroy and cleanup any stored files for  VM if necessery, as well as how to apply some extra advanced configurations to boot VM for.

Using WSL is not the best virtualization ever but anyways it is an alternative for people employed in Domain attached Windows PCs part of Big Corporations, where VirtualBox use is blocked / prohibited and you still need to experiment or develop Shell scripts or software on Python / Perl / Ruby on Linux before you  do stuff on the PreProd or Production Linux host.

That's all folks, Enjoy ! 🙂
 

How to split large files in Windows via split command line and File Archive GUI tool easily


October 22nd, 2024

Moving around a very large files especially Virtualbox Virtual Machines or other VM formats between Windows host and OneDrive might be a problem due to either Azure Cloud configured limitations, or other reasons that your company Domain Administrator has configured, thus if you have to migrate your old Hardware Laptop PC Windows 10 to a newer faster better Harware / Better Performance Notebook Computer with Windows 11 and you still want to keep and move your old large files in this short and trivial article, will explain how.

The topic is easily and most of novice sysadmins should have already be faced to bump into something like this but anyways i found useful to mention about Git for Windows, as it is really useful too thus wrote this small article.

The moved huge files, in my case an experimental Virtual Machines Images which I needed to somehow migrate on the new Freshly installed Windows laptop, the Large files were 40 / 80 etc. Gigabytes or whatever large amount of files from your PC to the Cloud Onedrive and of course the most straight forward thing i tried was to simply add the file for inclusion into the Onedrive storage (via OneDrive tool setup interface), however this file, failed due to OneDrive Cloud file format security limitations or Antivirus solutions configured to filter out the large file copying or even a prohibition to be able to include any kind of Virtual Machines ISOs straight into the cloud.

With this big files comes the question:

How to copy the Virtual Machines from your Old Hardware Laptop to the Cloud (without being able to use an external SSD Hard Drive or a USB SSD Flash drive, due to Domain policy configured for your windows to be unable to copy to externally connected Drive but only to read from such.) ?
 

Here are few sample approaches to do it both from command line (useful if you have to repeat the process or script it and deploy to multiple hosts) or for single hosts via an Archiver tool:

 

1. Using split command Git for Windows (Bash) MINGW64 shell 

Download Git for Windows – https://git-scm.com/download install it and you will get the MINGW64 bash for Windows executable.

Run it either invoke bash command from command line or trigger Windows Run command prompt (Windows button + R) and type full path to executable
 

C:\Program Files\Git\git-bash.exe


Git-for-Windows-bash-for-windows-MINGW64-windows-11-screenshot

Use the integrated program split and to cut it into pieces use:

 

# split MyVeryLargeFileVM.vdi -b 800m


To split the .VDI virtualbox file to lets say 5 Gigabite pieces:

# split MyVeryLargeFile.vdi -b 5g

The output files will be named pieces will be named as in a normal UNIX / GNU split command in the format and each piece of 5GB will be named like:

xaa
xab
xac
xad

If you want to get a more meaningful name for the spilitted files you can set a generated split file prefix with suffixes to be 5 digits long:

# split MyVeryLargeFile.vdi MyVeryLargeFileVM-parts_ -b 5g -d -a 5

  • the -d flag for using numerical suffixes (instead of default aa, ab, ac, etc…),
  • and the option -a 5 to tell it I want the suffixes to be 5 digits long:

2. Split large files by Archiving them with Winrar (ShareWare) tool

If you have already Winrar installed and you don't want to bother with too much typing from the command line, You can use good old WinRAR as a file splitter/joiner as well.

To split a file into smaller files, select "Store" as the compression method and enter the desired value (bytes) into "Split to volumes" box.
This way you can have split files named as filename.part1.rar, filename.part2.rar, etc.

WinRAR_cut-split-large-files-into-pieces-screenshot-Windows

3. Split files with 7-Zip (FreeWare)

Assuming you have the 7-Zip installed on the PC, you can do the archiving of the Big file to a smaller pieces one, you can create the splitted file from 7Zip interfaces menus:

7zip-file-split-files-into-multiple-pieces-windows-screenshot

Or directly cut the single file into multiple volumes, directly from Windows Explorer by Selecting the file and using fall down menus :
7zip-creation-of-multiple-parts-file-from-single-one-screenshot-Windows

7-zip-split-huge-files-to-lower-parts-set-volume-size

Sum it up what learned ? 

What we learned is how to cut large files into multiple single consequential ones for easy copy between Network sides, via both Git 4 Windows and manual copy paste of parted multiple files to OneDrive / DropBox / pCloud or Google Drive.
There is a plenty of other approaches to take as there is also file GUI tools, besides using GNU Win / Gnu Tools for Windows or Cygwin / Gsplit GUI tool  or some kind of the many Archiver toolsavailable for Windows, another option to split the large files is to use a bunch of PowerShell and Batch scripts written that can help you do the file split for both binaries files or Text files. but i'll stop here as I believe that is pretty much enough for most basic needs.

 

How to Copy / Backup Windows USB drive from one USB to a second


October 18th, 2024

Did you know that when you copy all the files from a USB Drive you don’t copy all the data?

Did you know that there may be files that are not even visible?

In this tutorial you will discover how to copy all of your USB Drive sector by sector, that is to say, that you will see how to create a copy identical to your USB drive without missing anything!

This can be useful if you have formatted your USB stick in error and want to use it, you can create an image for the USB Drive on your computer and then you can recover the formatted data in the image afterward!

The software used in this tutorial is called ImageUSB, it is free, portable, and easy to use.

Don’t use this method if you want only to copy some files, use this to clone/backup your USB Drive with all its master boot record, partition tables, and data.

Let’s go!

Clone Your USB Drive with ImageUSB on Windows 10

Start by downloading and extracting ImageUSB from this official URL: https://www.osforensics.com/tools/write-usb-images.html

Double-click on  imageUSB.exe .

Select your USB Drive from the list, select “Create image from USB drive“. Choose the location for the binary image file (.bin) that will be created from the USB drive.

Click on “Create“.Click “Yes” to confirm your choices.

imageusb clone usb flash drive backup restore 3 create image

Click “Yes” to overwrite the bin file in case it’s already there.

Wait for a couple of minutes…

After the image is created you should see this message. Click “OK“.

Now if you want to restore an image to your USB Drive, just select your USB Drive and choose “Write image to USB drive“. Choose your bin image and click on “Write“.

imageusb clone usb flash drive backup restore 7 write

This program is not recommended on different sizes USB Drives…
Use it mostly for backup/restore on the same USB Drive for your bootable software.

There you have it, the copy of USB to second USB completed !

Enjoy ! 

 

 

Recover lost / forgotten root password for CentOS 7 Linux / Boot CentOS 6 into Single User mode to reset admin pass


September 27th, 2024

centos-community-enterprise-operating-system-logo.

If you have some old CentOS 7 Virtual machine hanging for a long time and you don't remember the root password or you don't remember where you have stored it, but you have something important as data left over, you might need to recover root password for your CentOS 7 Virtual Machine.

I recently had to resolve that issue and here is the few easy steps to take to recover the lost root password.

Assuming you have tried to boot the VM and the VM boots fine and your few attempts to input manually some default passwords of yours failed, next 

1. Reboot the Virtual Machine to the GRUB boot menu

 

grub.png

The GRUB boot screen should appear and be there for few secs

2. Edit the boot loader kernel options ( add add rd.break enforcing=0 )

 

How to reset root password on CentOS Linux - Clouvider

Press 'e' to Edit the boot loader and modify the boot commands options passed to the linux kernel.

In GRUB edit mode:

add rd.break enforcing=0


to the end of the line starting with linux at the end of passed parameters list as shown in the picture.

When done editing, press Ctrl-x (Control button x key simultaneously) to boot with changed parameters.

ALTERNATIVE WAY TO BOOT THE SYSTEM INTO ROOT WITHOUT PASSWORD PROMPT:

Alternative options to use instead of add rd.break.enforcing=0 are to substitute the rhgb quiet kernel option with init=/bin/bash

Edit CentOS Grub Boot Menu Entries rhgb quiet options shot

Modify kernel parameters pass init=/bin/bash to kernel to boot emergency mode centos linux

 

As you might wonder for the meaning of the passed 2 parameters:

rd.break breaks the boot process at initramfs while
enforcing=0 disables the SELinux (which often enabled by default on CentOS).

Another way is to 

3. Boot in CentOS emergency mode and Reset the root password
 

When done editing, press Ctrl-x to boot with changed parameters.

As you might wonder for the meaning of the passed parameters:

rd.break breaks the boot process at initramfs while
enforcing=0 disables the SELinux (which often enabled by default on CentOS).

Whence system boots up with the modified kernel options cmd, the switch_root prompt will appear.
As the emerency mode boots the filesystem into read-only mode under /sysroot default directory, in order to be able to
modify the MD5 root password stored hash inside RO mounted /sysroot/etc/shadow you need to remount the Filesystme
in read-write mode.

To Remount the read-only file system /sysroot in write mode:

# mount -o remount,rw /sysroot

As the /sysroot is not the root directory to be able to use a standard passwd command you need to make /sysroot
as the default root folder for the booted linux by chrooting into it.
 

  • Generate MD5 password manually (for Hardcore masochistic admins 🙂 )

If you're a hard core linux sysadmin of course, generate your own new md5 password and directly modify /etc/shadow copy pasting the md5 string.

If you want to manually generate the md5 string, you can do it depending on the required encryption algorithm with:

For (md5, sha256, sha512) encrypted pass

# openssl passwd -6 -salt xyz  yourpass

For   (md5, sha256, sha512) encrypted pwd

# mkpasswd –method=SHA-512 –stdin

For (des, md5, sha256, sha512) encrypted pw

# perl -e 'print crypt("YourPasswd", "salt", "sha512"),"\n"'


Once the string is generated;

# vim  /etc/shadow


and exchange the old with new string for MD5

  • Change password with chroot (the easy common way)

remount read write the filesystem in emergency single user mode CentOS LINUX

# chroot /sysroot

That should drop you into another shell bash-4.x

 

Reset root user password in CentOS 7

# passwd
Changing password for user root.
New password:
Retype new password:

We need have to sync the entire filesystem we have to use the sync command, for novice sys admins who never heard about this command, below
short description:

The Linux sync command synchronizes cached data to permanent storage.
This data includes modified superblocks, modified inodes, delayed reads and writes, and others. sync uses several system calls:

sync()
syncfs()
fsync()
fdatasync()


For example, the sync command utilizes the sync() system call to write all buffered modifications to file data and metadata to an underlying storage device.

As a Linux systems administrator or developer, understanding the sync command can be crucial for efficient file synchronization. Additionally, sync can be helpful after crashes or when the file system becomes corrupted.

In this tutorial, we’ll explore the various aspects of the sync command. Also, we’ll see how we can use sync in different scenarios.

# sync

# exec /sbin/init

Try out the root password after booting normally into CentOS and the new set administrator pass should work.


Resetting forgotten (lost) root password on CentOS 6

The process is absolutely the same except on the Step 1 (in the modification of GRUB boot menu by pressing e key), add to

rhgb quiet

at the end one 'S'

This S character means 'boot CentOS into Single user mode'

rhgb quiet S

 

Go to single user mode on CentOS 6 Linux in boot loader S kernel setting

Then, press ENTER key and press b key to boot CentOS 6 into to single user mode.