Did you know that when you copy all the files from a USB Drive you don’t copy all the data?
Did you know that there may be files that are not even visible?
In this tutorial you will discover how to copy all of your USB Drive sector by sector, that is to say, that you will see how to create a copy identical to your USB drive without missing anything!
This can be useful if you have formatted your USB stick in error and want to use it, you can create an image for the USB Drive on your computer and then you can recover the formatted data in the image afterward!
The software used in this tutorial is called ImageUSB, it is free, portable, and easy to use.
Don’t use this method if you want only to copy some files, use this to clone/backup your USB Drive with all its master boot record, partition tables, and data.
Select your USB Drive from the list, select “Create image from USB drive“. Choose the location for the binary image file (.bin) that will be created from the USB drive.
Click on “Create“.Click “Yes” to confirm your choices.
Click “Yes” to overwrite the bin file in case it’s already there.
Wait for a couple of minutes…
After the image is created you should see this message. Click “OK“.
Now if you want to restore an image to your USB Drive, just select your USB Drive and choose “Write image to USB drive“. Choose your bin image and click on “Write“.
This program is not recommended on different sizes USB Drives… Use it mostly for backup/restore on the same USB Drive for your bootable software.
There you have it, the copy of USB to second USB completed !
Enjoy !
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
Hey long time now see, thanks for dropping back again! 🙂
If you have some old CentOS 7 Virtual machine hanging for a long time and you don't remember the root password or you don't remember where you have stored it, but you have something important as data left over, you might need to recover root password for your CentOS 7 Virtual Machine.
I recently had to resolve that issue and here is the few easy steps to take to recover the lost root password.
Assuming you have tried to boot the VM and the VM boots fine and your few attempts to input manually some default passwords of yours failed, next
1. Reboot the Virtual Machine to the GRUB boot menu
The GRUB boot screen should appear and be there for few secs
Press 'e' to Edit the boot loader and modify the boot commands options passed to the linux kernel.
In GRUB edit mode:
add rd.break enforcing=0
to the end of the line starting with linux at the end of passed parameters list as shown in the picture.
When done editing, press Ctrl-x (Control button x key simultaneously) to boot with changed parameters.
ALTERNATIVE WAY TO BOOT THE SYSTEM INTO ROOT WITHOUT PASSWORD PROMPT:
Alternative options to use instead of add rd.break.enforcing=0 are to substitute the rhgb quiet kernel option with init=/bin/bash
As you might wonder for the meaning of the passed 2 parameters:
rd.break breaks the boot process at initramfs while enforcing=0 disables the SELinux (which often enabled by default on CentOS).
Another way is to
3. Boot in CentOS emergency mode and Reset the root password
When done editing, press Ctrl-x to boot with changed parameters.
As you might wonder for the meaning of the passed parameters:
rd.break breaks the boot process at initramfs while enforcing=0disables the SELinux (which often enabled by default on CentOS).
Whence system boots up with the modified kernel options cmd, the switch_root prompt will appear. As the emerency mode boots the filesystem into read-only mode under /sysroot default directory, in order to be able to modify the MD5 root password stored hash inside RO mounted /sysroot/etc/shadow you need to remount the Filesystme in read-write mode.
To Remount the read-only file system /sysroot in write mode:
# mount -o remount,rw /sysroot
As the /sysroot is not the root directory to be able to use a standard passwd command you need to make /sysroot as the default root folder for the booted linux by chrooting into it.
#passwd Changing password for user root. New password: Retype new password:
We need have to sync the entire filesystem we have to use the sync command, for novice sys admins who never heard about this command, below short description:
The Linux sync command synchronizes cached data to permanent storage. This data includes modified superblocks, modified inodes, delayed reads and writes, and others. sync uses several system calls:
sync() syncfs() fsync() fdatasync()
For example, the sync command utilizes the sync() system call to write all buffered modifications to file data and metadata to an underlying storage device.
As a Linux systems administrator or developer, understanding the sync command can be crucial for efficient file synchronization. Additionally, sync can be helpful after crashes or when the file system becomes corrupted.
In this tutorial, we’ll explore the various aspects of the sync command. Also, we’ll see how we can use sync in different scenarios.
# sync
# exec /sbin/init
Try out the root password after booting normally into CentOS and the new set administrator pass should work.
Resetting forgotten (lost) root password on CentOS 6
The process is absolutely the same except on the Step 1 (in the modification of GRUB boot menu by pressing e key), add to
rhgb quiet
at the end one 'S'
This S character means 'boot CentOS into Single user mode'
rhgb quiet S
Then, press ENTER key and press b key to boot CentOS 6 into to single user mode.
For a legacy reasons and lack of time and fact once Qmail is run on a server it works almost forever if you don't do very major upgrades and you still to the same version I have few Qmail SMTP servers that are nowadays are there for historical reasons.
After the last major version upgrade from Debian 11 to Debian 12, I've got the qmail smtpd not completely running fine and I have to follow some of my previous blog notes on how to recover in that situations as well as some common logic to resolve it.
After the upgrade I started getting every few minutes a repeating really annoying error due to reformime crashing in /var/log/messages as well as in qmail logs, the exact error was as so
To debug more concretely what exactly was happening with reformime and why it was crashing with the libc segfault error, I've used the journalctl log with this cmd:
# journalctl -p 3 -xb
сеп 01 22:10:27 pcfrxen qmail-scanner-queue.pl[2170438]: X-Qmail-Scanner-2.10st:[pcfrxen17252178278122170438] d_m: output spotted from /usr/bin/reformime -x/var/spool/qscan/tmp/pcfrxen17252178278122170438/ (Segmentation fau> ) – that shouldn't happen! сеп 01 22:11:11 pcfrxen qmail-scanner-queue.pl[2170631]: X-Qmail-Scanner-2.10st:[pcfrxen17252178718122170631] d_m: output spotted from /usr/bin/reformime -x/var/spool/qscan/tmp/pcfrxen17252178718122170631/ (Segmentation fau> ) – that shouldn't happen! сеп 01 22:15:32 pcfrxen qmail-scanner-queue.pl[2171777]: X-Qmail-Scanner-2.10st:[pcfrxen17252181328122171777] d_m: output spotted from /usr/bin/reformime -x/var/spool/qscan/tmp/pcfrxen17252181328122171777/ (Segmentation fau> ) – that shouldn't happen! сеп 01 22:15:35 pcfrxen qmail-scanner-queue.pl[2171793]: X-Qmail-Scanner-2.10st:[pcfrxen17252181358122171793] d_m: output spotted from /usr/bin/reformime -x/var/spool/qscan/tmp/pcfrxen17252181358122171793/ (Segmentation fau> ) – that shouldn't happen! сеп 01 22:21:21 pcfrxen qmail-scanner-queue.pl[2173427]: X-Qmail-Scanner-2.10st:[pcfrxen17252184788122173427] d_m: output spotted from /usr/bin/reformime -x/var/spool/qscan/tmp/pcfrxen17252184788122173427/ (Segmentation fau> ) – that shouldn't happen!
As you can see this showed that the problem is with reformime's passing on -x argument, and some temporary directory, thus to make sure the crash is not a cause of some mixed permissions, I've had to check the /var/spool/qscan permissions, and clamd permissions and few other permissions of the qmail install, and the wrong permissions (perhaps after the update of clamav after the Debian Linux migration was with /var/lib/clamav which was incorrectly owned by user clamav group clamav instead of the qscand / qscand user group, thus to resolve, I've run:
# chown qscand:qscand /var/lib/clamav/ -R
Another thing I've had to correct was the /var/log/qmail permissions which was too permissive (perhaps due to some old install time hurry up stupidity done), so to correct, them:
# chmod 750 /var/log/qmail/
First thing i tried to resolve is of course to reinstall maildrop debian package that provides /usr/bin/reformime binary.
root@pcfreak:/usr/local/bin# dpkg -l |grep -i maildrop rc courier-maildrop 0.68.2-1 amd64 Courier mail server – mail delivery agent ii maildrop 2.9.3-2.1 amd64 mail delivery agent with filtering abilities (set-GID=mail)
Of course to try it out restarted qmail with the usual
# qmailctl restart
Sadly enough this doesn't solve it, so I had to look up for other solutions and spend about 3 / 4 hours reading online just to convince myself that finding any meaningful in the classical human way, is becoming pretty much impossible task. As the content of information on the Internet has grown tremendously over the last years, it seems the quality of posts and commited data is exponentially detereorating. So the only way to solve crashes of binaries is either to stick to a debugger such as gdb or simply try rebuild the .deb binary from scratch and see whether a recompile from source might makes a difference.
After even more digging up online, found out some Gentoo forums threads, where people described thethe issue was also connected to the failing reformime libc use bug, with an applied C patch, found threads on Ubuntu and Debian users complaining about mysterious errors with libc with maildrop and even a bug report that this is some kind of libc bug, related to the precompiled version of maildrop shipped by default deb based repos.
Hence, My approach to resolve it was to recompile maildrop from source code, which even though looking a tedious task came with plenty of dependencies, I had to install plenty of developlment libraries and tools, compilers etc. as well as the following libs.
Then had to download and install from source the latest available versions of courier-authlib and its dependencies courier-unicode and once having those two recompiled with
# tar -jxvf courier-unicode-2.3.1.tar.bz2 # tar -jxvvf courier-authlib-0.72.3.tar.bz2 # tar -jxvvf maildrop-3.1.8.tar.bz2
# cd courier-unicode-2.0/ # ./configure && make && make install … # cd .. # cd courier-authlib-0.72.3 # ./configure && make && make install # cd .. … # cd maildrop-3.1.8/ # ./configure && make && make install …
I've took the time to also preinstall a bunch of perl modules deb packages which rawly are the ones found in file, i've built with the binaries perl-modules-for-qmail-needed.txt
To reinstall the binaries, run a small shell loop:
# for i in $(cat perl-modules-for-qmail-needed.txt); do apt install –reinstall $i –yes; done
Have to say also identified an issue with /var/qmail/bin/qmail-scanner-queue.pl with qmail-inject failing after testing qmail-scanner-queue installation with:
# for i in $(ls -d /var/log/qmail/*qmail*/); do tail -n 10 $i/current|tai64nlocal; sleep 5; done
Finally the last step resolve the qmail-inject error, was to modify /var/qmail/bin/qmail-scanner-queue.pl and exchange PATH of /usr/bin/reformime default shipped debian repository to new custom built /usr/local/bin/reformime.
After retesting the qmail-scanner installation all seemed fine onwards:
Sending standard test message – no viruses… 1/4 done!
Sending eicar test virus – should be caught by perlscanner module… 2/4 done!
Sending eicar test virus with altered filename – should only be caught by commercial anti-virus modules (if you have any)… 3/4 done!
Sending bad spam message for anti-spam testing – In case you are using SpamAssassin… 4/4
If you have enabled $sa_quarantine, $sa_delete or $sa_reject the spam-message wont't arrive to the recipients. But if you have enabled (good idea!) 'debug' you should check /var/spool/qscan/qmail-queue.log (or where ever you have the log).
Done!
Finished test. Now go and check Email sent to postmaster@mail.pc-freak.net and/or the log..
Thibs Qmail install qmr_inst_check script also reported my server qmail install scripts as in good state:
# /downloads/scripts/qmr_inst_check ! vpopmail database do not exist!
So Hip Hip Hooray my Qmails works again ! Me fixed it again ! if you need help with fixing your company Professional Mail QMAIL server or Postfix, contact me via the contact form. Enjoy
Sometimes if you have a missing library or a file you know should be available via an rpm but you're not sure which RPM you have to install you have to look up for library or binary file amongs all available installable r[ms on Redhat Linux / CentOS / Fedora or other RPM based distro.
It is really annoying especially, if you try to install an rpm binary and the package does not install due to missing dependency library. Having a missing dependency package could happen, if you use some custom internal prepared repository that is mirroring from original rpm repositories and the RPM Repositories are situated behind a DMZ firewall network (such scenarios are common for corporations and IT companies).
Finding out which file is provided by which package on Debian / Ubuntu and other deb based linux distributions is easy and done via the
# apt-file search filename
Thus if you're a system administrator coming from a Debian GNU / Linux sysadmin realm into the wonderful world of redhats, you will want to have an alternative to apt-file tool. You will be happy to find out that that this tedious task is easily done in RPM based Linux and is integrated straight into yum package manager too.
The command to search which rpm package provides a file is:
yum whatprovides search_file_name can be also invoked with its shortcut yum provides 'search_file_name'
[root@rhel-server ~]# yum provides '/bin/ls' Loaded plugins: fastestmirror, versionlock Loading mirror speeds from cached hostfile coreutils-8.22-24.el7.x86_64 : A set of basic GNU tools commonly used in shell scripts Repo : base Matched from: Filename : /bin/ls
coreutils-8.22-24.el7_9.2.x86_64 : A set of basic GNU tools commonly used in shell scripts Repo : updates Matched from: Filename : /bin/ls
Here is another example:
[root@rhel-server ~]# yum -q provides '*lesspipe.sh*' less-458-9.el7.x86_64 : A text file browser similar to more, but better Repo : base Matched from: Filename : /usr/bin/lesspipe.sh
source-highlight-3.1.6-6.el7.i686 : Produces a document with syntax highlighting Repo : base Matched from: Filename : /usr/bin/src-hilite-lesspipe.sh
source-highlight-3.1.6-6.el7.x86_64 : Produces a document with syntax highlighting Repo : base Matched from: Filename : /usr/bin/src-hilite-lesspipe.sh
spirv-tools-2019.1-4.el7.x86_64 : API and commands for processing SPIR-V modules Repo : epel Matched from: Filename : /usr/bin/spirv-lesspipe.sh
You can search for any file and if the RPm repository is defined under /etc/yum/repos.d/* and enabled, yum whatprovides command should be able to find it and tell you which RPM package you have to install to have the file installed Redhat way.
You can list all enabled RPM repositories with cmd:
[root@rhel-server ~]# yum repolist enabled Loaded plugins: fastestmirror, versionlock Loading mirror speeds from cached hostfile repo id repo name status 3party Third party packages – x86_64 2,631 base/7/x86_64 CentOS-7 – Base 10,072 cr/7/x86_64 CentOS-7 – CR 0 epel/7/x86_64 EPEL packages for RedCent 7 – x86_64 13,791 extras/7/x86_64 CentOS-7 – Extras 526 updates/7/x86_64 CentOS-7 – Updates 5,802 zabbix-6.0 Zabbix 6.0 repo 429 repolist: 33,251
To list disable RPM repositories:
# yum repolist disabled …
To list all present available repositories that could be enabled and are set via the /etc/yum.repos.d/* configs
If you have servers reporting monitoring with Zabbix running still on Zabbix-Agent 1 version 5.0.X but already migrated the Zabbix-server to Zabbix 6, it is a good idea to update the Agent to Zabbix Agent 6 As sson as possible, as you know lacking behind in version makes updating harder and more complicated task.
Mine and I guess most system administrators experience points that Keeping at the same level of versioning on many applications historically has shown to reduce unexpected errors and bugs but nowadays, the rule of keeping local and remote application ( programs ) at the same version level is regularly broken.
Theoretically Zabbix-Agent (Client) and Zabbix (Server) has a compitability for a certain range of versions (Zabbix agents 2 from version 4.4 onwards are compatible with Zabbix 7.0; Zabbix agent 2 must not be newer than 7.0 – for more on zabbix agent – > server version compitability check here) and having a slight version difference should not be really a problem but often you might have a third party proxies in between such as haproxy or zabbix-proxy or other network oddities and thus my personal opinion is that for interoperability it is better to keep the Zabbix Clients and Zabbix Servers across the DMZ-ed networks running at same version level.
Some would say I have an old fashion thinking as software and technology is moving forward, but as I see how programming code writing and even software is constantly degradating just a reflection of degradation of human element, I prefer to keep my old know how and always stick to same versioning whenever possible.
Some would wonder then why would I upgrade to Zabbix-agent2 ? , if have to keep the same versioning, the reason is zabbix-agent2 is written in GO Language and is much faster and supposably better piece of software than Zabbix Agent1 that is written in Python.
Moreover having Zabbix agent 2 instead of 1 gives also benefits as you can do a bit more with zabbix and on the other hand the machines are more ready for monitoring in terms of future. To know more about the Benefits of Zabbix Agent2 compared to Zabbix Agent 1 read theAgent vs Agent2 comparison on zabbix website.
With this little introduction, lets proceed with the exact steps to take to upgrade zabbix-agent1 to zabbix-agent2.
1. Check the current installed Zabbix-Agent version
5. Update zabbix-agent to zabbix-agent2 and update zabbix-get zabbix-sender versions
To not disrupt reported monitoring for zabbix-agent, don't delete zabbix-agent1 but instead in pararallel install and configure zabbix-agent2 and then once configuration is migrated from Agent 1 to 2, stop the old zabbix-agent and bring up the new one.
Note that if you want to have a precise version number of zabbix-agent that is lets say 6.0.31 to correspond to zabbix-server 6.0.31 (even though in the repositories newer RPM versions are available), run:
# zabbix_agent2 -V zabbix_agent2 (Zabbix) 6.0.31 Revision b6d93755a1b 17 June 2024, compilation time: {undefined} {undefined}, built with: go1.21.3 Plugin communication protocol version is 6.0.13
Copyright (C) 2024 Zabbix SIA License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/>. This is free software: you are free to change and redistribute it according to the license. There is NO WARRANTY, to the extent permitted by law.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).
Compiled with OpenSSL 1.1.1k FIPS 25 Mar 2021 Running with OpenSSL 1.1.1k FIPS 25 Mar 2021
We use the library Eclipse Paho (eclipse/paho.mqtt.golang), which is distributed under the terms of the Eclipse Distribution License 1.0 (The 3-Clause BSD License) available at https://www.eclipse.org/org/documents/edl-v10.php
We use the library go-modbus (goburrow/modbus), which is distributed under the terms of the 3-Clause BSD License available at https://github.com/goburrow/modbus/blob/master/LICENSE
6. Migrate old /etc/zabbix/zabbix_agentd.conf to /etc/zabbix/zabbix-agent2.conf
For readability to show the main configured variables for zabbix-agent without the tons of comments, to later include in agent2
7. Add few Optimization variables for better zabbix-server -> zabbix-proxy -> zabbix-server interactions
If you have sometimes a network delays between zabbix server -> zabbix client and vice versa (depending on whether Zabbix agent is configured as Active or Passive mode), it is often useful to add those 2 variables:
# How often list of active checks is refreshed, in seconds RefreshActiveChecks=60 # Refresh the active checks on start.ForceActiveChecksOnStart=1 ForceActiveChecksOnStart=1
Also it might be a good practice to add zabbix_agent2.log monitoring with the agent itself, if the log exceeds certain amount, instead of calling it via logrotate.
# Perform log file rotation at the 1 MB point for the specified filepath LogFileSize=1
8. Stop the old zabbix agent process and run the new one
# systemctl status –full zabbix-agent2 # systemctl stop zabbix-agent
Assuming that the configuratoin of zabbix-agent is correct, execute zabbix-agent2 via system control.and check its status
# systemctl start zabbix-agent2 # systemctl status –full zabbix-agent2
If no errors in the configuration, the zabbix_agent2 process should be up and running and the status of above systemctl cmd should report fine. If you need concretics regarding exact Zabbix checks or whther current conigured Userparameter scripts errors, or any other warnings or errors of zabbix_agent2 interacting to the server, check further the logs
[root@monitored-server ~]# tail -n 10 /var/log/zabbix/zabbix_agent2.log 2024/08/06 17:26:52.998749 using plugin 'WebPage' (built-in) providing following interfaces: exporter, configurator 2024/08/06 17:26:52.998760 using plugin 'ZabbixAsync' (built-in) providing following interfaces: exporter 2024/08/06 17:26:52.998794 using plugin 'ZabbixStats' (built-in) providing following interfaces: exporter, configurator 2024/08/06 17:26:52.998804 lowering the plugin ZabbixSync capacity to 1 as the configured capacity 100 exceeds limits 2024/08/06 17:26:52.998820 using plugin 'ZabbixSync' (built-in) providing following interfaces: exporter 2024/08/06 17:26:52.998993 Plugin communication protocol version is 6.0.13 2024/08/06 17:26:52.999018 Zabbix Agent2 hostname: [lqgblu02f.ffm.de.int.atosorigin.com] 2024/08/06 17:26:54.000667 [102] cannot connect to [127.0.0.1:10051]: dial tcp :0->127.0.0.1:10051: connect: connection refused 2024/08/06 17:26:54.000836 [102] active check configuration update from host [lqgblu02f.ffm.de.int.atosorigin.com] started to fail 2024/08/06 17:26:59.344837 Zabbix Agent 2 stopped. (6.0.31)
Compact discs (CD's) ain't dead yet but there easy straigh use on free operating systems Linux / FreeBSD / OpenBSD is starting to deteriorate. That is quite normal I guess, as CDs are no longer officially produced or sold for few years in America and there is no Audio CD bookstores, neither in europe and perhaps there are just few in europe, perhaps CD are used somewhere in Africa and Asia, but most modern world has officially buried them.
However as I love old stuff and I had the opportunity, I bought an old Audio CD (fake copy one 🙂 of Judas PriestScreaming for Vengence and the famous Jimi Hendrix (Best Complilation) Experience an improvised shelf-book store selling books by a half deaf aging guy who sells books for years in Dobrich in the center. And to remember the young years of Rock Roll wanted to play it on my very old but still kicking Lenovo Thinkpad R61 notebook (that is now 16 years old but thanksfully it still works and kicks ass with a Debian GNU / Linux 10 Buster.)
The task is very easy and as I have a Window Maker (Wmaker) on it in order to save myself an extra loading of this a kind of "archaic machine" and tried to play my CDs with everything at hand thus I tried first to play the CD in console with the good old but gold cdplay with which I have played a dozens of Audio CDs back in the days …
# cdplay
just to find out the CD got red and started to roll but I get no sound via the Sound Card 🙁
Next thing, i assumed was the problem might be the pulseaudio process blocking the sound card to be used, preventing cdplay to be able to properly channel the sound to the sound card, that used to be quite of classical problem, if you remember, thus I tried to run the cdplay via the aoss (Wrapper script to facilitate use of alsa oss compatibility library.)
Before using oss of course i've loaded the snd-pcm-oss kernel module, to make the sound blaster be able to use the old obsolete Open Sound System.
# modprobe snd-pcm-oss
# aoss cdplay
Though that aoss trick worked for some programs that used old Open Sound System scheme to output sound, it doesn't unfortunately, at that case.
Strange enough my sound card is properly identified by the Debian Linux and I can play MP3 songs, as well browse videos in youtube and other Internet resources in Firefox and even the pulseaudio process that is running in the background is spitting sounds out of the Notebook Speakers.
The laptop doesn't seem to have any sound driver or Sound Card issues, as I can normally play my old .XM and .MOD sound extension files with the good old mikmod
# mikmod
as well as I can even normally play MIDI audio files by using the timidity tool as well as with playmidi
I tried even to install the opencubicplayer ( Linux port) music player and tried to open the CD, but even though the CD can be heard to be rolling in the CD drive no sound was outputed out of the laptop speakers.
Thus to resolve tried everything at power starting from increasing any missing volumes via the aumix command, as often in the past I remember the problem in such situations is the sound volume is decreased to zero percentage or completely muted.
# aumix
as well as with
# alsamixer
Nevertheless, every possible volume up volume was raised and everything looked cool as I could play normally music on machine or in a browser, the AUDIO CD Music refused to play out of the Speakers.
Playing the Audio CD via success with mplayer
The work around to make it play was up to a one liner with mplayer
# mplayer -cdrom-device /dev/cdrom cdda://
To easify the play of CDs I've created for my self a tiny one liner script to run it.
I've called the script playcd.sh, made it executable and placed it under /usr/local/bin
# vim /usr/local/bin/playcd.sh #!/bin/bash mplayer -cdrom-device /dev/cdrom cdda://
# chmod +x /usr/local/bin/playcd.sh
Playing Audio CDs with VLC (VideoLAN Media Player)
I've vlc client installed on my Linux box, if you don't have it, do:
# apt install –yes vlc
Then roll on the CD with vlc with passing it the location to the CD, usually one of the down two pointers should work:
# vlc vcd:///dev/sr0
# vlc vcd:///dev/cdrom
If you want to loop the Tracks to play forever
# vlc –loop vcd:///dev/cdrom
By the way vlc can do much more than you think as you can even play youtube with it, for example you can try it with the Axel Folly classics Mod file, by running it like this.
Linux by default has the /etc/motd that usually on some distributions is either completely removed or file empty or it contains some information regarding the exact Linux distribution version and numbering and that it comes with no warranty at all – example case for /etc/motd for a distro is Debian's /etc/motd (NO WARRANTY) famous message.
Exchanging this annoying message that is printed on every console tty login, in X session GUI terminal tool on the gnome-terminal / konsole / xterm as well as on each remote SSH session is easy if you have superuser credentials on the Linux server host, however if you're employed in a company and just having a single set of restricted access via LDAP or sudo credentials, that might be not possible.
Thus to save yourself the annoyance to read this reapparing company logo message or distribution non-sense information for each and every bash shell login, it is possible to do it on most Linux distributions via .an embedded feature that the bash shell understands via creation of simple empty file called
.hushlogin
Thus to get rid of the annoying /etc/motd message simply login with your user and do:
$ touch ~/.hushlogin
That's all folks on next login the message is gone !
There is other cases in which you might be the system administrator of a shared shell system and you want to inform the users about recent updates or planned Upgrade schedules under which the system will be unavailable lets say for a system reboot. to apply latest security or version updates.
Thus you might want to add an additional file under which you might want to inform all active UNIX shell users from a certain location. To do that you can use a sipmle script to run on every login via:/etc/profile.d/print-msg-on-each-login.sh
To create this simple additional print message mechanism
2. Edit file /etc/print_global_message and add the mssage to print on each user login
$ echo -e 'System reboot at 03:00 A.M.\n\n Please save all your data !\n To get rid of this message, run cmd\n $ touch /etc/.no_global_message ' >> /etc/print_global_message
That's all you're done now on next login you will get on the shell the message.
System reboot at 03:00 A.M.
Please save all your data ! To get rid of this message, run cmd $ touch /etc/.no_global_message
If you want to omit the message for your non-root user simply follow the instructions and run the touch command.
$ > /etc/.no_global_message
What we learned ?
How to disable /etc/motd message if such is there to not appear on every login by creating ~/.hushlogin As a sysadmin, how to configure an additional infromative messages via /etc/print_global_message, that could be disabled by touching /etc/.no_global_message.
The Church Rejoices + Daniil Metropolitan of Vidin chosen and Enthroned as Head of Bulgarian Orthodox Church. Dostoin / Axios !
Metropolitan Daniil is our Officially and canonically elected Patriarch of Bulgaria and Metropolitan of Sofia (the choice was made in a complex selection system) during a Church national Assembly on 30th of June 2024.
The whole Church rejoices as a dark cloud was over the Church as people were scared, un-worthy patriarch might be selected.
The procedure of selection of new patriarch depends on matching, certain criterias for the candidate.
According to the Ustav of Bulgarian Orthodox Church (Establishment Law document, Church established rules statues)
New Patriarch Candidate should match following criterias:
To have been on a cathedra as metropolitan and have governed a diocese for at least 5 years
To be not be younger than 50 years of age (should be 50+ years old).
To be distinguished within the Church to have right thoughts on the Orthodox faith and the exact observance of church order and laws.
To enjoy a good and honorable name both before the people and before the government of the country
Procedure for electing a patriarch
On 20th of June of 2024, after internal voting in the Holy Synod, following the Church statuses, after 42 turns of votes of individually each Bishop and Metropolitan voting for his favorite, the 3 candidates for patriarch were emitted.
1. In the first round, the candidate who collected 2/3 of the votes of the voters present wins 2. If this does not happen, a second round is reached with the two candidates who received the most votes in the first round 3. In the second round, the candidate with a simple majority wins.
The results out of the elections on the Patriarchical choice National Church assembly results were as so:
Three Patriarchical Candidates
Name Candidate
1st voting
2nd voting
Daniil Metropolitan Vidinsky
51 votes
69 votes
Grigoriy Metropolitan Vrachanski
64 votes
66 votes
Gavriil Metropolitan Lovchanski
19 vote
does not qualify
Patriarch Daniel (Bulgarian: Патриарх Даниил, romanized: Patriarh Daniil) has received his monk name after Saint Daniil the Stylite, one of the most notable Stylites in the Church history.
Early life and Education
Secular name Atanas Trendafilov Nikolov (Bulgarian: Атанас Трендафилов Николов; born 2 March 1972) in a town of Smolyan. He was born in a good and healthy family, his father Trendafil Nikolov is born in a small village near Smolyan (Kremene) and served as a police officer, his mother Zlatka Nikolova used to be a teacher in the field of Informatics in Economy scohol in Smolyan.
He completed his primary and secondary education in his hometown and later served in the military. In 1996, he began studying English Philology at Sofia University, but being grown in the spirit of love for history and the motherland Bulgaria, he soon found out field of Philosophy does not provide enough to match his wide interests in history of the world and history of Bulgaria. Being touched by Gods love and having a desire to learn more about Christianity and his homeland orthodox christianity and learn more about philosophy but from the perspective of the Orthodoxy obviously guided by Gods provide, the following year during the hard years of national financial catastrophe and church schism in 1997 he transferred to the Faculty of Theology of the same university Saint Kliment Ohridski.
In 1997 he also become candidate for monk novice in the notorious monastery of Hadji Dimovo (in honour of Saint Great Martyr George) which was at that time of Spiritual Leadership of Metropolitan Natanail of Nevrokop, where he graduated in 2002 and which was one of the best monasteries capable of giving a solid basis for true and high standard spiritual life.
Becoming a Monk
On August 7, 1999, he was ordained a monk by him and the next day he was ordained as a hierodeacon. On July 21, 2004, he was sent for obedience to the Nativity of the Virgin Monastery (Rojenski Monastery) in Rozhen, and on November 27, he was ordained a hieromonk by his diocesan bishop. On June 1, 2006, he was elevated to the rank of archimandrite.
Recognized as exceptional choosen person and Levereged to a Bishop by metropolitan Natanail Nevrokopski Note: Nevrokov Eparchy is the eparchy in which Saint John of Rila Monastery belongs to, Metropolitan Natanail was among the most loved person in Bulgarian Church
On January 20, 2008, he was ordained as a Bishop with the title of Dragovitski and was appointed vicar of the Metropolitan of Neurokop Natanail.
Metropolitan Nathanail Nevrokopsky (titled as the consience of the Bulgarian Church)
His ordination was carried out by Patriarch Maxim (the previous patriarch before Patriarch Neofit) in collaboration with Metropolitans + Ioanikiy of Sliven, + Dometian Vidinsky, + Kyril Metropolitan of Varna and Veliko Preslav, Grigoriy of Velikoturnovsky, Neofit of Rusensky, Natanail of Nevrokopsky, Gavriil Lovchansky and bishops Evlogius of Adrianople, Abbot of the Rila Monastery, Naum Stobiyski at that time Chief Secretary of The Holy Synod, Theodosius of Devol, Constantine of Marcianopol and John of Znepol (currently Metropolitan of Varna and Veliko Preslav chosen after decease of Metr. Kiril).
Hadji Dimovski monastery become also famous also for being the spiritual school for Metropolitan Serafim of Nevrokop (chosen after's Metropolitan Natanail Nevrokopsky pass away to Christ).
On 15 June 2010, Daniel was appointed vicar of the diocese in the US, Canada and Australia of the Bulgarian Patriarchate. On 2 December 2011, the Holy Synod "took note of the letter from Metropolitan Joseph of the USA, Canada and Australia, notifying that permission had been received from the American emigration authorities to fulfill the obedience assigned by the Holy Synod to Bishop Daniel of Dragovitski who can already leave and take on responsibilities, as metropolitan vicar of the USA, Canada and Australia". He was considered the most likely successor to Metropolitan Joseph of America (Bosakov).
Served as vicar bishop in the American, Canadian and Australian dioceses from 2011 until February 4, 2018 (for 7 years). He was chosen to become the Metropolitan of Vidin (after the decease of Metr. Dometian) from February 4, 2018 to June 30, 2024.
In December 2018, Metropolitan Daniel condemned the Unification Council in Kyiv, calling it uncanonical. In his opinion, the actions of Patriarch Bartholomew are non-canonical, since he encroached on someone else's canonical territory.
Daniil is the originator of the introduction of religious education in the Bulgarian school and for many years worked for it to be included as a subject in the curricula.
On 21 July 2004, Daniel was sent for obedience to the Rozhen Monastery of the Nativity of the Blessed Virgin Mary. On 27 November of the same year he was ordained hieromonk by his diocesan bishop. On 1 June 2006, he was elevated to the rank of archimandrite. On 20 January 2008, he was consecrated Bishop of Dragovitia and vicar of the diocese of Nevrokop diocese.
Metropolitan of Vidin 4 February 2018 – 30 June 2024
On 4 February 2018, he was elected by the Synod to the post of Metropolitan of Vidin. Vidin was the last city that fall under the Ottoman hordes, and perhaps his zeal for truthfulness and orthodoxy and the Bulgarian nation was the reason Gods providence in that hard times to have chosen him to be head of this small but historically rich and important eparchy.
In December 2018, Metropolitan Daniel condemned the Unification Council in Kyiv, calling it uncanonical. In his opinion (based on Church Canons of Ecumenical Councils), the actions of Patriarch Bartholomew are non-canonical, since he encroached on someone else's canonical territory.
Perhaps for the Ecumenical Patriarch Bartholomew, the selection by the Gods providence for Daniil to be the next patriarch of Bulgaria, was quite a shock as the expected patriarch to choose was Gregory who if chosen should have been titled Gregory the II-nd as we already had a patriarch with this name , during the Second Bulgarian Kingdom (saying this by memory), but mans thoughts are very different from Gods thoughts as the Holy scriptures says.
After the death of the former Patriarch of the Bulgarian Orthodox Church Neophyte in March 2024 and respective mourning period, then Metropolitan of Vidin, Daniel was one of the three shortlisted candidates to ocuppy the patriach position together with Metropolitan Gregory of Vratsa and Metropolitan Arsenius of Sliven.[7] On 30 June 2024, at the patriarchal electoral Church-People's Council in Sofia, Metropolitan Daniel was elected the new Patriarch of Bulgaria, Metropolitan of Sofia.
Picture of Patriarch Daniil Blessing, right after his selection and his "radiation" with Patriarchal Ensignias, the Patriarchical Wand stick, The Cross, Panagias …
Pre-selected moments of the enthronization of new Bulgarian Patriarch Daniil of Bulgaria by Sonya Ankova
Currently he is the canonical 4th Patriarch of the new History of the Bulgarian Orthodox Church, currently serving as Patriarch of All Bulgaria since June 30 !
His choosing and Enthroning was surprise for many influential people in the history and was just another proof the Church of Bulgaria is Governed by Jesus Christ and the selection was made by the Holy Spirit of God itself !
Daniil the New Bulgarian Patrhiarch, the Forth Patriarch by Bulgarian National TV (BNT) Chapter I
Lets all say Достоин / Axios !!!, just like many has proclaimed during the official introduction of Daniil as Patriarch with a special enthronization Ceremony. The selection day 30 of June this year was by God's providence on the Sunday of All Saints, this year this day coincided also with the Assembly of All Holy Apostles day commemoration dedicated to All Apostles of Christ (the 12, the 70th of desciples and the rest of rings of desciples of Christ who have done apostolic mission sent by him). The Assembly of Apostles feast is always celebrated in the Church always 1 day after the Great feast of Saint Apostle Peter and Apostle Paul's day. The day after on the day the first Holy Liturgy was served by tradition by the new Patriarch and it was the Summer Feast of Saint Cosmo and Damianos and one of the 3 major feasts of Saint John of Rila (The Return of the Holy Relics of Saint John of Rila into Bulgaria) .
Patriarch Daniil is the youngest patriarch of Bulgaria in our history of the Bulgarian Church, currently aged 51, since its establishment in year 870 (1154 years ago) and a lot of hope by many, that his Church rulership will be mostly beneficial for the whole Church and nation and will raise up the confidence and self-esteem of the nation, and shed light on the nation and attract more of the youth, that is living a life away from the Church even though baptized, back in the Church.
Lets pray and wish the new Patriarch Daniil, a lot of increasement of Health, Love and Faith for everyone and Wisdom to guide the flock of Christ through the hardships of current turmoiled times of desperation and confusion as well as good health to serve as a Patriarch for Many Years !
For Many and Blessed Years his Holiness Patriarch of Daniil ! Metropolitan of Sofia and Patriarch of All Bulgaria !
GNU / Linux and other Free as in Beer OS-es such FreeBSD and OpenBSD as well as other UNIX variants are definitely not the best platform to do Video edit, as the best one is obviosuly MAC OS-es for being a veteran in the field of graphic edit for a long time but over the time its capabilities are slowly but surely evolving. However Linux users can also do the basic video edit stuff quite easily with ffmpeg and few other tools. The general things one faces when snapshotting videos is the video might be turned around or in the wrong angle and you want it to rorate, or you have two three or more video files and you would like to merge the ones in one or you would like to Trim a period in the beginning of a Video or Trim some time you don't need out of the video at the end end, merge multiple MP3 files into single recording or including a background music to a video.
Doing such a things has a lot of possibilities with tools such as ffmpeg, imagemagick and mencoder and it is mostly useful if you're a console guy or you need to write a program that does video rorate or video merge in PHP / Perl / Python etc.
1. Rotating Videos in Linux
Rotate a Video in 90 degrees
Rotating a video assuming that you have the ffmpeg tool installed is as easy as:
It might happen to you that some video files could not be concatenated with other video file because its resolution is smaller (or different) than the recorded material, to come around this you need to scale it.
7.2 Combine multiple audio tracks into one single recording stream
# Concatenate multiple mp3 voice files into one # ffmpeg -i "concat:input-song1.mp3|input-song2.mp3|input-song3.mp3" -c copy output-concatenated-single-song.mp3
One thing to consider is that once you want to add a background music stream to a video stream, both the video and the song has to be of the same length, otherwise attempts to merge the background audio track with fail due to the length of the audio track not matching the length of the video. This can be resolved by generating a silent audio track and concatenating it to the end of the audio track to make the video and music match:
In this article was shown how to convert multiple Videos into a single one, scaling a video to a graphics resolution, trip a video at the beginning and at the end, add background movie tracks as a sound on Linux. As you can imagine this stuff is quite useful and used by many, many websites online to do a different Video and sound editing included in a millions of Frontend / Backend webscritt Scripts around silently doing its stuff. There is much more to be done with this tools, but for a starter of a video edit newbies it should on Linux and enthusiasts to manage own managed small private clouds, hope this stuff will be useful for a introductionary.
If you want to filter a range of IPs to be able to or unable to access a TCP port service because someone is trying to brute force you from the network or just because you don't want a connected LAN IPs to have access to your server for whatever security reasons. The simplest way you can do IP and IP range restrictions to allow or disable access towards a Linux server via defining allow or prohibition rules in /etc/hosts.allow and /etc/hosts.deny.
This files are there and useful since the beginning of UNIX OS-es and has been widely used on Linux in the past and rarely known by people nowadays.
The hosts.allow and hosts.deny files could be used on a Linux system to deny connection attempts from one or more IP addresses, hostnames, or domains. /etc/hosts.allow and /etc/hosts.deny are just a plain text configuration file with a rather simple syntax, that can be used for decades to allow or filter IPs without applying a special firewall rules like iptables locally. It can work with any TCP wrapped service on your system. The hosts.deny file is used in conjunction with hosts.allow to determine whether a connection attempt gets accepted or denied.
In this small tutorial, you will see an example of the hosts.allow file and how to use it to allow or deny connections to IPs or networks, as well as how a simple prohibition to access SSH service only via specific IP network can be done.
For full understanding of hosts.allow / hosts.deny file, check the manuals man hosts.allow , man hosts.deny, man hosts_options, man hosts_options.
root@pcfreak:~# apropos hosts|grep -iE '^hosts.*' hosts.equiv (5) – list of hosts and users that are granted "trusted" r command access to your system hosts (5) – static table lookup for hostnames hosts.allow (5) – format of host access control files hosts.deny (5) – format of host access control files hosts_access (5) – format of host access control files hosts_options (5) – host access control language extensions
General hosts.allow / hosts.deny syntax
The /etc/hosts.allow and /etc/hosts.deny understood syntax form is:
service : host/network
Each value is separated by a colon :
You can also supply an option, but this is not as common. We will cover some other niche choices below. More options can be added if necessary, with each one separated by another colon.
service : host/network [:
The following line would allow all traffic to the sshd service. ALL is used as a wildcard.
sshd : ALL
Few examples to allow access to SSH Daemon from IPv4 and IPv6 This line would allow connections from all hosts on the 10.11 network. Connections from all other hosts can then be denied by the hosts.deny file. This type of configuration would work as intended since the allow line precedes our corresponding deny line in the other file, thus will be triggered first.
sshd : 10.11
Accept connections from a particular IPv4 and IPv6 address
Rather than using IPs, you can also specify hostnames to accept or deny connections from.
sshd : some.host
Accept connections from all hosts using the main domain .pc-freak.net domain name.
sshd : .pc-freak.net
You can also use a wildcard for both the service and the host/network field. This will accept all connections to any service. This would make all other rules (including those in hosts.deny) irrelevant, as all connections will be accepted by this rule before they have a chance to be denied.
ALL : ALL
The EXCEPT operator can be used to create an exception in an otherwise all allowing rule. For example, this rule would allow all connections from the .pc-freak.net domain name, except for one sub-domain org.pc-freak.net
sshd : .pc-freak.net EXCEPT org.pc-freak.net
Allow connectivity towards SSH TCP port 22 for all IP / hosts except for certain IPs and domains
To control connectivity towards sshd service via allow hosts /etc/hosts.allow for all except a bad.host and a certain IP range:
Disable access to all remote services to the network
Lets say if you're running the Linux as desktop station and you want to disable access to any local services running on TCP ports
If you want to be paranoid and disable all remote access to server to any IP network, you can do it with:
# echo "ALL: ALL" >/etc/hosts.deny
Completely allow access to a certain running TCP port service on server
To allow completely access to a service
service_name : ALL : allow
Allow access for a a range of IPs subnet
You can also specifcy the IP netmask range to allow, like this:
ALL : 192.168.0.0/255.255.254.0
Allow access to all server network services for a domain except for a certain domain
Enable access to ALL running server services listening on TCP port except for domain
ALL : .example.com EXCEPT skiddie-attacker.example-domain.com
Allow access to al services except to a service for a local port range via hosts.allow
Here is example onw how to use hosts.allow file to allow connections all running server services except access to VSFTP, coming from Local LAN IPs with netmask /24 (e.g. from the 192.168.0.x.):
ALL EXCEPT vsftpd : 192.168.0
Filtering IPs and IP Ranges from within /usr/sbin/sshd openssh service via /etc/ssh/sshd_config (allow and disable access to concrete IPs trying to brute force you)
Lets say however, you don't want to do the filtering of openssh connections via hosts.allow / hosts.deny but rather on a SSH Service level, this can be done with the following /etc/ssh/sshd_config configuration.
# vim /etc/ssh/sshd_config
Match Address *,!192.168.1.0/24 ForceCommand /bin/false
For more on the use of Match Address check documentation with man 5 sshd_config
To re-load the opensshd config
# systemctl restart sshd
Of course manually filtering villains is a tedious task and ultimately to save yourself time and inconvenience to regullary look up within /var/log/security or /var/log/messages (depending on the Linux distribution) and the configuration for SSHD to login imposters you would prefer to use fail2ban (if you're not familiar with fail2ban check out my previous article on how to easily Stop ssh bruteforce authentication attempt Attacks with fail2ban or if you want to use the Linux native way check out the article how to prevent SSH and FTP bruteforce attacks with IPtables.
No Comments »