Linux

Technical Notes

These notes are my personal online notebook of useful commands and "how-to's". You are welcome to make use of them if you find them helpful. They obviously don't come with any warranty! Click on one of the category tags above for the notes in any category.

Setting up NFS4 on CentOS

First: install server software and start it

yum install nfs-utils nfs-utils-lib system-config-nfs
yum install nfs-utils nfs4-acl-tools portmap
chkconfig nfs on
chkconfig portmap on
service nfs start
echo 'portmap:ALL' >> /etc/hosts.deny
echo 'portmap:192.168.1.0/24' >> /etc/hosts.allow
service portmap start

run the firewall gui and turn on NFS4 (2049)

SSDs with Linux

Here are some good recommendations:

Using SSD for Linux root filesystem

Just putting together some links for now:

Creating a server share using sshfs

  • Modify /etc/fuse.conf to uncomment the line: user_allow_other
  • Add the user to the fuse group:
adduser $USER fuse
  • relogin to get access

Connecting interactively:

sshfs -o allow_other,umask=117,uid=1002,gid=1002 myname@sv:/home/common /home/myname/common
  • allow_other # not needed here unless others can connect through this mount
  • umask=117,uid=1002,gid=1002 # controls how the files appear to this computer. If no uid or gid then the process that invokes the command will own it

Connecting through fstab

  • Note that it is best to connect on demand in case the network is not up when fstab runs originally
  • Four steps are required:
  1. Add user to fuse group
    • See above
  2. Insert entry into fstab of client computer
myname@sv:/home/common  /home/myname/common fuse.sshfs users,_netdev,noauto,x-systemd.automount,reconnect,allow_other,workaround=rename,umask=117,uid=1002,gid=1002 0 0
  • noauto # does not immidiately mount
  • x-systemd.automount # manually connects on demand if using systemd (not upstart)
  • workaround=rename # gets rid of some problems
  • _netdev # don’t try if no network
  • default_permissions # lets kernel check permissions—seems to conflict with setting uid/gid
  • reconnect # reconnect to server
  • users # not documented anywhere, but needed to allow users other than root to activate
  • Need to reboot system to get mountpoints activated
  1. Mount shares on logon
    • Can place a mount script in ./kde/Autostart e.g.
#!/bin/bash
# must already be in /etc/fstab
mount ~/common
mount ~/personal
  1. Enable password-less logon
    • See here: /how-create-password-less-ssh-login
    • Don’t forget to make sure server home directory is as least as secure as 750

gedit external tools fails to save documents

The bug is filed here: bugs.launchpad.net/…ug/1244338

and here: bugzilla.gnome.org/…ow_bug.cgi

but if you can’t wait for the fix to come down from upstream, you can simply run this code as root:

Linux Backup solutions

Some resources for setting up backups:

Comparisons

Duplicity

Rsync

  • Main resources

Encrypted file systems

www.cyberciti.biz/hardware/howto-linux-hard-disk-encryption-with-luks-cryptsetup-command/ good how-to

  • Manually mounting (will be asked for pass phrase
cryptsetup luksOpen /dev/xvdo syncfs
mount /dev/mapper/syncfs /syncfs

www.linux.org/threads/rhel6-volume-encryption-using-luks.4219/ how to handly re-boot

dd if=/dev/random of=/root/syncfs.k bs=32 count=1
cryptsetup luksAddKey /dev/xvdo /root/syncfs.k
echo "syncfs /dev/xvdo /root/syncfs.k" > /etc/crypttab
  • Then add a line in /etc/fstab like:
/dev/mapper/syncfs /syncfs      ext4    defaults

Setting up permissions for bittorrent sync

The goal is to sync a common directory structure over multiple sites.

Permissions on server

  • create sync user:
useradd -g office -d /home/common -c "btsync service" -m btsync
  • Don’t use a sticky bit, or sync will not be able to delete files
  • Make sure all contributors to /home/common have primary group office and umask=002
    • This will mean that they all have read/write access to the common files
  • Recommended to use the SGID bit to lock all new files with group office and prevent this changing
chgrp -R office /home/common
chmod g+s /home/common #just to top directory (assume no sub-directories)
chmod -R g+w /home/common
  • Note that if a user creates a new file, when btsync replicates it on other systems it will lose ownership information (and be owned by btsync). But because it will have group office it will be editable.

First time setup

How To Migrate Linux Between Machines

There is an excellent article here: www.makeuseof.com/…en-machines

  • Create package list: dpkg --get-selections > ~/packagelist.txt
  • Mark packages for reinstallation on new system dpkg --set-selections < ~/packagelist.txt
    • This will mark all packages, but it won’t install them until you run:
  • apt-get -u dselect-upgrade
Syndicate content