notes

a
ansible 4
b
bash 12 battery 1 benchmark 4 bluetooth 1
c
camera 2 centos 4 chrome 1 codecs 1 cpu 7 curl 2 cycling 2
d
debian 1 debug 22 dell 2 disk 1 django 2 dnf 7 dns 3 dnsmasq 2
e
encoding 1 epiphany 1
f
fedora 15 fedora31 1 fedora33 2 fedora40 1 filesystem 2 firefox 2 firewalld 2 flatpak 1 font 1 fresh-system 5
g
git 5 gnome 2 gpu 2 grub 1
h
headphones 1 hetzner 1 hp 1 hunt 1 husky 1
i
intel 1 io 1
j
journalctl 1
k
kernel 1 keyboard 1 komodo 1
l
laptop 1 linux 117 logitech 2 lxd 9
m
mitmproxy 2 monitor 3
n
network 10 nmcli 3 nofile 3
o
openssl 1
p
plot 3 podman 2 postgresql 2 printer 1 proxy 1 python 3
r
rhel 1 rocky-linux 1 rose 1 rpm 1 rygel 1
s
selenium 1 selinux 1 snap 1 socat 1 sound 1 ssh 3 ssl 3 sumologic 1 sysbench 4 sysctl 1 system 3 systemd 3
t
tar 1 tcpdump 1 touchpad 1
u
udev 1 ulimit 2 usb 1
v
varnish 1
w
wifi 1 wireshark 2
x
x11 1
y
youtube 3

Increase default storage size of lxd container 

lxc storage set default volume.size 20GB
linux lxd | 13 Jul 2021

One liners to check open files limit

Check open files limit for the process named redis:

cat /proc/$(ps aux | grep redis | head -n 1 | kazy -x -r "\d+")/limits | kazy -i "open files" -i Limit

Check current number of open files for the process named redis:

sudo ls -l /proc/$(ps aux | grep redis | head -n 1 | kazy -x -r "\d+")/fd | wc -l
linux system systemd nofile ulimit debug | 12 Jul 2021

Open file limits

Print system limits:

14:53 $ ulimit -a
core file size          (blocks, -c) unlimited
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 514130
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 514130
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Print just open files limit

16:52 $ ulimit -Sn
1024

Get number of open files for a specific process:

# Get process id

16:56 $ ps aux | grep wshub
cobro    3200102  2.0  0.0 3676920 86488 ?       Ssl  16:12   0:54 /opt/cobro/src/wshub/wshub -port 8015 -redis 127.0.0.1:6379 -auxport 8016
client   3212070  0.0  0.0  12132  1160 pts/0    S+   16:57   0:00 grep --color=auto wshub

# Check current limits for the process

16:57 $ cat /proc/3200102/limits
Limit                     Soft Limit           Hard Limit           Units
Max cpu time              unlimited            unlimited            seconds
Max file size             unlimited            unlimited            bytes
Max data size             unlimited            unlimited            bytes
Max stack size            8388608              unlimited            bytes
Max core file size        unlimited            unlimited            bytes
Max resident set          unlimited            unlimited            bytes
Max processes             514130               514130               processes
Max open files            1024                 262144               files
Max locked memory         65536                65536                bytes
Max address space         unlimited            unlimited            bytes
Max file locks            unlimited            unlimited            locks
Max pending signals       514130               514130               signals
Max msgqueue size         819200               819200               bytes
Max nice priority         0                    0
Max realtime priority     0                    0
Max realtime timeout      unlimited            unlimited            us

# Print number of open files for the process

17:03 $ sudo ls -l /proc/3200102/fd | wc -l
157

Systemd needs this limit specified per service (otherwise it will be 1024):


[Service]
LimitNOFILE=2048
linux system systemd nofile ulimit debug | 12 Jul 2021

Tune kernel parameters with sysctl

Lets say there is this error when using rootless containers with podman:

Error: rootlessport cannot expose privileged port 80, you can add 'net.ipv4.ip_unprivileged_port_start=80' to /etc/sysctl.conf (currently 1024), or choose a larger port number (>= 1024): listen tcp 0.0.0.0:80: bind: permission denied

To solve this problem, the value of net.ipv4.ip_unprivileged_port_start needs to be changed

Print current value:

sudo sysctl net.ipv4.ip_unprivileged_port_start

Print all configuration:

sudo sysctl -a

Temporarily change the value:

sudo sysctl -w net.ipv4.ip_unprivileged_port_start=80

To permanently modify the value, create a new file in /etc/sysctl.d. To apply changes, either reboot or execute sudo sysctl -p /etc/sysctl.d/99-custom.conf

linux podman sysctl | 24 Jun 2021

Check DNS propagation worldwide

Service from Constellix: DNS Propagation

linux dns debug | 26 May 2021

Run Ansible playbook on remote IP address 

ansible-playbook my.yml -i 162.55.82.217, -e "ansible_user=root"

The trick is to add , after the IP address

linux ansible | 25 May 2021

Forward remote port to a local one via SSH tunnel 

ssh -L <LOCAL_PORT>:127.0.0.1:<REMOTE_PORT> remote_server

TCP connections to <LOCAL_PORT> will be forwarded to 127.0.0.1:<REMOTE_PORT> on remote host remote_server

linux ssh debug | 25 May 2021

Connect dedicated servers with cloud servers in hetzner via vSwitch

Main article is provided by Hetzner team here. This article contains instructions for creating vlan interface in Centos 8 using nmcli.

Assumptions (same us in the main article + listed below):

  • VLAN ID is 4001
  • parent network interface is enp195s0

Steps:

  1. Create new connection:
nmcli connection add type vlan con-name vlan4001 ifname vlan4001 vlan.parent enp195s0 vlan.id 4001
  1. Configure the connection:
nmcli connection modify vlan4001 802-3-ethernet.mtu 1400
nmcli connection modify vlan4001 ipv4.addresses '10.0.1.2/24'
nmcli connection modify vlan4001 ipv4.gateway '10.0.1.1'
nmcli connection modify vlan4001 ipv4.dns '10.0.0.4'  # (optional)
nmcli connection modify vlan4001 ipv4.method manual
nmcli connection modify vlan4001 +ipv4.routes "10.0.0.0/16 10.0.1.1"
  1. Restart the connection
nmcli connection down vlan4001
nmcli connection up vlan4001
  1. Verify configuration
# Prints what gateway is used to reach the ip
ip route get 10.0.0.5

# Print all connection information
nmcli connection show vlan4001

# Print routing table
ip r

# Use tui interface for NetworkManager
dnf install NetworkManager-tui
nmtui

Restarting NetworkManager wasn’t enough to apply custom routes. Bring interface up and down

And the link to the great RedHat documentation

linux network nmcli hetzner centos | 15 May 2021

netcat example

Listen on specified port:

nc -l -v -k 8888

Connect via netcat:

nc -v google.com 80
linux network debug | 29 Mar 2021

Extract and count IP addresses from logs 

journalctl -n 1000 | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | sort | uniq -c
linux journalctl debug network | 29 Mar 2021