Category Archives: Ubuntu Linux

Auto Added by WPeMatico

WHO DID WHAT WITH ROOT?!

When you are not sure who is using SUDO on a server, and you really need to know who keeps making that annoying change.  You can install something to watch them, and maintain that software and related logs. Keep it setup in your package management system, and make sure it doesn’t have any patches.

OR

You could use the little-known (at least those I have asked in the field) modifications I will list below.  They are two fold.  One, you will enable to record who logs in and uses SUDO, and records their session. Much like many pieces of software out there today.  The one catch to my method is simple.  You already have the software installed, yup this has been a feature of SUDO since version 1.7.4p4.  So nothing else to install, worry about, or maintain.  It is also very easy to setup, see below:

/etc/sudoers modifcation:
All you need to do is to add 2 tags to all required sudoers entries.
*(where "su" specified, either with command or alias). 
LOG_INPUT and LOG_OUTPUT
Example: 
%admins ALL=(ALL) NOPASSWD: LOG_INPUT: LOG_OUTPUT: ALL

It will add the following default log dir structure to sudoers: Defaults iolog_dir=/var/log/sudo-io/%{user}
Note:
Output is logged to the directory specified by the iolog_dir option (/var/log/sudo-io by default) using a unique session ID that is included in the normal sudo log line, prefixed with TSID=.  The iolog_file option may be used to control the format of the session ID.  Output logs may be viewed with the sudoreplay(8) utility, which can also be used to list or search the available logs.   Keeping in mind that if the user has a really long session you will be viewing it like a movie, it will replay as if he is sitting there typing.  With this in mind, sudoreplay gives you the ability to play back at faster speeds.  This makes it easier to find where things happened in a long recording.

So that is one good method to help find a culprit, but what if you are just looking at history of root?  Can you tell me who ran what? Can you tell me when they ran the commands you see when you type ‘history’?  By default, no.  The next tidbit of info is very useful, and extremely easy to add to your machines.  Simply add the following to your /etc/profile:

export HISTTIMEFORMAT="%m.%d.%y %T "

Yes, that is a space at the end.  If you do not put that in there you will end up with it running together with the actual command typed in history.  So your history should look like the example below:

1995 06.10.15 13:08:05 top
1996 06.10.15 13:08:05 clear
1997 06.10.15 13:08:05 df -h
1998 06.10.15 13:08:05 umount /media
1999 06.10.15 13:08:05 sudo umount /media
2000 06.10.15 13:08:05 sudo su –
2001 06.10.15 13:08:07 history

I hope this helps someone save some time, as it has me.  Please feel free to share with others.

-M

 

Root ZFS Soon, but now we know how soon (sort of)…

The following is a link to the current project in GitHub. This will give us what is hopefully an accurate picture of the timeline.

https://github.com/orgs/ubuntu/projects/1

Given the hopeful nature of devs and people like me, this will keep us in check for a realistic timeline. Wish I could help guys, but kernel programming is not in my wheel house (yet).

Root ZFS for Ubuntu… soon..

Dev at Ubuntu Dimitri John Ledkov who has previously been involved in this effort commented on the Ubuntu mailing list with this update: 

Zstd patches have not made it into the upstream kernel yet. 

As used by mkinitramfs: 
– lz4 is faster to compress than gzip 
– lz4 is blazingly fast to decompress 
– lzma is dog slow to compress and decompress, but is tiny 
– lz4 size weight over gzip is marginal (14%) but imho worth the improved boot time & initrd creation time 
– xz is potentially even slower and even smaller than lzma 

In places where size is an absolute premium (tiny embedded iot devices) and performance is irrelevant, xz or lzma should be used. 

In all other places, our performance profile is in favor of lz4. 

Imho that includes the kernel image itself, thus we should consider switching: 
– initramfs tools to default to lz4 
– livecd-rootfs to default to lz4 
– kernels to compress kernel image with lz4 
– grub to include lz4 support 

I shall proceed with changing the defaults on the above to improve our responsiveness experience on installer, cloud, core and classic devices. If our firstboot & subsequent boot speed degrades or disk space becomes a concern, we can look into tweaking these changes further.

So, we can hope for this in Ubuntu 19.10 for testing/updates before (hopefully) being released in Ubuntu 20.04 LTS.

Linux Gaming just got way better!

Since the release of ProtonDB, there have been over 2500 games added to Linux!

What is Proton?

Proton is a new tool released by Valve Software that has been integrated with Steam Play to make playing Windows games on Linux as simple as hitting the Play button within Steam. Underneath the hood, Proton comprises other popular tools like Wine and DXVK among others that a gamer would otherwise have to install and maintain themselves. This greatly eases the burden for users to switch to Linux without having to learn the underlying systems or losing access to a large part of their library of games. Proton is still in its infancy so support is inconsistent, but regularly improving.

ProtonDB is used to collaborate on performance on different hardware/software configurations. Allowing the community to work together to get the games working.

Setting Up Proton in STEAM – Tested Ubuntu 18.10

Links on Site

Due to the purchase of Github from Microsoft, I have removed my account and all repositories.  This will also affect a few posts I have made here.  The links used to embed some small snippets (aka GISTs) of code will no longer work.  As time is available I will start fixing them manually.  Until then I thank you for your patience.

 

Thanks,
Matthew Curry

How to use a PS1 in Linux/MAC

Here are the PS1‘s I use for my daily driver.  Feel free to take them and change them up.

I use different colors, so one doesn’t accidentally login or run something as root (which is in red, users are yellow).

To use these, simply copy and paste them into either the root user; or regular user’s .bashrc.

Alternatively you can add them to /etc/profile to make them enforced system wide. 

For MAC, it is the same; however the PS1 is a little different. See below.

 

Root

 

User

Using Nano with Markdown in Linux

Fan of nano?  Like having pretty colors to see where you messed up? Of course we do!  Much like many of us, I use nano.  Its quick, easy, and readily available.  However, I like to see the highlighting of my language.  As many of you know, there are “nanorc” files, that will tell nano how to handle language highlight.

They are usually located in  /usr/share/nano/ (at least in ubuntu); and you can make your own under your home directory with a .nanorc file.  I can post about that later…

For now let get markdown working in nano!

You will need to create a file called markdown.nanorc by doing the following:

 sudo touch /usr/share/nano/markdown.nanorc

Now that the file is created, we just need to populate it with the following below text, in a pastebin for your convenience.  Just copy that text, and paste it into the aformentioned file. Once a new session is started, you will be able to start using markdown.

https://pastebin.com/raw/tHkBqdef

Just a little note as well; if you have a need for another language, you can follow the same instructions with their pre-reated files.  Take a look here, to see other nanorc files.  Also, nano has just been updated after a very long while, please take a look at the new support when you can.

 

 

 

Kill Switch Pictures/Update

Hello All,

For those following along, I have moved Kill Switch, my sons e-vehicle project. To a permanent page.  I have also added a gallery for the work as I go.  Keep an eye…

You can also subscribe to my RSS if you like.

Thanks,
-M

P.S.

Thanks to TJUMP7 for the donated 4gb SD card, and help with the motor controllers!  I can’t wait to get all the parts and get it going!

Handy One-Liners – Full Debian Update

This one is great for a “Full Update” on debian / ubuntu machines.

It calls the script without ever installing anything (assuming curl is installed).  Be sure to run as root, either with sudo or as root directly.

As you can see in the snippet; it uses a script that is remotely hosted (in a github gist).  This is great because you  can see exactly what it does by looking at the script.  It just calls system commands, so it can’t do anything malicious.  Just run sudo, then the above command and it will run the below script:

Another trick you can do with something like this, is copy it to  /usr/bin/fullupdate (as root of course), and ensure its executable “sudo chmod +x /usr/bin/fullupdate”.  Then you can call “sudo fullupdate”, from anywhere and use it when needed. Alternatively, you can use it on a cron to run on a schedule!  If you don’t want all the options, just download the script and change it for your liking.

 

Welcome to open source.

Got an Idea? Need Help? Raspberry PI prototyping!

Just another thing that I helping with lately.  If anyone need help with a new idea for a Raspberry PI, or IoT device message me.  I have been  through several POC’s (proof of concepts).

Keep in mind, if you are working on a new product; or sensitive information I keep all client info secret, and have no issues with an NDA.

  • Home Automation
  • Voice Recognition
  • Several TTS/STT Options
  • Custom Hardware
    • Integration with existing hardware
  • Custom Software
    • Custom Plugins/Adjustments
    • Coding
  • R&D on Subject Matter
    • Build
    • Test
    • Design
  • … and whatever else is needed …

Happy to just answer questions; or see what I can do to help.  Just contact me.