Linux Blimp

Host command is a minimal and easy-to-use CLI utility for performing DNS lookups which translate domain names to IP addresses and vice versa. It can also be used to list and verify various types of DNS records such as NS and MX, test and validate ISP DNS server and Internet connectivity, spam and blacklisting records, detecting and troubleshooting DNS server issues among others.

In this article, we will learn how to use host command with a few useful examples in Linux to perform DNS lookups. In previous articles, we showed the most used 8 Nslookup commands for testing and troubleshooting DNS servers and to query specific DNS resource records (RR) as well.

We also explained 10 Linux Dig (Domain Information Groper) commands to query DNS info, it works more like the Nslookup tool. The host utility also works in a similar way and comes preinstalled on most if not all mainstream Linux distros.

With that said, let’s look at these 14 host commands below.

Find the Domain IP Address

This is the simplest host command you can run, just provide a domain name such as google.com to get the associated IP addresses.

$ host google.com

google.com has address 216.58.201.46
google.com has address 216.58.201.46
google.com has address 216.58.201.46
google.com has IPv6 address 2a00:1450:4009:80b::200e
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.

Find Domain Name Servers

To find out the domain name servers use the -t option.

$ host -t ns google.com

google.com name server ns1.google.com.
google.com name server ns2.google.com.
google.com name server ns3.google.com.
google.com name server ns4.google.com.

Find Domain CNAME Record

To find out the domain CNAME, run.

$ host -t cname mail.google.com

mail.google.com is an alias for googlemail.l.google.com.

Find Domain MX Record

To find out the MX records for a domain.

$ host -n -t mx google.com

ogle.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.

Find Domain TXT Record

To find out the TXT records for a domain.

$ host -t txt google.com

google.com descriptive text "v=spf1 include:_spf.google.com ~all"

Find Domain SOA Record

You can make host attempt to display the SOA records for specified zone, from all the listed authoritative name servers for that zone with the -C flag.

$ host -C google.com

Nameserver 216.239.38.10:
	google.com has SOA record ns1.google.com. dns-admin.google.com. 156142728 900 900 1800 60
Nameserver 216.239.32.10:
	google.com has SOA record ns3.google.com. dns-admin.google.com. 156142728 900 900 1800 60
Nameserver 216.239.34.10:
	google.com has SOA record ns4.google.com. dns-admin.google.com. 156142728 900 900 1800 60
Nameserver 216.239.36.10:
	google.com has SOA record ns2.google.com. dns-admin.google.com. 156142728 900 900 1800 60

Query Particular Name Server

To query particual domain name server.

$ host google.com ns4.google.com

Using domain server:
Name: ns4.google.com
Address: 216.239.38.10#53
Aliases: 

google.com has address 172.217.19.46
google.com has address 172.217.19.46
google.com has address 172.217.19.46
google.com has IPv6 address 2a00:1450:4005:808::200e
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.

Find All Information of Domain Records and Zones

To make a query of type ANY, use the -a (all) option which is equivalent to setting the -v option.

$ host -a google.com

Trying "google.com"
;; ->>HEADER<

Get Domain TTL Information

To find out domain TTL information.

$ host -v -t a google.com

Trying "google.com"
;; ->>HEADER<

Use Either IPv4 or IPv6

The -4 or -6 option forces host to use only IPv4 or only IPV6 query transport respectively.

$ host -4 google.com
OR
$ host -6 google.com

Perform Non-Recursive Queries

The -r option performs non-recursive queries, note that setting this option clears the RD (recursion desired), the bit in the query which host makes.

$ host -rR 5 google.com

google.com has address 216.58.201.46
google.com has address 216.58.201.46
google.com has address 216.58.201.46
google.com has IPv6 address 2a00:1450:4009:80b::200e
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.

Set UDP Retries for a Lookup

By default the number of UDP tries is 1, to change it, use the -R flag.

$ host -R 5 google.com

google.com has address 216.58.201.46
google.com has address 216.58.201.46
google.com has address 216.58.201.46
google.com has IPv6 address 2a00:1450:4009:80b::200e
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.

Set Query Time Wait for Reply

Using the -W switch, you can instruct host to wait for a reply for the specified time in seconds and if the -wflag is used, it makes host to wait forever for a reply:

$ host -T -W 10 google.com

google.com has address 216.58.201.46
google.com has address 216.58.201.46
google.com has address 216.58.201.46
google.com has IPv6 address 2a00:1450:4009:80b::200e
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.

That’s it! In this article, we learned how to use host command with a few useful examples in Linux. Use the feedback form below to share any thoughts with us concerning this guide.

Source

SSH or Secure Shell daemon is a network protocol that is used to perform remotely secured log ins to Linux systems via a secured channel through unsecured networks using strong cryptography.

One of the most basic utility of SSH protocol is the ability to access Unix shells on remote Linux machines and execute commands. However, SSH protocol can offer other implementations, such as the ability to create secured TCP tunnels over the protocol, to remotely and securely transfer files between machines or to act as a FTP like service.

The standard port used by SSH service is 22/TCP. However, you might want to change SSH default port in your Linux server, in order to achieve some kind of security through obscurity because the standard 22/TCP port is continuously targeted for vulnerabilities by hackers and bots in internet.

To change SSH service default port in Linux, first you need to open the main SSH daemon configuration file for editing with your favorite text editor by issuing the below command and make the following changes.

# vi /etc/ssh/sshd_config

In sshd_config file, search and comment the line that begins with Port 22, by adding a hashtag (#) in front of the line. Below this line, add a new port line and specify your desired port to bind SSH.

In this example, we’ll configure SSH service to bind and listen on port 34627/TCP. Make sure you choose a random port, preferably higher than 1024 (the superior limit of standard well-known ports). The maximum port that can be setup for for SSH is 65535/TCP.

#Port 22
Port 34627

After you’ve made the above changes, restart the SSH daemon to reflect changes and issue netstat or ss command to confirm that SSH service listens on the new TCP port.

# systemctl restart ssh
# netstat -tlpn| grep ssh
# ss -tlpn| grep ssh

In CentOS or RHEL Linux based distributions, install policycoreutils package and add the below rules to relax SELinux policy in order for the SSH daemon to bind on the new port.

# yum install policycoreutils
# semanage port -a -t ssh_port_t -p tcp 34627
# semanage port -m -t ssh_port_t -p tcp 34627
# systemctl restart sshd
# netstat -tlpn| grep ssh
# ss -tlpn| grep ssh

Also, don’t forget to update the firewall rules specific for your own installed Linux distribution in order to allow incoming connections to be established on the new added SSH port.

Source

There are several reasons to restrict a SSH user session to a particular directory, especially on web servers, but the obvious one is a system security. In order to lock SSH users in a certain directory, we can use chrootmechanism.

change root (chroot) in Unix-like systems such as Linux, is a means of separating specific user operations from the rest of the Linux system; changes the apparent root directory for the current running user process and its child process with new root directory called a chrooted jail.

In this tutorial, we’ll show you how to restrict a SSH user access to a given directory in Linux. Note that we’ll run the all the commands as root, use the sudo command if you are logged into server as a normal user.

Step 1: Create SSH Chroot Jail

1. Start by creating the chroot jail using the mkdir command below:

# mkdir -p /home/test

2. Next, identify required files, according to the sshd_config man page, the ChrootDirectory option specifies the pathname of the directory to chroot to after authentication. The directory must contain the necessary files and directories to support a user’s session.

For an interactive session, this requires at least a shell, commonly sh, and basic /dev nodes such as null, zero, stdin, stdout, stderr, and tty devices:

# ls -l /dev/{null,zero,stdin,stdout,stderr,random,tty}

3. Now, create the /dev files as follows using the mknod command. In the command below, the -m flag is used to specify the file permissions bits, c means character file and the two numbers are major and minor numbers that the files point to.

# mkdir -p /home/test/dev/		
# cd /home/test/dev/
# mknod -m 666 null c 1 3
# mknod -m 666 tty c 5 0
# mknod -m 666 zero c 1 5
# mknod -m 666 random c 1 8

4. Afterwards, set the appropriate permission on the chroot jail. Note that the chroot jail and its subdirectories and subfiles must be owned by root user, and not writable by any normal user or group:

# chown root:root /home/test
# chmod 0755 /home/test
# ls -ld /home/test

Step 2: Setup Interactive Shell for SSH Chroot Jail

5. First, create the bin directory and then copy the /bin/bash files into the bin directory as follows:

# mkdir -p /home/test/bin
# cp -v /bin/bash /home/test/bin/

6. Now, identify bash required shared libs, as below and copy them into the lib directory:

# ldd /bin/bash
# mkdir -p /home/test/lib64
# cp -v /lib64/{libtinfo.so.5,libdl.so.2,libc.so.6,ld-linux-x86-64.so.2} /home/test/lib64/

Step 3: Create and Configure SSH User

7. Now, create the SSH user with the useradd command and set a secure password for the user:

# useradd tecmint
# passwd tecmint

8. Create the chroot jail general configurations directory, /home/test/etc and copy the updated account files (/etc/passwd and /etc/group) into this directory as follows:

# mkdir /home/test/etc
# cp -vf /etc/{passwd,group} /home/test/etc/

Note: Each time you add more SSH users to the system, you will need to copy the updated account files into the /home/test/etc directory.

Step 4: Configure SSH to Use Chroot Jail

9. Now, open the sshd_config file.

# vi /etc/ssh/sshd_config

and add/modify the lines below in the file.

#define username to apply chroot jail to
Match User tecmint
#specify chroot jail
ChrootDirectory /home/test

Save the file and exit, and restart the SSHD services:

# systemctl restart sshd
OR
# service sshd restart

Step 5: Testing SSH with Chroot Jail

10. At this point, test if the chroot jail setup is working as expected:

# ssh tecmint@192.168.0.10
-bash-4.1$ ls
-bash-4.1$ date
-bash-4.1$ uname

From the screenshot above, we can see that the SSH user is locked in the chrooted jail, and can’t run any external commands (ls, date, uname etc).

The user can only execute bash and its builtin commands such as(pwd, history, echo etc) as seen below:

# ssh tecmint@192.168.0.10
-bash-4.1$ pwd
-bash-4.1$ echo "Tecmint - Fastest Growing Linux Site"
-bash-4.1$ history

Step 6. Create SSH User’s Home Directory and Add Linux Commands

11. From the previous step, we can notice that the user is locked in the root directory, we can create a home directory for the the SSH user like so (do this for all future users):

# mkdir -p /home/test/home/tecmint
# chown -R tecmint:tecmint /home/test/home/tecmint
# chmod -R 0700 /home/test/home/tecmint

12. Next, install a few user commands such as ls, date, mkdir in the bin directory:

# cp -v /bin/ls /home/test/bin/
# cp -v /bin/date /home/test/bin/
# cp -v /bin/mkdir /home/test/bin/

13. Next, check the shared libraries for the commands above and move them into the chrooted jail libraries directory:

# ldd /bin/ls
# cp -v /lib64/{libselinux.so.1,libcap.so.2,libacl.so.1,libc.so.6,libpcre.so.1,libdl.so.2,ld-linux-x86-64.so.2,libattr.so.1,libpthread.so.0} /home/test/lib64/

Step 7. Testing SFTP with Chroot Jail

14. Do a final test using sftp; check if the commands you have just installed are working.

Add the line below in the /etc/ssh/sshd_config file:

#Enable sftp to chrooted jail 
ForceCommand internal-sftp

Save the file and exit. Then restart the SSHD services:

# systemctl restart sshd
OR
# service sshd restart

15. Now, test using SSH, you’ll get the following error:

# ssh tecmint@192.168.0.10

Try using SFTP as follows:

# sftp tecmint@192.168.0.10

Suggested Read: Restrict SFTP Users to Home Directories Using chroot Jail

That’s it for now!. In this article, we showed you how to restrict a SSH user in a given directory (chrooted jail) in Linux. Use the comment section below to offer us your thoughts about this guide.

Source

In this tutorial, we will be discussing how to restrict SFTP users to their home directories or specific directories. It means the user can only access his/her respective home directory, not the entire file system.

Restricting users home directories is vital, especially in a shared server environment, so that an unauthorized user won’t sneak peek into the other user’s files and folders.

Important: Please also note that the purpose of this article is to provide SFTP access only, not SSH logins, by following this article will have the permissions to do file transfer, but not allowed to do a remote SSH session.

Suggested Read: Restrict SSH User Access to Certain Directory Using Chrooted Jail

The simplest way to do this, is to create a chrooted jail environment for SFTP access. This method is same for all Unix/Linux operating systems. Using chrooted environment, we can restrict users either to their home directory or to a specific directory.

Restrict Users to Home Directories

In this section, we will create new group called sftpgroup and assign correct ownership and permissions to user accounts. There are two choices to restrict users to home or specific directories, we will see both way in this article.

Create or Modify Users and Groups

Let us restrict the existing user, for example tecmint, to his/her home directory named /home/tecmint. For this, you need to create a new sftpgroup group using groupadd command as shown:

# groupadd sftpgroup

Next, assign the user ‘tecmint’ to sftpgroup group.

# usermod -G sftpgroup tecmint

You can also create a new user using useradd command, for example senthil and assign the user to sftpusers group.

# adduser senthil -g sftpgroup -s /sbin/nologin
# passwd tecmint

Modify SSH Configuration File

Open and add the following lines to /etc/ssh/sshd_config configuration file.

Subsystem sftp internal-sftp
 
   Match Group sftpgroup
   ChrootDirectory /home
   ForceCommand internal-sftp
   X11Forwarding no
   AllowTcpForwarding no

Save and exit the file, restart sshd service to take new changes into effect.

# systemctl restart sshd
OR
# service sshd restart

If you chroot multiple users to the same directory, you should change the permissions of each user’s home directory in order to prevent all users to browse the home directories of the each other users.

# chmod 700 /home/tecmint

Verify SSH and SFTP Users Login

Now, it’s time to check the login from a local system. Try to ssh your remote system from your local system.

# ssh tecmint@192.168.1.150

Here,

1. tecmint – remote system’s username.
2. 192.168.1.150 – Remote system’s IP address.

Sample output:

tecmint@192.168.1.150's password: 
Could not chdir to home directory /home/tecmint: No such file or directory
This service allows sftp connections only.
Connection to 192.168.1.150 closed.

Then, access remote system using SFTP.

# sftp tecmint@192.168.1.150

Sample output:

tecmint@192.168.1.150's password: 
Connected to 192.168.1.150.
sftp>

Let us check the current working directory:

sftp&gt pwd
Remote working directory: /

sftp&gt ls
tecmint  

Here, tecmint is the home directory. Cd to the tecmint directory and create the files or folders of your choice.

sftp&gt cd tecmint
Remote working directory: /

sftp&gt mkdir test
tecmint  

Restrict Users to a Specific Directory

In our previous example, we restrict the existing users to the home directory. Now, we will see how to restrict a new user to a custom directory.

Create Group and New Users

Create a new group sftpgroup.

# groupadd sftpgroup

Next, create a directory for SFTP group and assign permissions for the root user.

# mkdir -p /sftpusers/chroot
# chown root:root /sftpusers/chroot/

Next, create new directories for each user, to which they will have full access. For example, we will create tecmint user and it’s new home directory with correct group permission using following series of commands.

# adduser tecmint -g sftpgroup -s /sbin/nologin
# passwd tecmint
# mkdir /sftpusers/chroot/tecmint
# chown tecmint:sftpgroup /sftpusers/chroot/tecmint/
# chmod 700 /sftpusers/chroot/tecmint/

Configure SSH for SFTP Access

Modify or add the following lines at the end of the file:

#Subsystem  	sftp	/usr/libexec/openssh/sftp-server
Subsystem sftp  internal-sftp
 
Match Group sftpgroup
   ChrootDirectory /sftpusers/chroot/
   ForceCommand internal-sftp
   X11Forwarding no
   AllowTcpForwarding no

Save and exit the file. Restart sshd service to take effect the saved changes.

# systemctl restart sshd
OR
# service sshd restart

That’s it, you can check by logging into the your remote SSH and SFTP server by using the step provided above at Verify SSH and SFTP login.

Be mindful that this method will disable the shell access, i.e you can’t access the remote system’s shell session using SSH. You can only access the remote systems via SFTP and do file transfer to and from the local and remote systems.

Conclusion

Now you know how to restrict users home directories using a Chroot environment in Linux. If you find this useful, share this article on your social networks and let us know in the comment section below if there is any other methods to restrict users home directories.

Source

In this article, we will explain two, simple command line tips that enable you to only list all today’s files.

One of the common problems Linux users encounter on the command line is locating files with a particular name, it can be much easier when you actually know the filename.

However, assuming that you have forgotten the name of a file that you created (in your home folder which contains hundreds of files) at an earlier time during the day and yet you need to use urgently.

Below are different ways of only listing all files that you created or modified (directly or indirectly) today.

1. Using the ls command, you can only list today’s files in your home folder as follows, where:

1. -a – list all files including hidden files
2. -l – enables long listing format
3. --time-style=FORMAT – shows time in the specified FORMAT
4. +%D – show/use date in %m/%d/%y format

# ls  -al --time-style=+%D | grep 'date +%D'

In addition, you can sort the resultant list alphabetically by including the -X flag:

# ls -alX --time-style=+%D | grep 'date +%D'

You can also list based on size (largest first) using the -S flag:

# ls -alS --time-style=+%D | grep 'date +%D'

2. Again, it is possible to use the find command which is practically more flexible and offers plenty of options than ls, for the same purpose as below.

1. -maxdepth level is used to specify the level (in terms of sub-directories) below the starting point (current directory in this case) to which the search operation will be carried out.
2. -newerXY, this works if timestamp X of the file in question is newer than timestamp Y of the file reference. X and Y represent any of the letters below:
   1. a – access time of the file reference
   2. B – birth time of the file reference
   3. c – inode status change time of reference
   4. m – modification time of the file reference
   5. t – reference is interpreted directly as a time

This means that, only files modified on 2016-12-06 will be considered:

# find . -maxdepth 1 -newermt "2016-12-06"

Important: Use the correct date format as reference in the find command above, once you use a wrong format, you will get an error as the one below:

# find . -maxdepth 1 -newermt "12-06-2016"

find: I cannot figure out how to interpret '12-06-2016' as a date or time

Alternatively, use the correct formats below:

# find . -maxdepth 1 -newermt "12/06/2016"
OR
# find . -maxdepth 1 -newermt "12/06/16"

You can get more usage information for ls and find commands in our following series of articles on same.

1. Master Linux ‘ls’ Command with This 15 Examples
2. Useful 7 Quirky ‘ls’ Tricks for Linux Users
3. Master Linux ‘find’ Command with This 35 Examples
4. Ways to Find Multiple Filenames with Extensions in Linux

In this article, we explained two important tips of how to list only today’s files with the help of ls and find commands. Make use of the feedback form below to send us any question(s) or comments about the topic. You can as well inform us of any commands used for the same goal.

Source

In case you are running Linux on a machine that you normally use alone, say on a laptop, entering a password each time you invoke sudo can become so boring in the long run. Therefore, in this guide, we will describe how to configure sudo command to run without entering a password.

This setting is done in the /etc/sudoers file, which drives sudoers to use default security policy plugin for the sudo command; under the user privilege specification section.

Important: In the sudeors file, the authenticate parameter which is turned on by default is used for authentication purposes. If it is set, users must authenticate themselves via a password (or other means of authentication) before they run commands with sudo.

However, this default value may be overridden using the NOPASSWD (require no password when user invokes sudo command) tag.

The syntax to configure user privileges is as follows:

user_list host_list=effective_user_list tag_list command_list

Where:

1. user_list – list of users or a user alias that has already been set.
2. host_list – list of hosts or a host alias on which users can run sudo.
3. effective_user_list – list of users they must be running as or a run as alias.
4. tag_list – list of tags such as NOPASSWD.
5. command_list – list of commands or a command alias to be run by user(s) using sudo.

To allow a user (aaronkilik in the example below) to run all commands using sudo without a password, open the sudoers file:

$ sudo visudo

And add the following line:

aaronkilik ALL=(ALL) NOPASSWD: ALL

For the case of a group, use the % character before the group name as follows; this means that all member of the sys group will run all commands using sudo without a password.

%sys ALL=(ALL) NOPASSWD: ALL

To permit a user to run a given command (/bin/kill) using sudo without a password, add the following line:

aaronkilik ALL=(ALL) NOPASSWD: /bin/kill

The line below will enable member of the sys group to run the commands: /bin/kill, /bin/rm using sudowithout a password:

%sys ALL=(ALL) NOPASSWD: /bin/kill, /bin/rm

For more sudo configuration and additional usage options, read our articles that describes more examples:

1. 10 Useful Sudoers Configurations for Setting ‘sudo’ in Linux
3. Let Sudo Insult You When You Enter Incorrect Password
4. How to Keep ‘sudo’ Password Timeout Session Longer in Linux

In this article, we described how to configure sudo command to run without entering a password. Do not forget to offer us your thoughts about this guide or other useful sudeors configurations for Linux system administrators all in the comments.

Source

One important thing to master under Linux System/Server Administration is package management using different package management tools.

Different Linux distributions install applications in a pre-compiled package that contain binary files, configuration files and also information about the application’s dependencies.

Read Also: Learn 25 ‘apt-get’ and ‘apt-cache’ Command Examples in Debian based Systems

Package management tools help System/Server Administrators in many ways such as:

1. Downloading and installing software
2. Compile software from source
3. Keeping track of all software installed, their updates and upgrades
4. Handling dependencies
5. and also keeping other information about installed software and many more

In this guide, we are going to look at 15 examples of how to use the new APT (Advanced Package Tool) on your Ubuntu Linux systems.

APT is a command-line based tool that is used for dealing with packages on a Ubuntu based Linux systems. It presents a command line interface to the package management on your system.

1. Installing a Package

You can install a package as follows by specify a single package name or install many packages at once by listing all their names.

$ sudo apt install glances

2. Find Location of Installed Package

The following command will help you to list all the files that are contained in a package called glances (advance Linux monitoring tool).

$ sudo apt content glances

3. Check All Dependencies of a Package

This will help you to display raw information about dependencies of a particular package that you specify.

$ sudo apt depends glances

4. Search for a Package

The search option searches for the given package name and show all the matching packages.

$ sudo apt search apache2

5. View Information About Package

This will help you display information about package or packages, run the command below by specifying all the packages that you want to display information about.

$ sudo apt show firefox

6. Verify a Package for any Broken Dependencies

Sometimes during package installation, you may get errors concerning broken package dependencies, to check that you do not have these problems run the command below with the package name.

$ sudo apt check firefox

7. List Recommended Missing Packages of Given Package

$ sudo apt recommends apache2

8. Check Installed Package Version

The ‘version’ option will show you the installed package version.

$ sudo apt version firefox

9. Update System Packages

This will help you to download a list of packages from different repositories included on your system and updates them when there are new versions of packages and their dependencies.

$ sudo apt update

10. Upgrade System

This helps you to install new versions of all the packages on your system.

$ sudo apt upgrade

11. Remove Unused Packages

When you install a new package on your system, it’s dependencies are also installed and they use some system libraries with other packages. The after removing that particular package, it’s dependencies will remain on the system, therefore to remove them use autoremove as follows:

$ sudo apt autoremove

12. Clean Old Repository of Downloaded Packages

The option ‘clean’ or ‘autoclean’ remove all old local repository of downloaded package files.

$ sudo apt autoclean 
or
$ sudo apt clean

13. Remove Packages with its Configuration Files

When you run apt with remove, it only removes the package files but configuration files remain on the system. Therefore to remove a package and it’s configuration files, you will have to use purge.

$ sudo apt purge glances

14. Install .Deb Package

To install a .deb file, run the command below with the filename as an argument as follows:

$ sudo apt deb atom-amd64.deb

15. Find Help While Using APT

The following command will list you all the options with it’s description on how to use APT on your system.

$ apt help

Summary

Always remember that good Linux package management, can help you avoid breaking your system. There are so many other package management tools that you can use in Linux.

You can share with us what you use and your experience with it. I hope the article is helpful and for any additional information, leave a comment in the comment section.

Source

In this post will guide you simple steps to reset forgotten root password in RHEL, CentOS and Fedora Linux with example. There are various ways to reset root password which are.

1. Booting into single user mode.
2. Using boot disk and edit passwd file.
3. Mount drive to another system and change passwd file.

Here, in this article we are going to review “Booting into single user mode” option to reset forgotten rootpassword.

Cautious: We urge to take backup of your data and try it out at your own risk.

STEP 1. Boot Computer and Interrupt while booting at GRUB stage hitting ‘arrow‘ keys or “space bar“.

STEP 2. Type ‘a‘ to modify kernel argument. Anytime you can cancel typing ‘ESC‘ key.

STEP 3. Append 1 at the end of “rhgb quiet” and press “Enter” key to boot into single user mode.

STEP 4. Type command “runlevel” to know the the runlevel where you are standing. Here “1 S” state that your are in a single user mode.

STEP 5. Type ‘passwd‘ command without username and press ‘Enter‘ key in command prompt. It’ll ask to supply new root password and re-type the same password for confirmation. “Your are Done” Congratulation!!!

What if GRUB bootloader is password protected? We’ll cover in our next article, how to protect GRUB with password and reset the same. Stay tuned…

If you find this article is helpful, or you may have some comments or query about it please feel free to contact with us through below comment box.

Source

Are you looking through an extremely lengthy configuration file, one with hundreds of lines of comments, but only want to filter the important settings from it. In this article, we will show you different ways to view a configuration file without comments in Linux.

Read Also: ccat – Show ‘cat Command’ Output with Syntax Highlighting or Colorizing

You can use the grep command to for this purpose. The following command will enable you view the current configurations for PHP 7.1 without any comments, it will remove lines starting with the ; character which is used for commenting.

Note that since ; is a special shell character, you need to use the \ escape character to change its meaning in the command.

$ grep ^[^\;] /etc/php/7.1/cli/php.ini

In most configuration files, the # character is used for commenting out a line, so you can use the following command.

$ grep ^[^#] /etc/postfix/main.cf

What if you have lines starting with some spaces or tabs other then # or ; character?. You can use the following command which should also remove empty spaces or lines in the output.

$ egrep -v "^$|^[[:space:]]*;" /etc/php/7.1/cli/php.ini 
OR
$ egrep -v "^$|^[[:space:]]*#" /etc/postfix/main.cf

From the above example, the -v switch means show non-matching lines; instead of showing matched lines (it actually inverts the meaning of matching) and in the pattern “^$|^[[:space:]]*#”:

• ^$ – enables for deleting empty spaces.
• ^[[:space:]]*# or ^[[:space:]]*; – enables matching of lines that starting with # or ; or “some spaces/tabs.
• | – the infix operator joins the two regular expressions.

Also learn more about grep command and its variations in these articles:

1. What’s Difference Between Grep, Egrep and Fgrep in Linux?
2. 11 Advanced Linux ‘Grep’ Commands on Character Classes and Bracket Expressions

That’s all for now! We would love to hear from you, share with us any alternative methods for viewing configuration files without comments, via the feedback form below.

Source

In one of our earlier article, we have explained about 9 best file comparison and difference (Diff) tools for Linux systems. We listed a mixture of command-line and GUI tools for comparing and finding differences between files, each with certain remarkable features. Another useful diff utility for Linux is called sdiff.

Read Also: How to Find Difference Between Two Directories Using Diff and Meld Tools

sdiff is a simple command line utility for showing the differences between two files and merge interactively. It is easy to use and comes with straightforward usage options as explained below.

The syntax for using sdiff is as follows.

$ sdiff option... file1 file2

Show Difference Between Two Files in Linux

1. The easiest way to run sdiff is to provide the two filenames you are trying to compare. It will show the merged difference side-by-side as shown in the following screenshot.

$ cal >cal.txt
$ df -h >du.txt
$ sdiff du.txt cal.txt

Treat all Files as Text Files

2. To treat all files as text and compare them line-by-line, whether they are text files or not, use the -a flag.

$ sdiff -a du.txt cal.txt

Filesystem      Size  Used Avail Use% Mounted on	      |	     April 2018       
udev            3.9G     0  3.9G   0% /dev		      |	Su Mo Tu We Th Fr Sa  
tmpfs           788M  9.7M  779M   2% /run		      |	 1  2  3  4  5  6  7  
/dev/sda10      324G  265G   43G  87% /			      |	 8  9 10 11 12 13 14  
tmpfs           3.9G  274M  3.6G   7% /dev/shm		      |	15 16 17 18 19 20 21  
tmpfs           5.0M  4.0K  5.0M   1% /run/lock		      |	22 23 24 25 26 27 28  
tmpfs           3.9G     0  3.9G   0% /sys/fs/cgroup	      |	29 30                 
/dev/loop2       82M   82M     0 100% /snap/core/4206	      |	                      
/dev/loop4      181M  181M     0 100% /snap/vlc/190	      <
/dev/loop1       87M   87M     0 100% /snap/core/4407	      <
/dev/loop0      189M  189M     0 100% /snap/vlc/158	      <
/dev/loop3       83M   83M     0 100% /snap/core/4327	      <
cgmfs           100K     0  100K   0% /run/cgmanager/fs	      <
tmpfs           788M   40K  788M   1% /run/user/1000	      <

Ignore Tabs and White Space

3. If you have files with too much whitespace, you can tell sdiff to ignore all white space while comparing using the -W switch.

$ sdiff -W du.txt cal.txt

4. You can also tell sdiff to ignore any white space at line end using the -z option.

$ sdiff -z du.txt cal.txt

5. In addition, you can instruct sdiff to ignore changes due to tab expansion with the -E flag.

$ sdiff -E du.txt cal.txt

Ignore Case While Comparing Difference

6. To ignore case (where sdiff treats upper- and lower-case as the same), use the -i option as shown.

$ sdiff -i du.txt cal.txt

Ignore Blank Lines While Comparing Difference

7. The -B option helps to ignore blank line in files.

$ sdiff -B du.txt cal.txt

Define Number of Columns to Output

8. sdiff allows you to set the number of columns to be printed (default is 130), by using the -w switch as follows.

$ sdiff -w 150 du.txt cal.txt

Expand Tabs to Spaces

9. To expand tabs to spaces in output, use the -t option.

$ sdiff -t du.txt cal.txt

Run sdiff Interactively

10. The -o flag enables it to run more interactively and send output to a file. In this command, the output will be sent to the sdiff.txt file, press Enter after seeing the % sign, to get the interactive menu.

$ sdiff du.txt cal.txt -o sdiff.txt

Filesystem      Size  Used Avail Use% Mounted on	      |	     April 2018       
udev            3.9G     0  3.9G   0% /dev		      |	Su Mo Tu We Th Fr Sa  
tmpfs           788M  9.7M  779M   2% /run		      |	 1  2  3  4  5  6  7  
/dev/sda10      324G  265G   43G  87% /			      |	 8  9 10 11 12 13 14  
tmpfs           3.9G  274M  3.6G   7% /dev/shm		      |	15 16 17 18 19 20 21  
tmpfs           5.0M  4.0K  5.0M   1% /run/lock		      |	22 23 24 25 26 27 28  
tmpfs           3.9G     0  3.9G   0% /sys/fs/cgroup	      |	29 30                 
/dev/loop2       82M   82M     0 100% /snap/core/4206	      |	                      
/dev/loop4      181M  181M     0 100% /snap/vlc/190	      <
/dev/loop1       87M   87M     0 100% /snap/core/4407	      <
/dev/loop0      189M  189M     0 100% /snap/vlc/158	      <
/dev/loop3       83M   83M     0 100% /snap/core/4327	      <
cgmfs           100K     0  100K   0% /run/cgmanager/fs	      <
tmpfs           788M   40K  788M   1% /run/user/1000	      <
% ed: Edit then use both versions, each decorated with a header. eb: Edit then use both versions. el or e1: Edit then use the left version. er or e2: Edit then use the right version. e: Discard both versions then edit a new one. l or 1: Use the left version. r or 2: Use the right version. s: Silently include common lines. v: Verbosely include common lines. q: Quit. %

Note that you need to have some of the editors such as ed installed on your system before using them, in this scenario.

Invoke Another Program To Compare Files

11. The --diff-program switch allows you to call another command-line tool, other than sdiff itself to compare files, for instance, you can call the diff program as shown.

$ sdiff --diff-program=diff du.txt cal.txt

For more information, consult the sdiff man page.

$ man sdiff

In this article, we looked at sdiff command-line tool examples for beginners. If you have any questions, use the comment form below to reach us.

Source