Category: Linux

  • Firewalld list rules

    To list rules use command

    firewall-cmd --list-all --zone=public

    To list all open ports

    firewall-cmd --list-ports

    Example

    [root@centos7 zones]# firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="10.1.1.2/32" port protocol="tcp" port="1-65535" accept'
success
[root@centos7 zones]# firewall-cmd --list-all --zone=public
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: dhcpv6-client ssh
  ports: 25/tcp 9090/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
        rule family="ipv4" source address="10.1.1.2/32" port port="1-65535" protocol="tcp" accept
[root@centos7 zones]# firewall-cmd --zone=public --remove-rich-rule='rule family="ipv4" source address="10.1.1.2/32" port protocol="tcp" port="1-65535" accept'                                            
success
[root@centos7 zones]# firewall-cmd --list-all --zone=public
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: dhcpv6-client ssh
  ports: 25/tcp 9090/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

[root@centos7 zones]#

    See firewall-cmd

  • Install Monit on CentOS

    Monit allow you to monitor process. It can restart failed process or alert when server is overloaded.

    On CentOS server, you need to enable EPEL repo to install monit.

    yum install epel-release -y

    Install monit with

    yum install monit -y

    Enable monit to auto start on boot

    systemctl enable monit

    Start monit service

    systemctl start monit

    On CentOS, monit configuration file located at

    vi  /etc/monitrc

    See monit

  • ls

    ls command is used to list files in linux. It is same as dir on windows.

    List all files in long format (l), a is to show hidden files

    ls -la

    Show only file names

    ls -b

    Show only file names. One file per line

    ls -1

  • Ubuntu 20.04/22.04 settings won’t open

    On Ubuntu 20.04/22.04 settings won’t open. This may be caused by some software install/update.

    ubuntu settings

    I tried to run

    gnome-control-center

    From the terminal, I get the error

    boby@sok-01:~$ gnome-control-center

Command 'gnome-control-center' not found, but can be installed with:

sudo apt install gnome-control-center

boby@sok-01:~$

    To fix the error, I installed gnome-control-center package as the error suggests.

    sudo apt install gnome-control-center

    See Ubuntu

  • Sent maldet scan report to email

    Sent maldet scan report to email

    After running a scan, maldet will give you command to see result like

    maldet --report SCAN_ID

    If you need this email sent to your email, use command

    maldet --report SCAN_ID EMAIL_ADDR

    Example

    maldet scan result email

    See maldet

  • gsettings

    Ubuntu Screen Recorder

  • Install Preview Generator in Nextcloud

    Install Preview Generator in Nextcloud

    To enable preview for files in nextcloud, you need to install “Preview Generator” from next cloud app store

    https://apps.nextcloud.com/apps/previewgenerator

    To install login to nextcloud as admin. From right drop down menu, click + Apps link.

    Nextcloud apps

    Once on Apps page, you can use the search button on right side to search for “Preview Generator” and install it.

    You need to install some additional software, on ubuntu/debian install it with

    sudo apt install libreoffice ffmpeg imagemagick ghostscript

    Now edit config/config.php file of your nextcloud installation, add following code

    'enable_previews' => true,
'preview_libreoffice_path' => '/usr/bin/libreoffice',
'enabledPreviewProviders' =>
 array (
    0 => 'OC\\Preview\\TXT',
    1 => 'OC\\Preview\\MarkDown',
    2 => 'OC\\Preview\\OpenDocument',
    3 => 'OC\\Preview\\PDF',
    4 => 'OC\\Preview\\MSOffice2003',
    5 => 'OC\\Preview\\MSOfficeDoc',
    6 => 'OC\\Preview\\PDF',
    7 => 'OC\\Preview\\Image',
    8 => 'OC\\Preview\\Photoshop',
    9 => 'OC\\Preview\\TIFF',
   10 => 'OC\\Preview\\SVG',
   11 => 'OC\\Preview\\Font',
   12 => 'OC\\Preview\\MP3',
   13 => 'OC\\Preview\\Movie',
   14 => 'OC\\Preview\\MKV',
   15 => 'OC\\Preview\\MP4',
   16 => 'OC\\Preview\\AVI',
 ),

    Generate Preview for existing files

    Let’s generate thumbnail for existing files, for this, I enabled shell access for www-data so preview files have proper file ownership (not owned by root).

    chsh --shell /bin/bash www-data

    Now change to www-data user

    su - www-data

    Now run

    /usr/bin/php /var/www/nextcloud/occ preview:generate-all -vvv

    nextcloud

    Autogenerate Previews for new files

    set a cronjob as user www-data

    crontab -e -u www-data

    */5 * * * * /usr/bin/php /var/www/nextcloud/occ preview:pre-generate > /dev/null 2>&1

    See Nextcloud

  • Enable SEO url in nextcloud

    To enable SEO url in next cloud, first make sure your web server have mod_rewrite module enabled.

    Edit config.php file

    vi config/config.php

    add following

    'overwrite.cli.url' => 'https://yourdomain.com/',
'htaccess.RewriteBase' => '/',

    overwrite.cli.url may already there, in that case, don’t add it again.

    Now run

    sudo -u www-data php /var/www/nextcloud/occ maintenance:update:htaccess

    See NextCloud

  • csf error path to iptables is either not set or incorrect

    Whem install csf firewall on Ubuntu 20.04, i get following error

    root@ok:~# csf
*Error* The path to iptables is either not set or incorrect for IPTABLES [/usr/sbin/ip6tables] in /etc/csf/csf.conf at /usr/local/csf/lib/ConfigServer/URLGet.pm line 26.
Compilation failed in require at /usr/sbin/csf line 21.
BEGIN failed--compilation aborted at /usr/sbin/csf line 21.
root@ok:~#

    This is because path for iptables is changed in Ubuntu 20.04. To fix the error edit csf.conf

    vi /etc/csf/csf.conf

    Find

    IPTABLES = "/sbin/iptables"
IPTABLES_SAVE = "/sbin/iptables-save"
IPTABLES_RESTORE = "/sbin/iptables-restore"
IP6TABLES = "/sbin/ip6tables"
IP6TABLES_SAVE = "/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/sbin/ip6tables-restore"

    Replace with

    IPTABLES = "/usr/sbin/iptables"
IPTABLES_SAVE = "/usr/sbin/iptables-save"
IPTABLES_RESTORE = "/usr/sbin/iptables-restore"
IP6TABLES = "/usr/sbin/ip6tables"
IP6TABLES_SAVE = "/usr/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/usr/sbin/ip6tables-restore"

    Now restart csf with csf -r, it will work.

    csf -r
systemctl restart lfd

    See csf

  • Linux User

  • Disable systemd-resolved on Ubuntu/Deb/CentOS

    systemd-resolved provide DNS resolver facility in newer version of Linux servers running systemd.

    I prefer manually editing /etc/resolv.conf and add resolvers. If you are running your own DNS server, then you need to disable systemd-resolved as it listen on port 53, with out disabling the service, you can’t start your DNS server.

    To disable systemd-resolved, run

    wget https://raw.githubusercontent.com/serverok/server-setup/master/tools/disable-systemd-resolved.sh
bash disable-systemd-resolved.sh

    Or do the following.

    systemctl disable systemd-resolved.service
systemctl stop systemd-resolved

    Now create /etc/resolv.conf file

    rm -f /etc/resolv.conf
tee /etc/resolv.conf << END
nameserver 8.8.8.8
nameserver 1.1.1.1
END

    See resolv.conf, dns

  • Enable rc.local

    To enable /etc/rc.local file run on system startup on servers runing systemd, you can run

    systemctl enable rc-local

    Now you need to create file /etc/rc.local with 755 permission.

    touch /etc/rc.local
chmod 755 /etc/rc.local

    See Autostart