Examples:
sudo apt-get install ubuntu-desktop sudo apt-get clean #Clean "/var/cache/apt/archives" (programms installed with apt-get are saved in) sudo apt-get install gdm apt-get install --reinstall package sudo /etc/init.d/gdm start sudo dpkg-reconfigure xserver-xorg sudo aptitude install kubuntu-desktop apt-get install linux-image-3.2.0-24-generic linux-headers-3.2.0-24-generic apt-get install build-essential #Compiler apt-get install bridge-utils #if you want to use a network bridge interface apt-get install lm-sensors #run once "sensors-detect", than "sensors" to get e.g. cpu temperature and more apt-get install ntp ntpdate #timeserver apt-get install libssl-dev apt-get install apache2 php5 php5-mysql mysql-server #LAMP = Linux, Apache, MySQL, PHP apt install php libapache2-mod-php apt-get install php5-mongo apt-get install net-tools #arp, ifconfig, netstat, rarp, nameif and route apt-get install lvm2 apt-get install nfs-kernel-server apt-get install nfs-common apt-get --reinstall install screen sudo apt-get install phpmyadmin apt-get install samba samba-common-bin smbclient cifs-utils apt-get install smbclient cifs-utils sudo apt-get install fwbuilder apt-get install isc-dhcp-server apt-get install isc-dhcp-relay apt-get install nsca #Passiv check monitoring client for nagios/ icinga sudo aptitude install build-essential apt-get install build-essential apt-get install ia32-libs #32-bit compatibility libraries apt-get install lib32z1 lib32ncurses5 lib32bz2-1.0 #32-bit compatibility libraries for Ubuntu Server 14.4 LTS apt-get install libssl-dev #openssl-devel apt-get install lib32nss-mdns apt-get install openjdk-7-jdk apt-get -s install awstats #Option "-s" simulates an installation process apt-get install ocfs2-tools ocfs2console #Install ocfs2 dpkg-reconfigure ocfs2-tools #To configure ocfs2 apt-get install cifs-utils apt install ffmpeg #install videocodec apt-get install mailutils apt-get install libncurses5-dev #Mysql apt-get --only-upgrade install package_name #Only update the package "package_name" (run previously as always "apt-get update"!) apt-mark hold [Package] #hold back [Package] apt-mark unhold [Package] #remove hold back from [Package] apt-mark showhold #show the packages that are kept in "hold" state dpkg -l | grep "^hi" #search for all lines that begin with "hi" which are initials for "hold" and "installed" apt-cache madison docker-ce #show available versions apt-cache policy kubeadm #show package and version apt-cache search curl #show available packages apt-get install -y docker-ce=5:18.09.9~3-0~ubuntu-xenial --allow-downgrades sudo update-rc.d -f gdm remove sudo update-rc.d gdm stop 01 0 1 6 . sudo reboot sudo killall gdm #kill the X-server dpkg --list |grep postgres dpkg --purge postgresql-8.4 rm -r /usr/share/postgresql/8.4/tsearch_data rm -r /etc/postgresql-common dpkg --purge postgresql-client-common dpkg --purge postgresql-common aptitude autoclean aptitude search mysql aptitude clean postgresql-8.4 dpkg --list |grep postgres dpkg-reconfigure tzdata #timezone set dpkg-reconfigure locales #system language aptitude install postgresql aptitude reinstall perl-base hwe-support-status --verbose ubuntu-support-status systemctl stop apt-daily.timer systemctl disable apt-daily.timer apt-get install linux-generic-lts-xenial dpkg -s motion | head -n5 #show package infos, status, dependencies...
Repair:
apt-get -f install apt-get autoremove apt-get update --allow-releaseinfo-change apt-get purge apt-get clean apt --fix-broken install apt-get --fix-broken install
If there´s an error by executing “apt-get update” such as:
GPG error: http://repo.mysql.com trusty InRelease: The following signatures were invalid: KEYEXPIRED 1487236823 KEYEXPIRED 1487236823 KEYEXPIRED 1487236823
You can solve it by running
apt-key list | grep expired
Output:
pub 1024D/5072E1F5 2003-02-03 [expired: 2017-02-16]
To solve it run:
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 5072E1F5
and
apt-get update
again.
Update key:
apt-key adv --keyserver-options http-proxy=http://PROXYIP:8080 --keyserver hkp://keyserver.ubuntu.com:80 --recv <KEY> apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv
Check a key:
curl -fsSL https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/InRelease | gpg --show-keys
Hint to export keys to gpg-key:
https://askubuntu.com/questions/1398344/apt-key-deprecation-warning-when-updating-system
To update all packages run:
apt-get update #Checks and downloads Packages apt-get dist-upgrade #Updates System (all installed packages) do-release-upgrade
If you encounter problems if you are behind a proxy please enter into
/etc/apt/apt.conf
the following information
Acquire::http::Proxy "http://1.2.3.4:8080"; Acquire::https::Proxy "https://127.0.0.1:8080";
To keep a package back:
apt-mark hold [Package] #Hold back [Package] apt-mark unhold [Package] #Remove hold back from [Package]
If you just want to patch security packages:
grep security /etc/apt/sources.list > /tmp/security.list grep -P '^[ \t]*[^#[ \t]+' /etc/apt/sources.list apt-get upgrade -o Dir::Etc::Sourcelist=/tmp/security.list -s #just a test apt-get upgrade -o Dir::Etc::Sourcelist=/tmp/security.list #patch security packages
https://wiki.ubuntu.com/webmin
apt-get install libnet-ssleay-perl libauthen-pam-perl libio-pty-perl apt-show-versions libapt-pkg-perl apt-get update apt-get install libnet-ssleay-perl libauthen-pam-perl libio-pty-perl libmd5-perl apt-show-versions
To update the initrd:
update-initramfs -c -k 3.2.0-23-generic #Kernel-version 3.2.0-23-generic update-initramfs -k all -c update-grub
service --status-all initctl list
lsb_release -a
sudo do-release-upgrade
Alternativ way:
Make backup of sources.list file:
cp /etc/apt/sources.list /etc/apt/sources.list.bku
and
cp -r /etc/apt/sources.list.d/ /etc/apt/sources.list.d.bak
Edit sources.list and add new repositary such as:
deb http://de.archive.ubuntu.com/ubuntu natty main restricted universe multiverse #deb-src http://de.archive.ubuntu.com/ubuntu natty main restricted universe multiverse deb http://de.archive.ubuntu.com/ubuntu natty-updates main restricted universe multiverse #deb-src http://de.archive.ubuntu.com/ubuntu natty-updates main restricted universe multiverse deb http://de.archive.ubuntu.com/ubuntu natty-security main restricted universe multiverse #deb-src http://de.archive.ubuntu.com/ubuntu natty-security main restricted universe multiverse
Check also:
http://wiki.ubuntuusers.de/sources.list
Update sources:
apt-get update
Update distribution:
apt-get dist-upgrade
Unattended-upgrades:
To disable edit “/etc/apt/apt.conf.d/10periodic” as follows:
APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Download-Upgradeable-Packages "0"; APT::Periodic::AutocleanInterval "0";
aptitude search aptitute install
sudo tasksel #Opens pattern install menu such as LAMP like during OS installation
To solve package problems for a particular package, delete related package-names in
/var/lib/dpkg/info/ /var/cache/apt/archives/
and run
apt-get -f install apt-get update
Online:
ulimit -n 64000
Persistant (reboot required):
vi /etc/security/limits.conf
* soft nofile 64000 * hard nofile 64000 username soft nofile 64000 username hard nofile 64000 root soft nofile 64000 root hard nofile 64000
The following config (/etc/network/interfaces) shows a bonding interface (eth0, eth2) and a third networkdevice configuration (eth1):
# The loopback network interface auto lo iface lo inet loopback # The primary network interface auto bond0 iface bond0 inet static address 192.168.64.127 netmask 255.255.255.0 network 192.168.64.0 broadcast 192.168.64.255 gateway 192.168.64.1 # dns-* options are implemented by the resolvconf package, if installed dns-nameservers 192.168.63.4 192.168.63.8 dns-search my-domain.local #slaves eth0 eth2 #bond_mode 0 #bond_miimon 100 #bond_updelay 200 #bond_downdelay 200 post-up ifenslave bond0 eth0 eth2 pre-down ifenslave -d bond0 eth0 eth2 #iSCSI Network Interface auto eth1 iface eth1 inet static address 192.168.254.55 netmask 255.255.255.0 network 192.168.254.0 broadcast 192.168.254.255 # gateway 192.168.254.1 # dns-* options are implemented by the resolvconf package, if installed auto eth1:1 iface eth1:1 inet static address 10.0.0.10 netmask 255.255.255.0
DHCP:
auto eth0 iface eth0 inet dhcp
timedatectl set-timezone Europe/Berlin timedatectl dpkg-reconfigure tzdata timedatectl set-time 23:01 timedatectl set-time 2017-10-08 23:01 systemctl status systemd-timesyncd systemctl restart systemd-timesyncd
sudo rm /etc/resolv.conf sudo dpkg-reconfigure resolvconf
1) edit /etc/hostname, to e.g. yourhost.dyndns.org
2) run : hostname -F /etc/hostname
3) edit /etc/hosts accordingly
Command:
hostnamectl set-hostname NEW_NAME_HERE
Upstart is a new way to start services. The old way (/etc/init.d) is still relevant, as upstart still uses (dependant on the service) init-scripts. Upstart scripts are located in
/etc/init
Upstart services are started via:
service servicename start/stop/restart
Links:
To check status of all services:
service --status-all
Running: + Not running: - Status not known: ?
To add a service to autostart use:
/usr/lib/insserv/insserv -d servicename #Add service "servicename" to autostart - a init-script is required! /usr/lib/insserv/insserv -r servicename #Remove service "servicename" from autostart
or
update-rc.d apache2 defaults #Add service apache to autostart with default runlevels update-rc.d -f apache2 remove #Remove service apache from autostart
Ubuntu >= 16.04:
sudo systemctl is-enabled mysql.service sudo systemctl disable mysql.service sudo systemctl enable mysql.service
To update your system via “apt-get” behind a http proxy, edit or create file
/etc/apt/apt.conf
and put following syntax inside:
Acquire::http::Proxy "http://PROXY_FQDN_or_IP:8080";
and if https is required
Acquire::https::Proxy "https://PROXY_FQDN_or_IP:8080";
To set a general system proxy:
export https_proxy=https://IP:Port export http_proxy=https://IP:Port export http_proxy=http://username:password@proxy_host:proxy_port export https_proxy=https://username:password@proxy_host:proxy_port export no_proxy="localhost,127.0.0.1,test.local"
locale -a #show available locale cat /usr/share/i18n/SUPPORTED #show supported locale locale-gen de_DE.UTF-8 #generate locale update-locale LANG=de_DE.UTF-8 #update locale locale #check configure locale cat /etc/default/locale #check configure locale
1. Add user:
useradd -d /path/to/home -u 3200 -g mygroup -s /bin/false -c "FTP User sftp01" sftp01
2. Add to “/etc/ssh/sshd_config” and restart ssh “systemctl restart ssh.service” or “/etc/init.d/ssh restart”:
AllowGroups mygroup #Subsystem sftp /usr/lib/openssh/sftp-server #SLES11 Subsystem sftp /usr/lib/ssh/sftp-server #SLES12 #Subsystem sftp internal-sftp #SLES12 #Personal #Match Group sftponly Match User sftp01 ForceCommand internal-sftp #forces the SSH server to run the SFTP server upon login, disallowing shell access #PasswordAuthentication yes #only key-auth is allowed ChrootDirectory /home/sftp01 #ensures that the user will not be allowed access to anything beyond the "/home/sftp01" directory PermitTunnel no AllowAgentForwarding no AllowTcpForwarding no X11Forwarding no PermitRootLogin no
Note: Path to “ChrootDirectory” has to be owned completely by “root:root”!
3. Edit “/etc/fstab”:
The mountpoint (“/home/sftp01”) must contain “nodev,nosuid”. Example:
UUID=ed376e96-2183-43dd-862c-02fa3e6c5223 /home/sftp01 xfs defaults,nodev,nosuid 1 2
Note: This ist just required, if the “ChrootDirectory” is not owned by root!
Remount on the fly: mount -o remount,noatime /mountpoint
4. Create a key pair for key authentification:
https://www.tmade.de/wiki/doku.php?id=linux:ssh#ssh_key-authentication
Put “authorized_keys” file into “~/.ssh/authorized_keys” of the related user.
Note: The “authorized_keys” file must contain the content of “id_rsa.pub”!
Example configurations:
Match user user1 ChrootDirectory /srv/sftp/user1 Match user user2 ChrootDirectory /srv/sftp/user2 AllowTCPForwarding no X11Forwarding no ForceCommand internal-sftp
or
Match User bob,joe,phil #Match Group users_with_no_ssh ChrootDirectory /home/%u/ ForceCommand internal-sftp X11Forwarding no AllowTCPForwarding no #AcceptEnv RESTIC_REPOSITORY RESTIC_PASSWORD ForceCommand /bin/echo 'We talked about this guys. No SSH for you!'
Check ssh-config:
sshd -t #command to check for syntax errors in your configuration file sshd -T #output active directives
select-editor #set default editor
Force checking devices on next system startup:
touch /forcefsck
Useradd and set password in one step (without adding to history):
read -p "Please enter Username: " USER echo "Username: \"$USER\"" read -p "Please enter Password: " PW echo "Password \"$PW\"" useradd -m -p $(openssl passwd -1 "$PW") $USER echo "User: \"$USER\" added!"
Switch on “page up” and “page down” to search/ auto completition history (edit “/etc/inputrc”):
cat /etc/inputrc | grep search
Change
# alternate mappings for "page up" and "page down" to search the history #"\e[5~": history-search-backward #"\e[6~": history-search-forward
to
# alternate mappings for "page up" and "page down" to search the history "\e[5~": history-search-backward "\e[6~": history-search-forward
History:
https://help.ubuntu.com/community/PowerManagement/ReducedPower
The pm-utils package comes with scripts for managing low-power modes.
sudo apt-get install pm-utils
In order to enter low power mode, run this:
sudo pm-powersave true
In order to leave low power mode, run this:
sudo pm-powersave false
Check & clean:
du -sh /var/cache/apt/archives apt-get clean