Various Subjects

This section is about hints, tricks and tips with focus towards DebianGNU/Linux.

Special Filenames

Working with normal files is daily practice and nothing special, we create, edit, and remove them:

sa@sub:/tmp/test$ touch myfile
sa@sub:/tmp/test$ echo 'some contents' > myfile
sa@sub:/tmp/test$ cat myfile
some contents
sa@sub:/tmp/test$ rm myfile
sa@sub:/tmp/test$ ls -l
total 0
sa@sub:/tmp/test$

Nothing special here but what if our file would be called -f instead of myfile? Let us have a look:

sa@sub:/tmp/test$ touch -f
touch: missing file operand
Try `touch --help' for more information.
sa@sub:/tmp/test$ ls -l
total 0
sa@sub:/tmp/test$

And that is just the touch command but then the fact of the matter is that almost all utilities and commands on Unix-like systems take strings starting out with a dash as options followed by other arguments e.g. filenames. Take rm for example, a member of the coreutils package, -f to rm signals force (see man 1 rm) and that is why deleting a file named -f like this rm -f will not work.

If dealing with arguments starting out with a dash then there is a trick in order to signal to those binaries/utilities/commands that we are not providing them with options — we use a double dash in order to signal the end of options:

sa@sub:/tmp/test$ touch -- -f
sa@sub:/tmp/test$ ls -L
-f
sa@sub:/tmp/test$ echo 'some text' > -f
sa@sub:/tmp/test$ file -- -f
-f: ASCII text
sa@sub:/tmp/test$ cp -- -f copy_of_-f
sa@sub:/tmp/test$ ls -L
copy_of_-f -f
sa@sub:/tmp/test$ md5sum -- *
4d93d51945b88325c213640ef59fc50b  copy_of_-f
4d93d51945b88325c213640ef59fc50b  -f
sa@sub:/tmp/test$ rm -- -f
sa@sub:/tmp/test$ ls -L
copy_of_-f
sa@sub:/tmp/test$

Fonts

My window manager is awesome. I have also installed the Ubuntu fonts like so:

• downloaded them from http://font.ubuntu.com and unpacked them into ~/.fonts
• restart X in case one is on Gnome 3's Metacity/Mutter or in case of awesome, just set theme.font = "ubuntu 10" in /usr/share/awesome/themes/default/theme.lua and restart it in-place using modkey Control r (or whatever else refers to awesome.restart in /etc/xdg/awesome/rc.lua.

That is it, now every program such as LibreOffice, Emacs... and the entire System should have nice fonts available.

0.0.0.0/0

• 0.0.0.0/0: this is the so called default route.
• 0.0.0.0/8: Addresses in this block refer to source hosts on this network.
• 0.0.0.0/32 may be used as a source address for this host on this network other addresses within 0.0.0.0/8 may be used to refer to specified hosts on this network.

UUID of Disks?

With this subject folks usually have three questions:

• what is a UUID (Universally Unique Identifier)?
• why use them?
• who/what makes use of them?

What is it UUIDs do? What are they? Well, in a nutshell, they help us identify things (e.g. devices such as SSDs (Solid State Drives), our digicams storage card, etc.) in a unique way so that they will not be confused with any other device. Without going into details, there is a standard how a UUID should look like which is something like this 6a12a4d5-e9e6-4568-afcc-34c70b24a668 for example.

So why use them? For example, every Linux filesystem has a UUID which can be used to uniquely identify it. Of course, this could also be done using device nodes, in fact this was the common way to do it not until long ago, but the problem is, device nodes tend to change if, for example, we move devices around, change cabling and do other things that somehow remove/add/move parts of our IT setup.

Sure, there are other attributes with any device like for example the size of a filesystem or its label (read name) but those are not unique e.g. two SSDs could easily have the same filesystem sitting on top having the exact same size.

All we need to know right now is that the use of UUIDs is standard since around the time when Lenny (Debian v5.0) was released which was February 14, 2009. We also do not need to know about how UUIDs are made right now, all we need to know is that they are unique and that, for example, udev and LVM use them. In addition to those two very prominent examples there is a ton of other programs which make use of UUIDs as well. Two other examples are GNU GRUB (GRand Unified Bootloader) and /etc/fstab as can be seen below:

 1  wks:/home/sa# blkid -v
 2  blkid from util-linux-ng 2.16.2 (libblkid 2.16.0, 10-Feb-2009)
 3  wks:/home/sa# blkid | sort | column -t
 4  /dev/mapper/sda2_crypt:  UUID="VLYjBe-4L25-O8cj-lGpB-yA78-GJ4z-3uWqu5"  TYPE="LVM2_member"
 5  /dev/mapper/wks-root:    UUID="4c3a8cdf-4324-4a6a-a5e9-dd91d799acdf"    TYPE="ext3"
 6  /dev/mapper/wks-swap_1:  TYPE="swap"
 7  /dev/sda1:               UUID="6150333a-2844-4f93-8854-c887fd64638d"    TYPE="ext2"
 8  /dev/sda2:               UUID="478d69d9-ef22-4daf-9761-4b8e9bace01d"    TYPE="crypto_LUKS"
 9  wks:/home/sa# cat /etc/fstab | grep -v \^# | column -t
10  proc                                       /proc                 proc    defaults           0  0
11  UUID=4c3a8cdf-4324-4a6a-a5e9-dd91d799acdf  /                     ext3    errors=remount-ro  0  1
12  UUID=6150333a-2844-4f93-8854-c887fd64638d  /boot                 ext2    defaults           0  2
13  /dev/mapper/wks-swap_1                     none                  swap    sw                 0  0
14  cgroup                                     /var/lib/lxc/cgroups  cgroup  defaults           0  0
15  wks:/home/sa#

The important bits here are with lines 3 to 8 where we output the UUIDs used for all block devices on this machine. Lines 11 and 12 are just to show how they are used in places like /etc/fstab — e.g. note that the UUID from line 5 is used in line 11. What it does it uniquely identify the LVM logical volume wks-root which has the UUID 4c3a8cdf-4324-4a6a-a5e9-dd91d799acdf and use it to mount it as root filesystem (line 11).

Install a basic set of Packages

Each Debian package is assigned a priority by the distribution maintainers, as an aid to the package management system. The priorities are: essential, required, important, standard, optional, and extra — go here for more information. What we can do with that information is use it like this:

sa@wks:~$ aptitude search ~prequired | wc -l
60
sa@wks:~$ aptitude search ~pimportant | wc -l
56
sa@wks:~$ aptitude search ~pstandard | wc -l
91
sa@wks:~$ aptitude search ~poptional | wc -l
22479
sa@wks:~$ aptitude search ~poptional | head
p   2vcard                          - perl script to convert an addressbook to V
p   3270-common                     - Common files for IBM 3270 emulators and pr
p   3dchess                         - 3D chess for X11
p   4g8                             - Packet Capture and Interception for Switch
p   6tunnel                         - TCP proxy for non-IPv6 applications
p   9base                           - Plan 9 userland tools
p   9menu                           - Creates X menus from the shell
p   9mount                          - plan9 filesystem (v9fs) user mount utiliti
p   9wm                             - emulation of the Plan 9 window manager 8-1
i   a2ps                            - GNU a2ps - 'Anything to PostScript' conver
sa@wks:~$ aptitude search ~poptional -F '%p' | head
2vcard
3270-common
3dchess
4g8
6tunnel
9base
9menu
9mount
9wm
a2ps
sa@wks:~$

In case we want to install all packages marked standard, this is what we do: aptitude install $(aptitude search ~pstandard -F '%p').

Reboot History

For those who would like to know when their machine was/got rebooted, last can be used to get that kind of information:

sa@wks:~$ last reboot
reboot   system boot  2.6.31-1-amd64   Wed Nov 25 21:06 - 15:57 (3+18:51)
reboot   system boot  2.6.31-1-amd64   Wed Nov 25 20:59 - 15:57 (3+18:58)
reboot   system boot  2.6.31-1-amd64   Fri Nov  6 14:40 - 15:57 (23+01:17)
reboot   system boot  2.6.31-1-amd64   Fri Nov  6 11:30 - 14:39  (03:08)
reboot   system boot  2.6.31-1-amd64   Fri Nov  6 08:36 - 11:29  (02:53)
reboot   system boot  2.6.31-1-amd64   Tue Nov  3 20:52 - 06:19 (2+09:27)
reboot   system boot  2.6.31-1-amd64   Tue Nov  3 20:48 - 20:51  (00:02)
reboot   system boot  2.6.31-1-amd64   Tue Nov  3 18:34 - 20:47  (02:13)
reboot   system boot  2.6.30-2-amd64   Tue Nov  3 18:02 - 18:33  (00:31)

wtmp begins Tue Nov  3 18:02:31 2009
sa@wks:~$

See man 1 last for detailed information.

Show top Diskspace Users

How can we show the top diskspace users within the current directory? Easy, we use du combined with sort:

sa@wks:~$ cd mm/audio/music/
sa@wks:~/mm/audio/music$ type dus; dus
dus is aliased to `du -sh * | sort -k1,1rh'
37G     poprock
11G     hardrock
4.6G    country
4.2G    jazz
4.2G    raprnb
3.2G    classic
3.2G    housetechnomixes
2.0G    blues
960M    electronic
737M    opera
570M    smooth
sa@wks:~/mm/audio/music$

I used dus which is an alias in my ~/.bashrc file.

Nifty one-liners and Scripts

Go here for one-liners and here for scripts.

Time Limit for running Processes

Who would need that? Well, maybe the parent who wants/needs to limit the computer usage of their kids to a certain amount of time. Maybe also the system administrator who wants to start a long running resource intense process (that can be resumed later) and have it end before somebody else shows up on that machine and needs to work with it.

For example, if we install childsplay for our kids and wanted them not to play it for more than one hour (3600 seconds), we would use timeout like this: timeout 3600 childsplay. timeout is available from the coreutils package

sa@wks:~$ type afl; afl coreutils | grep timeout
afl is aliased to `apt-file list'
coreutils: /usr/bin/timeout
coreutils: /usr/share/man/man1/timeout.1.gz
sa@wks:~$

The timelimit package is yet another piece of software we could use to limit the execution time of some process e.g. the indexing of database contents.

Resume an SCP Transfer

A standard use case is when we want to upload data to some server, securely of course, so we use SSH (Secure Shell) — respectively SCP (Secure Copy) but then that is copying files using SSH so... secure it is ;-]

Assuming we have 2GiB to upload and our upload-bandwidth is just 1Mbit/sec — yes, this will take a long time (or make it 2TiB and 100Mbit/sec bandwidth, same thing, there is always not enough bandwidth and to much latency). That by itself is unpleasant but no real problem.

What is however, is, if we have uploaded 1.9GiB then our connection fails for some reason — kids, dogs, cats, ISPs (Internet Service Providers), angry girlfriend, etc. Whatever the cause may be, our transfer is canceled and with standard SCP there is no way to resume it after it got canceled.

Usually, this is where we need to start all over again which of course totally sucks — after all, while we upload our 2GiB, our connection is going to be bloody slow even for reading email or just surfing through our favorite websites.

Rsync magic to the rescue! rsync --partial --progress --rsh=ssh is what is going to ease the pain a lot even if our transfer gets canceled for some reason. This one-liner simply transfers our data using rsync over SSH — so, secure plus it can pick up wherever it got knocked of its feet for whatever reason i.e. we do not need to start over even if our upload fails before it is finished.

I have settled with a slightly modified/improved version to the above one-liner — alias syncsec="rsync -aSHAXh --delete --progress --stats --numeric-ids --rsh=ssh". I put it into my ~/.bashrc next to a few other non-ssh variants of rsync. After sourcing ~/.bashrc using source ~/.bashrc we can start using it like this: syncsec /tmp/foo.avi 1.2.3.4:/home/sa — this would copy foo.avi from my local machine to some remote machine and put it into my home directory.

Below is an example where I upload an entire directory structure (recursively; note the -a switch above; see man 1 rsync) to my remote server — it not just securely copies/mirrors data to the server but also creates the exact same state remotely because it also deletes files remotely if deleted locally. Same goes for all sorts of file permissions etc. Also note the nice status information — per file in percentage and globally e.g. file 396 of 711.

The most important thing to see here however is that we issued syncsec and then we were at file 396 already. How come? Well, we are resuming things here — in this particular case I simply killed the rsync process myself a few hours ago because I wanted to have all upload bandwidth available so I can work without being bothered. Now I am off to bed and thus I issue syncsec again in order to resume the upload so it can finish while I am asleep. The -p 14675 by the way just specifies a non-standard listening port for sshd.

sa@wks:~$ syncsec -p 14675 mm/audio/music/jazz http://example.com:/home/sa/backup/home/sa/mm/audio/music/

sending incremental file list
jazz/louisarmstrong/
deleting jazz/louisarmstrong/22_lazy_river_1.m4a
deleting jazz/louisarmstrong/22_lazy_river.m4a
deleting jazz/louisarmstrong/10_the_gypsy_1.m4a
deleting jazz/louisarmstrong/10_the_gypsy.m4a
deleting jazz/louisarmstrong/04_the_bucket's_got_a_hole_in_it_1.m4a
deleting jazz/louisarmstrong/04_the_bucket's_got_a_hole_in_it.m4a
deleting jazz/louisarmstrong/''c''_jam_blues.mp3
jazz/louisarmstrong/all_of_me.mp3
       5.16M 100%   69.60kB/s    0:01:11 (xfer#1, to-check=396/711)
jazz/louisarmstrong/all_that_meat_and_no_potatoes.mp3
       5.07M 100%   42.23kB/s    0:01:56 (xfer#2, to-check=395/711)
jazz/louisarmstrong/alligator_crawl.mp3
       4.52M 100%   41.45kB/s    0:01:46 (xfer#3, to-check=394/711)
jazz/louisarmstrong/alligator_hop.mp3
       2.91M 100%   41.83kB/s    0:01:07 (xfer#4, to-check=393/711)
jazz/louisarmstrong/amazing_grace.mp3
       1.96M 100%   41.26kB/s    0:00:46 (xfer#5, to-check=392/711)
jazz/louisarmstrong/april_in_paris.mp3
       9.53M 100%   41.93kB/s    0:03:41 (xfer#6, to-check=391/711)
jazz/louisarmstrong/as_time_goes_by.mp3
       2.61M 100%   40.34kB/s    0:01:03 (xfer#7, to-check=390/711)
jazz/louisarmstrong/baby,_it's_cold_outsid.mp3
       4.45M 100%   41.06kB/s    0:01:45 (xfer#8, to-check=388/711)
jazz/louisarmstrong/baby,_won't_you_please_come_home.mp3
       4.03M 100%   44.04kB/s    0:01:29 (xfer#9, to-check=387/711)
jazz/louisarmstrong/back_ole_town_blues.mp3
       5.81M 100%   41.71kB/s    0:02:15 (xfer#10, to-check=386/711)
jazz/louisarmstrong/battle_hymn_of_the_republic.mp3
       2.60M 100%   41.05kB/s    0:01:01 (xfer#11, to-check=384/711)
jazz/louisarmstrong/big_butter&egg_man.mp3
       4.78M  61%   45.41kB/s    0:01:07

Limit Bandwidth Usage

So now we know how to resume an upload. What we do not know however is how to do so in a way that does not negatively impact others or ourselves by sucking up all the available bandwidth.

Long story cut short: we want to dynamically limit the bandwidth usage of rsync to 2/3 of what is currently available — most of the time we are in networks where we have an asymmetric connection (more download bandwidth than upload bandwidth), thus it is the upload speed that will set our barrier when we measure bandwidth.

If we were at the office and had an upload bandwidth of 1 Gbit/sec, we would use 666 Mbit/sec (that is 2/3) or less. On the other hand, if we were sitting in a lovely Cafe in Rome and typing away on our subnotebook and being connected to Internet via 3G, we might only have 3 Mbit/sec of available upload bandwidth and thus desire that rsync never takes up more than 2 Mbit/sec (that is 2/3) so we can send/receive emails and surf the WWW etc. without being bothered because everything stops working just because our currently running backup/synchronization process eats up all available bandwidth.

Big Picture

I like to backup/synchronize my data across all machines and gadgets I use i.e. subnotebook, workstation and cell. The point being here is that I not just backup my data and thus prevent data loss but I also synchronize all my machines so that I can start working on this article on my workstation, then synchronize it to my server, grab my suitcase and while heading to the airport, I can fire up my subnotebook, synchronize it with my server and Et voilà, I can continue working on this article.

Another use case that falls out of this setup is when I do what I like the most, traveling that is. I can take pictures, put it into my collection of photo albums, write a little about the trip, check if everything works locally (running the exact same software stack locally i.e. web server, web browser etc.) and then backup/synchronize the entire thing with my server and thus my website/platform so that while I am still traveling, folks can already browse through my itinerary.

The whole setup is basically a star topology with my server sitting at the center. Of course this works from any devices to any other device and back — rsync and Unison are smart enough to always figure out the most current version of some file and thus never overwrite it with an older version of the same file.

Installing and Configuring

We are keeping this simple and straight forward by using a bit of shell code and iperf. iperf is used for measuring the currently available bandwidth. We will install it on some remote machine and on our subnotebook and/or workstation and every other gadgets that we want to backup/synchronize.

We install iperf on our local machine an on the remote machine where we start it as a daemon process using iperf -sD. We also take care that TCP port 5001 is open (in case we use a firewall). Then, on our local machine we do

sa@wks:~$ iperf -c example.com
------------------------------------------------------------
Client connecting to example.com, TCP port 5001
TCP window size: 16.0 KByte (default)
------------------------------------------------------------
[  3] local 10.0.0.2 port 60837 connected with 177.31.XXX.XXX port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.2 sec    448 KBytes    359 Kbits/sec
sa@wks:~$

and as can be seen, it works fine i.e. the current upload speed is 359 kbits/sec. rsync however wants kBytes/sec so we do a little math to

• get kBytes/sec and
• thereof 2/3 since we want to limit our upload speed to 2/3 of totally available upload bandwidth in order to have enough bandwidth left for e.g. surfing the web or sending/receiving email

Those two requirements translate exactly into two one-liners using a bit of shell magic:

 1  sa@wks:~$ grep -A20 'calculate upload bandwidth' .bashrc
 2  ###_    . calculate upload bandwidth
 3          # see /ws/debian_notes_cheat_sheets.html#limit_bandwidth_usage
 4          source $HOME/.sec/hostnames_mapping
 5
 6          # calculate the available upload bandwidth in kBytes/sec and output it onto the CLI
 7          alias iperf_calculate_upload_bandwidth="iperf --format K -c $backup_host | cut -d \",\" -f9"
 8
 9          # calculate the available upload bandwidth in kbits/sec and
10          # save it to /tmp/current_upload_bandwidth_in_kbits_per_second
11          [[ -r /tmp/current_upload_bandwidth_in_kbits_per_second ]] || $(iperf --reportstyle c -c $backup_host | cut -d "," -f9 > /tmp/current_upload_bandwidth_in_kbits_per_second)
12
13
14          # caculate 2/3 of the currently available upload bandwidth
15          # (and convert it to kBytes/sec) so we can sync data from our
16          # local machine to some remote machine without negatively
17          # impacting things like ordinary websurfing and the like.
18          # Example: if we had 66 kBytes/sec available upload bandwidth,
19          # rsync would be limited to 44 kBytes/sec using the --bwlimit
20          # switch.
21          [[ -r /tmp/current_upload_bandwidth_in_kbits_per_second ]] && upload_bw_limit=$(echo "($(cat /tmp/current_upload_bandwidth_in_kbits_per_second)/8000)*.66" | bc | cut -d "." -f1)
22
23  sa@wks:~$ source ~/.bashrc
24  sa@wks:~$ echo $upload_bw_limit
25  25
26  sa@wks:~$ iperf_calculate_upload_bandwidth
27  ------------------------------------------------------------
28
29  TCP window size: 16.0 KByte (default)
30  ------------------------------------------------------------
31  [  3] local 10.0.0.2 port 47769 connected with 177.31.XXX.XXX port 5001
32  [ ID] Interval       Transfer     Bandwidth
33  [  3]  0.0-10.1 sec    368 KBytes  36.6 KBytes/sec
34  sa@wks:~$ egrep syncsec.+= .bashrc
35          syncsec="rsync      -aSHAXh  --delete --progress --stats --numeric-ids --rsh=ssh"
36          syncseclimit="rsync -aSHAXh  --delete --progress --stats --numeric-ids --rsh=ssh --bwlimit=$upload_bw_limit"
37  sa@wks:~$

The one liners in question are with lines 11 and 21. Line 4 is just used to do some mapping i.e. I do not want to let everybody know the IP address or hostname of my remote machine that runs iperf in server mode. Line 7 (later used in line 26) is just to quickly test the currently available bandwidth in kBytes/sec from the CLI (Command Line Interface).

After we made those two one-liners into aliases in my ~/.bashrc, and after sourcing ~/.bashrc in line 23, we can start using them — actually, just sourcing ~/.bashrc is already doing so and thus we can have a look at what 2/3 bandwidth currently computes to with line 24 and 25 (note line 33 which shows the entire currently available bandwidth in kBytes/sec).

The whole point of doing all this can be seen with lines 35 and 36 respectively — syncseclimit is yet another alias in my ~/.bashrc, used to transfer data securely, with the ability to resume the transfer in case it gets canceled and now, even with the ability to limit its bandwidth usage.

Note how line 35 (the syncsec alias) is exactly the same as line 36 except that now, with line 36, we also use rsync's --bwlimit switch and upload_bw_limit in order to limit the bandwidth usage (currently 25 kBytes/sec).... Et voilà, we are done ladies and gentlemen!

We can now enter a plane, fly half around the world, use our subnotebook to write a ton of weblog entries, take lots of pictures and every time we have connectivity to the Internet, we can synchronize all this data onto our server for folks to read up on our fantastic adventures, business news or whatever needs to be told ;-]

Recursively change File mode Bits

What if we have a directory containing several other directories and files. Even more so, what if those directories again, contain directories and files and so on — the typical recursive case...

The example in lines 5 to 23 below shows a directory (/tmp/images) which contains other directories and files in a manner as mentioned above i.e. recursive and a mix of file mode bits.

Now we want to change all the directories mode bits to 0755 and all file mode bits to 0644. How do we do that? Piece of cake:

 1  sa@wks:/tmp$ pwd; whoami; type tap; tap images
 2  /tmp
 3  sa
 4  tap is aliased to `tree -ap -I \.git*\|*\.\~*\|*pyc
 5  images
 6  |-- [drwxr-xr-x]  screenshots
 7  |   |-- [-rw-r--r--]  business_card.png
 8  |   |-- [-rw-r--r--]  business_card_1.png
 9  |   `-- [-rw-r--r--]  feedback_1222183643220.png
10  |-- [-rw-------]  signature.jpg
11  `-- [drwxr--r--]  wallpaper
12      |-- [-rw-r--r--]  abstrac032.jpg
13      |-- [-rw-r--r--]  abstrac033.jpg
14      |-- [-rw-r--r--]  earth_at_night.png
15      |-- [-rw-r--r--]  little_fellow.jpg
16      |-- [-rwxr--r--]  monster.jpg
17      |-- [-rwxr--r--]  mouth-wide-open.jpg
18      |-- [-rwxr--r--]  mouth-wide-open.png
19      |-- [-rwxr--r--]  rms_and_oreilly_floss.jpg
20      |-- [-rwxr--r--]  robotical.jpg
21      |-- [-rwxr--r--]  skull.jpg
22      |-- [-rw-r--r--]  terminator_3.jpg
23      `-- [-rwxr--r--]  thinkincreature.jpg
24
25  2 directories, 16 files
26  sa@wks:/tmp$ find images -type f -exec chmod 0644 {} \;
27  sa@wks:/tmp$ find images -type d -exec chmod 0755 {} \;
28  sa@wks:/tmp$ tap images
29  images
30  |-- [drwxr-xr-x]  screenshots
31  |   |-- [-rw-r--r--]  business_card.png
32  |   |-- [-rw-r--r--]  business_card_1.png
33  |   `-- [-rw-r--r--]  feedback_1222183643220.png
34  |-- [-rw-r--r--]  signature.jpg
35  `-- [drwxr-xr-x]  wallpaper
36      |-- [-rw-r--r--]  abstrac032.jpg
37      |-- [-rw-r--r--]  abstrac033.jpg
38      |-- [-rw-r--r--]  earth_at_night.png
39      |-- [-rw-r--r--]  little_fellow.jpg
40      |-- [-rw-r--r--]  monster.jpg
41      |-- [-rw-r--r--]  mouth-wide-open.jpg
42      |-- [-rw-r--r--]  mouth-wide-open.png
43      |-- [-rw-r--r--]  rms_and_oreilly_floss.jpg
44      |-- [-rw-r--r--]  robotical.jpg
45      |-- [-rw-r--r--]  skull.jpg
46      |-- [-rw-r--r--]  terminator_3.jpg
47      `-- [-rw-r--r--]  thinkincreature.jpg
48
49  2 directories, 16 files
50  sa@wks:/tmp$

tap is an alias in my ~/.bashrc as we can see from line 4. In lines 1 and 28 I use it to show the before and the after. The real deal is with lines 26 and 27 where we actually change the file mode bits in a recursive manner.

More about how and when we might take the steps shown above can be found here, here and here.

Switch from Dash to Bash

Debian switched its default shell from Bash to Dash for efficiency reasons (read speed). However, if, for some reason, we wanted to have our default shell set to Bash again, then dpkg-reconfigure dash would do the trick for us as we can see below:

 1  wks:/bin# pwd
 2  /bin
 3  wks:/bin# ls -l sh
 4  lrwxrwxrwx 1 root root 4 2009-11-09 16:57 sh -> dash
 5  wks:/bin# dpkg-reconfigure dash
 6
 7
 8  [ here we get asked if Dash should become the default shell... we choose "No"]
 9
10
11  Removing `diversion of /bin/sh to /bin/sh.distrib by dash'
12  Adding `diversion of /bin/sh to /bin/sh.distrib by bash'
13  Removing `diversion of /usr/share/man/man1/sh.1.gz to /usr/share/man/man1/sh.distrib.1.gz by dash'
14  Adding `diversion of /usr/share/man/man1/sh.1.gz to /usr/share/man/man1/sh.distrib.1.gz by bash'
15  wks:/bin# ls -l sh
16  lrwxrwxrwx 1 root root 4 2009-11-09 16:57 sh -> bash
17  wks:/bin#

Note the differences in lines 4 and 16. We are done. Bash is now our default shell again. Switching back is the same procedure except that we would choose Yes instead of No.

Install Debian from USB Stick

This one I like — it is fast, easy and straight forward... it is the perfect solution for those who do not want to waste another CD when doing a Network install and/or for those who do not even have a CD/DVD drive attached to their computer anymore.

We are assuming that our USB (Universal Serial Bus) device is indicated by /dev/sdb, and that we want to install Debian testing via its netinstall image.

 1  sa@wks:~$ di -h
 2  Filesystem         Mount               Size     Used    Avail %Used fs Type
 3  /dev/mapper/vg0-ro /                   1.4T   112.0G     1.3T   8%  xfs
 4  /dev/sda1          /boot             227.9M    32.9M   182.8M  20%  ext2
 5  udev               /dev               10.0M   172.0k     9.8M   2%  tmpfs
 6  tmpfs              /dev/shm            3.9G     4.0k     3.9G   0%  tmpfs
 7  tmpfs              /lib/init/rw        3.9G       0      3.9G   0%  tmpfs
 8  sa@wks:~$ su
 9  Password:
10  wks:/home/sa# fdisk -l | sed -n '/sdb:/,/sdb/p'
11  Disk /dev/sdb: 8015 MB, 8015282176 bytes
12  255 heads, 63 sectors/track, 974 cylinders
13  Units = cylinders of 16065 * 512 = 8225280 bytes
14  Disk identifier: 0x000ca960
15
16     Device Boot      Start         End      Blocks   Id  System
17  /dev/sdb1               1         240     1927768+  83  Linux

At first we need to identify the device node respectively mount point of our USB stick. The commands di, df and fdisk -l help us with this task. In the above example (lines 3 to 7), we can see that after plugging my USB stick it has not been mounted — that might differ depending on what filesystem etc. is present on the USB stick. If it were mounted, we would have to use umount /dev/sdb in order to proceed.

Next we need to identify the actual device node where the USB stick has been discovered on. We use fdisk -l do so — the additional pipe to sed above is just to limit the output to only that device node. As can be seen, I have a USB stick, 8GiB in size, available at /dev/sdb.

Next we are going to download the boot image so our USB stick can be booted from. As I mentioned before, we are going to choose x86-64 (also known as AMD64) as target platform plus we are then going to choose the Debian testing netinstall image.

However, if somebody needs another architecture than x86-64 or rather wants/needs to install Debian stable then all he has to do is to pick the suitable boot respectively netinstall images from the installer page — the install process does not change at all.

18  wks:/home/sa# exit
19  exit
20  sa@wks:~$ cd /tmp/
21  sa@wks:/tmp$
22
23  sa@wks:/tmp$ curl -O http://d-i.debian.org/daily-images/amd64/daily/hd-media/boot.img.gz
24    % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
25                                   Dload  Upload   Total   Spent    Left  Speed
26  100 21.2M  100 21.2M    0     0   704k      0  0:00:30  0:00:30 --:--:--  595k
27  sa@wks:/tmp$ type pi; pi boot
28  pi is aliased to `ls -la | grep'
29  -rw-r--r--  1 sa   sa   22253677 2009-05-31 10:19 boot.img.gz
30  sa@wks:/tmp$ wget -q http://d-i.debian.org/daily-images/amd64/daily/MD5SUMS
31  sa@wks:/tmp$ grep boot.img.gz MD5SUMS
32  3ccce59a24c99c50ff10fe8ee37c2794  ./hd-media/boot.img.gz
33  sa@wks:/tmp$ md5sum boot.img.gz
34  3ccce59a24c99c50ff10fe8ee37c2794  boot.img.gz

In line 23 we download boot.img.gz using curl — of course, wget would do too. Note that we opted for the daily build i.e. the most up-to-date image. As I said, this choice is based on what one needs/wants...

Finally, we check the integrity of the downloaded data using md5sum as can be seen in lines 33 and 34. As we can see, all fine i.e. the hashsums from line 32 and line 34 match. If they do not, then either something went wrong during the download or, much worse, somebody is trying a man-in-the-middle attack on us.

Note that boot.img.gz is needed to make the USB stick bootable — it is not the actual netinstall image for x86-64, Debian testing. We are going to get this one now:

35  sa@wks:/tmp$ wget -q http://cdimage.debian.org/cdimage/daily-builds/daily/arch-latest/amd64/iso-cd/MD5SUMS.small
36  sa@wks:/tmp$ wget -q http://cdimage.debian.org/cdimage/daily-builds/daily/arch-latest/amd64/iso-cd/debian-testing-amd64-netinst.iso
37  sa@wks:/tmp$ pi MD5; pi netinst
38  -rw-r--r--  1 sa   sa         139 2009-05-31 05:36 MD5SUMS.small
39  -rw-r--r--  1 sa   sa   143622144 2009-05-31 05:36 debian-testing-amd64-netinst.iso
40  sa@wks:/tmp$ md5sum -c MD5SUMS.small
41  md5sum: debian-testing-amd64-businesscard.iso: No such file or directory
42  debian-testing-amd64-businesscard.iso: FAILED open or read
43  debian-testing-amd64-netinst.iso: OK
44  md5sum: WARNING: 1 of 2 listed files could not be read

All we do in lines 35 to 44 is downloading the actual netinstall image and verify it with regards to data integrity — this time the md5sum invocation is different as can be seen in line 40. The files MD5SUM and MD5SUM.small come with more than just one hashsum thus we use grep in line 31 respectively we get failure in line 42 and the warning in line 44 — that is all fine since we only need to verify debian-testing-amd64-netinst.iso which checks out ok as can be seen in line 43.

Next thing to do is to put the boot image as well as the netinstall image onto our USB stick:

45  sa@wks:/tmp$ su
46  Password:
47  wks:/tmp# zcat boot.img.gz > /dev/sdb
48  wks:/tmp# la /mnt
49  total 4
50  drwxr-xr-x  2 root root    6 2009-04-24 21:05 .
51  drwxr-xr-x 22 root root 4096 2009-05-29 19:40 ..
52  wks:/tmp# mount -t msdos /dev/sdb /mnt/
53  wks:/tmp# la /mnt
54  total 21888
55  drwxr-xr-x  2 root root    16384 1970-01-01 01:00 .
56  drwxr-xr-x 22 root root     4096 2009-05-29 19:40 ..
57  -rwxr-xr-x  1 root root      496 2009-05-31 00:05 adgtk.cfg
58  -rwxr-xr-x  1 root root      367 2009-05-31 00:05 adtxt.cfg
59  -rwxr-xr-x  1 root root       68 2009-05-31 00:05 disk.lbl
60  -rwxr-xr-x  1 root root       56 2009-05-31 00:05 exithelp.cfg
61  -rwxr-xr-x  1 root root      568 2009-05-31 00:05 f10.txt
62  -rwxr-xr-x  1 root root      890 2009-05-31 00:05 f1.txt
63  -rwxr-xr-x  1 root root      665 2009-05-31 00:05 f2.txt
64  -rwxr-xr-x  1 root root      852 2009-05-31 00:05 f3.txt
65  -rwxr-xr-x  1 root root      486 2009-05-31 00:05 f4.txt
66  -rwxr-xr-x  1 root root      806 2009-05-31 00:05 f5.txt
67  -rwxr-xr-x  1 root root     1220 2009-05-31 00:05 f6.txt
68  -rwxr-xr-x  1 root root      916 2009-05-31 00:05 f7.txt
69  -rwxr-xr-x  1 root root     1019 2009-05-31 00:05 f8.txt
70  -rwxr-xr-x  1 root root      765 2009-05-31 00:05 f9.txt
71  -rwxr-xr-x  1 root root    58344 2009-05-31 00:05 g2ldr
72  -rwxr-xr-x  1 root root     8192 2009-05-31 00:05 g2ldr.mbr
73  -rwxr-xr-x  1 root root      132 2009-05-31 00:05 gtk.cfg
74  -rwxr-xr-x  1 root root 14276856 2009-05-31 00:05 initrdg.gz
75  -rwxr-xr-x  1 root root  5427029 2009-05-31 00:05 initrd.gz
76  -r-xr-xr-x  1 root root    14342 2009-05-31 00:05 ldlinux.sys
77  -rwxr-xr-x  1 root root  2059008 2009-05-31 00:05 linux
78  -rwxr-xr-x  1 root root      530 2009-05-31 00:05 menu.cfg
79  -rwxr-xr-x  1 root root      190 2009-05-31 00:05 prompt.cfg
80  -rwxr-xr-x  1 root root   292833 2009-05-31 00:05 setup.exe
81  -rwxr-xr-x  1 root root     6329 2009-05-31 00:05 splash.png
82  -rwxr-xr-x  1 root root      523 2009-05-31 00:05 stdmenu.cfg
83  -rwxr-xr-x  1 root root       87 2009-05-31 00:05 syslinux.cfg
84  -rwxr-xr-x  1 root root      131 2009-05-31 00:05 txt.cfg
85  -rwxr-xr-x  1 root root   147728 2009-05-31 00:05 vesamenu.c32
86  -rwxr-xr-x  1 root root      187 2009-05-31 00:05 win32-loader.ini
87  wks:/tmp# mv debian-testing-amd64-netinst.iso /mnt/
88  mv: failed to preserve ownership for `/mnt/debian-testing-amd64-netinst.iso': Operation not permitted
89  wks:/tmp# umount /mnt
90  wks:/tmp# la /mnt/
91  total 4
92  drwxr-xr-x  2 root root    6 2009-04-24 21:05 .
93  drwxr-xr-x 22 root root 4096 2009-05-29 19:40 ..
94  wks:/tmp# exit
95  exit
96  sa@wks:/tmp$

In line 47 we extract boot.img.gz right onto our USB stick. Next we mount it into /mnt and move the netinstall image onto it in line 87 — the warning in line 88 can safely be ignored, the fat16 filesystem which we create with line 47 simply has no notion of advanced file ownership that is why it moans.

We are finished now. All that is left to do now is to unmount the filesystem on the USB stick (line 89). We can now proceed with installing a new system with the just prepared USB stick — of course we should tell our BIOS (BasicInput/Output System) to boot from USB i.e. make the USB stick the first device in the boot order.

Get/set List of installed Packages

This note is about the trivial approach to retrieving/injecting the list of installed packages from/to a Debian system i.e. I am not going to talk about non-mainstream procedures like for example tinkering around with ready-made binary images, using some sort of SCM (Software Configuration Management) system, FAI (Fully Automatic Installation) or even better, Puppet. Instead I am focusing on the standard procedure, the one even the novice will find easy and handy to use whenever needed.

So, why would one want to have a list of all installed packages on a Debian system available? The most obvious reason is probably: I want to clone/recreate a system running Debian.

Of course, in order to do so, there is a lot more to consider like for example what to do with the actual data e.g. the master thesis which took us 8 month to put together or all the precious pics that document the grow up of a child — for that kind of stuff we want to have some sort of backup anyway. This note is not about the backup data either, it really only is about getting/setting a list of packages.

Retrieving Package Information

At first we need to gather the information on the original system and write it to some files which we then use on the new system to recreate the same state as we have/had it on the original system:

 1  sa@wks:~$ su
 2  Password:
 3  wks:/home/sa# dpkg --get-selections | grep -w install$ > /tmp/packet_selection_on_orig
 4  wks:/home/sa# debconf-get-selections > /tmp/configuration_information_for_packets_on_orig
 5  wks:/home/sa# wc -l /tmp/*on_orig
 6    1098 /tmp/configuration_information_for_packets_on_orig
 7    2359 /tmp/packet_selection_on_orig
 8    3457 total
 9  wks:/home/sa# head -n5 !wc:$
10  head -n5 /tmp/*on_orig
11  ==> /tmp/configuration_information_for_packets_on_orig <==
12  # RSA passphrase:
13  uswsusp uswsusp/RSA_passphrase  password
14  # RSA passphrase confirmation:
15  uswsusp uswsusp/RSA_passphrase_v        password
16  # Time zone:
17
18  ==> /tmp/packet_selection_on_orig <==
19  a2ps                                            install
20  abiword                                         install
21  abiword-common                                  install
22  abiword-help                                    install
23  abiword-plugin-goffice                          install

Lines 3 and 4 are where we gather the information about installed packages and their settings on the original system (wks in this case). Lines 5 to 23 are just in place to get a feeling about how much packages (lines 6 and 7) that might be and what the contents of either file might look like (lines 11 to 16 and lines 18 to 23 respectively).

Those who wonder about the shortcut (!wc:$) in line 9 might take a look at my Bash history section.

Injecting Package Information

Now that we are done gathering the information from the original system (wks), we need to somehow transfer it to the system that we wish to share the identical set of packages and their settings as has the original system.

There are many ways for transferring the files from the original to the new system — using an USB stick or SCP (Secure Copy) i.e. via SSH (Secure Shell) for example are just two possibilities.

After installing the new system via Network install for example, we use the files packet_selection_on_orig and configuration_information_for_packets_on_orig to recreate the state of packages on the new system (rh4):

24  rh4:/home/sa# cat /tmp/configuration_information_for_packets_on_orig | debconf-set-selections
25  rh4:/home/sa# cat /tmp/packet_selection_on_orig | dpkg --set-selections
26  rh4:/home/sa# aptitude install
27
28
29  [ many lines showing the usual install process...]
30
31

I am running Release X but...

A questions that pops up a lot is: I am running Release X but then I need to know about Packages in Release Y. How do I do that?

Say, we are using sid (still in development) but need/want to know the package version (or other information) for a package in a particular release other than the one we are currently using on our local box. Phew??! ;-]

In other words, say we are running sid and therefore we can check the kernel version available

sa@sub:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux unstable (sid)
Release:        unstable
Codename:       sid
sa@sub:~$ acsn linux-image-2.6.26
linux-image-2.6.26-1-amd64 - Linux 2.6.26 image on AMD64
linux-image-2.6.26-1-openvz-amd64 - Linux 2.6.26 image on AMD64, OpenVZ support
linux-image-2.6.26-1-vserver-amd64 - Linux 2.6.26 image on AMD64, Linux-VServer support
sa@sub:~$

Ok fine, so 2.6.26 available in sid — easy to figure since we are running sid. But what about e.g. testing and stable?

At this point folks start altering /etc/apt/sources.list back and forth with aptitude update and stuff to check in between OR they use SSH (Secure Shell) to log into a machine running the particular release OR they enter a OpenVZ VE (Virtual Environment) running the particular release OR the check at http://packages.qa.debian.org/l/linux-2.6.html OR...

Why not

sa@sub:~$ rmadison linux-image-2.6-amd64
linux-image-2.6-amd64 | 2.6.18+6etch3  | stable     | amd64, i386
linux-image-2.6-amd64 | 2.6.26+15      | testing    | amd64, i386
linux-image-2.6-amd64 | 2.6.26+15      | unstable   | amd64, i386
sa@sub:~$

From Lilo2Grub

Well, for a long time now Lilo was the default boot with Debian. Now, that there is GNU GRUB (GRand Unified Bootloader) things have gotten a lot easier and fun simply because Grub is way better. However, it may happen that we get some remote server where the datacenter folks installed an image which still features Lilo instead of Grub. I am now showing how to make the change from Lilo to Grub.

First of all, we do a mkdir /boot/grub. Then we do a aptitude install grub respectively apt-get install grub. After that, we need to tell Grub where (which HDD (Hard Disk Drive)) it should be installed. Therefore we might for example use df, di is yet another opportunity among several others. In my current case, /boot is located on /dev/hda.

,----[ df | grep boot ]
| /dev/hda1               459143     22375    412271   6% /boot
`----

Installing Grub to the correct partition is easy. grub-install /dev/hda (Replace /dev/hda with the disk you want to install your bootloader on) does the trick. After that, we run update-grub to create the file menu.lst which holds all the information for booting with Grub. Now we have to remove Lilo which can be done with aptitude purge lilo or apt-get --purge remove lilo.

If we want to automatically update the menu.lst whenever we install a new kernel, adding the following to /etc/kernel-img.conf does the trick (note, it may already be there if the Debian release is quite a current one):

do_bootloader = no
do_initrd = Yes
postinst_hook = update-grub
postrm_hook = update-grub

And now, we reboot the machine (e.g. init 6 as root). That is it... we are done switching from Lilo to Grub.

Java on DebianGNU/Linux

I am not going to talk about what Java is. I am also not talking about how to install a Java browser plug-in. I am rather going to talk about how to install and set it up on Debian. First we need to edit the file sources.list (we need to be root to do so; sudo might work too). What we need is to add non-free to line 5. Line 6 and the rest is optional. After we did so, we save and run apt-get update respectively aptitude update.

 1  sa@wks:~$ head /etc/apt/sources.list
 2  # update package list over internet - non-free because of Java
 3  # try `acsn sun-j'
 4
 5  deb ftp://ftp.de.debian.org/debian/ unstable main contrib non-free
 6  deb-src ftp://ftp.de.debian.org/debian unstable main contrib non-free
 7
 8
 9  # emacs snapshot
10  deb http://emacs.orebokech.com sid main
11  deb-src http://emacs.orebokech.com sid main
12  sa@wks:~$

Next step is to install Java which is done (as of now, February 2008) with apt-get install sun-java6-jdk. Installing this package, sun-java6-jre gets installed as well. sun-java6-jre actually does the job as well but then I opted for the whole sdk since I need some development tools from time to time (although I hate Java).

In case there are more than one Java packages installed, we might run update-alternatives like this:

 1  sa@wks:~$ su
 2  Password:
 3  pc1:/home/sa# update-alternatives --config java
 4
 5  There are 4 alternatives which provide `java'.
 6
 7    Selection    Alternative
 8  -----------------------------------------------
 9            1    /usr/bin/java-sablevm
10  *+        2    /usr/lib/jvm/java-gcj/jre/bin/java
11            3    /usr/bin/gij-4.3
12            4    /usr/lib/jvm/java-6-sun/jre/bin/java
13
14  Press enter to keep the default[*], or type selection number: 4
15  Using '/usr/lib/jvm/java-6-sun/jre/bin/java' to provide 'java'.
16  pc1:/home/sa# exit
17  exit
18  sa@wks:~$ java -version
19  java version "1.6.0_04"
20  Java(TM) SE Runtime Environment (build 1.6.0_04-b12)
21  Java HotSpot(TM) Client VM (build 10.0-b19, mixed mode, sharing)
22  sa@wks:~$

Again, we either need to become root (which is what I did in lines 1 and 2) or go with sudo. Line 3 shows what we are actually looking for i.e. we use update-alternatives to switch to the just installed Java version (line 14). Since we never trust anyone or anything we check the Java version in lines 18 to 21. Although I have to say I dislike Java, I like some apps written in Java e.g. ArgoUml.

GNU Info

I make heavy use of GNU Info in conjunction with GNU Emacs. Although, reading Info files with GNU Emacs is not a must-do — info files can be read in various other ways too e.g. on the CLI (Command Line Interface).

Anyway, the reason why I use GNU Info and GNU Emacs is because speed matters. With a few keystrokes (starting with C-h i) I get the information I am looking for within seconds rather than minutes or even worse. Here is how it looks like.

Often, I use up-to-the-minute code from upstream repositories i.e. no .deb via apt (advanced packaging tool). This means that when issuing C-h i the GNU Info file for that particular package is not listed simply because the dir file (see man install-info) does not contain a reference and/or no .info file has been build yet.

This leaves us with two choices — first the we are 14 years old i.e. we still have a lot time and secondly we are some old lazy animals version.

1. We create a debian package (daily snapshot or so) and put it online for others so they can be up-to-date as well simply by running apt-get update && apt-get upgrade or the aptitude equivalent.
2. We build and then use C-u C-h i. this one creates the .info from the TeXinfo source file plus we avoid fiddling with install-info and thus the dir file.

Guess what i always do ;-] There is also a nifty GNU Emacs function on my Emacs notes and cheat sheet page, helping us to speed up things a lot... enjoy!.

Shell built-in Variables

The reason why I am going to spend the next 5 minutes or so to quickly provide some information on this topic is, that over and over again, beginners always seem quite confused about shell built-in's.

Folks new to Linux and especially the CLI (Command Line Interface) get a hang on things like man ls pretty fast. Then, what mostly happens, is that someone tries this

sa@wks:~$ man set
No manual entry for set
sa@wks:~$

or something akin which strikes them with nothing but confusion. Luckily, where there is confusion there is always a good chance to make it go away as well.

Let us shed some light on this. set and others are so-called shell built-in commands i.e. they are not standalone programmes (e.g. binaries, shell scripts, etc.) but they are rather an integral part of our shell (Debian's standard shell is called Bash by the way).

I exclusively use the Bash — the way to figure if some command is standalone or built-in goes like this

 1  sa@wks:~$ type set
 2  set is a shell builtin
 3  sa@wks:~$ type fr
 4  fr is aliased to `/usr/local/sbin/my_file_rename_helper.sh'
 5  sa@wks:~$ type ls
 6  ls is aliased to `ls --color=auto'
 7  sa@wks:~$ type rm
 8  rm is /bin/rm

set is a shell built-in as we figure in line 2 by issuing line 1. As can be seen, type is our friend. Guess what? Yes, type is a shell built-in as well (try type type). Line 4 and 6 show two aliases from my ~/.bashrc. Then, in line 8, is what we call a standalone program/command.

As we figured above, man <a_shell_built-in> does not work. So how do we get some information about a shell built-in? The answer can be seen in lines 9 to 79.

 9  sa@wks:~$ help set
10  set: set [--abefhkmnptuvxBCHP] [-o option] [arg...]
11           -a  Mark variables which are modified or created for export.
12          -b  Notify of job termination immediately.

[skipping a lot of lines...]

77      parameters and are assigned, in order, to $1, $2, .. $n.  If no
78      ARGs are given, all shell variables are printed.
79  sa@wks:~$

Figure the Temperature of the CPU

Of course, one can have fancy GUIs at his local machine but what about remote machines in a datacenter? Also, not every remote machine is hooked up to some fancy monitoring setup. With acpi packages installed, we can do:

sa@wks:~$ type dpl; dpl acpi* | grep ii
dpl is aliased to `dpkg -l'
ii  acpi                                       1.4-2                          displays information on ACPI devices
ii  acpi-support                               0.123-1                        scripts for handling many ACPI events
ii  acpi-support-base                          0.123-1                        scripts for handling base ACPI events such a
ii  acpid                                      1.0.10-2                       Utilities for using ACPI power management
sa@wks:~$ cat /proc/acpi/thermal_zone/THRM/temperature
temperature:             20 C
sa@wks:~$

Environment Variables

This one is not meant to go into detail with environment variables but just to show what is available here as I sit on my lovely DebianGNU/Linux box and how to output a variables content. For those of you who want to go into detail with environment variables I recommend reading ISBN 0201433079 — an excellent piece of work...

sa@wks:~$ echo $
Display all 222 possibilities? (y or n)
$_                                     $_NCONTEXT
$_AWK                                  $_NICE
$BASH                                  $_NOHUP
$bash205                               $OPTERR
$bash205b                              $OPTIND

[skipping a lot of lines...]

$_NADDRESS                             $WORKAROUND_106057
$_NAMEIF                               $WORKAROUND_APT_DBPATH
$_NATTRIBUTE                           $XAUTHORITY
sa@wks:~$ echo $HOME
/home/sa
sa@wks:~$

10^3 != 2^10 therefore GB != GiB

Yes, that is correct. We should really get used to the binary prefix. Folks, we are all dealing with 2^10 stuff — 10^3 is the past. I feel much more comfortable with the 2^10 stuff anyway...

For example, I got a 400GB (10^3 notation) HDD (Hard Disk Drive)

sa@wks:~$ di -h | egrep '^Fi|alan'
Filesystem         Mount               Size     Used    Avail %Used fs Type
/dev/mapper/alan   /media/usb1       372.5G   331.2G    41.3G  89%  xfs
sa@wks:~$

which, as we can see, is 372,5 GiB (2^10 notation). So do not be fooled by HDD vendors simply because they still use the 10^3 notation which makes HDDs look bigger than they really are.

/usr/share/doc/base-files/*

The files in /usr/share/doc/base-files/ contain a lot of interessting things. Especially /usr/share/doc/base-files/FAQ.

/etc/login.defs

sa@wks:~$ head -n3 /etc/login.defs
#
# /etc/login.defs - Configuration control definitions for the login package.
#
sa@wks:~$

Flash on Debian

As of now (December 2008) Gnash is still lacking a lot of features compared to Adobe's closed-source flash player (Adobe should really make it available as free software!). Therefore, if we want decent flash entertainment on Debian (to for example watch videos on YouTube and things like that), we have to install Adobe's flash player.

This can either be done by

• installing the package flashplugin-nonfree from non-free or
• download and install Adobe's binary manually

  

In order to install flashplugin-nonfree one needs to put non-free into his /etc/apt/sources.list e.g. deb ftp://ftp.de.debian.org/debian/ unstable main contrib non-free.

In case one wants to install the binary directly from Adobe's (mostly because it might be ahead in time i.e. it might have a more recent version with some bugs fixed etc.) all there is to do is to download it from http://labs.adobe.com/downloads/, unpack it and move the binary to /usr/lib/mozilla/plugins/ just as I did

sa@wks:/usr/lib/mozilla/plugins$ type pi && pi libflash
pi is aliased to `ls -la | grep'
-rwxr-xr-x 1 sa   sa   9525320 2008-11-14 05:03 libflashplayer.so
sa@wks:/usr/lib/mozilla/plugins$

After restarting Iceweasel, the new flash should work just fine. Generally installing the package is the preferred way because then we get all the benefits of using a package management system. I only opted for the manual install because I wanted the most recent version that had a few bugs fixed already... once that package catches up I will install it and remove the binary.

Just in case, there have been reports that having both installed (flashplugin-nonfree and the binary from the manual install that is) might cause problems. Removing one before the other one is installed might be a good idea. However, alternatively, I would recommend to keep both and tell Debian our preference

wks:/home/sa# update-alternatives --config flash-mozilla.so
There are 2 choices for the alternative flash-mozilla.so (providing /usr/lib/mozilla/plugins/flash-mozilla.so).

   Selection    Path                                            Priority   Status
 ------------------------------------------------------------
 * 0            /usr/lib/flashplugin-nonfree/libflashplayer.so   50        auto mode
   1            /usr/lib/flashplugin-nonfree/libflashplayer.so   50        manual mode
   2            /usr/lib/swfdec-mozilla/libswfdecmozilla.so      10        manual mode

Press enter to keep the current choice[*], or type selection number:
wks:/home/sa#

Instant Messaging, IRC, etc.

Please go here for more information.

Smoothen File/Directory Names

Please go here.

Watch it

watch runs a command repeatedly, displaying its output. This allows us to watch the program output change over time. By default, the program is run every 2 seconds — this can be changed with -n or --interval respectively to specify a different interval. So, this is useful for? Well, if we for example copy/move around data and want to watch progress.

sa@sub:~$ cd /tmp/
sa@sub:/tmp$ touch my_file
sa@sub:/tmp$ dd if=/dev/zero of=/tmp/my_file bs=1M count=100 && watch -n1 du -sh /tmp/my_file
100+0 records in
100+0 records out
104857600 bytes (105 MB) copied, 0.96 s, 109 MB/s
sa@sub:/tmp$

Yeah, I know, probably not such a great example to actually watch something happen since it simply happens way to fast to fill this file but then you folks get the idea. Just try with dd if=/dev/zero of=/<directory_on_partition_or_LV_with_plenty_of_space>/my_file bs=1G count=100 and I promise there will be enough time to watch ;-]

Influencing the Boot Process

Within /etc/default/rcS are settings influencing the boot process (see man 5 rcS). From my subjective point of view, some of them can be altered to get a better system. We can for example get more verbose boot logs by setting VERBOSE=yes.

All this however is totally optional and just a recommendation since any system will continue to function without making this changes as well. Per default, we have those settings

sa@sub:~$ grep -v \# /etc/default/rcS | grep .
TMPTIME=0
SULOGIN=no
DELAYLOGIN=no
UTC=yes
VERBOSE=no
FSCKFIX=no
RAMRUN=no
RAMLOCK=no
sa@sub:~$

which I then changed to

sa@sub:~$ grep -v \# /etc/default/rcS | grep .
TMPTIME=0
SULOGIN=no
DELAYLOGIN=yes
UTC=yes
VERBOSE=yes
FSCKFIX=no
RAMRUN=no
RAMLOCK=no
sa@sub:~$

On reboot, Stuff within /tmp gets deleted

Exactly. That is how it is supposed to be. It makes sense since that means we can toy around in /tmp as much as we want e.g. create directories and files to fiddle around with them. However, should we for some reason not want that stuff within /tmp gets deleted automatically on reboot, then we can set a variable (TMPTIME) within /etc/default/rcS. By default it is set to 0 which deletes stuff on reboot.

sa@sub:~$ type gr
gr is aliased to `grep -rni --color'
sa@sub:~$ gr TMP /etc/default/rcS
10:TMPTIME=0
sa@sub:~$

The number actually determines the number of days for stuff (files, directories, etc.) to keep before automatically deleting it on reboot. One might just take a look at man 5 rcS. As an example, for keeping stuff not older than 3 days we would do a TMPTIME=3 — anything older than 3 days (mtime) would be deleted on reboot.

Should we for example decide to never automatically delete something within /tmp then TMPTIME=infinite does the trick. I would not recommend the latter simply because... well, /tmp should be a playground and as we know, playgrounds need to be cleaned from time to time.

Those who want to clean up /tmp even without rebooting should take a look at the tmpreaper package.

Debian Release Version

A question which pops up very often. First what most folks know already

sa@sub:~$ cat /etc/debian_version
lenny/sid
sa@sub:~$

and finally something more arcane and therefore known by less folks than the afore mentioned

sa@sub:~$ lsb_release -ric
Distributor ID: Debian
Release:        unstable
Codename:       sid
sa@sub:~$

Smart/Fast renaming / copying

I am lazy, therefore I like the use of {...}

sa@sub:/tmp$ touch my_file
sa@sub:/tmp$ type pi
pi is aliased to `ls -la | grep'
sa@sub:/tmp$ pi my
-rw-r--r--  1 sa   sa      0 2008-08-27 16:18 my_file
sa@sub:/tmp$ mv my_file{,_old}
sa@sub:/tmp$ pi my
-rw-r--r--  1 sa   sa      0 2008-08-27 16:18 my_file_old
sa@sub:/tmp$ rm my_file_old
sa@sub:/tmp$ touch my_file
sa@sub:/tmp$ pi my
-rw-r--r--  1 sa   sa      0 2008-08-27 16:19 my_file
sa@sub:/tmp$ cp my_file{,_orig}
sa@sub:/tmp$ pi my
-rw-r--r--  1 sa   sa      0 2008-08-27 16:19 my_file
-rw-r--r--  1 sa   sa      0 2008-08-27 16:20 my_file_orig
sa@sub:/tmp$

Setting Timezone, Local Time...

For that and much more with regards to time, please go here.

atime, mtime ctime

I guess those three are to Unix/Linux what decorators are to Python — a source of ongoing confusion for those who never sat down and spend the time to comprehend the matter once and for all. So let us take a nose dive:

atime

also known as access time: Last time the file was accessed. A file is accessed when its contents are viewed or when it is executed e.g. if we have foo.py and feed it to our Python interpreter like this python foo.py, then of course the interpreter needs to read/view/access its contents... access time is changed/updated to the time when the access happened. Et voilà, now we know anything their is to know about atime!

mtime

also known as modification time: Last time at which modifications to the content of the file were made.

ctime

also known as change time (not creation time!): Last time at which modifications to a files metadata happened i.e. information recorded within the inode of the file e.g. permissions, file ownership, and creation and deletion of hard links. Renaming a file within the same partition sometimes does not affect ctime — depends on the filesystem in use. There is one thing however which affects both, ctime and mtime ... changing a files contents updates ctime as well as mtime!

It helps to think of ctime as chtime i.e. the last time one of the ch* commands (chown, chmod, chgrp, etc.) was used on the file.

There is anther speciality about ctime: Unlike atime and mtime, ctime cannot be set with the utime() (see man 2 utime) system call (as used e.g. by touch). The only way to set it to an arbitrary value is by explicitly setting/changing the system clock.

Now that we know what atime, mtime and ctime are, below is how we can find out about all of them.

Example

sa@sub:/tmp$ alias lsT
alias lsT='echo -e "\033[1m\E[36;40mname\natime\nmtime\nctime\n\e[0m\033[0m" && stat --printf="%n\n%x\n%y\n%z\n\n"'
sa@sub:/tmp$ touch foo.py
sa@sub:/tmp$ lsT foo.py
name
atime
mtime
ctime

foo.py
2010-08-10 11:52:14.293081056 +0100
2010-08-10 11:52:14.293081056 +0100
2010-08-10 11:52:14.293081056 +0100

We use a somewhat arcane alias in my ~/.bashrc to display name, atime, mtime and ctime... yeah, I know, does not win a beauty prize but... using Python and the stats module would actually be what one should do. The important thing here, atime, mtime and ctime, all are the same at this point — of course, we just created the file so...

sa@sub:/tmp$ type ll; ll foo.py
ll is aliased to `ls -lh'
-rw-r--r-- 1 sa sa 0 Aug 10 11:52 foo.py
sa@sub:/tmp$ chmod 755 foo.py
sa@sub:/tmp$ lsT foo.py
name
atime
mtime
ctime

foo.py
2010-08-10 11:52:14.293081056 +0100
2010-08-10 11:52:14.293081056 +0100
2010-08-10 11:52:40.920082594 +0100

This is how we make a change to ctime — we use one of the ch* commands, remember? atime and mtime have not changed.

sa@sub:/tmp$ echo 'print "Hello World"' > foo.py
sa@sub:/tmp$ lsT foo.py
name
atime
mtime
ctime

foo.py
2010-08-10 11:52:14.293081056 +0100
2010-08-10 11:53:07.092081124 +0100
2010-08-10 11:53:07.092081124 +0100

Next we change the mtime and ctime by modifying foo.py's contents. atime does not change as we are modifying a files contents.

sa@sub:/tmp$ python foo.py
Hello World
sa@sub:/tmp$ lsT foo.py
name
atime
mtime
ctime

foo.py
2010-08-10 11:53:51.311580741 +0100
2010-08-10 11:53:07.092081124 +0100
2010-08-10 11:53:07.092081124 +0100

sa@sub:/tmp$

Now we change atime by executing foo.py. Note that cat foo.py etc. would have had the same effect... it is about accessing a file remember — viewing it, executing it, etc.... all those actions need to access the file, thus atime gets updated.

sa@sub:/tmp$ mv foo.py bar.py
sa@sub:/tmp$ lsT bar.py
name
atime
mtime
ctime

bar.py
2010-08-10 11:53:51.311580741 +0100
2010-08-10 11:53:07.092081124 +0100
2010-08-10 12:07:39.233081699 +0100

sa@sub:/tmp$

Last but not least, renaming a file changes its ctime as can be seen.

noatime

Linux and most other Unix-like OSs have a special mount option for filesystems called noatime that can be added to /etc/fstab.

If a filesystem has been mounted with this option, reading access to that filesystem will no longer result in an update to the atime information associated with the file like explained above.

The importance of the noatime setting is that it eliminates the need by the system to make writes to the filesystem for files which are simply being read or executed. Since writes can be somewhat expensive, this can result in measurable performance gains.

When was my Debian installed?

A question which pops up a lot... best thing I came up with so far is

sa@sub:~$ type lsT
lsT is aliased to `echo -e "\033[1m\E[36;40mname\natime\nmtime\nctime\n\e[0m\033[0m" && stat --printf="%n\n%x\n%y\n%z\n\n"'
sa@sub:~$ lsT /var/log/installer/status && echo "last line of output is ctime and therefore a timestamp set during installtion... hth :)"
name
atime
mtime
ctime

/var/log/installer/status
2008-08-02 07:36:44.000000000 +0200
2008-05-19 14:15:53.000000000 +0200
2008-05-19 14:15:53.000000000 +0200

last line of output is ctime and therefore a timestamp set during installtion... hth :)
sa@sub:~$

of course a simple

sa@sub:~$ ls -l /var/log/installer/status | cut -d ' ' -f6-7
2008-05-19 14:15
sa@sub:~$

or

14  sa@sub:~$ find /var/log/installer/status -printf %c\\n
15  Mon May 19 14:15:53.0000000000 2008
16  sa@sub:~$

would do as well but then, where is the fun at?! ;-]

SIGTERM vs SIGKILL

We all do it. We all know that if kill does not solve the annoyance, kill -9 will. What is the difference however?

As said, sending signals like SIGTERM (see man 7 signal) to processes using kill on a Unix-like OS is not a new topic for most systems administrators. However, only few know the exact difference in semantics between kill and kill -9.

Anytime we use kill on a process, we are actually sending the process a signal. Standard C applications have a header file that contains the steps that the program/process should follow if it receives a particular signal. As mentioned, we can get an entire list of available signals on our system by checking the manual page for kill or signal. Let us consider we did something like this: kill 2563.

This would send a signal called SIGTERM to the process with PID (Process Identifier) 2563. Once the process receives the notice, a few different things can happen:

• the process may stop immediately
• the process may stop after a short delay because it did some cleaning up of its used resources e.g. an fsync (write data from memory to disk) and close some open files it used to use
• the process may keep running indefinitely

The point is, with SIGTERM the application/program can decide for itself what it wants to do, it might even ignore us altogether. So, bottom line is, most applications will clean up their resources and stop, some might not...

Also, an application may be configured to do something completely different when SIGTERM is received and, if the application is in a bad state, such as waiting for disk I/O, it may not be able to act on the signal that was sent.

At this point, most system administrators will usually resort to the more abrupt kill -9 when an application does not respond to a SIGTERM: kill -9 2563. The -9 tells the kill command that we want to send signal #9 (also known as SIGKILL). With a name like that, it is obvious that this signal carries a little more weight.

Although SIGKILL is defined in the same signal header file as SIGTERM, it cannot be ignored by the process. In fact, the process is not even made aware of the SIGKILL signal since the signal goes straight to init (not the kernel as many think). At that point, init will stop the process i.e. the process to be killed actually never gets the opportunity to catch the signal and act on it in whatever way it thinks is appropriate.

However, the kernel/init may not be able to successfully kill the process in some situations in which case we end up with so-called zombie processes or processes caught in an uninterruptible sleep in which case a reboot is required to clear those processes from the system.

Kill a Zombie Processes

Sooner or later everybody has to deal with zombie processes once in a while. Even more so if we use software that might still be worked on e.g. everybody who uses Debian's testing or sid (still in development) branch might get them every now and then. Same goes for software developers — most of us have done stuff that left us with a bunch of zombie processes lurking around on our machines. Even though that is nothing really bad, I like to get rid of zombie processes — even if it is just to free resources like the PID counter for example.

So, the big question is how do we get rid of them? Rebooting? Hm... No... Issuing top on the CLI (Command Line Interface), manually lookup PIDs (Process Identifiers) of zombie process and issuing kill -9 <PID> certainly works but how comfortable is it really? Certainly, nobody wants to do this tedious step over and over again. So let us automate killing zombie processes using a little shell script magic. However, before we do so, let us take a look at my current situation:

The Before — 28 zombie processes:

sa@wks:~$ top | head
top - 09:43:50 up 3 days, 12:37,  9 users,  load average: 0.14, 0.11, 0.04
Tasks: 265 total,   2 running, 233 sleeping,   2 stopped,  28 zombie
Cpu(s):  2.0%us,  0.7%sy,  0.0%ni, 97.2%id,  0.1%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:   8197100k total,  8050328k used,   146772k free,   403808k buffers
Swap: 24018936k total,   150308k used, 23868628k free,  5760168k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
16153 sa        20   0 19120 1324  880 R    4  0.0   0:00.02 top
22740 sa        20   0  781m 133m  35m S    2  1.7   3:06.06 banshee-1
    1 root      20   0 10328  628  596 S    0  0.0   0:01.53 init
sa@wks:~$

The After — zero zombie processes:

sa@wks:~$ top | head
top - 10:17:59 up 3 days, 13:12,  9 users,  load average: 0.11, 0.16, 0.10
Tasks: 231 total,   1 running, 230 sleeping,   0 stopped,   0 zombie
Cpu(s):  1.6%us,  0.7%sy,  0.1%ni, 96.9%id,  0.7%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:   8197100k total,  8099352k used,    97748k free,   405016k buffers
Swap: 24018936k total,   110824k used, 23908112k free,  5865600k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
22740 sa        20   0  781m 133m  35m S    4  1.7   3:04.31 banshee-1
16149 sa        20   0 19120 1324  880 R    2  0.0   0:00.01 top
    1 root      20   0 10328  628  596 S    0  0.0   0:01.53 init
sa@wks:~$

I got rid of all 28 zombie processes. What happened in between the The Before and The After? Well, I used the shell script (zombies) from below like so:

sa@wks:~$ su
Password:
wks:/home/sa# cd 0/bash/
wks:/home/sa/0/bash# zombies --admin
zombie processes found:
.
pid: 4385 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 4443 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 4496 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 4533 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 4611 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 7523 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 8286 *** parent_pid: 8285 *** status: Zl *** process: [banshee-1]
pid: 14236 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 14270 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 14293 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 14314 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 14351 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 14424 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 14454 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 14994 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 15041 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 19278 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 25870 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 25891 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 25912 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 25933 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 26290 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 26770 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 31830 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 31932 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 31959 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 32014 *** parent_pid: 4091 *** status: Z *** process: [vlc]
pid: 32233 *** parent_pid: 4091 *** status: Z *** process: [vlc]
Kill zombies? [y/n]: y
killing zombies..
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
kill: No such process
wks:/home/sa/0/bash#

In the above example, I used zombies interactively (--admin) but of course, it can also be used in combination with Cron which therefore means the whole task of killing zombie processes becomes a fully automated task. Finally, the script I wrote containing all the magic:

wks:/home/sa/0/bash# exit
exit
sa@wks:~$ cat 0/bash/zombies
#!/bin/bash
#
# Zombie processes killing script. Must be run as root.

case "$1" in
--admin)
        stat=`ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print"pid: "$3" *** parent_pid: "$4" *** status: "$10" *** process: "$13}' | grep ": Z"`

        if ((${#stat} > 0));then
            echo zombie processes found:
            echo .
            ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print"pid: "$3" *** parent_pid: "$4" *** status: "$10" *** process: "$13}' | grep ": Z"
            echo -n "Kill zombies? [y/n]: "
            read keyb
            if [ $keyb == 'y' ];then
                echo killing zombies..
                ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print$4" status:"$10}' | grep "status:Z" | awk '{print $1}' | xargs -n 1 kill -9
            fi
        else
            echo no zombies found!
        fi
;;
--cron)
        stat=`ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print"pid: "$3" *** parent_pid: "$4" *** status: "$10" *** process: "$13}' | grep ": Z"`
        if ((${#stat} > 0));then
        ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print$4" status:"$10}' | grep "status:Z" | awk '{print $1}' | xargs -n 1 kill -9
        echo `date`": killed some zombie proceses!" >> /var/log/zombies.log
        fi
;;
*)      echo 'usage: zombies {--cron|--admin}'
;;
esac
exit 0
sa@wks:~$

Boot logs

During the boot process, a lot of boot and configuration messages are written to the terminal (verbosity can be influenced). However, this happens so damn fast that it cant be read. If we want to study those messages i.e. the whole boot process in detail and without having the messages fly by with 80cm/sec then we should set

sa@sub:~$ cat /etc/default/bootlogd
# Run bootlogd at startup ?
BOOTLOGD_ENABLE=Yes
sa@sub:~$

so we can visit /var/log/boot in order to review the messages that were written to the terminal during our last system boot. One can then also issue man 5 bootlogd for more details.

Screen Resolution of the Boot Process

Debian does not use some nonsense, eye candy splash screen per default (which is good — we can see what is going on while booting some box).

However, per default the fontsize is quite big. So what do we do? Well, we want to change the screen resolution of the boot process i.e. increase it. This seems to be one mystery amongst greenhorns and at almost any times they get confused and depressed even if there is absolutely no reason. Watch me

1  sa@sub:~$ type gr; gr -m1 ^kernel /boot/grub/menu.lst
2  gr is aliased to `grep -rni --color'
3  124:kernel              /vmlinuz-2.6.25-2-amd64 root=/dev/mapper/vg0-root ro acpi=off
4  sa@sub:~$ gr defoptio /boot/grub/menu.lst
5  80:## e.g. defoptions=vga=791 resume=/dev/hda5
6  81:# defoptions=

What we need to change is line 3. My current and only kernel on this machine is vmlinuz-2.6.25-2-amd64. The last stuff in this line are the so-called kernel parameters i.e. ro and acpi=off. In order to change the screen resolution, all we need to do is to just add another one.

Well, this is where most folks stumble respectively get confused — I provided vga=something but after some time it vanished?!

Just appending for example vga=791 to this line works perfectly fine... but... only as long as we never install another kernel, run some update command against /boot/grub/menu.lst or do some other stuff since if we do so, it will be removed respectively not appended to the new kernel. The correct way to handle this and to make our settings stick is shown below:

 7  sa@sub:~$ gr defoptio /boot/grub/menu.lst
 8  80:## e.g. defoptions=vga=791 resume=/dev/hda5
 9  81:# defoptions=vga=791
10  sa@sub:~$ su
11  Password:
12  sub:/home/sa# update-grub
13  Searching for GRUB installation directory... found: /boot/grub
14  Searching for default file... found: /boot/grub/default
15  Testing for an existing GRUB menu.lst file... found: /boot/grub/menu.lst
16  Searching for splash image... none found, skipping...
17  Found kernel: /vmlinuz-2.6.25-2-amd64
18  Found kernel: /memtest86+.bin
19  Updating /boot/grub/menu.lst... done
20
21  sub:/home/sa# exit
22  exit
23  sa@sub:~$ type gr; gr -m1 ^kernel /boot/grub/menu.lst
24  gr is aliased to `grep -rni --color'
25  124:kernel              /vmlinuz-2.6.25-2-amd64 root=/dev/mapper/vg0-root ro acpi=off vga=791
26  sa@sub:~$

In between lines 6 and 7 we go and edit /boot/grub/menu.lst i.e. we change a single line — I changed line 6 so it becomes line 9. by the way, line 9 starts with a comment... in this case it is fine (one might read the other comments at the top of /boot/grub/menu.lst which explain it).

After becoming root in line 11, I run update-grub in line 12 which does as its name says i.e. updating /boot/grub/menu.lst. After running the same command in line 25 as I already did in line 1, we can see that update-grub picked up the new information from line 9 and automatically added/appended it to line 25.

We are done, now every time we update /boot/grub/menu.lst, install a new kernel via APT (Advanced Packaging Tool) or do some other fancy stuff to /boot/grub/menu.lst, the token vga=791 is appended as an additional kernel parameter and therefore provides as with a decent screen resolution.

Strip non-printable Characters

tr -cd '\11\12\40-\176' < myfile1 > myfile2 This example would take the file myfile1 and strip all non-printable characters and take that results to myfile2. The random perl monkey might go for perl -ne 'print if /^[[:print:]]+$/'. The interesting thing here is [[:print:]] which you can also use with shell regex magic e.g. egrep.

Check Disk Status/Health

From time to time I check the status of my HDDs on my computer systems. Either of the two following

smartctl --all /dev/sdX
smartctl --test=long /dev/sdX

does the trick. Of course, we need to put the correct letter instead of X into place. We can issue smartctl -l selftest /dev/sdX in order to see the test results. smartctl -x /dev/sdX provides us with all information we could possibly want to know.

Change Username

Let us assume there is a person which has installed DebianGNU/Linux a long time ago, heavily customized it and updated it for years in order to get an individual and always up-to-date shiny Debian. Let us further assume the CLI (Command Line Interface) command prompt looks like this benstiller@raptor:~$.

Now, Mr. Ben Stiller decides to change is login prompt to weasel@raptor:~$. Of course he has some settings in his system (e.g. paths) that rely on the username benstiller — take the path /home/benstiller for example.

So, Ben wants to change his login name but keep intact his numerical UID (User ID) which is what identifies him uniquely on his OS (Operating System) and thus if the UID does not change but just his login name (from benstiller to weasel) everything works as before.

It is possible to change the username but not adapt the home-directory although I strongly recommend to also change the path of the home-directory for consistency i.e. from /home/benstiller to /home/weasel.

In the following the reader will see how to

• Change the username (respectively the user login name which (with Debian default settings) shows up on the command prompt)
• Adapt the user home-directory path to reflect the new username.

Change login Username

The syntax is usermod -l <new_username> <old_username> i.e. Ben would issue usermod -l weasel benstiller.

Change real Username

Therefore, either use chfn (as root chfn <user_name>) or edit /etc/passwd manually

sa@wks:~$ gr ^sa /etc/passwd
33:sa:x:1000:1000:markus.gattol,,,:/home/sa:/bin/bash
sa@wks:~$

Here you can see, the fifth field (counting starts with zero) contains the real username and other information (see chfn) separated by commas.

Change Home-Directory

The common syntax is <some_hostname>:<path_to_old_home-dir># usermod -d <path_to_new_home-dir> -m <new_username>. And again, Ben would issue luna:/home/benstiller# usermod -d /home/weasel -m weasel.

It might be needed to create a symbolic link from the old home-directory pointing to the new one. For Ben that would be luna:/home# ln -s /home/weasel benstiller.

However, there has only been one case reported which required to do so (after some weeks he said, it worked without the symlink so he removed it)

Miscellaneous

After years of usage, it turns out that almost anybody has some absolute path settings² in some random files e.g. Ben's .emacs might contain something like this /home/benstiller/.work/git/0/misc/mm/si/components/milk.jpg instead of ~/.work/git/0/misc/mm/si/components/milk.jpg. Well, that needs to be fixed manually. To detect files that contain absolute path settings one might use grep -irl <pattern> <directory_root_to_start_from>.

Those files below are affected when someone changes his login username and home-directory. As long as you use usermod as shown above nothing has to be done manually here (except for the real username — see above).

/etc/passwd
/etc/group
/etc/gshadow
/etc/shadow

Next to the afore mentioned individual files and/or absolute path settings the following files might be checked as well.

/var/mail/username
/var/spool/cron/crontabs/username
/etc/aliases
/etc/sudoers

Most CPU/RAM demanding processes

A little .bashrc customization I did does a pretty good job here — all sorted in descending order of course... Note, that I have chosen n (number of processes) to be 20 put that of course can be any number.

Take a look at man 1 ps in order to understand what the values e.g. RSS are about. The line 16.2 168916 282924 sa firefox-bin for example tells me that firefox-bin is using 16.2% of the available RAM (Random Access Memory) and that out of ~282MiB virtual memory ~169MiB are actually mapped into RAM. Since I started iceweasel also known as firefox, the process runs with permissions of my normal user (sa).

sa@wks:~$ ram && cpu
%MEM      RSS      VSZ USER           COMMAND
16.2   168916   282924 sa   firefox-bin
11.0   114040   155216 sa   pidgin
 7.6    79364    84700 root           Xorg
 4.7    49532   128820 sa   beep-media-play
 3.4    35392    41892 sa   emacs-snapshot-
 2.6    27500    72828 sa   gnome-terminal
 2.4    25588    30236 root           grsync
 2.2    22928   112444 ntop           ntop
 2.1    22016    34508 sa   gnome-panel
 2.0    20796    66388 sa   nautilus
 1.2    12668    39548 sa   gnome-settings-
 1.1    12120    30672 root           firestarter
 1.1    11940    18948 dictd          dictd
 1.0    11308    14068 debian-tor     tor
 0.9    10284    27912 sa   x-session-manag
 0.8     9088    15992 sa   notification-da
 0.8     8920    14604 sa   metacity
 0.6     6344    16932 sa   wish
 0.6     6296    18520 sa   gnome-power-man
 0.4     5140     7480 sa   aspell
%CPU      TIME   CP USER           COMMAND
 5.8  00:13:32   58 sa   firefox-bin
 4.5  00:35:19   45 root           Xorg
 1.9  00:14:45   19 root           grsync
 1.5  00:03:41   15 sa   pidgin
 1.1  00:01:14   11 sa   beep-media-play
 1.0  00:08:01   10 sa   metacity
 0.6  00:01:01    6 sa   emacs-snapshot-
 0.1  00:00:55    1 sa   gnome-panel
 0.1  00:01:05    1 root           kcryptd/0
 0.0  00:00:00    0 daemon         atd
 0.0  00:00:00    0 daemon         portmap
 0.0  00:00:00    0 Debian-exim    exim4
 0.0  00:00:00    0 dictd          dictd
 0.0  00:00:00    0 haldaemon      hald
 0.0  00:00:00    0 haldaemon      hald-addon-acpi
 0.0  00:00:00    0 haldaemon      hald-addon-keyb
 0.0  00:00:00    0 sa   aspell
 0.0  00:00:00    0 sa   bash
 0.0  00:00:00    0 sa   bash
 0.0  00:00:00    0 sa   bash
sa@wks:~$

Another great tool to check what is using virtual memory is memstat

sa@sub:~$ memstat -w
   9024k: PID  3962 (/usr/bin/gnome-session)
    280k: PID  4019 (/lib/libnss_files-2.7.so)
    424k: PID  4020 (/lib/libnss_files-2.7.so)
   3156k: PID  4022 (/usr/lib/libgconf2-4/2/libgconfbackend-xml.so)
   2028k: PID  4028 (/usr/bin/seahorse-agent)
   8660k: PID  4031 (/usr/bin/gnome-keyring-daemon)
  23196k: PID  4033 (/lib/libbz2.so.1.0.4)
   1064k: PID  4052 (/usr/bin/gnome-screensaver)
   2996k: PID  4053 (/usr/bin/metacity)
   7968k: PID  4054 (/usr/bin/gnome-panel)

[skipping a lot of lines...]

   2076k: /usr/lib/gnome-settings-daemon-2.0/libkeyboard.so 4033
   2068k: /usr/lib/gnome-settings-daemon-2.0/libclipboard.so 4033
   2088k: /usr/lib/gnome-settings-daemon-2.0/libsound.so 4033
   2068k: /usr/lib/gnome-settings-daemon-2.0/liba11y-keyboard.so 4033
   2056k: /usr/lib/gnome-settings-daemon-2.0/libtyping-break.so 4033
   2064k: /usr/lib/gnome-settings-daemon-2.0/libfont.so 4033
   2088k: /usr/lib/gnome-settings-daemon-2.0/libmouse.so 4033
   2076k: /usr/lib/gnome-settings-daemon-2.0/libxsettings.so 4033
--------
 258332k
sa@sub:~$

Create an Avatar Image

Here is how to create an avatar image (maybe something you might want to use for a bulletin board) on the CLI (Command Line Interface).

sa@wks:~$ convert -size 64x64 xc:#f600d5 /tmp/my_pink_avatar.png
sa@wks:~$ identify /tmp/my_pink_avatar.png
/tmp/my_pink_avatar.png PNG 64x64 64x64+0+0 DirectClass 283
sa@wks:~$

And how it looks like in original size (64x64 pixel as you can see above).

The color can be any of the standard web colors. Or if you are with mighty GNU Emacs just use it to show you standard colors and their number representation.

Protect an Email Address

Anybody who has a website or even simpler, anybody who is accessing the Internet in some way and does email has probably been confronted with email Spam. How did this happen? Well, the short and rough explanation is that somehow the system sending email spam knows about our email address. How so?

The Internet is not just populated with humans but also with a myriad of bots — programs written by humans (or other programs but let us just not go there now ;-]), acting fully automatic. There are different sorts of bots, again roughly speaking, there are good ones helping us humans and then there are those doing bad things like for example gathering our email addresses, enabling spam systems to do their nasty thing.

Speaking about the kind of breed that collects email addresses, what they totally like is something like tina.foo@baz.com. Why? Because those bots are utterly lazy and also stupid. In most cases changing the email address to tina.foo[at]baz.com is already enough to prevent those bots from learning about this particular email address.

However, those bots are getting smarter and less lazy so the afore mentioned measure might not suffice anymore. What if we do not provide our email address as text but as an image?

There have been reports that even that might not be a 100% measure to protect our email addresses but in 99,9% of all cases, providing our email address as an image defeats any bot out there.

Creating such image is trivial. One might either use his favorite graphic tool or the CLI (Command Line Interface) as I did.

sa@wks:~$ cd /tmp/
sa@wks:/tmp$  convert -size 800x100  xc:#ffffff -font /usr/share/fonts/truetype/sjfonts/SteveHand.ttf  -pointsize 55 -gravity center -draw "text 0,10 'tina.foo@baz.com'" tinas_email_address.png
sa@wks:/tmp$ identify tinas_email_address.png
tinas_email_address.png PNG 800x100 800x100+0+0 DirectClass 16-bit 17.168kb
sa@wks:/tmp$

Bottom Line

Bottom line here is that even if tina would put tina.foo@baz.com even just once somewhere on the Internet, it is pretty certain a bot would collect it. Therefore, whenever one puts his email address on the Internet (bulletin board, job board, text inside an email, etc.) he should at least try to obfuscate it — using an image as we just did is probably his best chance to trick all those bots.

What is true for an email address is also true for any other type of ID (Identifier) like for example the UID (User ID) string used to join a MUC (Multi User Chat) or IRC (Internet Relay Chat) etc. Whatever we do, we should not act reckless with our personal data when we are on the Internet!

Program fails to start or dies soon after

You can check that with strace. Check out man strace for detailed information. If for some reason a binary troubles you and yet you do not know why, you can figure that with

 tmp_file=$(mktemp) && strace -fF -o $tmp_file ls && tail -n30 $tmp_file && echo $tmp_file

Note, that the on-liner above assumes you have troubles with ls and you want to track them down. For any other just replace ls with <name_of_binary>. The reason why tail is part of the on-liner is because , when errors occur with, for example, ls then strace exits soon after that happens. Because of that, the relevant parts are within the last few lines of the strace output.

mkdir with desired owner/group

What you get by default is owner and group setting of the current user

sa@wks:/tmp/test$ su
Password:
pc1:/tmp/test# ls -l
total 0
pc1:/tmp/test# mkdir a_dir_default_owner_group
pc1:/tmp/test# ls -l
total 4
drwxr-xr-x 2 root root 4096 2007-07-09 20:22 a_dir_default_owner_group
pc1:/tmp/test# exit
exit
sa@wks:/tmp/test$ mkdir another_dir_default_owner_group
sa@wks:/tmp/test$ ll
total 8.0K
drwxr-xr-x 2 root         root         4.0K 2007-07-09 20:22 a_dir_default_owner_group
drwxr-xr-x 2 sa sa 4.0K 2007-07-09 20:23 another_dir_default_owner_group
sa@wks:/tmp/test$

What if we want to enter user and group other than the current user during creation? A shell function should be able to help us out:

sa@wks:/tmp/test$ su
Password:
pc1:/tmp/test# mkownerdir() { local owner=$1; local group=$2; shift 2; mkdir ${@+"$@"};  chown "$owner:$group" ${@+"$@"}; }
pc1:/tmp/test# mkownerdir sa audio "/tmp/test/desired_owner_group_setting"
pc1:/tmp/test# ls -l
total 12
drwxr-xr-x 2 root         root         4096 2007-07-09 20:22 a_dir_default_owner_group
drwxr-xr-x 2 sa sa 4096 2007-07-09 20:23 another_dir_default_owner_group
drwxr-xr-x 2 sa audio        4096 2007-07-09 20:30 desired_owner_group_setting
pc1:/tmp/test# exit
exit
sa@wks:/tmp/test$

So we got sa audio instead of root root. Lovely...

Number of Files on the File System

sa@wks:~$ df -i | grep -v ^Filesystem | gawk '{total=total+$3} END {print total}'
537588
sa@wks:~$

Please note, that this counts the inodes. find should be more accurate in this regard but it will take much longer to run across the whole file system with find looking at every inode if it is a file, directory, link, etc. than the above command does. However, another nice way to go is with sysctl (system control)

wks:/home/sa# sysctl fs.inode-nr
fs.inode-nr = 188003    147294
wks:/home/sa#

sa@wks:~/work/no_scm/linux/source/linux-2.6.26.3/Documentation/sysctl$ grep -m1 -A26 ^inode-max fs.txt
inode-max, inode-nr & inode-state:

As with file handles, the kernel allocates the inode structures
dynamically, but can't free them yet.

The value in inode-max denotes the maximum number of inode
handlers. This value should be 3-4 times larger than the value
in file-max, since stdin, stdout and network sockets also
need an inode struct to handle them. When you regularly run
out of inodes, you need to increase this value.

The file inode-nr contains the first two items from
inode-state, so we'll skip to that file...

Inode-state contains three actual numbers and four dummies.
The actual numbers are, in order of appearance, nr_inodes,
nr_free_inodes and preshrink.

Nr_inodes stands for the number of inodes the system has
allocated, this can be slightly more than inode-max because
Linux allocates them one pageful at a time.

Nr_free_inodes represents the number of free inodes (?) and
preshrink is nonzero when the nr_inodes > inode-max and the
system needs to prune the inode list instead of allocating
more.

sa@wks:~/work/no_scm/linux/source/linux-2.6.26.3/Documentation/sysctl$

Fork Bomb

:(){ :|:& };: is a fork bomb. I have seen IRC channel's member lists dropping by ~60% because somebody thought it would be fun telling others to try out another fancy command (:(){ :|:& };:).

That thingy is not as nasty as playing real media files really fast (rm -rf /) because it only causes a system to skyrocket its load within two seconds or so, thus becoming completely unresponsive (one has to hit the reset button and reboot) but still, people telling someone else such crap while knowing it is a nasty thing just suck.

You then have to activate your supercow powers and strike him with a complete channel ban (*!*@<partial_url_or_IP or on the name nick!*@* or something similar to keep him away) that will not be lifted in the future. Syntax is nick!user name@IP_or_domain-name. * and ? regular expressions can be used as usual.

Update: These days (June 2011) most Linux distributions ship with a sane upper-bound process limit set already meaning that this fork bomb mentioned above would actually not cause much of a problem:

wks:/home/sa# ulimit -u
31352
wks:/home/sa# uname -r
2.6.38-2-amd64
wks:/home/sa# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux unstable (sid)
Release:        unstable
Codename:       sid
wks:/home/sa#

reset

Ever did something like less <file> whereas file has been not a text but a binary file. Well, if so then your terminal window looks like after a hurricane had visited. Just issue reset and all should be fine again.

Remote Backup

If you want to backup data to/from a remote machine to a local machine whereas these two machines have an ext3 file system (each, running either a virtualized or native OS (Operating System)) you could use the tools in the package dump.

,----[ apt-file list dump | grep dump: | grep bin/ ]
| dump: sbin/dump
| dump: sbin/rdump
| dump: sbin/restore
| dump: sbin/rrestore
| dump: usr/sbin/rmt-dump
`----

As an example, you could sync between a remote and the local machine:

ssh root@server_RZ "dump 0zf - / " | restore rf -

You could of course trigger, from you local machine the procedure from one remote machine to another remote machine.

Dealing with a broken xorg.conf

After an apt-get update && apt-get dist-upgrade I found myself stranded with a system, unable to start the X Window System (also referred to as X11 or simply X) after rebooting since the upgrade broke my /etc/X11/xorg.conf. Of course, I had no idea what was going on at that time. I decided to rebuild xorg.conf using the tool dexconf and afterwards identifying the culprit by doing a diff on the broken and working version.

sa@wks:/etc/X11$ su
Password:
pc1:/etc/X11# mv xorg.conf xorg.conf_broken
pc1:/etc/X11# dexconf
pc1:/etc/X11# exit
exit
sa@wks:/etc/X11$ cd
sa@wks:~$

The only error message I got was that something regarding the keyboard driver did not work out so I knew where to look for changes. Identify the culprit:

sa@wks:~$ diff -u xorg.conf_broken xorg.conf | grep Driver | grep k
-       Driver          "keyboard"
+       Driver          "kbd"
sa@wks:~$

Now that I knew what exactly the issue had been I only had to merge between:

• the version dexconf gave me
• the broken version after the upgrade
• the version from my backup

I did this with GNU Emacs ediff but you can use anything capable of carrying out a merger between three files.

Crop an Image with Imagemagick

First we take a screenshot (note that ll is an alias for ls -lh)

sa@wks:/tmp/image_test$ ll
total 0
sa@wks:/tmp/image_test$ import -window root screenshot.png
sa@wks:/tmp/image_test$ ll
total 136K
-rw-r--r-- 1 sa sa 129K 2007-06-30 22:15 screenshot.png
sa@wks:/tmp/image_test$ identify screenshot.png
screenshot.png PNG 1600x1200 1600x1200+0+0 DirectClass 128kb
sa@wks:/tmp/image_test$

then comes the magic. As we can see, screenshot.png is 1600 pixel in width and 1200 pixel in height. We would like to keep the original (screenshot.png) but also create two new images by cutting the original in half with a horizontal cut 200 pixel from the bottom of the original.

sa@wks:/tmp/image_test$ expr `identify -format %h screenshot.png` - 200 | xargs -I '{}' convert -crop x{} screenshot.png cropped_version.png
sa@wks:/tmp/image_test$ lss
total 276K
136K screenshot.png
120K cropped_version-0.png
 20K cropped_version-1.png
sa@wks:/tmp/image_test$ identify *
cropped_version-0.png PNG 1600x1000 1600x1000+0+0 DirectClass 114kb
cropped_version-1.png[1] PNG 1600x200 1600x1200+0+1000 DirectClass 19kb
screenshot.png[2] PNG 1600x1200 1600x1200+0+0 DirectClass 128kb
sa@wks:/tmp/image_test$

lss, again an alias (see below) and for the rest we got what we wanted. We cut the image into pieces, one with 1600x1000 and the other with 1600x200 plus we did not destroy the original. The great thing about this example is, it can be used in shell scripts to automatize the whole process and therefore alter millions of images if you want to — no graphical UI (User Interface) is necessary — all you need is the CLI (Command Line Interface) and an interpreter e.g. Bash (Bourne again shell).

Find and delete Files by their Name

I got some directories

sa@wks:~/.work/git/0/ws$ ll
total 20K
drwxr-xr-x 2 sa sa 4.0K 2007-06-27 07:43 local
drwxr-xr-x 2 sa sa 4.0K 2007-06-27 07:10 public_docbook
drwxr-xr-x 2 sa sa 4.0K 2007-06-27 07:10 public_latex
drwxr-xr-x 2 sa sa 4.0K 2007-06-27 07:10 public_xml
sa@wks:~/.work/git/0/ws$

with various files contained inside

sa@wks:~/.work/git/0/ws$ ll public_xml/ | head
total 140K
-rw-r--r-- 1 sa sa 6.8K 2007-06-26 08:29 about_me.xml
-rw-r--r-- 1 sa sa  11K 2007-06-26 08:29 about_this_site.xml
-rw-r--r-- 1 sa sa  57K 2007-06-26 08:29 dm-crypt_luks.xml
-rw-r--r-- 1 sa sa 6.4K 2007-06-26 08:29 home.xml
-rw-r--r-- 1 sa sa 6.1K 2007-06-26 08:29 weblog.xml
-rw-r--r-- 1 sa sa 7.0K 2007-06-26 08:29 my_schedule.xml
-rw-r--r-- 1 sa sa 8.6K 2007-06-26 14:54 news.xml
-rw-r--r-- 1 sa sa 8.9K 2007-06-26 08:29 what_i_do.xml
sa@wks:~/.work/git/0/ws$

and I want to delete some of them. Those I want to get rid of are named notes_cheat_sheets.<some_extension>

sa@wks:~/.work/git/0/ws$ find publ* -name not*
public_docbook/notes_cheat_sheets.xml
public_latex/notes_cheat_sheets.tex
public_xml/notes_cheat_sheets.xml

And this is how it is done:

sa@wks:~/.work/git/0/ws$ find publ* -name not* -exec rm '{}' \;

or

sa@wks:~/.work/git/0/ws$ find publ* -name not* -print0 | xargs -0 rm

or

sa@wks:~/.work/git/0/ws$ find publ* -name not* -delete

Finally I executed the first of those three variants to actually delete the files. Let us check again...

sa@wks:~/.work/git/0/ws$ find publ* -name not*
sa@wks:~/.work/git/0/ws$

Ok, it worked fine and I did not have to change into each directory via cd <dir_name> manually and issue a rm <file_name>. Well, for those three directories it would have been possible but try this with 100+ directories...

Commands for .deb creation

The example below demonstrates how one might install Tor in Debian stable (Etch as of Sat Jun 23 06:09:39 BST 2007):

1. sid in die Sourcelist
2. apt-get update
3. apt-get build-dep tor
4. apt-get source --compile tor
5. apt-get install tsocks
6. dpkg -i tor_0.1.2.13-2_i386.deb
7. sid aus der source list
8. apt-get update

Only copy files ending in .foo

Here I show how to copy just .so files from a source tree to some other directory — of course, this works for any other regular expression too.

sa@wks:~/misc/source/pidgin$ find purple-plugin_pack-1.0/ -type f -name *.so | xargs -I '{}' cp '{}' /home/sa/.purple/plugins/

The debtags command

debtags can be incredibly useful when searching for some package or information thereof in general.

debtags search "hardware::storage:*" | egrep -i 'CD|DVD'

debtags tagsearch '::' | grep use

Repair a screwed up Package Install/Removal

apt-get -o DPkg::options::=--force-confmiss --reinstall install <paket>

Import Keys into APT

gpg --keyserver wwwkeys.eu.pgp.net --recv-keys A70DAF536070D3A1 && gpg --export A70DAF536070D3A1 | apt-key add -

or the shortcut version which goes like this

wks:/home/sa# apt-key adv --keyserver wwwkeys.eu.pgp.net --recv 7F0CEB10
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver wwwkeys.eu.pgp.net --recv 7F0CEB10
gpg: requesting key 7F0CEB10 from hkp server wwwkeys.eu.pgp.net
gpg: key 7F0CEB10: public key "Richard Kreuter <richard@10gen.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
wks:/home/sa#

Above we have imported the public key to get MongoDB snapshot Debian packages. If the key would not be on some keyserver i.e. if present like this http://kernel-archive.buildserver.net/key somewhere, then we could grab this file and then do:

cat <file_that_contains_key_in_ascii> | apt-key add -

Note, that in both cases, we are well advised to also check the signatures on the keys we are about to import. gpg --list-sig <key ID/fingerprint> does the trick.

Wipe stale Software from the System

pc1:/home/sa# di -h | head -n2
Filesystem         Mount               Size     Used    Avail %Used fs Type
/dev/md0           /                  22.9G    10.4G    11.3G  51%  ext3

As can be seen there is no urgent need to clean up since I have 11.3 GiB space left but... I like it shiny so there we go:

pc1:/home/sa# apt-get --purge remove $(deborphan)
Reading package lists... Done
Building dependency tree... Done
The following packages will be REMOVED
  dvilib2* libavformatcvs51* libbind9-0* libboost-program-options1.33.1* libboost-signals1.33.1* libboost-thread1.33.1* libcairomm-1.0-0* libcurl3* libdns21* libedata-cal1.2-5*
  libedataserverui1.2-6* libeel2-2.14* libegroupwise1.2-10* libexchange-storage1.2-1* libfaad2-0* libgeoip1* libgnutls12* libgpod0* libgsf-1-113* libgstreamer-gconf0.8-0*
  libgstreamer-plugins0.8-0* libgucharmap4* libgucharmap5* libjasper-1.701-1* libjaxp1.2-java* libloudmouth1-0* liblwres9* libmyspell3c2* libnautilus-burn3* libopenh323-1.18.0*
  libpoppler0c2-glib* libportaudio0* libpostproccvs51* libpq4* libsdl-mixer1.2* libsdl-net1.2* libsensors3* libsnmp-base* libstlport4.6c2* libswscalecvs0* libtasn1-2* libwavpack0* libxklavier10*
  libxt-java* xserver-xorg-video-i810*
0 upgraded, 0 newly installed, 45 to remove and 23 not upgraded.
Need to get 0B of archives.
After unpacking 32.1MB diskspace will be freed.
Do you want to continue [Y/n]? y
(Reading database... 169291 files and directories currently installed.)
Removing dvilib2...
Purging configuration files for dvilib2...
Removing libavformatcvs51...
Purging configuration files for libavformatcvs51...
Removing libbind9-0...
Purging configuration files for libbind9-0...
Removing libboost-program-options1.33.1...
Purging configuration files for libboost-program-options1.33.1...
Removing libboost-signals1.33.1...
Purging configuration files for libboost-signals1.33.1...
Removing libboost-thread1.33.1...
Purging configuration files for libboost-thread1.33.1...
Removing libcairomm-1.0-0...
[...]
Purging configuration files for libcairomm-1.0-0...
Purging configuration files for libxklavier10...
Removing libxt-java...
Removing xserver-xorg-video-i810...
pc1:/home/sa#

So, the cleanup freed 32.1 mebibytes of diskspace — not that much but with the fact in mind that I run this command twice a month or so, one could easily free up to 1 GiB diskspace if he runs it for the first time on a system up and running for more than a year or so (I am with unstable also know as sid (still in development); in case of the stable release, the effect should practically be zero (just security updates are allowed to go into stable)). As a final note, you can of course feed aptitude with stale package names aptitude purge $(deborphan).

Various CLI Tools

Note, that the order in which CLI (Command Line Interface) tools are listed is irrelevant. I append things as I come across them. The Tags line containing the debtags is, as I find, very informative especially for folks familiar with the Faceted Classification of .debs. The tools listed below are testet and it can be assured they work with DebianGNU/Linux — I did not try them on DebianGNU/HURD nor DebianGNU/BSD kernels.

CLI Tools and Programs

At some point I figured it would be nice to keep record of all those nifty CLI tools I use in order to quickly remember/find them, add notes about their usage, etc.

findutils

Package: findutils
Description: utilities for finding files--find, xargs
Tag: implemented-in::c, interface::commandline, role::program, scope::utility, use::searching, works-with::file

Especially xargs is perfect for doing some CLI magic.

tree

Package: tree
Description: displays directory tree, in color
Tag: implemented-in::c, interface::commandline, role::program, scope::utility, use::browsing, works-with::file

Some nice but short tutorial. Things you can do with tree can be seen here.

watch

Is contained in the procps package. In brief, watch is a command which will repeatedly run a command for you - allowing you to watch updates in near real-time. Here and here are links to show its usage.

sa@wks:~$ afl procps | grep bin/
procps: /bin/kill
procps: /bin/ps
procps: /sbin/sysctl
procps: /usr/bin/free
procps: /usr/bin/pgrep
procps: /usr/bin/pkill
procps: /usr/bin/pmap
procps: /usr/bin/pwdx
procps: /usr/bin/skill
procps: /usr/bin/slabtop
procps: /usr/bin/snice
procps: /usr/bin/tload
procps: /usr/bin/top
procps: /usr/bin/uptime
procps: /usr/bin/vmstat
procps: /usr/bin/w.procps
procps: /usr/bin/watch
sa@wks:~$

psmisc

Has some very useful tools

sa@wks:~$ afl psmisc | grep bin/
psmisc: bin/fuser
psmisc: usr/bin/killall
psmisc: usr/bin/oldfuser
psmisc: usr/bin/peekfd
psmisc: usr/bin/pstree
psmisc: usr/bin/pstree.x11
sa@wks:~$

For afl please take a look at my aliases in my ~/.bashrc

Package: psmisc
Description: Utilities that use the proc filesystem
Tag: interface::text-mode, role::program, scope::utility, uitoolkit::ncurses, works-with::software:running

passwd

Package: passwd
Description: change and administer password and group data
Tag: admin::user-management, implemented-in::c, interface::commandline, role::program, security::authentication

passwd contains a lot of useful tools

,----[ apt-file list passwd | grep bin/ ]
| passwd: sbin/shadowconfig
| passwd: usr/bin/chage
| passwd: usr/bin/chfn
| passwd: usr/bin/chsh
| passwd: usr/bin/expiry
| passwd: usr/bin/gpasswd
| passwd: usr/bin/passwd
| passwd: usr/sbin/chgpasswd
| passwd: usr/sbin/chpasswd
| passwd: usr/sbin/cpgr
| passwd: usr/sbin/cppw
| passwd: usr/sbin/groupadd
| passwd: usr/sbin/groupdel
| passwd: usr/sbin/groupmod
| passwd: usr/sbin/grpck
| passwd: usr/sbin/grpconv
| passwd: usr/sbin/grpunconv
| passwd: usr/sbin/newusers
| passwd: usr/sbin/pwck
| passwd: usr/sbin/pwconv
| passwd: usr/sbin/pwunconv
| passwd: usr/sbin/useradd
| passwd: usr/sbin/userdel
| passwd: usr/sbin/usermod
| passwd: usr/sbin/vigr
| passwd: usr/sbin/vipw
`----

usermod

See package passwd.

chfn

See package passwd.

sysv-rc

Package: sysv-rc
Description: System-V-like runlevel change mechanism
Tag: admin::boot, admin::configuring, implemented-in::perl, interface::commandline, role::app-data, role::program, scope::utility, use::configuring

file-rc

Package: file-rc
Description: Alternative boot mechanism using a single configuration file
Tag: admin::boot, admin::configuring, implemented-in::shell, interface::daemon, role::program, use::configuring

run-parts

,----[ man run-parts | grep -m1 run-parts ]
|        run-parts - run scripts or programs in a directory
`----

See debianutils for further information.

,----[ apt-file list debianutils | grep bin/ ]
| debianutils: bin/run-parts
| debianutils: bin/tempfile
| debianutils: bin/which
| debianutils: sbin/installkernel
| debianutils: usr/bin/savelog
| debianutils: usr/bin/sensible-browser
| debianutils: usr/bin/sensible-editor
| debianutils: usr/bin/sensible-pager
| debianutils: usr/bin/which
| debianutils: usr/sbin/add-shell
| debianutils: usr/sbin/mkboot
| debianutils: usr/sbin/remove-shell
`----

localepurge

Package: localepurge
Description: Automagically remove unnecessary locale data
Tag: interface::commandline, role::program, scope::utility, suite::debian, use::configuring

apmd

Package: apmd
Description: Utilities for Advanced Power Management (APM)

uniq

See coreutils.

toilet

Package: toilet
Description: display large colourful characters in text mode
Tag: interface::commandline, interface::text-mode, role::program, use::entertaining, use::text-formatting, works-with::text

dumputils

Package: dumputils
Description: simple configuration and dump recovery utilities for LKCD
Tag: admin::kernel, admin::recovery, implemented-in::c, interface::commandline, role::program, scope::utility, security::forensics, use::configuring

foremost

Package: foremost
Description: Forensics application to recover data
Tag: admin::forensics, admin::recovery, hardware::storage, interface::commandline, role::program, scope::utility, security::forensics, use::scanning

grub-disk

Package: grub-disk
Description: GRUB bootable disk image (dummy package)
Tag: admin::boot, hardware::storage:floppy, role::app-data

grub-rescue-pc

Package: grub-rescue-pc
Description: GRUB bootable rescue images, version 2 (PC/BIOS version)

schedutils

Name: schedutils
Description: Linux scheduler utilities
Tags: admin::kernel, interface::commandline, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::s, works-with::software:running

comes with a bunch of tools

,----[ apt-file list schedutils | grep bin/ ]
| schedutils: usr/bin/chrt
| schedutils: usr/bin/ionice
| schedutils: usr/bin/taskset
`----

cpudyn

Package: cpudyn
Description: CPU dynamic frequency control for processors with scaling

taskset

Not tasksel but taskset. See schedutils. man page says:

NAME
       taskset - retrieve or set a processes's CPU affinity

SYNOPSIS
       taskset [options] [mask | list ] [pid | command [arg]...]

DESCRIPTION
       taskset  is  used  to set or retrieve the CPU affinity of a running
       process given its PID or to launch a new COMMAND with a  given  CPU
       affinity.  CPU affinity is a scheduler property that "bonds" a pro-
       cess to a given set of CPUs on the  system.   The  Linux  scheduler
       will  honor  the given CPU affinity and the process will not run on
       any other CPUs.  Note that the Linux scheduler also supports  natu-
       ral  CPU  affinity: the scheduler attempts to keep processes on the
       same CPU as long as practical for performance reasons.   Therefore,
       forcing  a specific CPU affinity is useful only in certain applica-
       tions.

[skipping a lot of lines...]

cpulimit

Name: cpulimit
Description: limits the cpu usage of a process
Tags: admin::hardware, admin::monitoring, interface::commandline, role::program

cpufreqd

Name: cpufreqd
Description: fully configurable daemon for dynamic frequency and voltage scaling
Tags: admin::boot, admin::hardware, interface::daemon, role::program, scope::utility, use::configuring

cpufrequtils

Name: cpufrequtils
Description: utilities to deal with the cpufreq Linux kernel feature
Tags: hardware::detection, interface::commandline, role::program, scope::utility, use::configuring, use::viewing

contains the tools

,----[ apt-file list cpufrequtils | grep bin/ ]
| cpufrequtils: usr/bin/cpufreq-info
| cpufrequtils: usr/bin/cpufreq-set
`----

fdupes

Name: fdupes
Description: Identifies duplicate files within given directories
Tags: interface::text-mode, role::program, scope::utility, use::searching, works-with::file

fslint

Name: fslint
Description: A toolkit to fix various problems with filesystems' data.
Tags: implemented-in::python, interface::x11, use::checking, works-with::file

raidutils

Name: raidutils
Description: Adaptec I2O hardware RAID management utilities
Tags: admin::configuring, admin::filesystem, hardware::storage, interface::commandline, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::r, use::converting

nictools-nopci

Name: nictools-nopci
Description: Diagnostic tools for many non-PCI ethernet cards
Tags: admin::hardware, interface::commandline, network::configuration, role::program, scope::utility, use::configuring

nictools-pci

Name: nictools-pci
Description: Diagnostic tools for many PCI ethernet cards
Tags: admin::hardware, interface::commandline, network::configuration, role::program, scope::utility, use::configuring

shred

See coreutils.

secure-delete

Name: secure-delete
Description: tools to wipe files, free diskspace, swap and memory
Tags:

wipe

Name: wipe
Description: Secure file deletion
Tags: interface::commandline, role::program, scope::utility, works-with::file

multisync

Name: multisync
Description: A program to synchronize PIM data
Tags: hardware::embedded, interface::x11, role::program, scope::utility, suite::gnome, uitoolkit::gtk, use::synchronizing, works-with::pim

nload

Name: nload
Description: A realtime console network usage monitor
Tags: admin::monitoring, interface::text-mode, role::program, scope::utility, uitoolkit::ncurses, use::monitor

ncdt

Name: ncdt
Description: Display directory tree
Tags: interface::commandline, role::program, scope::utility, use::browsing, works-with::audio, works-with::file, works-with-format::mp3

clusterssh

Package: clusterssh
Description: administer multiple ssh or rsh shells simultaneously
Tag: admin::cluster, implemented-in::perl, interface::x11, network::client, protocol::ssh, role::program, uitoolkit::tk, use::login, x11::application

Go here for more information.

sshm

Name: sshm
Description: A command-line tool to manage your ssh servers
Tags:

cron

Package: cron
Description: management of regular background processing
Tag: admin::automation, implemented-in::c, interface::daemon, role::program, scope::utility

incron

Package: incron
Description: cron-like daemon which handles filesystem events
Tag: admin::automation, implemented-in::c++, interface::daemon, role::program, scope::utility

There is also an article about it on the net.

inotify-tools

Name: inotify-tools
Description: command-line programs providing a simple interface to inotify
Tags: admin::monitoring, implemented-in::c, interface::commandline, role::program, scope::utility, works-with::file

sendemail

Name: sendemail
Description: email-from-console sending tool
Tags:

libc6

Name: libc6
Description: GNU C Library: Shared libraries
Tags: devel::lang:c, devel::library, implemented-in::c, protocol::ipv6, role::shared-lib

,----[ apt-file list libc6 | grep bin/ ]
| libc6: sbin/ldconfig
| libc6: usr/bin/catchsegv
| libc6: usr/bin/getconf
| libc6: usr/bin/getent
| libc6: usr/bin/iconv
| libc6: usr/bin/ldd
| libc6: usr/bin/locale
| libc6: usr/bin/localedef
| libc6: usr/bin/rpcinfo
| libc6: usr/bin/tzselect
| libc6: usr/bin/zdump
| libc6: usr/sbin/iconvconfig
| libc6: usr/sbin/zic
| libc6-dev: usr/bin/gencat
| libc6-dev: usr/bin/mtrace
| libc6-dev: usr/bin/rpcgen
| libc6-dev: usr/bin/sprof
`----

file

Name: file
Description: Determines file type using "magic" numbers
Tags: interface::commandline, role::program, scope::utility, use::scanning, works-with::file

ipfwadm

Name: not available
Description: not available
Tags:

awk

Name: not available
Description: not available
Tags:

pciutils

Contains lspci, lsusb, etc.

Name: pciutils
Description: Linux PCI Utilities
Tags: admin::configuring, admin::hardware, hardware::detection, interface::commandline, role::program, scope::utility, special::completely-tagged, use::configuring

hwdata

Package: hwdata
Description: hardware identification / configuration data
Tag: admin::configuring, admin::hardware, hardware::detection, role::app-data, use::configuring

hwinfo

Name: hwinfo
Description: Hardware identification system
Tags: admin::hardware, hardware::detection, interface::commandline, role::program, scope::utility, use::scanning

dmidecode

Name: dmidecode
Description: Dump Desktop Management Interface data
Tags: admin::hardware, hardware::detection, interface::commandline, role::program, scope::utility, use::viewing

util-linux

Contains dmesg and a bunch of other fine tools...

Name: util-linux
Description: Miscellaneous system utilities
Tags: interface::commandline, interface::text-mode, role::program, scope::utility, uitoolkit::ncurses

fwbuilder

Name: fwbuilder
Description: Firewall administration tool GUI
Tags: interface::x11, protocol::ssl, role::program, scope::utility, security::firewall, uitoolkit::gtk, uitoolkit::qt, use::configuring, x11::application

fwbuilder-bsd

Name: fwbuilder-bsd
Description: Firewall Builder policy compiler(s) for BSD based firewalls
Tags: interface::x11, role::program, scope::utility, security::firewall, uitoolkit::qt, use::configuring, x11::application

getent

Is part of the libc6 package anyway.

coreutils

Which contains a bunch of fine tools:

,----[ apt-file list coreutils | grep bin/ ]
| coreutils: bin/cat
| coreutils: bin/chgrp
| coreutils: bin/chmod
| coreutils: bin/chown

[skipping a lot of lines...]

| coreutils: usr/bin/wc
| coreutils: usr/bin/who
| coreutils: usr/bin/whoami
| coreutils: usr/bin/yes
| coreutils: usr/sbin/chroot
`----

lovely isn't it... I would rather give away my cat than this package. Or not... hm... /me loves both

Name: coreutils
Description: The GNU core utilities
Tags: admin::configuring, implemented-in::c, interface::commandline, role::program, scope::utility, works-with::file

binutils

Name: binutils
Description: The GNU assembler, linker and binary utilities
Tags: devel::machinecode, interface::commandline, role::program, scope::utility

Which contains

,----[ apt-file list binutils | grep ^binutils: | egrep '.sh$|bin/' ]
| binutils: usr/bin/addr2line
| binutils: usr/bin/ar
| binutils: usr/bin/as
| binutils: usr/bin/c++filt
| binutils: usr/bin/gprof
| binutils: usr/bin/ld
| binutils: usr/bin/nm
| binutils: usr/bin/objcopy
| binutils: usr/bin/objdump
| binutils: usr/bin/ranlib
| binutils: usr/bin/readelf
| binutils: usr/bin/size
| binutils: usr/bin/strings
| binutils: usr/bin/strip
`----

size

See binutils.

fc

This one is a shell builtin¹

,----[ help fc ]
| fc: fc [-e ename] [-nlr] [first] [last] or fc -s [pat=rep] [cmd]
|      fc is used to list or edit and re-execute commands from the history list.
|     FIRST and LAST can be numbers specifying the range, or FIRST can be a
|     string, which means the most recent command beginning with that
|     string.
|
|        -e ENAME selects which editor to use.  Default is FCEDIT, then EDITOR,
|           then vi.
|
|        -l means list lines instead of editing.
|        -n means no line numbers listed.
|        -r means reverse the order of the lines (making it newest listed first).
|
|     With the `fc -s [pat=rep...] [command]' format, the command is
|     re-executed after the substitution OLD=NEW is performed.
|
|     A useful alias to use with this is r='fc -s', so that typing `r cc'
|     runs the last command beginning with `cc' and typing `r' re-executes
|     the last command.
`----

seq

See coreutils.

chroot

See coreutils — Hint: no! chroot is not secure even that most folks think so. Better use some sort of virtualization e.g. Linux-Vserver.

procps

Contains ps and others.

Name: procps
Description: /proc file system utilities
Tags: admin::monitoring, interface::commandline, interface::text-mode, role::program, scope::utility, uitoolkit::ncurses, use::monitor, works-with::software:running

sysstat

Package: sysstat
Description: sar, iostat and mpstat - system performance tools for Linux
Tag: admin::accounting, admin::monitoring, implemented-in::c, interface::commandline, interface::daemon, network::server, role::program, use::monitor, works-with::logfile

iostat

See sysstat.

memstat

Name: memstat
Description: Identify what's using up virtual memory.
Tags: admin::benchmarking, interface::commandline, use::monitor

basename and dirname

Yes, coreutils again.

nm

See binutils.

loadlin

Contains freeramdisk

Name: loadlin
Description: a loader (running under DOS) for LINUX kernel images
Tags: admin::boot, interface::commandline, role::program, scope::utility

strings

See binutils.

rpcinfo

See libc6 package.

nfs-common

Name: nfs-common
Description: NFS support files common to client and server
Tags: admin::filesystem, interface::commandline, interface::daemon, network::client, network::server, role::program

di

I love it...

Name: di
Description: advanced df like disk information utility
Tags: interface::commandline

showmount

See nfs-common.

nfsstat

See nfs-common.

e2fsprogs

Again, tomcat or package. Hard choice that is...

Name: e2fsprogs
Description: ext2 file system utilities and libraries
Tags: admin::configuring, admin::filesystem, hardware::storage, interface::commandline, role::program, scope::utility, security::integrity, use::checking

dumpe2fs

See e2fsprogs.

split and cssplit

See coreutils.

mdadm

Name: mdadm
Description: tool to administer Linux MD arrays (software RAID)
Tags: admin::boot, admin::configuring, hardware::storage, interface::commandline, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::m, use::configuring

yaird

Name: yaird
Description: Yet Another mkInitRD
Tags: admin::boot

mkinitrd.yaird

See yaird.

resize2fs

See e2fsprogs.

vlan

Name: vlan
Description: user mode programs to enable VLANs on your ethernet devices
Tags: interface::commandline, network::configuration, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::v

iproute

Package: iproute
Description: Professional tools to control the networking in Linux kernels
Tag: admin::configuring, interface::commandline, protocol::ipv6, role::program, role::shared-lib, scope::utility, use::routing

This one is very powerful since it allows us to set up complex networking scenarios if needed. However, it is also very useful for trivial cases because it is very easy to handle and work with. man 8 ip is a good point to start at. The package iproute contains

,----[ apt-file list iproute | grep bin/ ]
| iproute: bin/ip
| iproute: sbin/ip
| iproute: sbin/netbug
| iproute: sbin/rtacct
| iproute: sbin/rtmon
| iproute: sbin/ss
| iproute: sbin/tc
| iproute: usr/bin/ctstat
| iproute: usr/bin/lnstat
| iproute: usr/bin/nstat
| iproute: usr/bin/routef
| iproute: usr/bin/routel
| iproute: usr/bin/rtstat
| iproute: usr/sbin/arpd
`----

ifscheme

Name: ifscheme
Description: scheme control for network interfaces
Tags: interface::commandline, network::configuration, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::i, use::configuring

sipcalc

Name: sipcalc
Description: Advanced console-based ip subnet calculator
Tags: interface::commandline, protocol::ipv6, role::program, scope::utility

ipcalc

Name: ipcalc
Description: parameter calculator for IPv4 addresses
Tags: implemented-in::perl, interface::commandline, interface::web, role::program, scope::utility, use::converting, web::cgi

hostname

Name: hostname
Description: utility to set/show the host name or domain name
Tags: interface::commandline, role::program, scope::utility, use::configuring

netcat

Name: netcat
Description: TCP/IP swiss army knife
Tags: interface::commandline, protocol::ip, role::program, scope::utility, use::downloading

better use cryptcat.

cryptcat

Name: cryptcat
Description: TCP/IP swiss army knife extended with twofish encryption
Tags: interface::commandline, network::scanner, role::program, scope::utility, security::cryptography, use::transmission

socat

Name: socat
Description: multipurpose relay for bidirectional data transfer
Tags: special::not-yet-tagged, special::not-yet-tagged::s, use::transmission

host

Name: host
Description: utility for querying DNS servers
Tags: interface::commandline, protocol::dns, role::program, scope::utility, use::checking

ifupdown

Package: ifupdown
Description: high level tools to configure network interfaces
Tag: implemented-in::c, implemented-in::perl, interface::commandline, network::configuration, protocol::ipv6, role::program, scope::utility, use::configuring

which contains

,----[ apt-file list ifupdown | grep bin/ ]
| ifupdown: sbin/ifdown
| ifupdown: sbin/ifup
| ifupdown-scripts-zg2: usr/bin/check-ifupdown-scripts-zg2.d-symlinks
| ifupdown-scripts-zg2: usr/bin/dump-ifupdown-scripts-zg2.d-symlinks
| ifupdown-scripts-zg2: usr/bin/kill-ifupdown-scripts-zg2.d-symlinks
| ifupdown-scripts-zg2: usr/bin/update-ifupdown-scripts-zg2.d-symlinks
`----

net-tools

Package: net-tools
Description: The NET-3 networking toolkit
Tag: admin::configuring, interface::commandline, network::configuration, network::routing, network::vpn, protocol::ipv6, role::program, scope::utility, use::routing

which contains

,----[ apt-file list net-tools | grep bin/ ]
| net-tools: bin/netstat
| net-tools: sbin/ifconfig
| net-tools: sbin/ipmaddr
| net-tools: sbin/iptunnel
| net-tools: sbin/mii-tool
| net-tools: sbin/nameif
| net-tools: sbin/plipconfig
| net-tools: sbin/rarp
| net-tools: sbin/route
| net-tools: sbin/slattach
| net-tools: usr/sbin/arp
`----

netstat

See net-tools. netstat -tulpe is what I do pretty often.

dnsutils

Name: dnsutils
Description: Clients provided with BIND
Tags: interface::commandline, network::client, protocol::dns, role::program

Contains nslookup or dig (more about dig can be read here) for exmaple ... next to other nifty tools

,----[ apt-file list dnsutils | grep bin/ ]
| dnsutils: usr/bin/dig
| dnsutils: usr/bin/nslookup
| dnsutils: usr/bin/nsupdate
`----

dnstracer

Name: dnstracer
Description: Trace DNS queries to the source
Tags: interface::commandline, network::client, protocol::dns, role::program, use::searching

whois

Name: whois
Description: the GNU whois client
Tags: interface::commandline, network::client, protocol::dns, protocol::ipv6, role::program

zonecheck

Name: zonecheck
Description: A DNS configuration checker
Tags: implemented-in::ruby, interface::commandline, protocol::dns, role::program, scope::utility, use::checking

route

See net-tools. route manipulates the kernel's IP routing tables. Its primary use is to set up static routes to specific hosts or networks via an interface after it has been configured with the ifconfig(8) program.

tcputils

Name: tcputils
Description: Utilities for TCP programming in shell-scripts
Tags: interface::commandline, role::program, scope::utility

tc

See iproute.

traceroute

Name: traceroute
Description: traces the route taken by packets over a TCP/IP network
Tags: admin::benchmarking, interface::commandline, network::routing, network::scanner, protocol::ip, role::program, scope::utility, use::routing

tcpdump

Name: tcpdump
Description: A powerful tool for network monitoring and data acquisition
Tags: admin::monitoring, interface::commandline, network::scanner, role::program, scope::utility, use::monitor

ethereal

Is now known as wireshark — see below.

Package: ethereal
Description: dummy upgrade package for ethereal -> wireshark
Tag: admin::monitoring, interface::x11, network::scanner, role::program, scope::utility, uitoolkit::gtk, use::scanning, x11::application

wireshark

Formally known as ethereal...

Package: wireshark
Description: network traffic analyzer
Tag: admin::monitoring, implemented-in::c, interface::x11, network::scanner, protocol::ethernet, role::program, scope::utility, uitoolkit::gtk, use::monitor, works-with::network-traffic, x11::application

vnstat

Name: vnstat
Description: console-based network traffic monitor
Tags: admin::monitoring, interface::commandline, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::v, use::monitor

This program can show nice statistics on the CLI (Command Line Interface) e.g. the traffic from/to my machine for the last 24 hours

,----[ vnstat -h ]
|  eth0                                                                     15:50
|   ^        r
|   |  r     r  r     r  r
|   |  r     r  r     r  r
|   |  r  r  r  r  r  r  r
|   |  r  r  r  r  r  r  r
|   |  r  r  r  r  r  r  r
|   |  r  r  r  r  r  r  r
|   |  r  r  r  r  r  r  r                                         r        r
|   |  r  r  r  r  r  r  r                                         r        r
|   |  rt rt rt rt rt rt rt                             t rt  t rt rt r  rt rt
|  -+--------------------------------------------------------------------------->
|   |  16 17 18 19 20 21 22 23 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15
|
|  h   rx (kB)    tx (kB)      h   rx (kB)    tx (kB)      h   rx (kB)    tx (kB)
| 16    393,100     69,681    00      3,967      2,963    08     26,941     49,249
| 17    338,948     68,670    01      2,758      2,353    09     45,740     48,149
| 18    433,402     71,991    02      2,329      2,025    10     30,614     47,757
| 19    412,071     72,289    03      1,668      1,464    11     78,734     49,361
| 20    338,468     68,153    04      1,646      1,423    12    139,524     49,676
| 21    401,429     69,469    05     25,253      1,781    13     46,232     20,670
| 22    411,543     66,095    06      5,948        785    14     79,883     50,266
| 23      7,768      5,267    07      2,096     10,933    15    151,124     45,470
`----

What I love the most about it, is the fact that one can write a script and poll vnstats database in numerous ways to get whatever information is required.

iperf

Name: iperf
Description: Internet Protocol bandwidth measuring tool
Tags: admin::monitoring, interface::commandline, interface::daemon, network::server, protocol::ip, protocol::ipv6, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::i, use::monitor

trickle

Name: trickle
Description: user-space bandwidth shaper
Tags: implemented-in::c, interface::commandline, role::program, scope::utility, use::configuring, use::downloading

finger

Name: finger
Description: user information lookup program
Tags: interface::commandline, network::client, protocol::finger, role::program, works-with::people

You want to know the current (Mon Jun 25 12:31:21 UTC 2007) versions of the Linux kernel archive? No problem:

,----[ finger @kernel.org ]
| [kernel.org]
| The latest stable version of the Linux kernel is:           2.6.21.5
| The latest prepatch for the stable Linux kernel tree is:    2.6.22-rc6
| The latest 2.4 version of the Linux kernel is:              2.4.34.5
| The latest prepatch for the 2.4 Linux kernel tree is:       2.4.35-pre5
| The latest 2.2 version of the Linux kernel is:              2.2.26
| The latest prepatch for the 2.2 Linux kernel tree is:       2.2.27-rc2
| The latest -mm patch to the stable Linux kernels is:        2.6.22-rc4-mm2
`----

wget

Name: wget
Description: retrieves files from the web
Tags: filetransfer::ftp, filetransfer::http, network::client, protocol::ftp, protocol::http, role::program, use::downloading, use::synchronizing

curl

The better wget...

Name: curl
Description: Get a file from an HTTP, HTTPS or FTP server
Tags: filetransfer::ftp, filetransfer::http, implemented-in::c, interface::commandline, network::client, role::program, scope::utility, use::downloading, use::synchronizing, works-with::file

deborphan

See what it can do.

Name: deborphan
Description: Find orphaned libraries
Tags: admin::package-management, implemented-in::c, interface::commandline, role::program, scope::utility, suite::debian, use::checking, use::organizing, works-with::software:package

mii-tool

See net-tools.

mknbi

Name: mknbi
Description: Create tagged images for Etherboot or Netboot
Tags: admin::boot, implemented-in::perl, network::configuration, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::m

fmt

See coreutils.

screem

Name: screem
Description: A GNOME website development environment
Tags: interface::x11, special::not-yet-tagged, special::not-yet-tagged::s, suite::gnome, uitoolkit::gtk, use::editing, works-with::text, works-with-format::html, x11::application

screen

Name: screen
Description: a terminal multiplexor with VT100/ANSI terminal emulation
Tags: interface::text-mode, role::program, scope::utility, uitoolkit::ncurses, works-with::software:running

memtest86+

Name: memtest86+
Description: thorough real-mode memory tester
Tags: admin::boot, hardware::storage:floppy, interface::commandline, interface::text-mode, use::checking

nvram-wakeup

Name: nvram-wakeup
Description: A tool to read/write the WakeUp time from/to the BIOS
Tags: hardware::power, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::n

html2ps

Name: html2ps
Description: HTML to PostScript converter
Tags: interface::commandline, role::program, scope::utility, use::converting, works-with::text, works-with-format::html, works-with-format::postscript

man2html

Name: man2html
Description: turns a web-browser and an httpd-server into a man pager
Tags: implemented-in::c, interface::web, use::converting, web::cgi, works-with::text, works-with-format::html, works-with-format::man

a2ps

Name: a2ps
Description: GNU a2ps - 'Anything to PostScript' converter and pretty-printer
Tags: devel::prettyprint, interface::commandline, role::program, scope::utility, use::converting, use::printing, works-with::text, works-with-format::postscript

cxref

Name: cxref
Description: Generates latex and HTML documentation for C programs
Tags: devel::docsystem, devel::lang:c, implemented-in::c, interface::commandline, role::program, scope::utility, use::converting, works-with::software:source, works-with::text, works-with-format::html, works-with-format::tex

ifrename

Name: ifrename
Description: Rename network interfaces based on various static criteria
Tags: interface::commandline, network::configuration, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::i

apt

Name: apt
Description: Advanced front-end for dpkg
Tags: admin::package-management, filetransfer::ftp, filetransfer::http, hardware::storage:cd, interface::commandline, network::client, role::program, suite::debian, use::downloading, use::searching, works-with::software:package

apt-listchanges

A nice-to-have.

Name: apt-listchanges
Description: Display change history from .deb archives
Tags: admin::package-management, implemented-in::python, interface::commandline, role::program, scope::utility, suite::debian, use::viewing, works-with::logfile, works-with::software:package

Note, it might be a good idea to run dpkg-reconfigure apt-listchanges in order to enable/change it/settings — I consider

wks:/home/sa# cat /etc/apt/listchanges.conf
[apt]
frontend=pager
email_address=root
confirm=1
which=both
wks:/home/sa#

a good thing.

apt-listbugs

A must-have.

Name: apt-listbugs
Description: Lists critical bugs before each apt installation
Tags: admin::package-management, implemented-in::ruby, interface::commandline, protocol::http, role::program, scope::utility, suite::debian, works-with::bugs, works-with::software:package

apt-spy

Name: apt-spy
Description: writes a sources.list file based on bandwidth tests
Tags: admin::package-management, filetransfer::ftp, filetransfer::http, interface::commandline, network::scanner, protocol::ftp, protocol::http, role::program, scope::utility, suite::debian, use::downloading, use::scanning

apt-file

Name: apt-file
Description: APT package searching utility -- command-line interface
Tags: implemented-in::perl, interface::commandline, role::program, suite::debian, use::searching, works-with::file, works-with::software:package

apt-move

Name: apt-move
Description: Maintain Debian packages in a package pool
Tags: hardware::storage, implemented-in::shell, interface::commandline, role::program, scope::utility, suite::debian, use::organizing, works-with::software:package

apt-mirror

Package: apt-mirror
Description: APT sources mirroring tool
Tag: interface::commandline, network::client, protocol::ftp, protocol::http, role::program, scope::utility, suite::debian, use::downloading, use::synchronizing, works-with::file, works-with::software:package

debmirror

Package: debmirror
Description: Debian partial mirror script, with ftp and package pool support
Tag: admin::file-distribution, filetransfer::ftp, filetransfer::http, implemented-in::perl, interface::commandline, protocol::ftp, protocol::http, role::program, suite::debian, use::downloading, use::synchronizing, works-with::software:package

aptitude

Name: aptitude
Description: terminal-based apt frontend
Tags: admin::configuring, admin::package-management, implemented-in::c++, interface::text-mode, role::program, scope::application, suite::debian, uitoolkit::ncurses, use::browsing, use::configuring, works-with::software:package

dpkg

Name: dpkg
Description: package maintenance system for Debian
Tags: admin::package-management, implemented-in::c, implemented-in::perl, interface::commandline, role::program, scope::utility, suite::debian, use::configuring, use::scanning, works-with::software:package

debconf

Name: debconf
Description: Debian configuration management system
Tags: admin::configuring, implemented-in::perl, role::program, scope::utility, suite::debian, uitoolkit::gtk, uitoolkit::qt, use::configuring

lsof

Name: lsof
Description: List open files
Tags: interface::commandline, role::program, scope::utility, use::searching, works-with::file, works-with::software:running

procps

Name: procps
Description: /proc file system utilities
Tags: admin::monitoring, interface::commandline, interface::text-mode, role::program, scope::utility, uitoolkit::ncurses, use::monitor, works-with::software:running

sysctl

See procps.

nessus

Name: nessus
Description: Remote network security auditor, the client
Tags: interface::x11, network::client, network::scanner, role::program, uitoolkit::gtk, x11::application

nikto

Package: nikto
Description: web server security scanner
Tag: implemented-in::perl, interface::commandline, network::scanner, protocol::http, protocol::ssl, role::program, scope::utility, use::scanning, web::cgi

nmap

Name: nmap
Description: The Network Mapper
Tags: admin::monitoring, interface::commandline, network::scanner, role::program, scope::utility, use::scanning

ettercap

Name: ettercap
Description: Multipurpose sniffer/interceptor/logger for switched LAN
Tags: interface::text-mode, network::scanner, role::program, scope::utility, uitoolkit::ncurses, use::scanning

dsniff

Package: dsniff
Description: Various tools to sniff network traffic for cleartext insecurities
Tag: implemented-in::c, interface::commandline, protocol::ethernet, protocol::http, protocol::ip, protocol::smtp, protocol::ssh, role::program, scope::utility, use::monitor

which contains

,----[ apt-file list dsniff | grep bin/ ]
| dsniff: usr/sbin/arpspoof
| dsniff: usr/sbin/dnsspoof
| dsniff: usr/sbin/dsniff
| dsniff: usr/sbin/filesnarf
| dsniff: usr/sbin/macof
| dsniff: usr/sbin/mailsnarf
| dsniff: usr/sbin/msgsnarf
| dsniff: usr/sbin/sshmitm
| dsniff: usr/sbin/sshow
| dsniff: usr/sbin/tcpkill
| dsniff: usr/sbin/tcpnice
| dsniff: usr/sbin/urlsnarf
| dsniff: usr/sbin/webmitm
| dsniff: usr/sbin/webspy
`----

acl

Name: acl
Description: Access control list utilities
Tags: admin::user-management, interface::commandline, role::program, scope::utility, works-with::file

pwgen

Package: pwgen
Description: Automatic Password generation
Tag: interface::commandline, role::program, scope::utility, security::authentication

Usage example:

,----[ pwgen -synB 19 1 ]
| @)i~w(#9_-mdT?o<\<H
`----

sysvinit-utils

Package: sysvinit-utils
Description: System-V-like utilities
Tag: admin::login, implemented-in::c, interface::commandline, role::program, scope::utility, works-with::software:running

Especially last and lastb are interesting in terms of security.

sa@wks:~$ afl sysvinit-utils | grep bin/
sysvinit-utils: /bin/pidof
sysvinit-utils: /sbin/killall5
sysvinit-utils: /sbin/sulogin
sysvinit-utils: /usr/bin/last
sysvinit-utils: /usr/bin/lastb
sysvinit-utils: /usr/bin/mesg
sa@wks:~$

Especially last and lastb. last searches back through the file /var/log/wtmp (or the file designated by the -f flag) and displays a list of all users logged in (and out) since that file was created.

cracklib2

Package: cracklib2
Description: pro-active password checker library
Tag: devel::library, implemented-in::c, interface::commandline, role::shared-lib, security::authentication, use::checking, works-with::dictionary

cracklib2 is NOT a replacement for the passwd program. cracklib2 is a library!

fail2ban

Package: fail2ban
Description: bans IPs that cause multiple authentication errors
Tag: admin::automation, admin::logging, admin::monitoring, implemented-in::python, interface::commandline, interface::daemon, network::firewall, [skipping a lot of stuff...]

denyhosts

Package: denyhosts
Description: an utility to help sys admins thwart ssh hackers
Tag: admin::configuring, admin::logging, implemented-in::python, interface::daemon, protocol::ssh, role::program, scope::utility, security::forensics

psad

Package: psad
Description: The Port Scan Attack Detector
Tag: admin::monitoring, interface::daemon, network::firewall, network::server, role::program, security::firewall, security::ids, use::checking

john

Name: john
Description: active password cracking tool
Tags: implemented-in::c, interface::commandline, role::program, scope::utility, security::authentication, use::checking

bastille

Package: bastille
Description: Security hardening tool
Tag: devel::testing-qa, interface::text-mode, role::program, scope::utility, security::ids, suite::gnu, uitoolkit::ncurses

More information can be found here.

tiger

Name: tiger
Description: Report system security vulnerabilities
Tags: admin::monitoring, implemented-in::c, implemented-in::shell, interface::commandline, role::program, scope::application, security::ids, security::integrity

debsecan

Package: debsecan
Description: Debian Security Analyzer
Tag: admin::automation, admin::monitoring, devel::testing-qa, network::scanner, role::program, suite::debian, use::scanning

chkrootkit

Name: chkrootkit
Description: Checks for signs of rootkits on the local system
Tags: implemented-in::c, interface::commandline, role::program, scope::utility, security::ids

rkhunter

Package: rkhunter
Description: rootkit, backdoor, sniffer and exploit scanner
Tag: implemented-in::shell, interface::commandline, role::program, scope::utility, security::ids, security::integrity, use::checking, use::scanning

integrit

Name: integrit
Description: A file integrity verification program
Tags: role::program, security::integrity

aide

Name: aide
Description: Advanced Intrusion Detection Environment - static binary
Tags: interface::commandline, role::program, scope::utility, security::ids, security::integrity, use::monitor, works-with::file, works-with::mail

sxid

Package: sxid
Description: suid, sgid file and directory checking
Tag: admin::monitoring, admin::user-management, interface::daemon, role::program, scope::utility, use::monitor, works-with::file

bonnie++

Name: bonnie++
Description: Hard drive bottleneck testing benchmark suite.
Tags: admin::benchmarking, hardware::storage, implemented-in::c++, interface::commandline, role::program, scope::utility, use::checking

ab

sa@wks:~$ afl apache2-utils | grep bin/
apache2-utils: usr/bin/dbmmanage
apache2-utils: usr/bin/htdbm
apache2-utils: usr/bin/htdigest
apache2-utils: usr/bin/htpasswd
apache2-utils: usr/sbin/ab
apache2-utils: usr/sbin/check_forensic
apache2-utils: usr/sbin/checkgid
apache2-utils: usr/sbin/htcacheclean
apache2-utils: usr/sbin/logresolve
apache2-utils: usr/sbin/rotatelogs
apache2-utils: usr/sbin/split-logfile
sa@wks:~$ apropos benchmarking
ab (8)               - Apache HTTP server benchmarking tool
sa@wks:~$ 

httperf

Package: httperf
Description: An HTTP server performance tester
Tag: admin::benchmarking, implemented-in::c, interface::commandline, protocol::http, role::program, use::monitor

ddrescue

The better dd.

Name: ddrescue
Description: copies data from one file or block device to another
Tags: admin::recovery, hardware::storage, interface::commandline, role::program, scope::utility, use::storing

tsort

See coreutils.

lsattr

See e2fsprogs.

chattr

See e2fsprogs.

time

Name: time
Description: The GNU time program for measuring cpu resource usage
Tags: devel::profiler, interface::commandline, role::program, scope::utility, use::timekeeping, works-with::software:running

bc

Name: bc
Description: The GNU bc arbitrary precision calculator language
Tags: devel::interpreter, field::mathematics, implemented-in::c, interface::text-mode, role::program, scope::utility, uitoolkit::ncurses

meld

Name: meld
Description: graphical tool to diff and merge files
Tags: implemented-in::python, interface::x11, suite::gnome, uitoolkit::gtk, works-with::text, x11::application

comm

See coreutils.

mmv

Name: mmv
Description: Move/Copy/Append/Link multiple files
Tags: interface::commandline, role::program, scope::utility, use::organizing, works-with::file

id

See coreutils.

uuidgen

,----[ apt-file search uuidgen | grep bin/uuidgen ]
| e2fsprogs: usr/bin/uuidgen
`----

wv

Name: wv
Description: Programs for accessing Microsoft Word documents
Tags: role::program, role::shared-lib, scope::utility, use::converting, use::viewing

schedutils

Name: schedutils
Description: Linux scheduler utilities
Tags: admin::kernel, interface::commandline, role::program, scope::utility, special::not-yet-tagged, special::not-yet-tagged::s, works-with::software:running

adduser

Name: adduser
Description: Add and remove users and groups
Tags: admin::user-management, implemented-in::perl, interface::commandline, role::program, scope::utility

deluser/delgroup

See adduser.

gpm

Name: gpm
Description: General Purpose Mouse Interface
Tags: hardware::input:mouse, interface::daemon, network::server, role::program, uitoolkit::ncurses

rpl

Name: rpl
Description: intelligent recursive search/replace utility
Tags: implemented-in::python, interface::commandline, role::program, scope::utility, works-with::text

tr

Translate, squeeze, and/or delete characters from standard input, writing to standard output. See coreutils.

renameutils

Name: renameutils
Description: Programs to make file renaming easier
Tags: interface::text-mode, role::program, scope::utility, works-with::file

ncurses-bin

Name: ncurses-bin
Description: Terminal-related programs and man pages
Tags: admin::configuring, devel::library, interface::commandline, interface::text-mode, role::program, scope::utility, uitoolkit::ncurses

tput

See ncurses-bin.

reset

See ncurses-bin.

dialog

Name: dialog
Description: Displays user-friendly dialog boxes from shell scripts
Tags: interface::text-mode, role::program, scope::utility, uitoolkit::ncurses, works-with::text

whiptail

Name: whiptail
Description: Displays user-friendly dialog boxes from shell scripts
Tags: interface::text-mode, role::program, scope::utility, use::viewing

sysvinit-utils

Name: sysvinit-utils
Description: System-V-like utilities
Tags: admin::login, implemented-in::c, interface::commandline, role::program, scope::utility, works-with::software:running

last

See sysvinit-utils.

lastlog

Reports the most recent login of all users or of a given user. lastlog is part of the login package.

stat

See coreutils.

whereami

Name: whereami
Description: Automatically reconfigure your (laptop) system for a new location
Tags: hardware::laptop, network::configuration, protocol::dhcp

whoami

See coreutils.

tac

See coreutils.

syslinux

Name: syslinux
Description: Bootloader for Linux/i386 using MS-DOS floppies
Tags: admin::boot, hardware::storage, interface::commandline, role::program, scope::utility

gethostip

See syslinux.

discover

Name: discover
Description: hardware identification system
Tags: hardware::detection, interface::commandline, role::program, scope::utility

expect

FAI (Fully Automatic Installation) is using expect as one of its servants.

Name: expect
Description: A program that can automate interactive applications
Tags: devel::interpreter, interface::commandline, interface::shell, role::program, scope::utility, works-with::software:running

timezoneconf

Name: timezoneconf
Description: debconf interface to system timezone, date, and time
Tags:

uniq

See coreutils.

xautolock

Name: xautolock
Description: Program launcher for idle X sessions
Tags: hardware::input, interface::x11, role::program, scope::utility, use::monitor, x11::application, x11::screensaver

xautomation

Name: xautomation
Description: Control X from the command line, and find things on the screen
Tags: interface::commandline, role::program, scope::utility, x11::application

alltray

Name: alltray
Description: Dock any program into the system tray
Tags:

who

See coreutils.

bsdmainutils

Name: bsdmainutils
Description: collection of more utilities from FreeBSD
Tags: implemented-in::c, interface::commandline, interface::text-mode, role::program, uitoolkit::ncurses

Also, a fine collection of tools:

,----[ apt-file list bsdmainutils | egrep 'bin/|.sh$' ]
| bsdmainutils: usr/bin/bsd-write
| bsdmainutils: usr/bin/cal
| bsdmainutils: usr/bin/calendar
| bsdmainutils: usr/bin/col
| bsdmainutils: usr/bin/colcrt
| bsdmainutils: usr/bin/colrm
| bsdmainutils: usr/bin/column
| bsdmainutils: usr/bin/from
| bsdmainutils: usr/bin/hd
| bsdmainutils: usr/bin/hexdump
| bsdmainutils: usr/bin/look
| bsdmainutils: usr/bin/lorder
| bsdmainutils: usr/bin/ncal
| bsdmainutils: usr/bin/ul
`----

hexdump

See bsdmainutils.

od

Guess what...? Yeah, coreutils is the place to look...

linuxinfo

Name: linuxinfo
Description: Displays extended system information
Tags: interface::commandline, role::program, scope::utility

sysfsutils

Name: sysfsutils
Description: sysfs query tool and boot-time setup
Tags: admin::configuring, admin::filesystem, interface::commandline, role::program, scope::utility

rdev

See util-linux.

cpulimit

Name: cpulimit
Description: limits the cpu usage of a process
Tags: admin::hardware, admin::monitoring, interface::commandline, role::program

eject

Name: eject
Description: ejects CDs and operates CD-Changers under Linux
Tags: hardware::storage, hardware::storage:cd, implemented-in::c, interface::commandline, role::program, scope::utility, use::driver

tune2fs

See e2fsprogs.

fdisk, sfdisk, cfdisk

See util-linux. sfdisk in batch mode rocks!

sfdisk /dev/hdc << EOF
0,407
,407


EOF

will partition /dev/hdc just as indicated above. Another example

sfdisk /dev/hdb << EOF
,3,L
,60,L
,19,S
,,E
,130,L
,130,L
,130,L
,,L
EOF

see man sfdisk for more information.

script

See bsdutils.

tty and stty

See coreutils.

getconf

See libc6 package.

imagemagick

Name: imagemagick
Description: Image manipulation programs
Tags: interface::commandline, interface::x11, role::program, scope::application, scope::utility, use::converting, use::viewing, works-with::image, works-with::image:raster, x11::application

which comes loaded with a bunch of tools

,----[ apt-file list imagemagick | grep bin/ | grep -v graph ]
| imagemagick: usr/bin/animate
| imagemagick: usr/bin/compare
| imagemagick: usr/bin/composite
| imagemagick: usr/bin/conjure
| imagemagick: usr/bin/convert
| imagemagick: usr/bin/display
| imagemagick: usr/bin/identify
| imagemagick: usr/bin/import
| imagemagick: usr/bin/mogrify
| imagemagick: usr/bin/montage
`----

if you want to take a look at a tools options do a <tool> -help e.g.

,----[ import -help ]
| Version: ImageMagick 6.2.4 04/29/07 Q16 http://www.imagemagick.org
| Copyright: Copyright (C) 1999-2005 ImageMagick Studio LLC
|
| Usage: import [options...] [ file ]
|
| Where options include:
|   -adjoin              join images into a single multi-image file


[skipping a lot of lines...]


|   -window id           select window with this id or name
|
| By default, 'file' is written in the MIFF image format.  To
| specify a particular image format, precede the filename with an image
| format name and a colon (i.e. ps:image) or specify the image type as
| the filename suffix (i.e. image.ps).  Specify 'file' as '-' for
| standard input or output.
`----

scrot

Package: scrot
Description: command line screen capture utility
Tag: interface::commandline, role::program, scope::utility, use::storing, works-with::image, works-with::image:raster

vym

Package: vym
Description: mindmapping tool
Tag: implemented-in::c++, interface::x11, role::program, scope::utility, uitoolkit::qt, use::organizing, works-with::image, works-with::text, works-with-format::xml, x11::application

There is also a nice article about it on Debian Times.

xclip

Package: xclip
Description: command line interface to X selections
Tag: interface::commandline, role::program, scope::utility, works-with::text, x11::application

glipper

Package: glipper
Description: A clipboard manager for GNOME and other window managers
Tag: implemented-in::c, interface::x11, role::program, scope::utility, suite::gnome, uitoolkit::gtk, use::editing, use::storing, works-with::software:running, works-with::text, x11::applet

xbindkeys

Package: xbindkeys
Description: Associate a combination of keys or mouse buttons with a shell command
Tag: hardware::input, interface::daemon, interface::x11, role::program, scope::utility, use::configuring, x11::application

xbindkeys-config

Package: xbindkeys-config
Description: An easy to use gtk program for configuring Xbindkeys.
Tag: hardware::input, interface::x11, role::program, scope::application, uitoolkit::gtk, use::configuring, x11::application

keylaunch

Package: keylaunch
Description: A small utility for binding commands to a hot key
Tag: interface::x11, role::program, scope::utility, x11::application

desklaunch

Package: desklaunch
Description: A small utility for creating desktop icons
Tag: interface::x11, role::program, scope::utility, x11::application

deskmenu

Package: deskmenu
Description: A root menu for X11 window managers
Tag: interface::x11, role::program, scope::utility, uitoolkit::gtk, x11::application

mktemp

Package: mktemp
Description: Makes unique filenames for temporary files
Tag: implemented-in::c, interface::commandline, role::program, scope::utility, works-with::file

Goodies for Debian specific Stuff

This is a listing of various useful tools with regards to Debian e.g. for Debian Developers and Package Maintainers. I make heavy use of GNU Emacs capabilities towards Debian in order to carry out a variety of tasks focusing on development and maintaining software and its related parts with DebianGNU/*. This section goes hand in hand with my dedicated contributions to Debian page...

dlocate

dlocate is a nifty program to view debian package information. It is a fast alternative to dpkg -L and dpkg -S uses GNU locate to greatly speed up finding out which package a file belongs to i.e. a very fast dpkg -S.

dlocate provides many other uses too, including options to view all files in a package (dlocate -L <package_name>), calculate diskspace used (dlocate -du <package_name>), view and check md5sums, list man pages, list config files in a package, etc.

devscripts

Package: devscripts
Description: scripts to make the life of a Debian Package maintainer easier
Tag: devel::debian, devel::packaging, implemented-in::perl, interface::commandline, role::program, scope::utility, suite::debian, use::checking, works-with::bugs, works-with::software:package, works-with::software:source

This package contains a lot of useful stuff that comes in handy when it comes to packaging/maintaining software for Debian — see for yourself:

,----[ apt-file list devscripts | grep bin/ ]
| devscripts: usr/bin/annotate-output
| devscripts: usr/bin/archpath
| devscripts: usr/bin/bts


[skipping a lot of lines...]


| devscripts: usr/bin/who-uploads
| devscripts: usr/bin/whodepends
| devscripts: usr/bin/wnpp-alert
`----

For example, just try man dget to figure what a particular command does.

git-buildpackage

Package: git-buildpackage
Description: Suite to help with Debian packages in Git repositories

Which contains very useful commands

sa@wks:~$ afl git-buildpackage | grep bin/
git-buildpackage: usr/bin/git-buildpackage
git-buildpackage: usr/bin/git-import-dsc
git-buildpackage: usr/bin/git-import-orig
sa@wks:~$

debsigs

Package: debsigs
Description: applies cryptographic signatures to Debian packages
Tag: devel::packaging, implemented-in::perl, interface::commandline, role::program, scope::utility, security::authentication, suite::debian, works-with::software:package

debsig-verify

Package: debsig-verify
Description: Debian Package Signature Verification Tool
Tag: devel::packaging, security::integrity, suite::debian

debsums

Package: debsums
Description: Verify installed package files against MD5 checksums.
Tag: admin::package-management, role::program, security::integrity, suite::debian, works-with::software:package

svn-autoreleasedeb

Package: svn-autoreleasedeb
Description: Automatically release/upload debian packages from SVN

debpartial

Package: debpartial
Description: Debian Packages/Sources file partition tool
Tag: devel::packaging, suite::debian

debpartial-mirror

Package: debpartial-mirror
Description: tools to create partial Debian mirrors

debhelper

Package: debhelper
Description: helper programs for debian/rules

debget

Package: debget
Description: download/compile source and binary Debian packages
Tag: interface::commandline, suite::debian

dget

Part of the devscripts package. What it does is Download Debian source and binary packages.

debdelta

Package: debdelta
Description: diff and patch utilities which work with Debian packages
Tag: implemented-in::python, role::program, works-with::software:package

debbugs

Package: debbugs
Description: The bug tracking system based on the active Debian BTS
Tag: devel::bugtracker, suite::debian, works-with::bugs

debarchiver

Package: debarchiver
Description: Tool to handle debian package archives
Tag: devel::packaging, suite::debian

debaux

Package: debaux
Description: Debian Auxiliary Programs
Tag: devel::buildtools, devel::packaging, implemented-in::perl, interface::commandline, suite::debian, works-with::software:source

debian-builder

Package: debian-builder
Description: Rebuild Debian packages from source code

ept-cache

Package: ept-cache
Description: Commandline tool to search the package archive
Tag: admin::package-management, implemented-in::c++, interface::text-mode, role::program, suite::debian, works-with::software:package

tagcoll

Package: tagcoll
Description: Commandline tool to perform operations on tagged collections
Tag: implemented-in::c++, interface::commandline, role::program, scope::utility, use::organizing, use::searching

debian-goodies

Name: debian-goodies
Description: Small toolbox-style utilities for Debian systems
Tags: implemented-in::python, interface::commandline, role::program, scope::utility, suite::debian, use::searching, works-with::bugs, works-with::software:package

debianutils

Name: debianutils
Description: Miscellaneous utilities specific to Debian
Tags: admin::configuring, implemented-in::c, implemented-in::perl, interface::commandline, role::program, scope::utility, suite::debian

ar

See binutils.

apt-show-source

Name: apt-show-source
Description: Shows source-package information
Tags: devel::packaging, interface::commandline, role::program, scope::utility, suite::debian

apt-show-versions

Name: apt-show-versions
Description: lists available package versions with distribution
Tags: admin::package-management, implemented-in::perl, interface::commandline, role::program, scope::utility, suite::debian, use::checking, works-with::software:package

debtags

Name: debtags
Description: Enables support for package tags
Tags: implemented-in::c++, interface::commandline, role::program, scope::application, suite::debian, use::searching, works-with::software:package

ara

Name: ara
Description: Command line utility for searching the Debian package database
Tags: implemented-in::ocaml, interface::commandline, role::program, scope::application, suite::debian, use::searching, works-with::software:package

dctrl-tools

Package: dctrl-tools
Description: Command-line tools to process Debian package information
Tag: admin::package-management, devel::debian, implemented-in::c, interface::commandline, role::program, scope::utility, suite::debian, use::searching, use::synchronizing, works-with::software:package, works-with::text

which contains some useful tools

,----[ apt-file list dctrl-tools | grep bin/ ]
| dctrl-tools: usr/bin/grep-aptavail
| dctrl-tools: usr/bin/grep-available
| dctrl-tools: usr/bin/grep-dctrl
| dctrl-tools: usr/bin/grep-status
| dctrl-tools: usr/bin/sort-dctrl
| dctrl-tools: usr/bin/tbl-dctrl
| dctrl-tools: usr/sbin/sync-available
`----

lintian

Name: lintian
Description: Debian package checker
Tags: devel::packaging, devel::testing-qa, implemented-in::perl, interface::commandline, role::program, scope::utility, suite::debian, works-with::software:package

rats

Name: rats
Description: Rough Auditing Tool for Security
Tags: role::program, scope::utility, works-with::software:source

splint

Name: splint
Description: A tool for statically checking C programs for bugs
Tags: devel::lang:c, devel::testing-qa, interface::commandline, role::program, scope::utility, use::checking, works-with::software:source

expr

See coreutils.