Category Archives: ubuntu

WSL boot shell script

I’ve created this script to help me get what I need running on my WSL Ubuntu VMs

I’m calling it ~/.mrc_boot_script and I also have it saved it to: https://gist.github.com/markcerv/7ba608b69bf6edf57db456187ad8a4ff

#If we made it in here, then that's a good thing

read -r -t 15 -p "Run the only on boot commands? [y/N] " response
response=${response,,}    # tolower

if [[ "$response" =~ ^(yes|y)$ ]]
then
    echo "All of these commands need sudo, so be prepared to enter in a password"
    sleep 2

    #Need to do this to get screens running cleanly
    echo "Screen cleanup"
    sudo /etc/init.d/screen-cleanup start

    #Let's also make sure postgres is running
    echo "Fire up postgresql"
    sudo service postgresql start

    #Let's also make sure mysql is running
    echo "Fire up mysql"
    sudo service mysql start

    #Let's also make sure ssh is running
    echo "Fire up ssh"
    sudo service ssh --full-restart

    #Let's also make sure redis is running (for celery)
    echo "Fire up redis-server"
    sudo service redis-server start
else
    echo "Doing nothing"
fi

Update ubuntu system clock (ntpdate)

Did you notice that the system clock on your Ubuntu server is wrong? On a production server this might not happen, but on a staging server (or on a WSL instance) the date/time can dift. Here’s how to fix it:

First, ask your server what time it is (so you can have a baseline)

$ date
Thu Mar  4 12:30:02 PST 2021  

If that seems wrong, you’ll want to run ntpdate…but first make sure it’s installed:

$ sudo apt install ntpdate

Next, run the command to update the time

$ sudo ntpdate time.nist.gov

# 5 Mar 10:58:20 ntpdate[11619]: step time server 132.163.97.3 offset 80783.696700 sec

Wow, I was off by over 80,000 seconds, which is 1,346 minutes or 22.4 hours!

Now that it’s been fixed, let’s check the date/time again:

$ date
Fri Mar  5 10:58:26 PST 2021

Perfect!

WSL2 – Adding distro not in store

What if you wanted to add an older linux distro to your WSL2 bullpen? Visiting https://docs.microsoft.com/en-us/windows/wsl/install-manual#installing-your-distro will show you a large number of options where you can download the appropriate .appx file.

This will cause the <distro>.appx packages to download to a folder of your choosing. Follow the installation instructions to install your downloaded distro(s).

If you’re using Windows 10 you can install your distro with PowerShell. Simply navigate to folder containing the distro downloaded from above, and in that directory run the following command where app_name is the name of your distro .appx file.PowershellCopy

Add-AppxPackage .\app_name.appx

If that doesn’t work as expected, you could try any of these links that will get the distro from the Microsoft Store

he following links will open the Microsoft store page for each distribution:

Limiting Access with SFTP Jails on Debian and Ubuntu

(taken from: Linode guide to Limiting Access with SFTP Jails on Debian and Ubuntu

As the system administrator for your Linode, you may want to give your users the ability to securely upload files to your server. The most common way to do this is to allow file transfers via Secure File Transfer Protocol (SFTP), which uses SSH to provide encryption. This requires that you give your users SSH logins. However, by default SSH users are able to view your Linode’s entire filesystem, which may not be desirable.

Limiting Access with SFTP Jails on Debian and Ubuntu

This guide will help you configure OpenSSH to restrict users to their home directories, and to SFTP access only. Please note that these instructions are not intended to support shell logins; any user accounts modified in accordance with this guide will have the ability to transfer files, but not the ability to log into a remote shell session.

These instructions will work for Ubuntu 9.04, Debian 5, and later. Unfortunately, the version of SSH packaged with Ubuntu 8.04 is too old to support this configuration.

Configure OpenSSH

  1. Edit your /etc/ssh/sshd_config file with your favorite text editor:

    vim /etc/ssh/sshd_config
    
  2. Add or modify the Subsystem sftp line to look like the following:

    /etc/ssh/sshd_config
    1
    
    Subsystem sftp internal-sftp
  3. Add this block of settings to the end of the file:

    /etc/ssh/sshd_config
    1
    2
    3
    4
    5
    
    Match Group filetransfer
        ChrootDirectory %h
        X11Forwarding no
        AllowTcpForwarding no
        ForceCommand internal-sftp

    Save the changes to your file.

  4. Restart OpenSSH:

    service ssh restart
    

    OpenSSH has been successfully modified.

Modify User Accounts

This section will set up the correct groups, ownership, and permissions for your user accounts.

  1. Create a system group for users whom you want to restrict to SFTP access:

    addgroup --system filetransfer
    
  2. Modify the user accounts that you wish to restrict to SFTP. Issue the following commands for each account, substituting the appropriate username. Please keep in mind that this will prevent these users from being able to log into a remote shell session.

    usermod -G filetransfer username
    chown root:root /home/username
    chmod 755 /home/username
    

    These users will now be unable to create files in their home directories, since these directories are owned by the root user.

  3. Next, you need to create new directories for each user, to which they will have full access. Issue the following commands for each user, changing the directories created to suit your needs:

    cd /home/username
    mkdir docs public_html
    chown username:filetransfer *
    

    Your users should now be able to log into their accounts via SFTP and transfer files to and from their assigned subdirectories, but they shouldn’t be able to see the rest of your Linode’s filesystem.

Use SFTP

  1. Use sftp from the terminal:

    sftp username@<Your_Linodes_IP>
    

    You can use the help command to see what commands you have access too within the SFTP shell. You have the ability to pwd, cd and ls, for instance. There are also commands like lpwd, that will print the local working directory. In the local home directory type touch test.txt

  2. Transfer local files to the remote system:

    cd docs
    put test.txt
    
  3. Transfer files to the local system from the remote system:

    get test.txt
    
  4. You can test the file permissions by navigating to a different directory within the SFTP shell, and trying to transfer a file.

    sftp> put test.txt /tmp/
    Uploading test.txt to /tmp/
    remote open("/tmp/"): Failure
    
  5. Exit the session with the exit command.

Ubuntu package management shortcuts from command line

Here are some of the more frequently used commands that I find useful.

To search for a particular package by name or description:
From the command-line, use:


apt-cache search keyword

The apt tool on Ubuntu 14.04 and above makes this very easy.


apt list --installed

On older versions of  Ubuntu/Debian, try this instead:

dpkg --get-selections | grep -v deinstall

Check available version of a package in Ubuntu repositories from command line:

apt-cache policy

You may wonder if the given package is installed or not. It’s easy to find out too.

In the above output, you see two words namely Installed and Candidate.

Installed : This will tell you the version that you have currently installed in your Ubuntu system.
Candidate : This is actual version that will be installed from the Ubuntu repositories when you install the package using apt-get.

If your system is in state where apt-get is mostly unusable you could try using dpkg to remove the affected package, in this case try:


sudo dpkg --purge php5-memcache