UNIX / Linux

Index

General

Linux

Embedded Linux 

Kernel

Boot

  • Background image
  • Mini Howto: Lilo with an animated graphics menu
  • Vesafb mini-HOWTO
  • Bootsplash
  • The Linux BootPrompt-HowTo
  • gui boot screen
  • Bootchart 
  • Linux install/boot from:
    from info distribution installation examples


    Mandriva / Mageia Debian
    USB key x x
    Disc dur / HDD
    x
    PXE
    x
  • Boot sequence:



    installation files from


    installer files (vmlinuz; initrd or all.rdz) at
    ISO image
    second-stage boot-loader boot using: remote filesystem CD/DVD USB key existing /boot remote filesystem CD/DVD USB key other HDD partition
    syslinux CD/DVD
    x

    NFS x x x
    USB key

    x


    x x
    GRUB/LILO Existing GRUB/LILO


    x

    x x

    PXE x (tftp?)


    NFS


  • Elements:
    • initrd (RAM disk) (wp):
      • veure el contingut d'un fitxer .img / see the contents of a .img file:
        • mkdir newdir; cd newdir; zcat /boot/initrd-2.6....img | cpio -i
    • vmlinux (wp) (vmlinuz, zImage, bzImage) (Linux kernel)
      • readelf -h vmlinuz
  • Logs
    • 20 Linux Log Files that are Located under /var/log Directory
    • dmesg
    • /var/log/messages
    • last
      • last reboot
      • last -x
      • last -x shutdown
    • Log de l'inici (consola) / Initial log (console)
      • more /var/log/prcsys.log
    • rsyslog
      • /etc/rsyslog.conf
    • journald
      • /etc/systemd/journald.conf
        • [Journal]
          Storage=auto
          SystemMaxUse=50M
        • auto => if /var/log/journal exists, it writes to it; if not, writes to volatile /run/log/journal
      • systemctl status systemd-journald.service
      • usage: journalctl
        • Using journalctl
        • Previous boots
          • setup
          • journalctl --list-boots
          • journalctl --boot=-1
        • journalctl --disk-usage
        • Remove files (keep only 200MB)
          • journalctl --vacuum-size=200M
        • Set maximum disk usage to 200MB
          • /etc/systemd/journald.conf
            • SystemMaxUse=200M
        • Neteja / Cleanup
        • Services
          • journalctl -xe
          • journalctl -u nginx
          • journalctl --since="5 days ago" -u nginx
    • Preserve logs from previous boots
      • How display log messages from previous boots under CentOS 7?
        • mkdir /var/log/journal
          systemd-tmpfiles --create --prefix /var/log/journal
          systemctl restart systemd-journald
        • Warnings on Alma8 when running systemd-tmpfiles:
          • [/usr/lib/tmpfiles.d/pesign.conf:1] Line references path below legacy directory /var/run/, updating /var/run/pesign → /run/pesign; please update the tmpfiles.d/ drop-in file accordingly.
  • runlevels / targets (wp)
    • SysV init systemd

      runlevel target systemctl ...
      0 Off
      poweroff
      1 Single-user mode

      2 Multi-user mode

      3 Multi-user mode with networking multi-user.target
      4 Not used / user-definable

      5 Full mode graphical.target
      6 Reboot
      reboot
    • configuration of default runlevel / target
      • systemd
        • get the current default target
          • systemctl get-default
        • set the default target:
          • systemctl set-default multi-user.target
          • a symlink will be created:
            • /etc/systemd/system/default.target -> /usr/lib/systemd/system/multi-user.target
      • old fashioned:
        • /etc/inittab
    • set the runlevel / target:
      • ...
  • Login
  • Serveis / Services
    • Exemples / Examples
    • Daemons
    • Info

    • Mageia CentOS Debian Ubuntu
      old SysV init (service / chkconfig)
      SysV init (update-rc) SysV init (update-rc)
      new systemd systemd
      Upstart

    • SysV init systemd Upstart
      chkconfig service update-rc insserv

      used by
      • Mageia (old)
      • Mageia (old)
      • Debian
      • Debian (old)
      • Ubuntu (old)
      • Debian (new)
      • Mageia (new)
      • CentOS
      • Debian (new)
      • Ubuntu (new)

      config dir /etc/[rc.d/]rc?.d/[SK]DDnom_servei->../init.d/nom_servei /etc/insserv.conf /etc/systemd/system/
      • multi-user.target.wants/
      • ...


      script /etc/[rc.d/]init.d/nom_servei (/etc/init.d/skeleton)
      /usr/lib/systemd/system/nom_servei.service /etc/init/nom_servei.conf
      once start
      service nom_servei start /etc/init.d/nom_servei start
      systemctl start nom_servei.service
      systemctl start nom_servei@....service
      sudo [initctl] stop nom_servei
      stop
      service nom_serve stop /etc/init.d/nom_servei stop
      systemctl stop nom_servei.service sudo [initctl] start nom_servei
      status
      service nom_servei status /etc/init.d/nom_servei status
      systemctl status nom_servei.service sudo [initctl] status nom_servei
      restart
      service nom_servei restart /etc/init.d/nom_servei restart
      systemctl restart nom_servei.service sudo [initctl] restart nom_servei
      reload



      systemctl reload nom_servei.service sudo [initctl] reload nom_servei
      list all
      service --status-all

      systemctl status sudo initctl list
      at boot do start chkconfig nom_servei on
      update-rc.d nom_servei enable
      update-rc.d nom_servei defaults
      insserv nom_servei systemctl enable nom_servei.service sudo rm /etc/init/nom_servei.override
      do not start chkconfig nom_servei off
      update-rc.d nom_servei disable
      systemctl disable nom_servei.service sudo sh -c "echo 'manual' > /etc/init/nom_servei.override"
      list chkconfig


      systemctl
      check whether it is enabled




      systemctl is-enabled nom_servei.service


      mask -


      ln -s /dev/null /etc/systemd/system/nom_servei.service
      systemctl daemon-reload

    • SysV init (wp)
    • systemd (wp) (replacement for chkconfig and service)
    • Upstart (replacement for /sbin/init)
      • Upstart intro, cookbook and best practises
      • Stanzas
      • /etc/init/toto.conf
      • Running programs as Linux daemons using Upstart
      • Manual service / (permanent enable/disable)
      • examples
        • nginx
        • toto
          • /usr/local/bin/toto.sh
            • #!/bin/bash
              i=0
              echo "---principi"
              while test $i -le 5
              do
                date
                sleep 2
                let i=$i+1
              done
              echo "---final"
          • /usr/local/bin/launch_toto.sh
            • #!/bin/bash
              /usr/local/bin/toto.sh
          • /etc/init/toto.conf
            • description "toto service"

              start on runlevel [2345]
              stop on runlevel [!2345]

              pre-start script
                # prepare environment
                mkdir -p /var/run/toto
              end script

              post-stop script
                # clean up
                rm -rf /var/run/toto
              end script

              #expect fork
              respawn
              exec /usr/local/bin/launch_toto.sh
        • cvlc
          • /usr/local/bin/launch_cvlc.sh
            • #!/bin/bash
              sudo -u ubuntu /usr/bin/cvlc -I telnet --http-port=8888 &
              exit 0
          • /etc/init/cvlc.conf
            • description "cvlc daemon"
               
              start on (filesystem and net-device-up IFACE=lo)
              stop on runlevel [!2345]
               
              env DAEMON=/usr/local/bin/launch_cvlc.sh
              env PID=/var/run/clvc.pid

              exec $DAEMON
      • usage
        • sudo start cvlc
        • sudo stop cvlc
        • sudo status cvlc
        • sudo initctl list
      • logs
        • /var/log/upstart/cvlc.log

GNU

Distribucions / Distributions

Gestió de paquets / Package management


pkgs.org rpmfind.net
Mageia

CentOS / RHEL
...



dpkg-based
(DEBIAN_FRONTEND=noninteractive)

rpm-based
flatpak Python

Node.js
Ruby


dpkg apt-get, apt-* apt aptitude apk
(Alpine)
rpm urpmi yum dnf
pip
conda npm
yarn gem
GUI






rpmdrake
rpmdragora

dnfdragora





usage














repo config config repo files





/etc/urpmi/ /etc/yum.repos.d/ /etc/yum.repos.d/





add main repository





urpmi.addmedia --distrib --mirrorlist yum-config-manager --add-repo repository_url






add repository
add-apt-repository ...



urpmi.addmedia ...
  • (dnf -y install dnf-plugins-core)
  • dnf config-manager --add-repo ...
flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo




remove repository





urpmi.removemedia
(disable repo)






list repositories

apt edit-sources


urpmq --list-media yum [-v] repolist dnf repolist






enable repository






yum-config-manager --enable repository…
  • dnf config-manager --enable PowerTools
  • dnf config-manager --set-enabled powertools






disable repository






yum-config-manager --disable repository dnf config-manager --set-disabled <repo_name> 





update repository index
apt-get update
apt update
apk update
urpmi.update ...
dnf makecache






upgrade
upgrade all installed packages (-u: only list availability)

apt-get [-u] upgrade
apt upgrade
apk upgrade


  • dnf update (deprecated, aliased to upgrade)
  • dnf [--refresh] upgrade






upgrade distribution

apt-get dist-upgrade
apt full-upgrade











install install a package dpkg -i package_name.deb
apt-get install package_name
apt install package_name
apk add package_name
urpmi package_name yum install package_name dnf install ... flatpak install org.kde.okular pip install package_name

npm install [-g] package_name

gem install package_name
force reinstallation of a package







dnf reinstall ...





install a package (alpha version)










pip install -pre package_name



install a group / metapackage / task






urpmi task-c++-devel
yum groupinstall "Development Tools"






query info
list of all installed packages dpkg -l
apt list --installed

rpm -qa

dnf list installed

pip freeze
conda list npm list

gem list
list of all installed packages, sorted by size




rpm -qa --queryformat '%10{size} - %-25{name} \t %{version}\n' | sort -n








information about a package dpkg -l package_name
apt-cache show package_name
apt show package_name
apk -a info pakage_name
urpmq -i package_name yum info package_name

pip show package_name




list of files provided by an installed package
  • dpkg-query -L package_name
  • dpkg -L package_name
apt-file list package_name


rpm -ql package_name urpmq -l package_name
dnf repoquery -l package_name






list of files provided by an uninstalled package dpkg --contents package_name.deb apt-file list package_name





yum install -y yum-utils;
repoquery -l package_name

dnf repoquery -l package_name





search for a package name





urpmq -a -y part_of_name







list dependencies

apt-cache depends package_name












whether a package is installed
dpkg -s package-name | grep Status













find and search
search an expression
apt-cache search expression
apt search expression
apk search expression
urpmf expression yum search expression
flatpak search ...



gem search expression
which package provides a file (full path name) dpkg -S /absolute/path/to/file apt-file search /absolute/path/to/file



urpmf /absolute/path/to/file yum provides /absolute/path/to/file dnf provides /absolute/path/to/file





which package provides a file (part of path name)
apt-file search expression



urpmf expression
yum provides "*expression" dnf provides "*expression*"






search on package name
apt-cache search expression




urpmf --name expression yum list [installed|available] "expression*" (installed and not installed)
sudo -i;
dnf list *expression*






search on description





urpmf --description expression








dependency tree debtree package_name
apt-rdepends package_name
apt depends package_name



yum deplist package_names







remove remove a package
apt-get remove package_name
apt remove package_name


urpme package_name
dnf remove ...






remove a package and its configuration
apt-get --purge remove package_name
apt purge package_name











remove all no longer needed packages

apt-get [--purge] autoremove package_name
apt autoremove package_name


... orphan ...








run installed









flatpak run org.kde.okular





  • Signatura / Signature
  • urpmi
    • used by
    • Creació / Creation
    • Repositories
      • add media: urpmi.addmedia
        • possibe syntax:
          • urpmi.addmedia [options] --distrib --mirrorlist [<url>]
          • urpmi.addmedia [options] --mirrorlist <url> <name> <relative path>
          • urpmi.addmedia [options] <name> http://<login>:<pass>@<host>/<path>
          • urpmi.addmedia [options] <name> ftp://<login>:<pass>@<host>/<path>
          • urpmi.addmedia [options] <name> ssh://<login>@<host>/<path>
          • urpmi.addmedia [options] <name> rsync://<login>@<host>:<port>/<path>
          • urpmi.addmedia [options] <name> file://<path>
          • urpmi.addmedia [options] <name> cdrom://<path>
        • options
          • --urpmi-root /path/to/chroot
          • ...
        • Mageia repositories
      • remove media
        • urpmi.removemedia ...
      • list media
        • urpmq --list-media
    • Comanda / Command
      • urpmi: install package
        • urpmi package_name
      • urpme: remove package
        • urpme package_name
      • urpmq: query about installed packages
        • information about a package
          • urpmq -i package_name
        • list of files inside a package
          • urpmq -l package_name
      • urpmf: find installed and non-installed packages
        • get the package containing a file that matches an expression:
          • urpmf expression
        • get the package containing a file:
          • urpmf /absolute/path/to/file
        • search on package name:
          • urpmf --name expression
        • search on description:
          • urpmf --description expression
        • print package name and version:
          • urpmf -mf ...
    • ...
  • dnf
    • used by
      • CentOS / Alma
      • Mageia
        • Using DNF
          • dnf repolist
          • nonfree and tainted
            • dnf config-manager --set-enabled mageia-x86_64-nonfree updates-x86_64-nonfree
            • dnf config-manager --set-enabled mageia-x86_64-tainted updates-x86_64-tainted
    • gui
      • dnfdragora
    • command line
    • Problemes / Problems
      • CentOS Linux 8 - AppStream                                                                                                                                                                                  274  B/s |  38  B     00:00   
        Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist
      • Killed
        • Solució / Solution
          • increase memory
          • increase swap
    • ...
  • Homebrew
    • Instal·lació / Installation
      • ...
  • flatpak
    • Instal·lació / Installation
      • Mageia
        • sudo dnf install flatpak
    • Addició d'un repositori / Add a repo
      • flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo

    • instal·lació execució
      Siril flatpak install flathub org.free_astro.siril flatpak run org.free_astro.siril
      Okular flatpak install org.kde.okular flatpak run org.kde.okular
      ...

  • ...

Gestió de parcs d'ordinadors / Cluster management

Linux en portàtils / on notebooks

  • Linux on laptops
  • Linux Laptop Volunteer Support Database
  • Dell Inspiron
  • Getting X up on an I7K
  • Inspiron Linux Mailing List Archive
  • PCMCIA support
  • Perifèrics / Peripherals
    • i-tec USB-C Metal Nano Docking Station 4K HDMI LAN + Power Delivery 100 W (USB-C) (Amazon)
      • cable:
        • USB-C Thunderbolt 3/4
      • connectors
        • 1x USB-C PD 100W
        • 1x HDMI 4K
        • 1x TF
        • 1x SD
        • 1x àudio 3.5mm (+mic)
        • 1x LAN RJ-45 10/100/1000 Realtek RTL8153
        • 3x USB 3.0
      • lsusb
        • ID 0d8c:0014 C-Media Electronics, Inc. Audio Adapter (Unitek Y-247A)
          ID 0bda:8153 Realtek Semiconductor Corp. RTL8153 Gigabit Ethernet Adapter
          ID 1a40:0101 Terminus Technology Inc. Hub
          ID 2109:2817 VIA Labs, Inc. USB2.0 Hub
          ID 2109:0817 VIA Labs, Inc. USB3.0 Hub
    • HDMI capture (USB-C) (Amazon)
      • lsusb
        • ID 534d:2109 MacroSilicon USB3. 0 capture
    • Silverstone HDMI output (USB-C)
      • lsusb
        • ID 1d5c:5100 Fresco Logic Generic Billboard Device
          ID 1d5c:5012 Fresco Logic USB2.0 Hub
  • PC Specialist Defiance
    • BIOS
      • Insyde H2BIOS 1.07.07 TPCS
    • lspci
      • 00:00.0 Host bridge: Intel Corporation 11th Gen Core Processor Host Bridge/DRAM Registers (rev 05)
        00:01.0 PCI bridge: Intel Corporation 11th Gen Core Processor PCIe Controller #1 (rev 05)
        00:02.0 VGA compatible controller: Intel Corporation TigerLake-H GT1 [UHD Graphics] (rev 01)
        00:04.0 Signal processing controller: Intel Corporation TigerLake-LP Dynamic Tuning Processor Participant (rev 05)
        00:06.0 PCI bridge: Intel Corporation 11th Gen Core Processor PCIe Controller #0 (rev 05)
        00:07.0 PCI bridge: Intel Corporation Tiger Lake-H Thunderbolt 4 PCI Express Root Port #0 (rev 05)
        00:08.0 System peripheral: Intel Corporation GNA Scoring Accelerator module (rev 05)
        00:0a.0 Signal processing controller: Intel Corporation Tigerlake Telemetry Aggregator Driver (rev 01)
        00:0d.0 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 USB Controller (rev 05)
        00:0d.2 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 NHI #0 (rev 05)
        00:14.0 USB controller: Intel Corporation Tiger Lake-H USB 3.2 Gen 2x1 xHCI Host Controller (rev 11)
        00:14.2 RAM memory: Intel Corporation Tiger Lake-H Shared SRAM (rev 11)
        00:15.0 Serial bus controller: Intel Corporation Tiger Lake-H Serial IO I2C Controller #0 (rev 11)
        00:15.1 Serial bus controller: Intel Corporation Device 43e9 (rev 11)
        00:15.2 Serial bus controller: Intel Corporation Device 43ea (rev 11)
        00:16.0 Communication controller: Intel Corporation Tiger Lake-H Management Engine Interface (rev 11)
        00:1c.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #5 (rev 11)
        00:1c.7 PCI bridge: Intel Corporation Device 43bf (rev 11)
        00:1f.0 ISA bridge: Intel Corporation Tiger Lake-H LPC/eSPI Controller (rev 11)
        00:1f.3 Audio device: Intel Corporation Tiger Lake-H HD Audio Controller (rev 11)
        00:1f.4 SMBus: Intel Corporation Tiger Lake-H SMBus Controller (rev 11)
        00:1f.5 Serial bus controller: Intel Corporation Tiger Lake-H SPI Controller (rev 11)
        01:00.0 VGA compatible controller: NVIDIA Corporation GA104M [GeForce RTX 3070 Mobile / Max-Q] (rev a1)
        01:00.1 Audio device: NVIDIA Corporation GA104 High Definition Audio Controller (rev a1)
        02:00.0 Non-Volatile memory controller: Intel Corporation Device f1aa (rev 03)
        2d:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15)
        2e:00.0 Network controller: Intel Corporation Wi-Fi 6 AX210/AX211/AX411 160MHz (rev 1a)
    • lsusb
      • ID 1d6b:0003 Linux Foundation 3.0 root hub
        ID 5986:9102 Acer, Inc BisonCam,NB Pro
        ID 8087:0032 Intel Corp.
        ID 06cb:00a8 Synaptics, Inc.
        ID 1d6b:0002 Linux Foundation 2.0 root hub
        ID 1d6b:0003 Linux Foundation 3.0 root hub
        ID 1d6b:0002 Linux Foundation 2.0 root hub
    • Bluetooth
      • Problema:
        • dmesg: Bluetooth: hci0: Reading Intel version information failed
      • Centre de control de Mageia: Maquinari
        • Bluetooth
          • enable_autosuspend: false
          • this will add a line to file /etc/modprobe.d/01_mga-config.conf
            • options btusb enable_autosuspend=false
    • WiFi
      • Problema:
        • dmesg: Timeout waiting for PNVM load!
        • Solució:
          • sudo mv /lib/firmware/iwlwifi-ty-a0-gf-a0.pnvm /lib/firmware/iwlwifi-ty-a0-gf-a0.pnvm.no_funciona
    • Audio
    • Centre de control / Tuxedo Control Centre
      • tuxedocomputers / tuxedo-control-center
        • Install
          • Dependències / Dependencies
            • Mageia
              • sudo dnf install git npm gcc-c++ make
          • Passos / Steps
            1. cd my_dev_path
            2. git clone https://github.com/tuxedocomputers/tuxedo-control-center.git
            3. cd tuxedo-control-center
            4. npm install
            5. npm run build
            6. su
            7. cp src/dist-data/*service /etc/systemd/system/
            8. edit /etc/systemd/system/tccd.service to set <dev path> :
              • ExecStart=<my_dev_path>/dist/tuxedo-control-center/data/service/tccd --start
                ExecStop=<my_dev_path>/dist/tuxedo-control-center/data/service/tccd --stop
            9. cp src/dist-data/com.tuxedocomputers.tccd.conf /usr/share/dbus-1/system.d/
            10. systemctl start tccd
            11. systemctl enable tccd tccd-sleep
        • Ús / Usage
          • npm start
          • Winkey + Alt +F6
    • Teclat / Keyboard
      • Clevo Keyboard Backlight Control For Linux
      • tuxedocomputers / tuxedo-keyboard
        • to control backlight keyboard with Fn + numerical pad keys
        • Install
          • Dependencies
            • Mageia
              • sudo dnf install dkms
            • ...
          • Passos / Steps
            1. git clone https://github.com/tuxedocomputers/tuxedo-keyboard.git
            2. cd tuxedo-keyboard
            3. make clean && make
            4. sudo make dkmsinstall
              • Problemes
                • Error! DKMS tree does not contain: tuxedo-keyboard-3.0.9
                  • Solució / Solution
                    • follow the next steps instead
            5. su
            6. cp -R . /usr/src/tuxedo-keyboard-3.0.9
            7. mkdir -p /var/lib/dkms/tuxedo-keyboard/3.0.9
            8. ln -s /usr/src/tuxedo-keyboard-3.0.9 /var/lib/dkms/tuxedo-keyboard/3.0.9/source
            9. dkms --verbose build -m tuxedo-keyboard -v 3.0.9
            10. dkms --verbose install -m tuxedo-keyboard -v 3.0.9
        • Ús / Usage
          • Fn + keys in numeric pad
    • Targetes gràfiques
      • Nvidia Optimus
      • Intel
        • Card:Intel 810 and later: Intel Corporation|TigerLake-H GT1 [UHD Graphics] [DISPLAY_VGA] (rev: 01)
      • Nvidia RTX 3070
        • Card:NVIDIA GeForce 635 series and later: NVIDIA Corporation|GA104M [GeForce RTX 3070 Mobile / Max-Q] [DISPLAY_VGA] (rev: a1)
    • TPM
    • Lector d'empremtes/ Fingerprint reader
  • Mountain Studio MX
    • HM77, i7-3630QM (Intel HD Graphics 4000) 2.4 GHz
    • lspci
      • 00:00.0 Host bridge: Intel Corporation 3rd Gen Core processor DRAM Controller (rev 09)
        00:01.0 PCI bridge: Intel Corporation Xeon E3-1200 v2/3rd Gen Core processor PCI Express Root Port (rev 09)
        00:02.0 VGA compatible controller: Intel Corporation 3rd Gen Core processor Graphics Controller (rev 09)
        00:14.0 USB controller: Intel Corporation 7 Series/C210 Series Chipset Family USB xHCI Host Controller (rev 04)
        00:16.0 Communication controller: Intel Corporation 7 Series/C210 Series Chipset Family MEI Controller #1 (rev 04)
        00:1a.0 USB controller: Intel Corporation 7 Series/C210 Series Chipset Family USB Enhanced Host Controller #2 (rev 04)
        00:1b.0 Audio device: Intel Corporation 7 Series/C210 Series Chipset Family High Definition Audio Controller (rev 04)
        00:1c.0 PCI bridge: Intel Corporation 7 Series/C210 Series Chipset Family PCI Express Root Port 1 (rev c4)
        00:1c.2 PCI bridge: Intel Corporation 7 Series/C210 Series Chipset Family PCI Express Root Port 3 (rev c4)
        00:1c.3 PCI bridge: Intel Corporation 7 Series/C210 Series Chipset Family PCI Express Root Port 4 (rev c4)
        00:1d.0 USB controller: Intel Corporation 7 Series/C210 Series Chipset Family USB Enhanced Host Controller #1 (rev 04)
        00:1f.0 ISA bridge: Intel Corporation HM77 Express Chipset LPC Controller (rev 04)
        00:1f.2 SATA controller: Intel Corporation 7 Series Chipset Family 6-port SATA Controller [AHCI mode] (rev 04)
        00:1f.3 SMBus: Intel Corporation 7 Series/C210 Series Chipset Family SMBus Controller (rev 04)
        01:00.0 VGA compatible controller: NVIDIA Corporation GK107M [GeForce GTX 660M] (rev a1)
        03:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8723AE PCIe Wireless Network Adapter
        04:00.0 Unassigned class [ff00]: Realtek Semiconductor Co., Ltd. Device 5289 (rev 01)
        04:00.2 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 0a)
    • lsusb
      • Bus 004 Device 003: ID 5986:0401 Acer, Inc BisonCam, NB Pro
        Bus 004 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
        Bus 004 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
        Bus 001 Device 003: ID 046d:c534 Logitech, Inc. Unifying Receiver
        Bus 001 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub
        Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
        Bus 003 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
        Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    • Elantech touchpad
    • Targetes gràfiques
      • L'ordinador té dues targetes gràfiques. Normalment fa servir la integrada (Intel HD Graphics 4000, led «pila amb fulletes»), però es pot demanar que faci servir la Nvidia Geforce GTX 660M 2GB (led «agulla de velocímetre»). Per a fer-ho, cal instal·lar Bumblebee (implementació per a Nvidia Optimus) i cridar l'aplicació precedida de «primusrun» (abans era: «optirun»)
      • Nvidia
        • Card:NVIDIA GeForce 420 to GeForce 630: NVIDIA Corporation|GK107M [GeForce GTX 660M] [DISPLAY_VGA] (rev: a1)
        • NVIDIA Corporation GK107M [GeForce GTX 660M] (rev a1)
        • Nvidia Optimus
        • ...
      • Intel CPU i7-3630QM (Intel HD Graphics 4000)
        • Card:Intel 810 and later: Intel Corporation|3rd Gen Core processor Graphics Controller [DISPLAY_VGA] (rev: 09)
        • Intel Corporation 3rd Gen Core processor Graphics Controller (rev 09)
          • Invalid ROM contents
          • Problems
            • No glx with Intel (when physical led is indicating Intel integrade graphics: "battery with leaves"):
              • /var/log/Xorg.o.log:
                • [  1296.578] (II) LoadModule: "glx"
                  [  1296.579] (II) Loading /usr/lib64/xorg/modules/extensions/libglx.so
                  [  1296.588] (II) Module glx: vendor="NVIDIA Corporation"
                  [  1296.588]     compiled for 4.0.2, module version = 1.0.0
                  [  1296.588]     Module class: X.Org Server Extension
                  [  1296.588] (II) NVIDIA GLX Module  331.38  Wed Jan  8 19:10:17 PST 2014
                  [  1296.588] Loading extension GLX
                  [  1296.588] (II) LoadModule: "intel"
                  [  1296.588] (II) Loading /usr/lib64/xorg/modules/drivers/intel_drv.so
                  [  1296.649] (II) Module intel: vendor="X.Org Foundation"
                  ...
                  [  1297.404] (EE) Failed to initialize GLX extension (Compatible NVIDIA X driver not found)
              • Solution: check that /usr/lib64/xorg/modules/extensions/libglx.so is not pointing to a Nvidia file (e.g. libglx.so -> libglx.so.331.38) (where did it come from?)
                If so, reinstall the xorg drivers and restart the X server:
                • urpmi --replacepkgs x11-server-common
                • CTRL + ALT + Backspace
                • glxgears
    • SSD
    • Botons / Buttons
      • dmesg | grep input
        • [    0.513775] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0
          [    1.623916] input: ETPS/2 Elantech Touchpad as /devices/platform/i8042/serio2/input/input1
          [    3.079265] input: Power Button as /devices/LNXSYSTM:00/device:00/PNP0C0C:00/input/input2
          [    3.079307] input: Sleep Button as /devices/LNXSYSTM:00/device:00/PNP0C0E:00/input/input3
          [    3.079339] input: Lid Switch as /devices/LNXSYSTM:00/device:00/PNP0C0D:00/input/input4
          [    3.099365] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input5
          [    4.123937] input: Video Bus as /devices/LNXSYSTM:00/device:00/PNP0A08:00/device:1b/LNXVIDEO:00/input/input6
          [    4.632086] input: Video Bus as /devices/LNXSYSTM:00/device:00/PNP0A08:00/LNXVIDEO:01/input/input7
          [    7.664368] input: HID 413c:3010 as /devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.2/1-1.2:1.0/input/input8
          [    7.664421] generic-usb 0003:413C:3010.0001: input,hidraw0: USB HID v1.10 Mouse [HID 413c:3010] on usb-0000:00:1a.0-1.2/input0
          [   20.227723]    inputs: Mic=0x18 Internal Mic=0x19
          [   20.235887] input: HDA Intel PCH HDMI/DP,pcm=3 as /devices/pci0000:00/0000:00:1b.0/sound/card0/input9
          [   20.235967] input: HDA Intel PCH Mic as /devices/pci0000:00/0000:00:1b.0/sound/card0/input10
          [   20.236020] input: HDA Intel PCH Headphone as /devices/pci0000:00/0000:00:1b.0/sound/card0/input11
          [ 3376.531530] input: BisonCam, NB Pro as /devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.6/2-1.6:1.0/input/input12
      • cat /proc/bus/input/devices

Bluetooth

Còpies de seguretat / Back up

Cygwin (UNIX on MSWindows)

Dispositius / Devices

Documentació / Documentation

Impressió / Printing

IrDA

Maquinari / Hardware

So / Sound

  • Devices
    • /dev/snd/...
  • Kernel drivers
    • OSS
    • Alsa
      • info
      • config
        • ‎/etc/sound/profiles/pulse/alsa-default.conf
        • ‎/usr/share/alsa/pcm/pulseaudio.conf
      • command line
        • amixer
        • aplay -l (list of playback hardware devices)
        • aplay -L (list all PCMs)
        • aplay -D<pcm>:<card>,<device> toto.wav
          • aplay -vv [-Ddefault] /usr/share/sounds/KDE-Im-Phone-Ring.wav
          • aplay -vv -Dpulse /usr/share/sounds/KDE-Im-Phone-Ring.wav
          • aplay -vv -Dfront:CARD=Intel,DEV=0 /usr/share/sounds/KDE-Im-Phone-Ring.wav
          • aplay -vv -Dplughw:0,7 /usr/share/sounds/KDE-Im-Phone-Ring.wav
        • arecord -l
  • Eines / Tools
    • GUI
      • pavucontrol
        • VU-meter for inputs
      • alsamixer
        • ncurses
    • info text
      • amixer
      • aplay -l
      • aplay -L
  • Servidor de so / Sound server
  • Multimedia API
    • Phonon (used by KDE 4) (wp)
  • Inspiron 9400 + Logitech webcam
    • aplay -l / arecord -l pavucontrol (Pulse Audio) KDE Multimedia Phonon
      card device type dispositius / configuració

      0
      Intel [HDA Intel] 0 STAC92xx Analog [STAC92xx Analog] playback dispositius de sortida Audio intern sortida d'àudio Audio intern Estèreo analògic
      capture dispositius d'entrada captura d'àudio
      1 STAC92xx Digital [STAC92xx Digital] playback dispositius de sortida sortida d'àudio Audio intern Estèreo digital (IEC958)
      1 default [Camera         ]
      USB Audio [USB Audio] capture dispositius d'entrada QuickCam for Notebooks captura d'àudio QuickCam for Notebooks analògic
    • aplay -l
      • **** List of PLAYBACK Hardware Devices ****
        card 0: Intel [HDA Intel], device 0: STAC92xx Analog [STAC92xx Analog]
          Subdevices: 1/1
          Subdevice #0: subdevice #0
        card 0: Intel [HDA Intel], device 1: STAC92xx Digital [STAC92xx Digital]
          Subdevices: 1/1
          Subdevice #0: subdevice #0
    • aplay -L (list all PCMs)
      • null
            Discard all samples (playback) or generate zero samples (capture)
        pulse
            PulseAudio Sound Server
        default
            Default ALSA Output (currently PulseAudio Sound Server)
        front:CARD=Intel,DEV=0
            HDA Intel, STAC92xx Analog
            Front speakers
        surround40:CARD=Intel,DEV=0
            HDA Intel, STAC92xx Analog
            4.0 Surround output to Front and Rear speakers
        surround41:CARD=Intel,DEV=0
            HDA Intel, STAC92xx Analog
            4.1 Surround output to Front, Rear and Subwoofer speakers
        surround50:CARD=Intel,DEV=0
            HDA Intel, STAC92xx Analog
            5.0 Surround output to Front, Center and Rear speakers
        surround51:CARD=Intel,DEV=0
            HDA Intel, STAC92xx Analog
            5.1 Surround output to Front, Center, Rear and Subwoofer speakers
        surround71:CARD=Intel,DEV=0
            HDA Intel, STAC92xx Analog
            7.1 Surround output to Front, Center, Side, Rear and Woofer speakers
        iec958:CARD=Intel,DEV=0
            HDA Intel, STAC92xx Digital
            IEC958 (S/PDIF) Digital Audio Output
    • arecord -l
      • **** List of CAPTURE Hardware Devices ****
        card 0: Intel [HDA Intel], device 0: STAC92xx Analog [STAC92xx Analog]
          Subdevices: 1/1
          Subdevice #0: subdevice #0
        card 1: default [Camera         ], device 0: USB Audio [USB Audio]
          Subdevices: 1/1
          Subdevice #0: subdevice #0
  • Intel ICH7 (i3 2100T) + Haupauge PCI
    • aplay -l / arecord -l pavucontrol (Pulse Audio) KDE Multimedia Phonon
      card device type dispositius / configuració

      0
      CX8801 [Conexant CX8801] 0 CX88 Digital [CX88 Digital] capture



      1
      PCH [HDA Intel PCH] 0 ALC892 Analog [ALC892 Analog] playback



      capture



      1 ALC892 Digital [ALC892 Digital] playback



      3 HDMI 0 [HDMI 0] playback



      7 HDMI 1 [HDMI 1] playback



    • aplay -l
      • card 1: PCH [HDA Intel PCH], device 0: ALC892 Analog [ALC892 Analog]
          Subdevices: 1/1
          Subdevice #0: subdevice #0
        card 1: PCH [HDA Intel PCH], device 1: ALC892 Digital [ALC892 Digital]
          Subdevices: 1/1
          Subdevice #0: subdevice #0
        card 1: PCH [HDA Intel PCH], device 3: HDMI 0 [HDMI 0]
          Subdevices: 1/1
          Subdevice #0: subdevice #0
        card 1: PCH [HDA Intel PCH], device 7: HDMI 1 [HDMI 1]
          Subdevices: 0/1
          Subdevice #0: subdevice #0
    • aplay -L
      • null
            Discard all samples (playback) or generate zero samples (capture)
        pulse
            PulseAudio Sound Server
        default
            Default ALSA Output (currently PulseAudio Sound Server)
        front:CARD=PCH,DEV=0
            HDA Intel PCH, ALC892 Analog
            Front speakers
        surround40:CARD=PCH,DEV=0
            HDA Intel PCH, ALC892 Analog
            4.0 Surround output to Front and Rear speakers
        surround41:CARD=PCH,DEV=0
            HDA Intel PCH, ALC892 Analog
            4.1 Surround output to Front, Rear and Subwoofer speakers
        surround50:CARD=PCH,DEV=0
            HDA Intel PCH, ALC892 Analog
            5.0 Surround output to Front, Center and Rear speakers
        surround51:CARD=PCH,DEV=0
            HDA Intel PCH, ALC892 Analog
            5.1 Surround output to Front, Center, Rear and Subwoofer speakers
        surround71:CARD=PCH,DEV=0
            HDA Intel PCH, ALC892 Analog
            7.1 Surround output to Front, Center, Side, Rear and Woofer speakers
        iec958:CARD=PCH,DEV=0
            HDA Intel PCH, ALC892 Digital
            IEC958 (S/PDIF) Digital Audio Output
        hdmi:CARD=PCH,DEV=0
            HDA Intel PCH, HDMI 0
            HDMI Audio Output
        hdmi:CARD=PCH,DEV=1
            HDA Intel PCH, HDMI 1
            HDMI Audio Output
    • arecord -l
      • **** List of CAPTURE Hardware Devices ****
        card 0: CX8801 [Conexant CX8801], device 0: CX88 Digital [CX88 Digital]
          Subdevices: 1/1
          Subdevice #0: subdevice #0
        card 1: PCH [HDA Intel PCH], device 0: ALC892 Analog [ALC892 Analog]
          Subdevices: 1/1
          Subdevice #0: subdevice #0

PAM (Pluggable Authentication Modules)

Programari / Software

Biblioteques compartides / Shared libraries

Desenvolupament / Development

Ncurses

Targetes gràfiques / Graphics cards

  • Info
    • lscpi
    • lspcidrake
    • glsxinfo -B
    • ...
  • Intel
    • ...
    • VAAPI
      • Mageia
        • urpmi libva-info
      • vainfo
  • Nvidia
    • Info
      • Mageia
        • Nvidia propietary drivers
        • Nvidia Optimus


        • Mageia 9
          CUDA
          • Driver: New Feature
          • nvidia545
          ?

          • Driver: Production
          • GeForce 745 and later
          • nvidia-current-all
            • dkms-nvidia-current
            • nvidia-current-cuda-opencl
            • nvidia-current-devel
            • nvidia-current-doc-html
            • nvidia-current-lib32
            • nvidia-current-utils
            • x11-driver-video-nvidia-current
          535.86.05
          CUDA 12.2
          • Driver: Latest Legacy
          • GeForce 635 to 920
          • nvidia470-all
            • dkms-nvidia470
            • nvidia470-cuda-opencl
            • nvidia470-devel
            • nvidia470-doc-html
            • nvidia470-lib32
            • nvidia470-utils
            • x11-driver-video-nvidia470
          470.199.02
          CUDA 11.4 Update 4
          • Mageia 9: dropped
          • Mageia 8
          • nvidia390
          -

      • Remote visualization on server-class Tesla GPUs (pdf)
    • drivers
      • model mem
        lspci Nvidia Driver (Mageia)
        (search / old)
        CUDA CUDA
        compute capability
        GeForce GTX 660M 2GB Mountain 01:00.0 VGA compatible controller: NVIDIA Corporation GK107M [GeForce GTX 660M] (rev a1) GeForce / GeForce 600M Series (Notebook)
        • 470.199
          (tot i no aparèixer als resultats, però funciona,
          instal·lat amb mageia-prime-install -3 -f)
        • 390.157 (Nov 2022)
        • 418.113 (Nov 2019)
        11.4.4
        3.0
        RTX 3070 Mobile 8GB
        PC Specialist 01:00.0 VGA compatible controller: NVIDIA Corporation GA104M [GeForce RTX 3070 Mobile / Max-Q] (rev a1)

        12.
        8.6
      • ...
      • AWS EC2
        • Install NVIDIA drivers on Linux instances
          • Types of NVIDIA drivers
            • Tesla drivers
            • GRID drivers
            • Gaming drivers
          • Installation options
            • Option 1: AMIs with the NVIDIA drivers installed
            • Option 2: Public NVIDIA drivers
            • Option 3: GRID drivers (G5, G4dn, and G3 instances)
            • Option 4: NVIDIA gaming drivers (G5 and G4dn instances)
        • g3
          • lspci 
            • 00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
              00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
              00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
              00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 01)
              00:02.0 VGA compatible controller: Cirrus Logic GD 5446
              00:03.0 Ethernet controller: Amazon.com, Inc. Elastic Network Adapter (ENA)
              00:1e.0 VGA compatible controller: NVIDIA Corporation GM204GL [Tesla M60] (rev a1)
              00:1f.0 Unassigned class [ff80]: XenSource, Inc. Xen Platform Device (rev 01)
        • g4dn
          • lspci
            • 00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma]
              00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
              00:01.3 Non-VGA unclassified device: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 08)
              00:03.0 VGA compatible controller: Amazon.com, Inc. Device 1111
              00:04.0 Non-Volatile memory controller: Amazon.com, Inc. NVMe EBS Controller
              00:05.0 Ethernet controller: Amazon.com, Inc. Elastic Network Adapter (ENA)
              00:1e.0 3D controller: NVIDIA Corporation TU104GL [Tesla T4] (rev a1)
              00:1f.0 Non-Volatile memory controller: Amazon.com, Inc. NVMe SSD Controller
        • c5
          • lspci
            • 00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma]
              00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
              00:01.3 Non-VGA unclassified device: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 08)
              00:03.0 VGA compatible controller: Amazon.com, Inc. Device 1111
              00:04.0 Non-Volatile memory controller: Amazon.com, Inc. NVMe EBS Controller
              00:05.0 Ethernet controller: Amazon.com, Inc. Elastic Network Adapter (ENA)
    • setup
    • Monitoratge / Monitor
      • nvtop
        • Instal·lació
          • Mageia 9
            • sudo dnf install nvtop
          • AppImage
            • wget https://github.com/Syllo/nvtop/releases/download/3.0.1/nvtop-3.0.1-x86_64.AppImage
          • dependències
            • Mageia
              • ...
          • compilació
            • git clone https://github.com/Syllo/nvtop.git
            • ...
      • ...
    • nvidia-modprobe
    • CUDA
    • Nvidia Optimus
      • Info
        • The Ultimate Guide to Setting Up Nvidia Optimus on Linux
          • lspci -vnn | grep '\''[030[02]\]'
            00:02.0 VGA compatible controller [0300]: Intel Corporation 3rd Gen Core processor Graphics Controller [8086:0166] (rev 09) (prog-if 00 [VGA controller])
            01:00.0 VGA compatible controller [0300]: NVIDIA Corporation GK107M [GeForce GTX 660M] [10de:0fd4] (rev a1) (prog-if 00 [VGA controller])
      • Opcions / Options
        1. mageia-prime: switch between nvidia (proprietary) and intel
          • Mageia-prime for Optimus
          • ghibo / mageia-prime
          • Install
            • dnf install mageia-prime
            • urpmi mageia-prime
          • Ús / Usage
            • MCC: configure only Intel integrated card
            • mageia-prime-install -h
            • first time
              • GeForce GTX 660M
                • mageia-prime-install -3 -f
                  • -3: force nvidia470 instead of nvidia-current (535)
                • will download:
                  • /usr/src/nvidia470-470.199.02-1.mga9.nonfree
              • GeForce RTX 3070
                • mageia-prime-install
                • will download:
                  • /usr/src/...
              • will backlist nouveau (free) drivers:
                • /etc/modprobe.d/00_mageia-prime.conf
              • reboot
            • next times
              • switch to Nvidia
                • mageia-prime-install
              • switch to Intel
                • mageia-prime-uninstall
                • comproveu que no teniu aquest fitxer / verify that this file is not present:
                  • /etc/X11/xorg.conf.d/10-nvidia.conf
              • Nota: en sistemes més antics, que fan servir nvidia390, no feu servir l'opció -z (reinicia el servidor), perquè us poden quedar processos kwin_x11 engegats, que consumeixen cpu i impedeixen un login correcte
              • xorg.conf
                intel nvidia (new version; not working?) nvidia (old version)
                Section "ServerLayout"
                    Identifier "layout1"
                    Screen "screen1"
                EndSection
                Section "ServerLayout"
                    Identifier "layout"
                    Option "AllowNVIDIAGPUScreens"
                EndSection
                Section "ServerLayout"
                    Identifier "layout"
                    Screen 0 "nvidia"
                    Inactive "intel"
                    Option "AllowNVIDIAGPUScreens" "true"
                    Option "AllowExternalGpus" "true"
                    InputDevice "MyKeyboard" "CoreKeyboard"
                EndSection
                Section "Screen"
                    Identifier "screen1"
                    Device "device1"
                    Monitor "monitor1"
                EndSection
                Section "OutputClass"
                    Identifier "nvidia"
                    MatchDriver "nvidia-drm"
                    Driver "nvidia"
                    Option "AllowEmptyInitialConfiguration"
                    #Option "SLI" "off"
                    Option "BaseMosaic" "on"
                EndSection
                Section "Screen"
                    Identifier "nvidia"
                    Device "nvidia"
                    Monitor "MyMonitor"
                    Option "AllowEmptyInitialConfiguration" "true"
                    #Option "UseDisplayDevice" "None"
                    #Option "IgnoreDisplayDevices" "CRT"
                    #Option "UseEDID" "off"
                    #Option "UseEdidDpi" "false"
                    #Option "DPI" "96 x 96"
                    #Option "DPI" "192 x 192"
                    #Option "DPI" "282 x 282"
                    #Option "TripleBuffer" "true"
                EndSection
                Section "Device"
                    Identifier "device1"
                    VendorName "Intel Corporation"
                    BoardName "Intel 810 and later"
                    Driver "intel"
                    Option "DPMS"
                EndSection

                Section "Device"
                    Identifier "nvidia"
                    Driver "nvidia"
                    BusID "PCI:1:0:0"
                EndSection
                Section "Monitor"
                    Identifier "monitor1"
                    VendorName "Plug'n Play"
                   
                    ...
                EndSection

                Section "Monitor"
                    Identifier "MyMonitor"
                    Vendorname "Unknown"
                    ModelName  "Unknown"
                    Option     "DPMS"
                EndSection
            • Verify
              • leds on Mountain
              • glxinfo
                • glxinfo -B
                • glxinfo | grep "OpenGL renderer"
              • glinfo
              • clinfo
                • dnf install clinfo
              • nvidia-settings
              • nvidia-smi
              • CUDA
                • cuda-z
                  • CUDA Error: 00000023 CUDA driver version is insufficient for CUDA runtime version
              • when using Nvidia > 390
              • vídeo
              • navegadors
            • Problemes
              • a /etc/X11/xorg.conf.d/
                • 10-nvidia.conf
                  • Section "OutputClass"
                        Identifier "nvidia"
                        MatchDriver "nvidia-drm"
                        Driver "nvidia"
                        Option "AllowEmptyInitialConfiguration"
                    EndSection

                    Section "Files"
                        ModulePath "/usr/lib64/xorg/modules/extensions/nvidia390"
                        ModulePath "/usr/lib64/xorg/modules"
                    EndSection
                  • creat per la instal·lació dels drivers nvidia
                • 20-mageia-prime.conf
                  • # automatically generated by mageia-prime-install

                    Section "OutputClass"
                            Identifier "nvidia"
                            MatchDriver "nvidia-drm"
                            Driver "nvidia"
                            Option "AllowEmptyInitialConfiguration" "on"
                            Option "PrimaryGPU" "yes"
                            Option "IgnoreDisplayDevices" "CRT"
                    EndSection
                  • posat per mageia-prime-install, però no sembla ser gaire útil, perquè no té la referència a Files nvidia390, que sí que té 10-nvidia.conf
                • si hi ha 10-nvidia.conf quan es vol fer servir Intel:
                  • glxinfo: Error: couldn't find RGB GLX visual or fbconfig
                • si no hi és quan es vol nvidia:
                  • glxinfo: llvmpipe (software rendering)
              • GeForce GTX 660M
                • after returning to Intel (mageia-prime-uninstall -z)
                  • glxinfo
                    • name of display: :0
                      Error: couldn't find RGB GLX visual or fbconfig
                  • /etc/Xorg.0.log
                    • (EE) Failed to initialize GLX extension (Compatible NVIDIA X driver not found)
                  • Solució / Solution
                    • remove any reference to nvidia from /etc/X11/xorg.conf.d/, e.g.: 10-nvidia.conf
        2. Bumblebee
      • ...
    • ...

Gràfics / Graphics

  • graphical interface
    • KDE Plasma
    • GnomeShell
    • Aqua
    display server
    communication protocol X11 (X-Window) Wayland Mir
    implementation
    • server
      • X.Org Server
        • + compositing window manager
          • KWin (used by KDE Plasma)
          • Mutter (used by Gnome 3)
          • Compiz
          • OpenBox
          • Metacity
        • DIX driver (device independent)
        • DDX drivers (device dependent)
          • x11-driver-video-nouveau
          • x11-driver-video-nvidia
      • XFree86
      • XQuartz
      • Cygwin/X
    • client
      • Xlib / libX11
      • XCB (C)
    • server (Wayland compositors)
      • Weston
      • Mutter
      • Enlightment
    • client
      • libwayland-client

    kernel evdev KMS DRM Direct Rendering Manager
    • libdrm-intel
    • libdrm-nouveau

    hardware
    • keyboard
    • mouse


    ...
  • 3D
  • Targetes gràfiques
    • Targetes gràfiques (maquinari)
    • Targetes gràfiques (Linux)
  • X-Window
    • X-Window (informàtica)
    • X-Window (Linux)
  • Info
    • Windowing system (wp)
    • GLX (wp)
      • GLX (initialism for "OpenGL Extension to the X Window System") is an extension to the X Window System core protocol providing an interface between OpenGL and the X Window System as well as extensions to OpenGL itself.

    • ...
  • ...

X-Window System

  • Targetes gràfiques / Graphics cards
  • X Window System (wp)
  • Implementacions / Implementations
  • ModeLine (monitor)
    • DCF HR SH1 SH2 HFL VR SV1 SV2 VFL
    • DCF = RR * HFL * VFL
    • Monitor/VertRefresh (Hz): RR
    • Monitor/HorizSync (kHz): DCF / HFL
    • Modeline "768x576pali" 14.76  768 789 858 944  576 580 583 625 -hsync -vsync interlace
    • ITU-R BT 601 4:2:2 Format
    • Eines / tools
      • cvt (calculate VESA CVT mode lines)
      • monitor-edid
  • Start (?)
    • startx
    • /etc/X11/X -> /usr/bin/Xorg
    • /etc/X11/xinit
    • /etc/X11/xinit.d/
    • /usr/share/X11/xdm/Xsession
  • Info
  • Multiple X-servers


    • Ctrl+Alt+F1 first X-server (:0)
      Ctrl+Alt+F2 tty2
      Ctrl+Alt+F3 tty3
      Ctrl+Alt+F4 tty4
      Ctrl+Alt+F5 tty5
      Ctrl+Alt+F6 tty6
      Ctrl+Alt+F7 second X-server
      Ctrl+Alt+F8 third X-server
      Ctrl+Alt+F9 ...
      Ctrl+Alt+F10
      Ctrl+Alt+F11
      Ctrl+Alt+F12
    • Exemples / Examples:
      • start two additional x-servers (:3 and :4) with the same xorg.conf used by :0
        • available at Ctrl+Alt+Fx
        • programs will only run when switching to Ctrl+Alt+Fx
        • graphics card will be the same as the one used by :0
          • Device...
        • sudo Xorg :6
          • will start an x-server available with CTRL-ALT-F7
          • no windows; just a black screen
          • DISPLAY=:6 glxgears
            • will only run if you switch to x-server
        • sudo Xorg :4
          • will start an x-server available with CTRL-ALT-F8
          • no windows; just a black screen
          • DISPLAY=:4 glxspheres
            • will only run if you switch to x-server
          • DISPLAY=:6 glxgears
            • will be displayed over glxspheres, as it is smaller
          • DISPLAY=:4 LIBGL_ALWAYS_SOFTWARE=1 glxspheres
            • will be forced to run without hardware acceleration
        • Problemes / Problems
          • parse_vt_settings: Cannot open /dev/tty0 (Permission denied)
            • when starting xorg as a non-root user
            • Solució / Solution:
              • sudo Xorg
              • you may need to give permissions to your user (e.g. nginx):
                • /etc/sudoers.d/33-nginx
                  • nginx ALL=(ALL) NOPASSWD: /usr/bin/Xorg
          • ...
      • start a dummy x-server
        • running, but not available, even with Ctrl+Alt+Fx
        • programs will run with no need to switch to x-server (Ctrl+Alt+Fx does not work, anyway)
        • hardware acceleration is not used by default; if you want it, you must use vglrun (VirtualGL)
        • deps
          • Mageia
            • sudo dnf install x11-driver-video-dummy
          • Alma / CentOS
            • sudo dnf install xorg-x11-drv-dummy mesa-dri-drivers
        • setup
          • wget http://xpra.org/xorg.conf xorg_dummy.conf
          • xorg_dummy.conf
            • ...
        • start x-server
          • sudo Xorg :6 -config xorg_dummy.conf
          • running, but not available, even with Ctrl+Alt+F7 (F7 corresponds to the first additional x-server)
        • run programs
          • will run with no need to switch to x-server (Ctrl+Alt+F6 does not work, anyway)
          • without hardware acceleration
            • glxspheres is provided by virtualgl package
            • DISPLAY=:6 glxspheres
            • DISPLAY=:6 /opt/VirtualGL/bin/glxspheres64
            • verify that it is running without hardware acceleration (llvmpipe renderer):
              • OpenGL Renderer: llvmpipe (LLVM 11.0.1, 256 bits)
            • if you want hardware acceleration, you need VirtualGL (see next item)
            • Problemes
              • $ DISPLAY=:0 glxinfo
                name of display: :0
                Xlib:  extension "GLX" missing on display ":0".
                • /var/log/Xorg.0.log
                  • (EE) AIGLX error: dlopen of /usr/lib64/dri/swrast_dri.so failed (/usr/lib64/dri/swrast_dri.so: cannot open shared object file: No such file or directory)
                • Solució / Solution
                  • Alma / CentOS
                    • dnf install mesa-dri-drivers
          • with hardware acceleration (using VirtualGL)
            • deps
              • Mageia
                • sudo dnf install virtualgl
              • Alma / CentOS
                • sudo dnf instal VirtualGL
            • setup
              • vglserver_config -config
            • DISPLAY=:6 vglrun glxspheres
            • DISPLAY=:0 vglrun /opt/VirtualGL/bin/glxspheres64
            • verify that it is running with hardware acceleration:
              • OpenGL Renderer: Mesa DRI Intel(R) HD Graphics 4000 (IVB GT2)
    • ...
  • RandR (Resize and Rotate)
  • X11 configuration
    • doublescan
    • xorg.conf
    • HDTV
    • Nova sessió
      • Xorg multiseat
        • loginctl
        • loginctl seat-status seat0
      • Is it possible for a X server to have multiple displays?
      • Mageia
        • Energia / Sessió -> Commuta d'usuari
          • crearà un nou display, a CTRL-ALT+F2
          • ara hi haurà dos displays:
            • /usr/bin/sddm
              • /usr/libexec/Xorg -nolisten tcp -background none -seat seat0 vt1 -auth /var/run/sddm/{086be567-64ac-42c0-9257-5e3eb6ab88d6} -noreset -displayfd 16
              • /usr/libexec/Xorg -nolisten tcp -background none -seat seat0 vt2 -auth /var/run/sddm/{4d609c7a-c4af-4f86-b90a-4cdcb378632f} -noreset -displayfd 17
    • Estructura / Structure
      • ServerFlags
        • AllowMouseOpenFail
        • Option ...
        Module
        • Load "v4l"
        ServerLayout (:0, CTRL+ALT+F1) (display=screen+keyboard+mouse)
        • Identifier "layout1"
        Screen (card+monitor)
        • Identifier "screen1"
        Device (card)
        • Identifier "device1"
        • BusID "PCI:x:y:z"
        • Driver "intel"
        • Option "DPMS"
        Monitor
        • Identifier "monitor1"
        • VendorName "Plug'n Play"
        InputClass
        • Identifier "system-keyboard"
        ServerLayout (:1, CTRL+ALT+F2)
        Screen
        Device Monitor
        ServerLayout (:2, CTRL+ALT+F3)
      • BusID:
        • lspci | grep -e VGA -e 3D
        • lspci -vnn | grep '\''[030[02]\]'
          • Mountain xxx
            • 00:02.0 VGA compatible controller [0300]: Intel Corporation 3rd Gen Core processor Graphics Controller [8086:0166] (rev 09) (prog-if 00 [VGA controller])
              01:00.0 VGA compatible controller [0300]: NVIDIA Corporation GK107M [GeForce GTX 660M] [10de:0fd4] (rev a1) (prog-if 00 [VGA controller])
          • PCSpecialist Defiance
            • ...
      • DISPLAY
        • See also SSH X11 forwarding
        • DISPLAY=[<server_name>]:D.S
          • D: display number (server layout)
          • S: screen number
    • Examples
      • Two server layouts
        • ...
          ServerLayout (:0, CTRL+ALT+F7)
          • Identifier "layout_crt"
          Screen
          • Identifier "screen_crt"
          Device
          • Identifier "card_crt"
          • Driver "nvidia"
          • BusID "PCI:1:0:0"
          Monitor
          • Identifier "crt"
          • HorizSync
          • VertRefresh
          • ModeLine "1280x1024" ...
          • ModeLine "1024x768" ...
          • ...
          • Subsection "Display"
            • Viewport 0 0
            • Depth 24
            • Modes "1280x1024" "1024x768" (CTRL-ALT-+/-)
          • Subsection "Display"
            • Viewport 0 0
            • Depth 16
            • Modes "1280x1024" "1024x768"
          • ...
          InputDevice
          • Identifier  "keyboard0"
          InputDevice
          • Identifier "mouse0"
          • InputDevice "mouse0" "CorePointer" 
          • InputDevice "keyboard0" "CoreKeyboard"
          ServerLayout (:1, CTRL+ALT+F8)
          • Identifier "layout_tv"
          Screen
          • Identifier "screen_tv"
          Device
          • Identifier "card_tv"
          • Driver "nvidia"
          • BusID "PCI:1:0:0"
          • Option "TVOutFormat" "SVIDEO"
          • Option "TVStandard" "PAL-B"
          • Option "ConnectedMonitor" "tele"
          Monitor
          • Identifier "tele"
          • HorizSync 30-50
          • VertRefresh 60
          • Subsection "Display"
            • ...
            • Modes "1920x1080_60" "1280x720_60" "720x480_60"
          • ...
          InputDevice
          • Identifier "keyboard0"
          InputDevice
          • Identifier "mouse0"
          • InputDevice "mouse0" "CorePointer" 
          • InputDevice "keyboard0" "CoreKeyboard"
      • One server layout with 2 screens:
        • ...
          ServerLayout (:0, CTRL+ALT+F7)
          • Identifier "layout0"
          Screen
          • Identifier "screen_crt"
          Device
          • Identifier "card_crt"
          • Driver "nvidia"
          • BusID "PCI:1:0:0"
          • Screen 0 (:0.0)
          Monitor
          • Identifier "crt"
          • HorizSync
          • VertRefresh
          Screen
          • Identifier "screen_tv"
          Device
          • Identifier "card_tv"
          • Driver "nvidia"
          • BusID "PCI:1:0:0"
          • Screen 1 (:0.1)
          • Option "TVOutFormat" "SVIDEO"
          • Option "TVStandard" "PAL-B"
          • Option "ConnectedMonitor" "tele"
          Monitor
          • Identifier "tele"
          • HorizSync 30-50
          • VertRefresh 60
          InputDevice
          • Identifier  "keyboard0"
          InputDevice
          • Identifier "mouse0"

          • Screen 0 "screen_crt"
          • Screen 1 "screen_tv" rightof "screen_crt"
          • InputDevice "mouse0" "CorePointer" 
          • InputDevice "keyboard0" "CoreKeyboard"

      • Two video cards
        • ...
      • Dummy display
        • See also Unity3D on virtual screen
        • Dependencies
          • Mageia
            • sudo dnf install x11-driver-video-dummy
      • ...


  • Configuració d'usuari / User setup
    • ~/.Xauthority
    • Problemes / Problems
      • les finestres no tenen ombres
        • Solució / Solution
          • ~/.config/kwinrc
            • [Compositing]
              OpenGLIsUnsafe=false
  • DISPLAY=:1 xterm
  • /usr/local/bin/mplayer.tv
    • #!/bin/sh
    • exec /usr/X11R6/bin/xinit /usr/bin/xterm -ut -e /usr/bin/mplayer -stop-xscreensaver -fs -vo sdl "$@" -- /usr/X11R6/bin/X :1 -layout layout_tv
Output connectors ("ConnectedMonitor"):
  • DVI: "DFP", "CRT-0"
  • VGA: "CRT", "CRT-1"

Captures de pantalla / Screencast

  • gtk-recordMyDesktop
  • ffmpeg x11grab

DirectFB

  • Utilitats / Tips
  • Linux Framebuffer HOWTO
  • DirectFB X11
    /etc/directfbrc (*) /etc/X11/xorg.conf
    Device
    Driver="fbdev"

    vesa intelfb viafb (*) linux-viafb
    (DirectFB) (*)
    compilation


    modprobe
    intelfb mode=1024x768-76 viafb mode=1024x768 bpp=32 refresh=60 active_dev=CRT (readme.txt)
    /boot/grub/menu.lst vga=xxx [video=vesa...] video=intelfb (*) video=viafb:mode=1024x768,bpp=32,active_dev=CRT (*)
    bootsplash (text console): /etc/bootsplash/themes/current/config
  • VESA Framebuffer modes:
    bits 640x400 640x480 800x600 1024x768 1152x864 1280x1024 1600x1200
    4
    - 770
    0x302




    8 768
    0x300
    769
    0x301
    771
    0x303
    773
    0x305
    0x161 775
    0x307
    796
    0x31c
    15
    0x310
    0x313
    0x316 0x162 0x319 797
    0x31d
    16
    785
    0x311
    788
    0x314
    791
    0x317
    0x163 794
    0x31a
    798
    0x31e
    24
    786?
    0x312
    789?
    0x315
    792?
    0x318

    795?
    0x31b
    799?
    0x31f
    32
    786?
    0x312
    789?
    0x315
    792?
    0x318
    0x164 795?
    0x31b
    799?
    0x31f
  • Use a VESA fb mode with 24/32bpp (792: 1024x768 24/32bpp):
    • grub
      • /boot/grub/menu.lst
        • kernel ... vga=792 append="video=vesa:ywrap,mtrr"
    • lilo
  • Check with:
    • dfbterm (urpmi dfbterm)
    • dfbshow (urpmi dfb++-examples)
    • mplayer -vo directfb toto.mp4
  • fbset (/etc/fb.modes)
    • urpmi fbset
    • fbset -i
  • Aplicacions / Applications

Publicacions / Publications

Seguretat / Security

  • SELinux
    • CentOS SELinux
    • status
      • sestatus
    • enforce
      • setenforce 0
      • setenforce 1
      • getenforce
    • Type Enforcement (TE)
    • booleans (not kept among rebbots; build a .pp file instead)
      • getsebool -a
      • setsebool -P <boolean>=1
    • monitor SELinux activity: 
      • tail -f /var/log/audit/audit.log
    • dependencies
      • Ubuntu
        • How to disable/enable SELinux on Ubuntu 22.04 Jammy Jellyfish Linux
        • Passos / Steps
          1. sudo apt update
          2. sudo apt install policycoreutils selinux-utils selinux-basics
          3. sudo selinux-activate
          4. sudo selinux-config-enforcing
          5. reboot
          6. ...
        • Problemes
          • Failed to start Relabel all filesystems.
            See 'systemctl status selinux-autorelabel.service' for details
            • Solució
              • ...
      • Mageia
        • urpmi checkpolicy
        • urpmi policycoreutils
      • CentOS/Alma
        • checkmodule
          • sudo yum install checkpolicy
        • semodule_package
          • sudo dnf install policycoreutils-python-utils
          • sudo yum install policycoreutils-python
    • semodule
      • install from pp rule, with no specific level (default is 400)
        • semodule -i mymodule.pp
      • install from pp rule, with specific level
        • semodule -X 300 -i mymodule.pp
      • remove rules
        • semodule -r mymodule
      • Problemes
        • when trying to install: ...
    • generació de regles (.pp) / generate rules (.pp)
      • (?) "mymodule" is extracted from "mymodule.service"
      • examples for:
      • CentOS/Alma 8
        • audit
        • # generate mymodule.te (text format, that can be modified; mymodule is an arbitrary name, to group things)
          ausearch -c 'mycommand' --raw | audit2allow -m mymodule >mymodule.te
        • # convert mymodule.te -> mymodule.mod
          checkmodule -M -m -o mymodule.mod mymodule.te
        • # convert mymodule.mod -> mymodule.pp
          semodule_package -m mymodule.mod -o mymodule.pp
        • # apply mymodule.pp
          semodule -X 300 -i mymodule.pp
        • all in one (no intermediate te text file):
          • ausearch -c 'mymodule' --raw | audit2allow -M mymodule
          • semodule -X 300 -i mymodule.pp
      • CentOS 7
        • # generate local.te
          cat /var/log/audit/audit.log | audit2allow -m local >local.te
        • # convert local.te -> local.mod
          checkmodule -M -m -o local.mod local.te
        • # convert local.mod -> local.pp
          semodule_package -o local.pp -m local.mod
        • # apply local.pp
          semodule -i local.pp
    • audit (file /var/log/audit/audit.log)
    • domains
      • PermissiveDomainRecipe
      • Permissive Domains
      • add domain to permissive list (e.g. when having permission problems when nginx tries to write to a dir mounted using s3fs)
        • semanage permissive -a netutils_t
        • or put it on a te file (generació de regles / rule generation):
          • permissive_netutils.te
            • module permissive_netutils 1.0;
              require {
                      type netutils_t;
              }
              permissive netutils_t;
          • checkmodule -M -m -o permissive_netutils.mod permissive_netutils.te
          • semodule_package -o permissive_netutils.pp -m permissive_netutils.mod
          • semodule -i permissive_netutils.pp
      • remove domain from permissive list
        • semanage permissive -d netutils_t
      • get list of domains that has been added as permissive:
        • semodule -l | grep permissive
    • modules
      • dirs
        • /var/lib/selinux/targeted/active/modules/
      • generació de regles / rule generation
      • old instructions:
        • option 1: step by step
          • generate my_unit.te (my_unit is the systemd unit: nginx, httpd, ...) ()
            • grep my_unit /var/log/audit/audit.log | audit2allow -m my_unit >my_unit.te
          • generate my_unit.mod
            • checkmodule -M -m -o my_unit.mod my_unit.te
          • compile it to my_unit.pp
            • semodule_package -o my_unit.pp -m my_unit.mod
        • option 2: all in one step
          • grep my_unit /var/log/audit/audit.log | audit2allow -M my_unit
        • install it
          • semodule -i my_unit.pp
          • semodule -X 300 -i my_unit.pp
      • analyse my_unit.pp
        • sedismod my_unit.pp
          • 1)
          • a)
      • Exemples / Examples
        • unit has a different name
        • nginx
          1. nginx.te
            • module nginx 1.0;

              require {
                      type httpd_t;
                      type init_t;
                      type nfs_t;
                      type mnt_t;
                      type user_home_t;
                      type var_lib_t;
                      type unlabeled_t;
                      class unix_stream_socket connectto;
                      class file { create read write getattr open};
                      class dir { create open getattr setattr read write add_name };
                      class lnk_file read;
                      class sock_file write;
              }

              #============= httpd_t ==============
              allow httpd_t init_t:unix_stream_socket connectto;
              allow httpd_t nfs_t:file { create read write getattr open};
              allow httpd_t nfs_t:dir { create open getattr setattr read write add_name };
              allow httpd_t mnt_t:dir { create open getattr setattr read write add_name };
              allow httpd_t nfs_t:lnk_file read;
              allow httpd_t user_home_t:file {read open};
              allow httpd_t var_lib_t:sock_file write;
              allow httpd_t unlabeled_t:lnk_file read;
              allow httpd_t unlabeled_t:file {read open};
          2. checkmodule -M -m -o nginx.mod nginx.te
          3. semodule_package -o nginx.pp -m nginx.mod
          4. semodule -i nginx.pp
        • ...
    • labels
      • 5.6. SELinux Contexts – Labeling Files
      • labels

        get:
        ls -Z
        set:
        chcon
        examples selinux te file
        user <user>:<role>:<type>:<level> -u <user>
        • system_u
        • ...

        role -r <role>
        • object_r
        • ...

        type -t <type>
        • httpd_t
        • init_t
        • nfs_t
        • unlabeled_t
        • user_home_t
        • var_log_t
        • var_lib_t
        • ...
        type ...;
        level
        • s0

      • get labels for a given file:
        • ls -Z ...
          • <user>:<role>:<type>:<level>
      • default labels
        • defined at:
          • /etc/selinux/targeted/contexts/files/
        • files with no default labels will have:
          • ...
        • add default labels:
        • apply default labels
      • change labels
    • logrotate
      • logrotate cron job not rotating certain logs
      • logrotate config file:
        • sudo chcon -u system_u -t etc_t /etc/logrotate.d/celery
      • logrotate destination dir and files:
        • sudo chcon -u system_u -t var_log_t /my/celery/log/dir
        • ...
    • HTTP servers
      • list the ports open for http service:
        • semanage port -l | grep -w http_port_t
          • http_port_t                    tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000
      • allow port 8888 for http:
        • semanage port -a -t http_port_t -p tcp 8888
      • Change port on server:
      • allow Apache to connect other servers (e.g. APNS push notifications server) (to avoid: "[Errno 13] Permission denied"):
        • setsebool -P httpd_can_network_connect 1
      • create a module (.pp)
        • grep apache /var/log/audit/audit.log ...
    • mount
      • # mount --verbose /mnt/vol1
        mount: /mnt/vol1 does not contain SELinux labels.
               You just mounted an file system that supports labels which does not
               contain labels, onto an SELinux box. It is likely that confined
               applications will generate AVC messages and not be allowed access to
               this file system.  For more details see restorecon(8) and mount(8).
      • labels
      • Solution
        • ...
    • NFS
  • Lynis
  • BackTrack
  • BackBox Linux
  • msec (Mandriva/Mageia)
    • /etc/security/msec/
    • /etc/cron.daily/msec -> /usr/share/msec/security.sh

Shell

Sistema de fitxers / File systems

SGI Linux

Usuaris i grups / Users and groups

Variables d'entorn / Environment variables

  • LANGUAGE
    • /etc/sysconfig/i18n
    • ~/.i18n
  • PATH
    • /etc/profile
  • Altres configuracions
    • /etc/skel/ (estructura de directoris per a nous usuaris)

Llengua / Language (i18n, l10n)

  • /etc/sysconfig/i18n:
    • LANGUAGE=ca:en
    • LANG=ca_ES.UTF-8:en
  • gimp in English
    • export LANGUAGE=en; gimp
  • variable
    example value
    default value specified at
    non-default specified at
    files
    installed by package
    used by
    LANG
    • ca_ES.UTF-8
    • Mageia: /etc/sysconfig/i18n
    • CentOS: /etc/locale.conf

    /usr/share/locale/<LANG>/
    • LC_PAPER
    • LC_NAME
    • LC_MEASUREMENT
    • LC_TELEPHONE
    • LC_NUMERIC
    • LC_MONETARY
    • LC_TIME
    • LC_IDENTIFICATION
    • LC_COLLATE
    • LC_ADDRESS
    • LC_TYPE
    • LC_MESSAGES
      • SYS_LC_MESSAGES
    locales-ca
    shell commands:
    • ls
    • date
      • LANG=en_GB date
        Mon 20 Feb 11:45:03 CET 2017
      • LANG=en_US date
        Mon Feb 20 11:45:08 CET 2017
    • ...
    LANGUAGE
    • ca
    /etc/sysconfig/i18n ~/.i18n
    /usr/share/locale/<LANGUAGE>/LC_MESSAGES/*.mo (each software package)
    software

Data / Date

  • Set system local time to UTC
    • ln -s /usr/share/zoneinfo/UTC /etc/localtime

Xarxes / Networks

  • Linux Home Netwoking
  • Linux Network Administrators Guide
  • Consistent Network Device Naming coming to Fedora 15 (biosdevname)
    • embeded (on-board):
      • em0, em1...
    • PCI
      • pci1#0 ...
  • Eines / Tools
    • Info
    • iproute2 (wp: replacement table)
      • use iproute2 instead of: ifconfig, route, netstat, brctl, ... 
      • components:
        • bridge
        • ststat
        • ip
        • routef
        • routel
        • tc
        • ss
      • group action iproute2 old tools
        link (network device) create ip link add name br0 type bridge
        activate ip link set wlan0 up
        deactivate ip link set wlan0 down
        show ip link show wlan0
        list
        ip link
        ip l
        ip link list

        address
        create ip addr add 192.18.0.102/24 dev eth0 broadcast + ifconfig lo 192.18.0.102 netmask 255.255.255.0 broadcast 192.168.0.255
        list ip addr
        remove ip addr delete 192.168.0.102/24 dev eth0
        route
        add ip route add 192.168.0.0/24 dev enp1s0f1 route add -net 192.168.0.0 netmask 255.255.255.0 dev enp1s0f1
        list ip route route -n netstat -r
        delete ip route del 192.168.0.0/24 dev enp1s0f1
        ip route del default dev wlp46s0
        route del -net 192.168.0.0 netmask 255.255.255.0 dev enp1s0f1
        bridge
        create ip link add name br0 type bridge brctl addbr br0
        add interface ip link set eth0 master br0;
        ip link set eth1 master br0;
        brctl addif br0 eth0;
        brctl addif br0 eth1
        activate ip link set br0 up ifconfig br0 10.0.1.12 up
        show bridge link brctl show
        remove interface ip link set eth0 nomaster;
        ip link set eth1 nomaster;
        brctl delif br0 eth0;
        brctl delif br0 eth1
        deactivate ip link set dev br0 down ifconfig br0 down
        delete ip link delete br0 brctl delbr br0
        statistics
        ip -s ss netstat


        ip -s link netstat -i

        multicast members ip maddr netstat -g
        open ports
        ss -tulpn
        ss --tcp --udp --listen --processes --numeric
        netstat -tulpn
      • ip [ OPTIONS ] OBJECT [ COMMAND [ ARGUMENTS ]]
        • OPTIONS OBJECT (can be abbreviated as the first letter[s]) / COMMAND COMMAND ARGUMENTS
          • -V[ersion]
          • -s[tatistics]
          • -d[etails]
          • -r[esolve]
          • -h[uman-readable]
          • -iec
          • -j[son]
          • -p[retty]
          • -f[amily] { inet | inet6 | mpls | bridge | link }
          • -4 (-family inet)
          • -6 (-family inet)
          • -I
          • -D
          • -M
          • -B
          • -0 (-family link)
          • -l[oops] { maximum-addr-flush-attempts }
          • -br[ief]
          • -o[neline]
          • -t[imestamp]
          • -ts[hort]
          • -b[atch] [filename]
          • -rc[vbuf] [size]
          • -n[etns] name
          • -N[umeric]
          • -a[ll]
          • -c[olor]
          • link (physical or logical network device)
            • list (default)
            • add name <name> type <type>
            • set <interface> {up,down,...}
            • show
            • delete
          • address (protocol (IPv4 or IPv6) address on a device)
          • addrlabel ()
          • route (routing table entry)
            • add
            • change
            • replace
            • delete
            • show
            • flush
            • get
          • rule (rule in routing policy database)
            • add
            • show
          • neighbour (ARP or NDISC cache entry)
            • add
            • change
            • replace
            • delete
            • show
            • flush
          • ntable
          • tunnel (tunnel over IP)
            • add
            • show
          • tuntap
          • maddress (multicast address)
          • mroute (multicast routing cache entry)
          • mrule
          • monitor, rtmon (monitoring the state of devices, addresses and routes continuously)
          • xfrm
          • netns
          • l2tp
          • fou
          • macsec
          • tcp_metrics
          • token
          • netconf
          • ila
          • vrf
          • sr
          • nexthop
          • mptcp
          • show, list (default)
          • add
          • delete
          • ...
          • types:
            • flags
            • parameters
              • default parameter for ip list: dev
      • ss
    • Netfilter (wp)
      • ...
      • components
        • iptables
        • ip6tables
        • ebtables
        • arptables
        • ipset
        • nftables
  • Network interfaces
  • Flux de paquets de xarxa en Linux / Network packet flow in Linux
  • Nom / Name

    • example set stored in get










      router device list arp arp-scan nmap nslookup dig avahi nmblookup
      MAC address


      "MAC address" arp arp-scan -l nmap -sP 192.168.1.0/24



      MAC manufacturer (OUI)


      "Manufacturer"
      arp-scan -l nmap -sP 192.168.1.0/24



      IP address 192.168.1.100



      arp-scan -l nmap -sP 192.168.1.0/24



      hostname myhostname sudo hostnamectl set-hostname myhostname /etc/hostname
      • myhostname








      DNS myhost.mydomain
      • /etc/hosts
      • DNS server




      • nslookup myname
      • nslookup a.b.c.d
      • dig myname
      • dig -x a.b.c.d


      DHCP hostname mydhcphostname
      /etc/sysconfig/network-scripts/ifcfg-...
      • DHCP_HOSTNAME=mydhcphostname
      "Device name"






      Zeroconf (Avahi, Bonjour) myzeroconfhostname.local
      /etc/avahi/avahi-daemon.conf
      • [server]
        host-name=myzeroconfhostname
        domain-name=local






      • avahi-browse -a -r -t
      • avahi-discover-standalone
      • avahi-discover

      NetBios (MSWindows)









      • nmblookup mywindowsname
      • nmblookup -A a.b.c.d
  • Drivers


  • configuration
    binary
    Linux distribution
    general config
    per-device config
    low level config
    main
    internally calls
    example
    config file
    config options
    config file
    config options (man ifcfg)
    file
    options








    manual IP address
    DHCP


    NetworkManager:
    nm-ifup,
    nm-ifdown



    Mageia






    DEPRECATED
    ifup, ifdown
    ifup-eth
    • ip
    • (ifconfig)
    • ifup eth0
    • ifup enp0s3
    • ifup --verbose --all
    Mageia >=6
    Mandriva
    RedHat
    CentOS
    Fedora
    • /etc/sysconfig/network
    • /etc/hostname
      • set it using: hostname set-hostname my_hostname
    HOSTNAME=pctoto
    NETWORKING=yes
    CRDA_DOMAIN=ES
    GATEWAYDEV=eth1


    /etc/sysconfig/network-scripts/ifcfg-eth0[:1]
    DEVICE=eth0
    IPADDR=192.168.0.15
    GATEWAY=192.168.0.1
    NETMASK=255.255.255.0
    MTU=1200
    IPV6_MTU="1280"
    ...

    DEVICE=enp1s0f1
    BOOTPROTO=dhcp
    NETMASK=255.255.255.0
    ONBOOT=yes
    METRIC=10

    DHCP_HOSTNAME=myname
    /etc/sysctl.conf
    (speedguide)
    Mageia 5
    RedHat Enterprise
    CentOS 7
    • hostnamectl set-hostname my_hostname

    • /etc/sysconfig/network-scripts/ifcfg-enp0s3
    • /etc/sysconfig/network-scripts/ifcfg-eth0
    TYPE=Ethernet
    NAME=eth0
    ONBOOT=yes
    BOOTPROTO=none
    IPADDR0=10.0.0.31
    PREFIX0=24
    GATEWAY0=10.0.0.1
    DNS1=10.0.0.1

    USERCTL=no
    TYPE=Ethernet
    NAME=eth1
    ONBOOT=yes
    BOOTPROTO=dhcp USERCTL=no


    Mageia 3
    /etc/hostname
    pctoto





    Debian (>=8) Raspberry Pi OS

    • /etc/dhcpcd.conf
    • /etc/wpa_supplicant/wpa_supplicant.conf
    Static IP Addresses
    • # Example static IP configuration:
      interface eth0
      static ip_address=192.168.0.10/24
      static ip6_address=fd51:42f8:caae:d92e::ff/64
      static routers=192.168.0.1
      static domain_name_servers=192.168.0.1 8.8.8.8 fd51:42f8:caae:d92e::1
    • # It is possible to fall back to a static IP if DHCP fails:
      # define static profile
      profile static_eth0
      static ip_address=192.168.1.23/24
      static routers=192.168.1.1
      static domain_name_servers=192.168.1.1

      # fallback to static profile on eth0
      interface eth0
      fallback static_eth0



    Ubuntu Debian (<=7)
    • /etc/hostname
      • set it using: hostname set-hostname my_hostname

    • /etc/network/interfaces (*)
      • ? /etc/network/interfaces.d/
    auto lo
    iface lo inet loopback

    auto eth0
    iface eth0 inet static
    address 192.168.0.15
    network 192.168.0.0
    gateway 192.168.0.1
    netmask 255.255.255.0
    mtu 1492

    auto eth2
    iface eth2 inet6 static
    pre-up modprobe ipv6
    address 2607:f0d0:2001:000a:0000:0000:0000:0002
    netmask 64
    gateway 2607:f0d0:2001:000a:0000:0000:0000:0001

    auto br0
    iface br0 inet static
        address 192.168.0.10
        network 192.168.0.0
        netmask 255.255.255.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        bridge_ports eth0
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off

    auto eth1
    iface eth1 inet dhcp


    ...

    ...



    ifconfig (classical)











    ip (new) (iproute2)











  • Exemples / Examples
    • Case 1:

      • WiFi to Android device (tethering), connected to Internet
        ethernet to switch (TP-Link) (not connected to internet)
        PC (Mageia)
        /etc/sysconfig/network-scripts/ifcfg-wlp...
        • DEVICE=wlp2s0
          BOOTPROTO=dhcp
          ONBOOT=yes
          METRIC=5
          ...
        /etc/sysconfig/network-scripts/ifcfg-enp...
        • DEVICE=enp1s0f1
          BOOTPROTO=dhcp
          NETMASK=255.255.255.0
          ONBOOT=yes
          METRIC=10
        Raspberry Pi
        (Debian)

        WiFi setup:
        • sudo iwlist wlan0 scan
        • /etc/wpa_supplicant/wpa_supplicant.conf
          • ...
            network={
                    ssid="AndroidAP"
                    psk="..."
            }
        • wpa_cli -i wlan0 reconfigure
        • sudo ip route list
        • sudo ip route replace default via 192.168.43.1 dev wlan0  metric 101
        • sudo ip route del default via 192.168.43.1 dev wlan0  metric 303
        /etc/network/interfaces
        z21
        -
        192.168.0.111
      • Notes:
        • when ifup is called, a default route (to Internet) is added. Packets to Internet will take the interface with the lowest METRIC value.
        • per a esborrar una ruta per defecte (per exemple la que s'ha creat quan hem creat connexió cap a z21, que no té sortida cap a Internet) / to delete one default route:
          • ip route del default dev wlp46s0
          • ip route del default dev enp45s0
      • Change the default route to wlp0s20f3 (WiFi)
        • /etc/sysconfig/network
          • GATEWAYDEV=wlp0s20f3
        • sudo systemctl restart network.service
      • route -n
        • Kernel IP routing table
          Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
          0.0.0.0         192.168.43.1    0.0.0.0         UG    5      0        0 wlp2s0
          0.0.0.0         192.168.0.1     0.0.0.0         UG    10     0        0 enp1s0f1
          169.254.0.0     0.0.0.0         255.255.0.0     U     5      0        0 wlp2s0
          169.254.0.0     0.0.0.0         255.255.0.0     U     10     0        0 enp1s0f1
          192.168.0.0     0.0.0.0         255.255.255.0   U     10     0        0 enp1s0f1
          192.168.43.0    0.0.0.0         255.255.255.0   U     5      0        0 wlp2s0
  • Service
    type
    OS
    command
    info

    • Mageia
    • CentOS
    • systemctl start network
    • systemctl stop network
    • systemctl restart network
    • systemctl status network
    same result as reboot: only interfaces marked as ONBOOT=true will be active

    • old Mageia
    • old CentOS
    • service network start
    • service network stop
    • service network restart
    • service network status


    • Debian
    • Ubuntu
    • ...

  • Options
    • ip-sysctl
    • dir
      • /proc/sys/
    • configuration
      • /etc/sysctl.conf
    • control
      • list
        • sysctl -a
      • write
        • sysctl -w net.ipv4.ip_forward=1
    • General
      • /proc/sys/net/ipv4/ip_forward
    • Per NIC
      • Mageia
        • /proc/sys/net/ipv4/conf/enp4s0f2/
      • Ubuntu
        • /proc/sys/net/ipv4/conf/eth0/
      • ...
  • Zeroconf
  • Eines de gestió / Management tools
    • NetworkManager (gui)
      • /etc/NetworkManager/
      • enable
        • Mageia
          • Switching to networkmanager
            • echo "AUTOSTART=FALSE" > ~/.net_applet
            • su
            • killall net_applet
            • urpmi networkmanager networkmanager-applet
            • urpmi plasma-applet-nm
            • urpmi plasma-applet-nm-openvpn
            • systemctl enable --now NetworkManager.service
            • systemctl restart NetworkManager.service
            • systemctl mask network.service; systemctl mask network-up
      • disable
        • Ubuntu
          • sudo stop network-manager
          • permanently (Upstart)
            • echo "manual" > /etc/init/network-manager.override
        • CentOS
          • sudo systemctl stop NetworkManager
          • permanently
            • sudo systemctl disable NetworkManager
      • CLI
        • systemctl enable NetwokManager.service
        • /usr/libexec/nm-ifup wlp46s0
        • /usr/libexec/nm-ifdown wlp46s0
    • Ubuntu
    • Change the hostname:
    • ifconfig
      • DEPRECATED. Use iproute2 tools: ip
      • List interfaces
        • only active (Ubuntu)
          • ifconfig
        • active and non active
          • ifconfig -a
      • Assign a static IP address and bring up a device (automatically adds a specific route; but default route is not added nor modified):
        • ifconfig eth0 192.168.0.23 netmask 255.255.255.0 up
        • optionally (this is automatically added when using ipup):
          • add a default route to the router, to have access to Internet
            • route add default gw 192.168.0.1 dev eth0
          • add a dns server
            • echo "nameserver 192.168.0.1" >> /etc/resolv.conf
      • Assign a static IP address:
        • ifconfig eth0 192.168.0.100 netmask 255.255.255.0
      • Bring the device up:
        • ifconfig eth0 up
      • Bring the device down:
        • ifconfig eth0 down
      • Assign a dynamic IP address:
        • ...
      • Add a second IP address to the same NIC:
        • temporary (*) (it adds the corresponding route):
          • ip address add 10.0.0.2/24 dev enp4s0f2
          • ifconfig eth0:1 inet <second_ip_address> [broadcast 172.16.11.255 netmask 255.255.255.0]
        • permanently:
          • Mageia / Mandriva / Fedora / RedHat / CentOS:
            • cd /etc/sysconfig/network-scripts
            • cp ifcfg-eth0 ifcfg-eth0:1
            • edit ifcfg-eth0:1:
              • DEVICE=eth0:1
              • IPADDR=<second_ip_address>
            • service network restart
          • Debian / Ubuntu
            • ...
      • Promiscuous mode
        • enable
          • ifconfig eth0 promisc
        • disable
          • ifconfig eth0 -promisc
    • iwconfig (for wireless interfaces)
      • iwgetid
        • iwgetid -r wlp2s0
      • iwlist
    • ip
    • ipcalc
    • route
      • DEPRECATED: Use iproute2 tools: ip
      • Introduction to Linux IP Routing Fundamentals (Part 1)
      • List routes:
        • route
        • routel
        • netstat -r
        • numerical IP addresses:
          • route -n
          • netstat -rn

      • add
        (automatically added when interface is activated: ifup wlp2s0)
        remove
        (automatically removed when interface is deactivated: ifdown wlp2s0)
        list



        Destination
        Gateway
        Genmask
        Flags
        Iface



        -net
        gw
        netmask

        dev
        to a local network
        route add -net 192.168.0.0 netmask 255.255.255.0 dev enp1s0f1
        192.168.0.0 0.0.0.0
        *
        255.255.255.0 U
        enp1s0f1
        route add -net 192.168.43.0 netmask 255.255.255.0 dev wlp2s0
        192.168.43.0 0.0.0.0
        *
        255.255.255.0 U
        wlp2s0
        to a gateway
        (destination is outside listed networks)
        route add default gw 192.168.0.1 enp1s0f1 route del default enp1s0f1




        route add default gw 192.168.43.1 wlp2s0
        default
        0.0.0.0
        192.168.43.1 0.0.0.0
        UG
        wlp2s0
      • Add a new route (*):
        • temporarily:
          • route add 192.168.0.1 eth0
          • route add -net 192.168.0.0 netmask 255.255.255.0 dev eth2
          • route add -net 172.16.0.0 netmask 255.255.0.0 dev eth2
          • route add -net 224.0.0.0/4 eth0
          • default gateway
            • route add default gw 10.0.0.1 eth0
        • permanently (*):
          • /etc/sysconfig/network-scripts/route-eth0
            • ADDRESS0=224.0.0.0 NETMASK0=240.0.0.0
      • Delete a route:
        • route del default eth1
        • route del -net 192.168.0.0/24 dev eth0
      • Change the default route to eth1:
      • Example:
        • Network topology
          • internal WiFi interface (wlp2s0) connected to Sony Xperia Z5 (tethering)
          • usb WiFi dongle (wlp0s20f0u1) connected to non-internet TP-Link router
          • internal ethernet (enp1s0f1) connected to non-internet TP-Link router
        • Steps
          • Start network (will make all interfaces available, and will be visible with ifconfig) (config in /etc/sysconfig/network)
            • systemctl start network.service
          • Configure interfaces (files can also be created from mcc: «Estableix una nova interfície de xarxa», and deleted with «Elimina una connexió»)
            • /etc/sysconfig/network-scripts/ifcfg-wlp2s0 (from BOOTPROTO: copied from /etc/sysconfig/network-scripts/wireless.d/Xperia Z5_7225) (WIRELESS_ESSID is not used, but result from iwgetid -r wlp2s0)
              • DEVICE=wlp2s0
                BOOTPROTO=dhcp
                ONBOOT=yes
                METRIC=3
                MII_NOT_SUPPORTED=no
                USERCTL=no
                RESOLV_MODS=no
                WIRELESS_MODE=Managed
                WIRELESS_ESSID="Xperia Z5_7225"
                WIRELESS_ENC_KEY=s:xxxxxxxx
                WIRELESS_WPA_DRIVER=wext
                WIRELESS_WPA_REASSOCIATE=no
                IPV6INIT=no
                IPV6TO4INIT=no
                ACCOUNTING=no
                DHCP_CLIENT=dhclient
                NEEDHOSTNAME=no
                PEERDNS=yes
                PEERYP=yes
                PEERNTPD=no
            • /etc/sysconfig/network-scripts/ifcfg-wlp0s20f0u1 (from BOOTPROTO: copied from /etc/sysconfig/network-scripts/wireless.d/TP-LINK_F3B398)
              • DEVICE=wlp0s20f0u1
                BOOTPROTO=dhcp
                ONBOOT=yes
                METRIC=35
                MII_NOT_SUPPORTED=no
                USERCTL=no
                RESOLV_MODS=no
                WIRELESS_MODE=Managed
                WIRELESS_ESSID=TP-LINK_F3B398
                WIRELESS_ENC_KEY=s:xxxxxxxx
                WIRELESS_WPA_DRIVER=wext
                WIRELESS_WPA_REASSOCIATE=no
                IPV6INIT=no
                IPV6TO4INIT=no
                ACCOUNTING=no
                DHCP_CLIENT=dhclient
                NEEDHOSTNAME=no
                PEERDNS=yes
                PEERYP=yes
                PEERNTPD=no
            • /etc/sysconfig/network-scripts/ifcfg-enp1s0f1
              • DEVICE=enp1s0f1
                BOOTPROTO=dhcp
                NETMASK=255.255.255.0
                ONBOOT=yes
                METRIC=10
                MII_NOT_SUPPORTED=no
                USERCTL=no
                RESOLV_MODS=no
                LINK_DETECTION_DELAY=6
                IPV6INIT=no
                IPV6TO4INIT=no
                ACCOUNTING=no
                DHCP_CLIENT=dhclient
                NEEDHOSTNAME=no
                PEERDNS=yes
                PEERYP=yes
                PEERNTPD=no
          • Bring up interfaces (can also be done from mcc: «Connecta»)
            • ifup enp1s0f1
              • if you experience problems:
                • check GATEWAYDEV in /etc/sysconfig/network
                • try switching off tethering on mobile phone (!?)
            • ifup wlp2s0
            • ifup wlp0s20f0u1
          • Remove default gateways without connection to internet (default gateway in wlp2s0 will have precedence because its metric (3) is lower than metric in enp1s0f1 (5) )
            • route del default wlp0s20f0u1
            • route del default enp1s0f1
    • Ponts / Bridges
    • Tallafocs / Firewalls
      • shorewall (Mageia)
        • shorewall-rules
        • allow UDP multicast on port 1234:
          • /etc/shorewall/rules.drakx
            • ACCEPT  net  fw  udp  1234
          • /etc/shorewall/shorewall.conf
            • MULTICAST=Yes
          • service shorewall restart
        • accessos denegats / detect the accessed ports: /var/log/messages journalctl -f
        • accessed from Mageia drakfirewall
          • mcc: Security / Setup a personal firewall /

            • ports
              /etc/shorewall/rules.drakx
              #ACTION SOURCE  DEST    PROTO   DPORT   SPORT   ORIGDEST
              Servidor Web ACCEPT  net     fw      tcp     80,443  -
              Servidor de noms de domini (DNS) ACCEPT  net     fw      udp     53      -
              ACCEPT  net     fw      tcp     53      -
              Servidor SSH ACCEPT  net     fw      tcp     22      -
              Servidor FTP ACCEPT  net     fw      tcp     20,21   -
              Servidor de correu ACCEPT  net     fw      tcp     25,465,587      -
              Servidor POP i IMAP ACCEPT  net     fw      tcp     109,110,143,993,995     -
              Servidor CUPS ACCEPT  net     fw      udp     631     -
              ACCEPT  net     fw      tcp     631     -
              Servidor MySQL ACCEPT  net     fw      udp     3306    -
              ACCEPT  net     fw      tcp     3306    -
              Petició echo (ping) ACCEPT  net     fw      icmp    8       -
              Autodescobriment de serveis de xarxa (zeroconf i slp) ACCEPT  net     fw      udp     5353,427        -
              Autodescobriment d'impressores / escàners de xarxa ACCEPT  net     fw      udp     8612    -
              BitTorrent ACCEPT  net     fw      udp     6881:6999       -
              ACCEPT  net     fw      tcp     6881:6999       -
              KDEConnect ACCEPT  net     fw      udp     1714:1764       -
              ACCEPT  net     fw      tcp     1714:1764       -
            • Advanced / Other ports 
              • 123/udp...
                • will modify /etc/shorewall/rules.drakx
                  • ACCEPT net  fw  udp  123  -
      • ufw (Ubuntu)
        • sudo ufw status
      • iptables (part of Netfilter package) (iptables project) (faq) (tutorial) (wikipedia)
  • Afinament / Tuning
    • Info
    • Kernel parameters
      • How To: Network / TCP / UDP Tuning
      • Sysctl tuning for optimized system performance
      • TCP Tunnig Guide
      • sysctl [-w]


        • units
          default
          description
          usage
          network general



          net.core.rmem_default
          212992
          This sets the default OS receive buffer size for all types of connections.
          gstreamer receiving rtp
          net.core.rmem_max
          212992
          This sets the max OS receive buffer size for all types of connections.
          ffmpeg buffer when receiving rtp (maximum)
          net.core.wmem_default
          212992
          This sets the default OS send buffer size for all types of connections.

          net.core.wmem_max
          212992
          This sets the max OS send buffer size for all types of connections.

          IPV4 UDP


          net.ipv4.udp_mem pages (4096 bytes)
          auto-tuned by kernel:
          43620        58162   87240


          net.ipv4.udp_rmem_min
          4096


          net.ipv4.udp_wmem_min
          4096


          IPV4 TCP


          net.ipv4.tcp_mem
          pages (4096 bytes) auto-tuned by kernel:
          42519        56694   85038
          The tcp_mem variable defines how the TCP stack should behave when it comes to memory usage.
          • The first value specified in the tcp_mem variable tells the kernel the low threshold. Below this point, the TCP stack will not bother to put any pressure on the memory usage by different TCP sockets.
          • The second value tells the kernel at which point to start pressuring memory usage down.
          • The final value tells the kernel how many memory pages it may use (maximum). If this value is reached, TCP streams and packets start getting dropped until it reaches a lower memory usage again. This value includes all TCP sockets currently in use.

          net.ipv4.tcp_rmem

          4096        87380   6291456


          net.ipv4.tcp_wmem

          4096        16384   4194304


      • permanent changes accross reboots:
        • /etc/sysctl.d/60-rtp.conf
          • # values needed by gst-launch when receiving big rtp packets
            net.core.wmem_default = 851968
            net.core.rmem_max = 851968
        • sudo sysctl -p
  • Monitoratge / Monitoring
    • Info
    • UDP packet loss
    • iftop
    • iperf
      • Instal·lació / Installation
        • Mageia
          • urpmi iperf
        • CentOS
          • sudo yum install ...
      • iperf3 -c 192.168.1.100
    • iptraf
      • ncurses interface
      • Instal·lació / Installation
        • Mageia
          • urpmi iptraf-ng
      • Ús / Usage
        • iptraf-ng
    • bmon
    • dropwatch
      • Compilació / Compilation
        • Dependències / Dependencies
          • Mageia
            • urpmi rpm-build binutils-devel kernel-devel libnl3-devel readline-devel
        • git clone https://github.com/pavel-odintsov/drop_watch.git
        • cd drop_watch
        • make
      • Instal·lació / Installation
        • Mageia
          • cd drop_watch/RPMS/x86_64
          • sudo urpmi dropwatch-1.3-0.mga6.x86_64.rpm
        • CentOS
          • sudo yum install dropwatch
      • Ús / Usage:
        • dropwatch -l kas
          • start
          • stop
        • non-interactive
          • dropwatch -l kas <<<start 2>&1 >/tmp/dropwatch.log
          • tail -n 200 -f /tmp/dropwatch.log | grep udp_queue
      • Aplicació / Application
    • netperf
    • netstat
      • DEPRECATED. Use iproute2 tools: ip -s, ss, ip route
    • nmap
      • Install
        • CentOS
          • yum install nmap
      • gui (frontend)
        • Install
          • Mageia
            • urpmi nmap-frontend
        • Usage
          • zenmap
          • nmapfe
      • MAC address discovering (and open ports) (Host discovery)
        • nmap -sS 172.16.11.0/24
        • -sL: only list
        • -sP: only ping
        • -sn: no port scan
          • to discover other computers in the subnet
        • -O: discover operating system
        • -PR: ARP ping
        • nmap -sn -PR 192.168.1.0/24 (How to detect duplicate IP addresses)
        • MAC addresses (you need to be root)
          • # nmap -sn 192.168.1.100
    • Captura / Capture

      • decode network interface
        filters (combined with: and, or, ...)


        list
        use
        protocol
        source
        destination





        address
        address
        port
        tcpdump [-n]

        -D
        -i any
        • udp
        • tcp
        • ...
        • src 1.2.3.4

        • dst 234.1.2.3

        • port 5004

        tshark
        -d udp.port==5004-5007,rtp
        wireshark
        Analyze -> Decode As...
        Capture -> Options -> Input

        • tcp
        • udp
        • ...
        Display filters
        • ip.src==1.2.3.4
        • eth.addr[0:3] == 00:11:32
        • ip.dst==234.1.2.3
        • udp.port==5004
        ip.addr==234.1.2.3
      • tcpdump
        • Manpage
        • Opcions / Options
        • TCPDUMP - The easy tutorial
        • commands must be run from root
        • A tcpdump Tutorial and Primer with Examples
        • display available interfaces
          • tcpdump -D
        • live display
          • ...
        • capture to a file (-w filename)
          • capture UDP packets (-n option is critical to avoid "packets dropped by kernel")
            • tcpdump udp -n -w udp_packets.tcp
          • capture UDP packets from loopback (even if packets are sent to local numerical IP address. e.g. 192.168.1.100)
            • tcpdump udp -i lo -n -w udp_packets.tcp
          • display a capture:
            • tcpdump -r udp_packets.tcp
          • open with Wireshark
            • command line:
              • wireshark udp_packets.tcp
            • GUI
              • Open: udp_packets.tcp
          • time in file name
            • -w /var/tmp/trace-%m-%d-%H-%M-%S-%s
            • ...
          • chunk and rotation
            • tcpdump – rotate capture files using -G, -W and -C
            • Amend documentation about the use of the -C -G and -W switches. #722
            • opcions / options
              • -C file_size_in_MB
              • -G rotate_seconds
              • -W number_of_files (file rotation)
                • -W number_of_files -C ...
                • -W number_of_files -G ...
                • -W number_of_files -C ... -G ...
            •  exemples / examples
              • a new file every 10s (infinite number of files):
                • tcpdump -w capture_%Y%m%dT%H:%M:%S.%s.pcap -G 10
                  • capture_20191205T11:12:00.1575540720.pcap
                  • capture_20191205T11:12:20.1575540740.pcap
                  • capture_20191205T11:12:10.1575540730.pcap
                  • ...
              • rewrite a single file every 10s (infinite number of files):
                • tcpdump -w capture.pcap -G 10
                  • capture.pcap
              • a new file every 1MB (infinite number of files):
                • tcpdump -w capture.pcap -C 1
                  • -rw-r--r-- 1 root root 1000010 de des.   5 11:15 capture.pcap
                  • -rw-r--r-- 1 root root 1000070 de des.   5 11:15 capture.pcap1
                  • -rw-r--r-- 1 root root 1000036 de des.   5 11:15 capture.pcap2
                  • -rw-r--r-- 1 root root   49152 de des.   5 11:15 capture.pcap3
                  • ...
              • generate only 2 files (no rotation), every 10s, and quit (!):
                • tcpdump -w capture_%Y%m%dT%H:%M:%S.%s.pcap -W 2 -G 10
                  • capture_20191205T11:31:32.1575541892.pcap
                  • capture_20191205T11:31:42.1575541902.pcap
              • use only 2 files (rotation), each one 1MB (do not quit):
                • tcpdump -w capture.pcap -W 2 -C 1
                  • capture.pcap0
                  • capture.pcap1
        • split an existing file
          • split into files of 10MB
            • tcpdump -r toto_big.pcap -C 10 -w toto_segment.pcap
        • permet als usuaris normals fer captures / allow regular users to capture:
          • setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump
      • tcpreplay
        • play from file and replace 172.16.1.100 by 192.168.2.200:
          • tcpreplay-edit -i eth1 --pnat=172.16.1.100/32:192.168.2.200/32 udp_packets.tcp
        • to be visible from the same computer that is playing the file:
          • ...
      • dumpcap
    • Anàlisi / Analysis
      • Ethereal: a network protocol analyzer
      • tshark
        • Wireshark in text mode
        • Filtres
        • Instal·lació / Installation
          • CentOS
            • sudo yum install wireshark
          • Mageia
            • urpmi tshark
          • Ubuntu
            • sudo apt-get install tshark
        • Utilització / Usage
          • Opcions / Options
          • permet a un usuari normal fer captures / allow regular user to capture:
            • usermod -a -G wireshark my_user
          • interfícies disponibles
            • tshark -D
          • mostra paquets udp de la interfície de xarxa especificada
            • tshark -i eth0 udp
          • mostra paquets amb destinació a una adreça especificada
            • tshark -i eth0 dst 224.0.0.0
          • descodifica paquets com a RTP
            • tshark -d udp.port==7020,rtp -i eth0 dst 224.0.0.0 and port 7020
            • tshark -d udp.port==7020-7022,rtp -i eth0 dst 224.0.0.0
            • tshark -d udp.port==11674,rtp -i mcbr-wct-b4e8b1 dst 229.231.17.0 and port 11674
            • RTCP
              • tshark -d udp.port==7001,rtp dst 224.0.0.0 and port 7001
              • tshark -d udp.port==7003,rtp dst 224.0.0.0 and port 7003
              • tshark -d udp.port==11675,rtp -i mcbr-wct-b4e8b1 dst 229.231.17.0 and port 11675
          • mostra paquets amb origen 192.168.1.114, amb el format de temps universal, però no els paquets ssh (port 22)
            • tshark -n -t u -i eth0 src 192.168.1.114 and not port 22
          • descodifica paquets RTMP a partir d'una captura en un fitxer:
            • tshark -t u -r toto.pcap -d tcp.port==1935,rtmpt | grep Stream
      • Wireshark
  • Emulació / Emulation
  • Simulació / Simulation
    • ns-2
    • OMNeT++
    • Simulació de pèrdua de paquets / Packet loss simulation
      • Info
      • Eines / Tools
        • tc (Traffic Control) (part of iproute2 package) (wp)
          • man tc
          • GUI
          • Advanced traffic control (Archlinux wiki)
            • CoDel
          • How to Use the Linux Traffic Control
          • QoS in Linux with TC and Filters
          • TrafficControl (Debian wiki)
            • gràfic jerarquia
          • Traffic Control HOWTO (old)
          • Linux Advanced Routing & Traffic Control HOWTO
          • Monitor
            • ...
            • Visualizing Linux Traffic Control Setup
              • Installation
                • Dependencies
                  • CentOS
                • git clone https://github.com/ze-phyr-us/tcviz.git
              • Utilització / Usage
                • cd tcviz
                • ./tcviz.py eth0 >eth0.dot
                • dot -Tsvg eth0.dot >eth0.svg
              • Legend
                • ...
          • syntax
            • tc <type> <action> <device> <position> <id> <qdisc> <parameters>
              • tc qdisc [ add | change | replace | link ] dev DEV [ parent qdisc-id | root ] [ handle x:[0] ] qdisc [ qdisc_specific_parameters ] 
              • tc qdisc remove ...
              • tc class [ add | change | replace ] dev DEV parent qdisc-id [ classid parent_x:y ] classful_qdisc [ qdisc_specific_parameters ]
              • tc filter [ add | change | replace ] dev DEV [ parent qdisc_x:0 | root ] protocol protocol prio priority filtertype [ filtertype_specific_parameters ] flowid flow-id
              • tc [ FORMAT ] qdisc show [ dev DEV ]
              • tc [ FORMAT ] class show dev DEV
              • tc filter show dev DEV
            • FORMAT := { -s[tatistics] | -d[etails] | -r[aw] | -p[retty] | -i[ec] }
          • queuing disciplines (qdisc)
            • type
              family
              qdisc
              qdisc specific parameters
              usage (advice)
              ingress
              Ingress qdisc ingress
              • To 'shape' incoming traffic which you are not forwarding. Incoming shaping is called 'policing', by the way, not 'shaping'.
              • Consider also IFB
              egress
              classless
              • A qdisc with no configurable internal subdivisions.
              • do not allow to add more qdiscs to it.
              • less flexible
              • less customizing
              • In the absence of classful qdiscs, classless qdiscs can only be attached at the root of a device.
              CoDel (Controlled Delay) (man) /
              Fair Queueing CoDel (man)
              fq_codel

              • default (systemd > 217)
              Fifo fast
              pfifo_fast

              • default (systemd <= 217)
              • Standard qdisc for 'Advanced Router' enabled kernels. Consists of a three-band queue which honors Type of Service flags, as well as the priority that may be assigned to a packet.
              • FIFO
              • 3 queues
              • classify based on TOS/Priority field
              bfifo/pfifo bfifo
              pfifo
              • limit
              • Simplest usable qdisc, pure First In, First Out behaviour. Limited in packets or in bytes.
              • If you don't want to shape, but only want to see if your interface is so loaded that it has to queue
              Token Bucket Filter tbf
              • rate 1mbit
              • burst 32kbit
              • latency 400ms
              • The Token Bucket Filter is suited for slowing traffic down to a precisely configured rate. Scales well to large bandwidths.
              • To purely slow down outgoing traffic
              • If you *are* forwarding incoming traffic, use a TBF on the interface you are forwarding the data to
              Stochastic Fairness Queueing sfq
              • perturb 10 (seconds)
              • quantum 1514b (bytes)
              • limit 127p (packets)
              • Stochastic Fairness Queueing reorders queued traffic so each 'session' gets to send a packet in turn.
              • round-robin
              • If your link is truly full and you want to make sure that no single session can dominate your outgoing bandwidth
              Random Early Detection (RED) red

              • Random Early Detection simulates physical congestion by randomly dropping packets when nearing configured bandwidth allocation. Well suited to very large bandwidth applications.
              • If you have a big backbone and know what you are doing
              Netem
              netem
              • delay
                • 200ms
                • 100ms 10ms
                • 100ms 10ms 10%
                • 100ms 10ms distribution normal
              • loss
                • 10%
              • corrupt
                • 5%
              • duplicate
                • 1%

              classful
              • A classful qdisc contains multiple classes. Each of these classes contains a further qdisc, which may again be classful, but need not be.
              • configurable classes
              • traffic is sent to any of the classes within, based on response when calling filters
              • each class contains a leaf qdisc which by default has pfifo behaviour though another qdisc can be attached in place. This qdisc may again contain classes, but each class can have only one leaf qdisc.
              PRIO prio
              • bands
              • priomap
              • The PRIO qdisc is a non-shaping container for a configurable number of classes which are dequeued in order. This allows for easy prioritization of traffic, where lower classes are only able to send if higher ones have no packets available. To facilitate configuration, Type Of Service bits are honored by default.
              • created with a static number of children
              Class Based Queuing cbq Shaping:
              • avpkt 1000
              • bandwidth 10Mbit (physical bandwidth of the device)
              • cell
              • maxburst
              • minburst
              • minidle
              • mpu
              • rate 512kbit (desired rate)
              Classful (like PRIO) (weighted round robin):
              • allot 1500
              • prio 3
              • weight ...
              Link sharing and borrowing:
              • bounded/borrow
              • isolated/sharing
              • Class Based Queueing implements a rich linksharing hierarchy of classes. It contains shaping elements as well as prioritizing capabilities. Shaping is performed using link idle time calculations based on average packet size and underlying link bandwidth. The latter may be ill-defined for some interfaces.
              • allow for runtime addition of classes
              Hierarchical Token Bucket (user guide) htb
              • rate
                • ...
              • default
                • 30
              • The Hierarchy Token Bucket implements a rich linksharing hierarchy of classes with an emphasis on conforming to existing practices. HTB facilitates guaranteeing bandwidth to classes, while also allowing specification of upper limits to inter-class sharing. It contains shaping elements, based on TBF and can prioritize classes.
              • well suited for setups where you have a fixed amount of bandwidth which you want to divide for different purposes, giving each purpose a guaranteed bandwidth, with the possibility of specifying how much bandwidth can be borrowed
              • all filters must be attached to the htb root qdisc
              • allow for runtime addition of classes
              advanced CSZ



              DMARK



              Generic Random Early Detection



              VC/ATM emulation



              Weighted Round Robin (WRR)



          • filter
            • A filter is used by a classful qdisc to determine in which class a packet will be enqueued.
            • filter is attached to a qdisc (not a class)
            • syntax
              • tc filter [ add | change | replace ] dev DEV [ parent qdisc-id | root ] protocol protocol prio priority filtertype [ filtertype_specific_parameters ] flowid flow-id
                • show
                  • each filter created with a single add has a unique handle, and can contain several match (AND)
                  • several filters can point to the same class (OR)
                  • match <value_in_hex>/<mask> at <at_code>
                    • at_code:
                      • 12: ip src
                      • 16: ip dst
                      • 20: ip dport, ip sport
              • tc filter del dev DEV parent parent_qdisc_id: handle handle_id protocol protocol prio priority filtertype
                • Example:
                  • delete one specific filter:
                    • tc filter del dev eth0 parent 1: handle 800::800 prio 1 protocol ip u32
                  • delete all filters in a qdisc:
                    • tc filter del dev eth0 parent 1:
            • man
              • tc-basic
              • tc-ematch
            • Usage
              • tc only
                • tc filter add dev eth0 parent 1: protocol ip prio 2 u32 match ip src 4.3.2.1/32 match ip sport 80 0xffff flowid 1:11
              • tc + iptables
                • tc filter add dev eth0 protocol ip parent 1: prio 1 handle 6 fw flowid 1:30
                • iptables -A PREROUTING -t mangle -i eth0 -j MARK --set-mark 6
            • protocol
              prio
              [handle] filtertype
              filtertype parameters
              flowid
              • ip
              • ...

              <n>

              u32
              • match
                • ip protocol 6 0xff (/etc/protocols)
                • ip src 4.3.2.1/32
                • ip dst 4.3.2.1/32
                • ip sport 80 <port_mask>
                • ip dport 22 0xffff
                • ip tos 0x10 0xff
              <destination_class_id>

              <handle_id> fw


              bpf


              route


              rsvp


              ...

          • Exemples / Examples
            • Ingress
              • using IFB
                • How can I use netem on incoming traffic? (netem)
                • Passos / Steps
                  1. modprobe ifb
                  2. ip link set dev ifb0 up
                  3. tc qdisc add dev eth0 ingress
                  4. tc filter add dev eth0 parent ffff: protocol ip u32 match u32 0 0 flowid 1:1 action mirred egress redirect dev ifb0
                  5. tc qdisc add dev ifb0 root netem delay 750ms
            • 9.5.4.4 CBQ sample configuration: 5Mbps for webserver, 3Mbps for SMTP
            • list
              • tc -s qdisc ls dev eth0
              • tc -s -d qdisc ls
            • Filters
            • Packet loss
              • tc qdisc change dev eth0 root netem loss 0.1%
              • bursts:
                • tc qdisc change dev eth0 root netem loss 0.3% 25%
            • Delaying only some traffic
              • Netem - how to delay packets sent to/received from some host
              • interface=eth0
                # reset
                tc qdisc del dev
                ${interface} root
                # create 4 bands
                tc qdisc add dev
                ${interface} root handle 1: prio bands 4
                # add filter to band e.g. 3: send packets with destination port 50000 to band 3
                band=3
                handle=$(( band * 10 ))
                dport=50000
                tc filter add dev
                ${interface} parent 1:0 protocol ip u32 match ip dport ${dport} 0xffff flowid 1:${band}
                # delay band 3 by 2000ms
                delay=2000ms
                tc qdisc add dev
                ${interface} parent 1:${band} handle ${handle}: netem delay ${delay}
            • loss only packets to a destination address:
              • interface=eth0
                dst_address="234.1.2.3"
                dst_port=5004
                loss="10%"
                tc qdisc del dev ${interface} root
                tc qdisc add dev $interface root handle 1: prio
                #tc filter add dev $interface parent 1:0 protocol ip prio 2 u32 match ip dport ${dst_port} 0xffff flowid 1:2
                tc filter add dev $interface parent 1:0 protocol ip prio 2 u32 match ip dst ${dst_address}/32 flowid 1:2
                tc qdisc add dev $interface parent 1:2 handle 2: netem loss ${loss}
        • tcng
        • iptables
  • Serveis / Services
    • netcat / nc / ncat
      • Instal·lació / Installation
        • Mageia
          • urpmi netcat-traditional
            • /usr/share/doc/netcat-traditional/scripts
            • binary: ncat
        • CentOS
          • sudo yum install nc
          • sudo yum install nmap-ncat
      • Usage
      • Options:
        option
        description
        notes
        -c, --sh-exec <commands>
        execute (/bin/sh -c) commands after connection (only once)

        -e, --exec <command>
        execute command after connection

        -k, --keep-open
        keep connection open

        -l, --listen
        listen

        -n, --nodns
        no DNS lookup

        -p, --source-port <port>
        source port

        -u, --udp
        UDP

        -v, --verbose
        verbose

        -w, --wait <sec>
        connection timeout after <sec> seconds of inactivity

        -z
        zero mode, used for scanning (do not receive from server)
        not available on CentOS
      • Exemples / Examples

        • description
          code
          server (-l)
          one-shot web server on port (-p) 8080 { echo -ne "HTTP/1.0 200 OK\r\nContent-Length: $(wc -c <index.html)\r\n\r\n"; cat index.html; } | nc -l -p 8080
          simple bidirectional udp (u) server on port (-p) 7000
          nc -ul -p 7000
          • (will show received text)
          • (type text to be transmitted)
          proxy
          • mkfifo backpipe nc -l 12345 0<backpipe | nc www.google.com 80 1>backpipe
          • one-shot:
            ncat -l 12345 -c 'nc www.google.com 80'
          making any process a server
          • nc -l -k -p 1234 -e <script_name>
          client
          connect to server at port 25
          nc mail.server.net 25
          check whether udp ports are open
          nc -vzu <server> 80-90
          simple bidirectional udp client
          nc -u <server> 7000
          • (type text to be transmitted)
          • (will show received text)
          port scanning
          nc -v -n -z -w 1 192.168.1.2 1-1000
        • connect to remote host:
          • nc ip_adress port
        • fake http server:
          • nc -l 80
        • UDP server (two servers can be started at the same port, but data from client will only go to one of them)
          • nc -ul 5004
            • <text from client will appear here>
        • UDP client:
          • nc -u <server> 5004
            • <type your text here>
        • SCPI commands
        • Snowmix
      • ...
  • Compartició de connexió Internet / Internet connection sharing 
  • WiFi 

http://www.francescpinyol.cat/linux.html
Darrera modificació: 28 de febrer de 2024 / Last update: 28th February 2024

KDE now linux softcatalà

Valid HTML 4.01!

Cap a casa / Back home.