Some Linux tools for handling and filtering the passwd file

 Linux  Comments Off on Some Linux tools for handling and filtering the passwd file
Apr 222022
 

Linux (and other Unixes) store user information in a file called passwd and the associated passwords in another file called shadow, both located in /etc. Both files are text files and use a : as the field separator.

I currently have the need to sort and filter these files in various ways. This post is mostly so I can look it up later, but if it is useful for others, you’re welcome.

Sort the passwd file by the user id

The user id is stored in the 3rd field of the file and it is numeric:

sort --numeric --field-separator=: --key=3 passwd

Remove computer accounts from passwd and shadow

If the computer is used as the domain controller for a Samba NT4 domain, the files contain entries for all computers in the the domain. These user name for these entries ends in a dollar sign “$”. So we need a regular expression that excludes all these entries.

grep -v "^[^:]*\$:" passwd
grep -v "^[^:]*\$:" shadow

Remove system users from passwd

On a Linux system there are many system accounts that are used for special purposes, e.g. for the web server, email or backup. These accounts have a user id < 1000 (this might be some specialty of Ubuntu Linux). We only want lines where the user id has 4 digits. We also must be sure that these 4 digits are in the user id field, so we have to anchor the regex on the start of the line and skip the name and password (always "x") field.
egrep “[^:]:x:[0-9]{4}:” passwd

(On servers with very many users, there may be user ids with more than 4 digits, but that doesn’t currently concern me.)

 Posted by on 2022-04-22 at 18:28

30 years of Linux

 Linux  Comments Off on 30 years of Linux
Sep 052021
 

Just in case you have been living under a rock: Linux is now 30 years old and while it still hasn’t conquered the desktop, there are few smart phones that would work without it and also on the server side it’s pretty strong (I have been maintaining Linux servers on the side for more than 15 years by now.), most of the internet wouldn’t work without it.

But where are the celebrations? I don’t see any fireworks or parades, just a few news articles. It’s probably because Linux is more like the Diesel engine than like a sports car. It drives almost all the vehicles used in trade (cars, trucks, ships and trains) but doesn’t win any races. But when you try to replace it (as we desperately must because it is killing us (the Diesel engine, not Linux)), it turns out it is everywhere.

My great thanks go to Linus Torvalds, not really for creating the Linux kernel but mostly for keeping it on track for these 30 years. That takes some determination! So, thanks a lot Linus!

And also thanks for making fun of it.

Found via Slashdot, yes, I still read it.

 Posted by on 2021-09-05 at 12:15

When initramfs gives you cryptic error messages

 Linux  Comments Off on When initramfs gives you cryptic error messages
Jun 222021
 

Note to self:

If during a Linux update you get the following error:

update-initramfs: Generating /boot/initrd.img-whatever
W: initramfs-tools configuration sets RESUME=UUID=some-uuid-goes-here
W: but not matching swap device is available.
I: The initramfs will attempt to resume from /some/device
I: (some-other-uuid-goes-here)
I: Set the RESUME variable to override this

Check the content of the file /etc/initramfs-tools/conf.d/resume which sets the above mentioned RESUME variable. It probably contains an old UUID. Change it to the correct one and rebuild your ramfs with

update-initramfs -u

That should do the trick.

The current swap partition is usually given in /etc/fstab.

I found this information on this blog.

 Posted by on 2021-06-22 at 18:34

Adding a Windows 10 computer to a Samba (NT4) domain

 Linux, Windows, Windows 10  Comments Off on Adding a Windows 10 computer to a Samba (NT4) domain
May 042021
 

Microsoft is trying to force everybody to update from the old NT4 domain system to the “new” (as in “was new >10 years ago”) Active Directory system. While that’s probably a good idea for most people there are some like me stuck with a working Samba installation that for some reason needs to continue to use NT4 domains.

Getting a Windows computer to join such a domain has become more difficult with Windows 10. Here is what needs to be done (I write this mostly so I can look it up myself):

  1. Make sure your samba server is configured to enforce the NT4 (SMB1) login. samba.conf must contain the following entry:
    [global]
    // other entries here
    server max protocol = NT1
    
  2. Install the SMB1 protocol on the Windows computer. This is done using the “Turn Windows Features on or off” dialog (just type this into the start menu). You need to set the check marks for two entries under “SMB 1.0/CIFS File share Support”:
    • SMB 1.0/CIFS Client
    • SMB 1.0/CIFS Server

    I’m not 100% sure whether the latter is required. I haven’t tried it without.

  3. Add the following entries to the registry:
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Parameters]
    "DomainCompatibilityMode"=dword:00000001
    "DNSNameResolutionRequired"=dword:00000000
    

    You can either add them manually or copy the above to the .reg file and import that into the registry.

  4. Reboot the computer to activate these changes.

Now it should be possible to join the Windows 10 computer to the Samba Domain.

Source: Required Settings for Samba NT4 Domains on the Samba Wiki.

 Posted by on 2021-05-04 at 15:32

Allow svn:author to be changed for a subversion repository

 Linux, TortoiseSVN  Comments Off on Allow svn:author to be changed for a subversion repository
Feb 112021
 

Note to self: In order to allow changes to the author of an svn commit, the pre-revprop-change hook of the repository must be changed like this:

Insert the line

if [ "$ACTION" = "M" -a "$PROPNAME" = "svn:author" ]; then exit 0; fi

just below the existing, similar line that allows changing svn:log. Omitting the comments the script will then look like this:

#!/bin/sh
REPOS="$1"
REV="$2"
USER="$3"
PROPNAME="$4"
ACTION="$5"

if [ "$ACTION" = "M" -a "$PROPNAME" = "svn:log" ]; then exit 0; fi
if [ "$ACTION" = "M" -a "$PROPNAME" = "svn:author" ]; then exit 0; fi

echo "Changing revision properties other than svn:log is prohibited" >&2
exit 1

The script is located in the hooks subdirectory of the repository.
(Of course the above is for an svn repository located on a Linux server only.)

This change is required for the context menu entry in TortoiseSVN Log Messages window called “Edit Author” to work.

 Posted by on 2021-02-11 at 14:06

Extract jpeg files from mjpeg video on Linux

 Linux  Comments Off on Extract jpeg files from mjpeg video on Linux
Mar 122020
 

Just in case I ever need it again:

Extracting all frames from an mjpeg video as jpegs is easy and very fast with ffmpeg, because it does not need to decode and encode the pictures, just prepend the DHT to each one:

ffmpeg -i inputmpeg.avi -c:v copy -bsf:v mjpeg2jpeg frame_%d.jpg

Source ffmpeg documentation.

 Posted by on 2020-03-12 at 09:58

Installing Webmin on Ubuntu 18.04 Server

 Linux  Comments Off on Installing Webmin on Ubuntu 18.04 Server
Feb 062019
 

I just tried to install Webmin on a fresh install of Ubuntu 18.04 Server in the same way as I did on 16.04. Unfortunately it failed on the command

apt install webmin

because the package apt-show-versions was not found. I solved this by adding the universe repository to apt with

sudo add-apt-repository universe

After this change it worked as expected.

Just in case somebody else is also missing the text editor e3 in Ubuntu 18.04 Server: It’s also in the universe repository.

 Posted by on 2019-02-06 at 13:55

DeltaChat Messenger

 Android, Linux, Windows  Comments Off on DeltaChat Messenger
Jan 272019
 

DeltaChat is a messenger that uses email as the transport medium, so potentially almost everybody already has an account for it. Today, they announced a new release, not only for the existing Android app but also for Desktop (Mac and Linux only so far) and iOS.

I think that is a very interesting project since it does not require yet another central server. It also supports encryption using the Autocrypt Level 1 standard, if both ends use DeltaChat. It is possible to use the same protocol (but without encryption) between DeltaChat and a regular email program.

In my tests with the older Android release it worked well. I created a new email address specifically for DeltaChat. That’s what I would suggest to everybody who wants to use it. I plan to replace Google Hangouts with DeltaChat when Hangouts gets shut down later this year. But I would need a Windows client first.

 Posted by on 2019-01-27 at 14:06

If your Samba logon script does not get executed

 Linux  Comments Off on If your Samba logon script does not get executed
Apr 132018
 

… even though you can open and read it fine in an editor:

You should check its Linux access permissions. If it is not marked as executable, this might be the cause.

Change it with chmod like this:

root@server:/home/netlogon$ ls -la
total 12
drwxrwxr-x+  2 root root 4096 Apr 13 09:04 .
drwxr-xr-x  46 root root 4096 Mar  6 12:08 ..
-rw-rw-r--   1 root root 2535 Mar  6 14:32 logon.cmd
root@server:/home/netlogon$ chmod +x logon.cmd
root@server:/home/netlogon$ ls -la
total 12
drwxrwxr-x+  2 root root 4096 Apr 13 09:04 .
drwxr-xr-x  46 root root 4096 Mar  6 12:08 ..
-rwxrwxr-x   1 root root 2535 Mar  6 14:32 logon.cmd

The same goes for other executables on Samba shares.

In my case this was the last known problem left from a recent server migration. It worked before, didn’t work after. Something changed with the Samba configuration or maybe it was a change in Samba itself.

 Posted by on 2018-04-13 at 09:19

Creating a properly aligned partition with parted

 Linux  Comments Off on Creating a properly aligned partition with parted
Mar 212018
 

Parted is a flexible tool for working with partition tables under Linux. Unfortunately it sometimes seems rather stupid. For example when you create a new partition you may get the warning “The resulting partition is not properly aligned for best performance”. It could then of course proceed to suggest the proper alignment, but it doesn’t, so in theory you are left to figure out the right alignment yourself.

Fortunately there is a simple way to get parted to do that for you anyway, as described e.g. in this blogpost by Jari Turkia under “Attempt 4: The simple way”: Use percentages.

mkpart /dev/somedevice ext4 0% 100%

It took me a while to find that one again, so I made a blog post of it, so I can easily come back to it when I need it again.

 Posted by on 2018-03-21 at 09:42