code snippets

Linux Toolkit and Handy Cheat Sheets

Grégory Laroche

Grégory Laroche

4 min read
Linux Toolkit and Handy Cheat Sheets
Photo by Patrick Perkins / Unsplash

My memory is getting old I guess, so I need to jot down notes on various configurations to refer to from time to time.
I manage my own database for all this code snippets, yaml files, init or configuration process.

Below, I’ve shared some of my notes with you. I hope you find them useful as a quick reminder of how things work in their simplest form.

Acronis : register / unregister an agent

cd "%ProgramFiles%\BackupClient\RegisterAgentTool"

## unregister
register_agent.exe -o unregister -t cloud -a https://cloud.acronis.com 

## register
register_agent.exe -o register -t cloud -a https://cloud.acronis.com  --token <token>

SSL : create, test and renew certificates from let's encrypt

## to create at first state a certificates :
certbot certonly --manual --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory -d "*.mydomain.fr"

## test renew certbot auto
sudo certbot renew --dry-run

##renew manual
sudo certbot certonly --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges dns -d '*.mydomain.fr'

Manage Firewalld

#add port
sudo firewall-cmd --add-port=21/tcp --permanent

#remove port
sudo firewall-cmd --remove-port=443/tcp --permanent

#reload firewall
sudo firewall-cmd --reload

#show rules
sudo firewall-cmd --zone=public --list-all

Manage iptables

#add port
sudo iptables -A INPUT -p tcp --dport 21 -j ACCEPT

#show table with line number
sudo iptables -L --line-numbers

#remove port
sudo iptables -D INPUT 1

#save and commit
sudo -s iptables-save -c

Manage UFW

#status
sudo ufw status

#Allow Incoming SSH from Specific IP Address or Subnet
sudo ufw allow from 94.5.167.14 proto tcp to any port 22

#Block Outgoing SMTP Mail
sudo ufw deny out 25

#Delete UFW Rule
sudo ufw status numbered
sudo ufw delete 1

#Allow service
sudo ufw allow 22

#Allow specific IP
sudo ufw allow from 95.23.13.145

#reload rules
sudo ufw reload

#restart ufw
sudo ufw disable
sudo ufw enable

Acronis : agents logs

Agent log :
in Windows: C:\ProgramData\Acronis\BackupAndRecovery\MMS\mms.0.log
in Linux: /var/lib/Acronis/BackupAndRecovery/MMS/mms.0.log

installation log :
Windows: C:\ProgramData\Acronis\InstallationLogs
Linux: /var/log/trueimage-setup.log

component connection issue :
in Windows: C:\ProgramData\Acronis\BackupAndRecovery\MMS\zmq_client_sessions.0.log
in Linux: /var/lib/Acronis/BackupAndRecovery/MMS/zmq_client_sessions.0.log

Acronis : test open ports and connection to the cloud

# old version
https://kb.acronis.com/content/47145

#new version with speedtest perf : 
https://kb.acronis.com/content/47678

Mount an SMB share in Linux

#to mount
mount -t cifs -o username=myuser,password=mypassword //10.0.4.148/myshare /mnt/mount

#to unmount
umount /mnt

Leave or join a domain in Linux

#to leave domain
realm leave mydomain.lab

#to join domain
realm join --user=mysuer\\domain.lab domain.lab

#to deny all acces
realm deny --all

#to permit AD group
realm permit -g mygroup@domain.lab

#to list domain properties
realm list

#to change connect type to domain
> edit file /etc/sssd/sssd.conf
> change : full qualified domain name to false
> then restart sssd service

Influxdb : update key repository

sudo wget -q https://repos.influxdata.com/influxdata-archive_compat.key
sudo gpg --with-fingerprint --show-keys ./influxdata-archive_compat.key
sudo cat influxdata-archive_compat.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg > /dev/null
sudo echo 'deb [signed-by=/etc/apt/trusted.gpg.d/influxdata-archive_compat.gpg] https://repos.influxdata.com/debian stable main' | sudo tee /etc/apt/sources.list.d/influxdata.list
sudo rm -f /etc/apt/trusted.gpg.d/influxdb.gpg
sudo apt update

Rsync : CRON job to sync data every X minutes

# Rsync every 60mn by user root
*/60 * * * * root rsync -azP --iconv=ISO-8859-1,utf-8 /mnt/10.0.5.1/share1 /home/greg/share1

# Rsync every day at 20h by user root
0 20 * * * root rsync -azP --iconv=ISO-8859-1,utf-8 /mnt/10.0.5.1/share1 /home/greg/share1

Manage read/write test performance in Linux

# write test
dd if=/dev/zero of=tempfile bs=1M count=1024

# read test
dd if=tempfile of=/dev/null bs=1M count=1024

#or using HDparm for read test with ou without cache
hdparm -Tt /dev/sda

Create and manage NFS share

# install nfs server service
sudo apt-get install -y nfs-kernel-server

#make folder to be shared
sudo mkdir /mnt/mydrive/shared

#edit NFS export config
sudo nano /etc/exports

#add the share to be exported in the config file 
/mnt/mydrive/shared *(rw,all_squash,insecure,async,no_subtree_check,anonuid=1000,anongid=1000)

#re-export the shares
sudo exportfs -ra

Rsync examples

#Copy Missing Files with Rsync (-a option tells rsync to preserve file attributes and the -v option verbose mode)
sudo rsync --ignore-existing -av source/ destination/ 

#Copy Modified Files with Rsync (-u or --update along with -r or --recursive option to transfer the directory recursively)
sudo rsync -ur source/ destination/ 

#Copy Files Modified in Last N Days
sudo rsync --ignore-existing --max-age=7 -av source/ destination/

#Copy Files By Size with Rsync
sudo rsync --ignore-existing --size-range='+100M' -av source/ destination/

Rclone examples

sudo rclone copy "source" "destination" --progress --multi-thread-streams=4 --ignore-checksum --ignore-existing

sudo rclone -v copy "source" "destination" --progress --ignore-checksum --ignore-existing

#to mirror two folders
sudo rclone sync folder1 folder2 --progress

Docker : remap volume to another location

#stop docker
sudo systemctl stop docker.*

#Create the new directory for images and volumes
sudo mkdir -p /path/to/new/location

#edit location in docker config
sudo nano /lib/systemd/system/docker.service

#find "ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock" and add "--data-root /path/to/new/location"
#exemple
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --data-root /path/to/new/location

#copy the existing content from /var/lib/docker to the new path.
sudo rsync -avxP /var/lib/docker/ /path/to/new/location

sudo reboot

#wait for few days, if all good then delete original data 
sudo rm -rf /var/lib/docker/*

Mount SBM share or SUB drive with Fatab (reboot compliant)

#edit fstab config
sudo nano /etc/fstab


#SMB Shares
//smbshare        /mnt/SMB_mount_point_folder cifs x-systemd.automount,_netdev,credentials=/home/mips/.smbcredentials,auto,rw,iocharset=utf8 0 0

#NVME USB Drive
/dev/sda2       /media/USB_mount_point_folder           ntfs    defaults        0       0

Acronis : XQL query example

WinProcCreate 
| where host_name matches 'Gud*' AND proc_name CONTAINS 'mms'
| columns host_name, parent_start, parent_gpid, parent_pid, parent_user, proc_name
| order proc_name | limit 10

Read more