know-how:linux
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung | ||
know-how:linux [2024/02/12 13:22] – [Welche Branches gibt es ?] cc | know-how:linux [2024/03/20 12:44] (aktuell) – [gvm - openvas] cc | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
+ | ~~ODT~~ | ||
====== Read Only Root ====== | ====== Read Only Root ====== | ||
* Getestet mit Debian Buster | * Getestet mit Debian Buster | ||
Zeile 1056: | Zeile 1057: | ||
md manage: | md manage: | ||
... | ... | ||
+ | </ | ||
+ | * Upgrade Cluster von 15 auf 16 - ohne Neuinstallation (gvmd kann nicht gestartet werden) / Vorsicht über SSH ! | ||
+ | * https:// | ||
+ | |||
+ | < | ||
+ | |||
+ | root@pentest: | ||
+ | Ver Cluster Port Status Owner Data directory | ||
+ | 15 main 5432 online postgres / | ||
+ | 16 main 5433 online postgres / | ||
+ | |||
+ | root@pentest: | ||
+ | |||
+ | root@pentest: | ||
+ | |||
+ | |||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE template1 REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE template1 REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE template1 REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | Stopping old cluster... | ||
+ | Restarting old cluster with restricted connections... | ||
+ | Notice: extra pg_ctl/ | ||
+ | Creating new PostgreSQL cluster 16/main ... | ||
+ | / | ||
+ | The files belonging to this database system will be owned by user " | ||
+ | This user must also own the server process. | ||
+ | |||
+ | The database cluster will be initialized with locale " | ||
+ | The default text search configuration will be set to " | ||
+ | |||
+ | Data page checksums are disabled. | ||
+ | |||
+ | fixing permissions on existing directory / | ||
+ | creating subdirectories ... ok | ||
+ | selecting dynamic shared memory implementation ... posix | ||
+ | selecting default max_connections ... 100 | ||
+ | selecting default shared_buffers ... 128MB | ||
+ | selecting default time zone ... Europe/ | ||
+ | creating configuration files ... ok | ||
+ | running bootstrap script ... ok | ||
+ | performing post-bootstrap initialization ... ok | ||
+ | syncing data to disk ... ok | ||
+ | |||
+ | Copying old configuration files... | ||
+ | Copying old start.conf... | ||
+ | Copying old pg_ctl.conf... | ||
+ | Starting new cluster... | ||
+ | Notice: extra pg_ctl/ | ||
+ | Running init phase upgrade hook scripts ... | ||
+ | |||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE template1 REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | Roles, databases, schemas, ACLs... | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE postgres REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE template1 REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE gvmd REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE postgres REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | | ||
+ | ------------ | ||
+ | |||
+ | (1 row) | ||
+ | |||
+ | | ||
+ | ------------ | ||
+ | |||
+ | (1 row) | ||
+ | |||
+ | | ||
+ | ------------ | ||
+ | |||
+ | (1 row) | ||
+ | |||
+ | | ||
+ | ------------ | ||
+ | |||
+ | (1 row) | ||
+ | |||
+ | Fixing hardcoded library paths for stored procedures... | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE template1 REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | Upgrading database template1... | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE template1 REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | Fixing hardcoded library paths for stored procedures... | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE gvmd REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | Upgrading database gvmd... | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE gvmd REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | Fixing hardcoded library paths for stored procedures... | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE postgres REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | Upgrading database postgres... | ||
+ | WARNING: | ||
+ | DETAIL: | ||
+ | HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE postgres REFRESH COLLATION VERSION, or build PostgreSQL with the right library version. | ||
+ | Stopping target cluster... | ||
+ | Stopping old cluster... | ||
+ | Disabling automatic startup of old cluster... | ||
+ | Starting upgraded cluster on port 5432... | ||
+ | Running finish phase upgrade hook scripts ... | ||
+ | vacuumdb: processing database " | ||
+ | vacuumdb: processing database " | ||
+ | vacuumdb: processing database " | ||
+ | vacuumdb: processing database " | ||
+ | vacuumdb: processing database " | ||
+ | vacuumdb: processing database " | ||
+ | vacuumdb: processing database " | ||
+ | vacuumdb: processing database " | ||
+ | vacuumdb: processing database " | ||
+ | |||
+ | Success. Please check that the upgraded cluster works. If it does, | ||
+ | you can remove the old cluster with | ||
+ | pg_dropcluster 15 main | ||
+ | |||
+ | Ver Cluster Port Status Owner Data directory | ||
+ | 15 main 5433 down | ||
+ | Ver Cluster Port Status Owner Data directory | ||
+ | 16 main 5432 online postgres / | ||
+ | |||
+ | root@pentest: | ||
+ | |||
+ | root@pentest: | ||
+ | Ver Cluster Port Status Owner Data directory | ||
+ | 16 main 5432 online postgres / | ||
+ | |||
</ | </ | ||
Zeile 1739: | Zeile 1886: | ||
</ | </ | ||
- | * Anpassen von **/ | + | * Anpassen von **/ |
< | < | ||
Zeile 1779: | Zeile 1926: | ||
def main(): | def main(): | ||
- | parser = argparse.ArgumentParser(description=' | + | |
- | parser.add_argument(' | + | |
- | parser.add_argument(' | + | parser.add_argument(' |
- | parser.add_argument(' | + | parser.add_argument(' |
- | parser.add_argument(' | + | parser.add_argument(' |
- | args = parser.parse_args() | + | parser.add_argument(' |
- | + | args = parser.parse_args() | |
- | sensor = args.sensor | + | |
- | #Predefined position of PIN | + | |
- | pin = ' | + | |
- | warningTemp = args.warning.split(',' | + | |
- | warningHum = args.warning.split(',' | + | |
- | criticalTemp = args.critical.split(',' | + | |
- | criticalHum = args.critical.split(',' | + | |
- | dhtboard | + | sensor |
- | | + | #Predefined position of PIN |
+ | pin = ' | ||
+ | warningTemp = args.warning.split(',')[0] | ||
+ | | ||
+ | criticalTemp | ||
+ | criticalHum = args.critical.split(',' | ||
- | hum, temp = dhtDevice.humidity, | + | dhtboard = getattr(board, |
+ | dhtDevice = adafruit_dht.DHT22(dhtboard, | ||
+ | | ||
+ | | ||
+ | except RuntimeError: | ||
+ | time.sleep(5) | ||
+ | main() | ||
if not re.match(" | if not re.match(" | ||
exitCheck(3, | exitCheck(3, | ||
Zeile 4234: | Zeile 4385: | ||
Apr 03 09:35:28 firewall clamd[50896]: | Apr 03 09:35:28 firewall clamd[50896]: | ||
</ | </ | ||
- | ====== | + | ====== |
+ | * Getestet auf Debian 12 Bookworm | ||
+ | * Ich möchte alle dns queries loggen - mit dnsmasq | ||
+ | * / | ||
+ | < | ||
+ | [main] | ||
+ | ... | ||
+ | dns=dnsmasq | ||
+ | ... | ||
+ | </ | ||
+ | * Nach einem restart vom NetworkManger startet er eine eigene dnsmasq Instanz als **nobody** e.g. | ||
+ | |||
+ | < | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | * Fürs logging erstellen wir ** / | ||
+ | |||
+ | < | ||
+ | log-queries=extra | ||
+ | log-async | ||
+ | </ | ||
+ | |||
+ | * Auf meiner Maschine erhalte ich nun alle queries unter zB: **tail -f / | ||
+ | |||
+ | < | ||
+ | Feb 26 11:41:43 mrWhiteGhost dnsmasq[7898]: | ||
+ | Feb 26 11:41:43 mrWhiteGhost dnsmasq[7898]: | ||
+ | |||
+ | |||
+ | Feb 26 11:42:10 mrWhiteGhost dnsmasq[7898]: | ||
+ | Feb 26 11:42:10 mrWhiteGhost dnsmasq[7898]: | ||
+ | Feb 26 11:42:10 mrWhiteGhost dnsmasq[7898]: | ||
+ | |||
+ | </ | ||
+ | ====== openssh ====== | ||
+ | * Notification mail nach Login via SSH | ||
< | < | ||
root@firewall: | root@firewall: | ||
Zeile 4242: | Zeile 4430: | ||
</ | </ | ||
+ | * Ausführen von bestimmten Skript nach Login über SSH | ||
+ | |||
+ | < | ||
+ | ... | ||
+ | Match User username123 | ||
+ | | ||
+ | ... | ||
+ | </ | ||
====== XRDP Remote Desktop Server mit Kerberos im AD - terminalserver ====== | ====== XRDP Remote Desktop Server mit Kerberos im AD - terminalserver ====== | ||
* Wir wollen in einer Active Directory Umgebung einen Open Source Remote Desktop Server bei dem sich alle Mitglieder der Domäne mit ihren gewohnten Zugangsdaten einloggen können | * Wir wollen in einer Active Directory Umgebung einen Open Source Remote Desktop Server bei dem sich alle Mitglieder der Domäne mit ihren gewohnten Zugangsdaten einloggen können | ||
Zeile 7084: | Zeile 7280: | ||
{{: | {{: | ||
{{: | {{: | ||
+ | |||
+ | ===== HPE 1950 OfficeConnect ===== | ||
+ | * Grundsätzlich ein H3C Switch - Template: **HP Comware HH3C by SNMP** | ||
+ | * **Achtung** , Anpassung bei Network Interface Discovery notwendig für Bits sent / Bits received | ||
+ | * **snmpwalk** ist dein Freund :) | ||
+ | |||
+ | {{: | ||
+ | {{: | ||
+ | {{: | ||
+ | |||
know-how/linux.txt · Zuletzt geändert: 2024/03/20 12:44 von cc