Re: Set script to executable

755 - Owner has all permissions, and Group and Other can read and execute

700 - Owner has all permissions

644 - Owner can read and write, and Group and Other can read

600 - Owner can read and write

775 - Owner can read and write, and Group and Other can read

770 - Owner and Group have all, and Other can read and execute

750 - Owner has all permissions, and Group can read and execute

664 - Owner and Group can read and write, and Other can just read

660 - Owner and Group can read and write

640 - Owner can read and write, and Group can read

Re: Find or Locate a file or extension command line

Install locate command linux: Use your sudo command!

apt install mlocate

OR:

apt-get install mlocate

OR:

yum install mlocate

Update the database:

updatedb

Depending on the size of the complete filesystem this could take a few minutes

After the database has been populated:

locate mariadb

Where mariadb is the word your looking for

These commands are if you are in the scripts directory! Changing permissions can be done from anywhere in the structure.

Such as :

chmod +x /opt/so-elastic-agent_linux_amd64

Terminal chmod to executable :

Permissions prior to chmod :

chmod +x so-elastic-agent_linux_amd64

Permissions following chmod :

Then execute :

./so-elastic-agent_linux_amd64

Insure you are acting as the user you just gave permissions to (the file owner) or at least have sudo privileges

To make the script un-executable:

chmod -x so-elastic-agent_linux_amd64

sudo apt install lsb-release ca-certificates curl -y

GPG key and repo for php 7.4

sudo curl -sSLo /usr/share/keyrings/deb.sury.org-php.gpg https://packages.sury.org/php/apt.gpg

sudo sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list'

Update the system with the new repository in place

sudo apt update

Install the dependencies for OwnCloud (LAMP ect) Certbot, or LetsEncrypt is being installed as well, if you are using this installation in a public domain

sudo apt install apache2 mariadb-server imagemagick certbot python3-certbot-apache smbclient redis-server unzip rsync libapache2-mod-php7.4 php7.4 php7.4-intl php7.4-mysql php7.4-mbstring php7.4-imagick php7.4-igbinary php7.4-gmp php7.4-bcmath php7.4-curl php7.4-gd php7.4-zip php7.4-imap php7.4-ldap php7.4-bz2 php7.4-ssh2 php7.4-common php7.4-json php7.4-xml php7.4-dev php7.4-apcu php7.4-redis libsmbclient-dev php-pear php-phpseclib

Enable apache2 and then verify it’s status

sudo systemctl is-enabled apache2

sudo systemctl status apache2

Enable MariaDB and verify status

sudo systemctl is-enabled mariadb

sudo systemctl status mariadb

Enable Redis and verify status

sudo systemctl is-enabled redis

sudo systemctl status redis

Configure default php version

sudo update-alternatives --config php

Configure php OwnCloud dependencies

sudo update-alternatives --set phar /usr/bin/phar7.4

sudo update-alternatives --set phar.phar /usr/bin/phar.phar7.4

sudo update-alternatives --set phpize /usr/bin/phpize7.4

sudo update-alternatives --set php-config /usr/bin/php-config7.4

Upgrade Pear to OwnCloud4 requirements

sudo mkdir -p /tmp/pear/cache

sudo pear upgrade --force --alldeps http://pear.php.net/get/PEAR-1.10.13

sudo pear clear-cache

sudo pear update-channels

sudo pear upgrade --force

sudo pear upgrade-all

Verify Pear version

pear version

Configure MariaDB

sudo mariadb-secure-installation

Log into MariaDB

sudo mariadb -u root -p

Create the OwnCloud database:

This is where many go wrong, we do not use ‘password’ we replace password, with our own password.

CREATE DATABASE owncloud;

We just created a database with the name owncloud

CREATE USER IF NOT EXISTS 'owncloud'@'localhost' IDENTIFIED BY 'password';

We just created a database user called owncloud

GRANT ALL PRIVILEGES ON owncloud.* TO 'owncloud'@'localhost' WITH GRANT OPTION;

We just allowed user owncloud, full privileges on database owncloud

FLUSH PRIVILEGES;

Now verify what we have just done:

SHOW GRANTS FOR 'owncloud'@'localhost';

You can see below I named this database ‘oc’ and the ‘oc’ user has privileges on database ‘owncloud’

quit;

---

wget the OwnCloud source

cd /var/www

wget https://download.owncloud.com/server/stable/owncloud-complete-latest.tar.bz2

Grab sha256 to verify the download

wget https://download.owncloud.com/server/stable/owncloud-complete-latest.tar.bz2.sha256

BEFORE installing, verify if the download of OwnCloud matches what the OwnCloud team wanted you to have, this is important always.

sudo sha256sum -c owncloud-complete-latest.tar.bz2.sha256 < owncloud-complete-latest.tar.bz2

Out put should say ‘OK’ if everything matches.

Change ownership of the directory to www-data user.

sudo chown -R www-data:www-data /var/www/owncloud

---

Configure Vhost for OwnCloud

This will open a new file in 'sites-available and name this file ‘owncloud.conf’

Change the ServerName and ServerAlias, as well as log file names, to whatever your domain is. There are many ways to do this keep in mind.

sudo nano /etc/apache2/sites-available/owncloud.conf

<VirtualHost *:80>
  ServerName oc
  ServerAlias www.oc

  DocumentRoot /var/www/owncloud
  
  ErrorLog ${APACHE_LOG_DIR}/oc.io-error.log
  CustomLog ${APACHE_LOG_DIR}/oc.io-access.log combined

  Alias /owncloud "/var/www/owncloud/"

  <Directory /var/www/owncloud/>
    Options +FollowSymlinks
    AllowOverride All

    <IfModule mod_dav.c>
    Dav off
    </IfModule>

    SetEnv HOME /var/www/owncloud
    SetEnv HTTP_HOME /var/www/owncloud

  </Directory>
 
</VirtualHost>

Enable and verify the owncloud vhost

sudo a2ensite owncloud.conf

sudo apachectl configtest

---

Now install OwnCloud

Change the database name, user, and password to whatever you named the OwnCloud database earlier;

Change the ‘admin user’ and ‘admin pass’ to whatever you want the new OwnCloud admin account to be.

sudo -u www-data /var/www/owncloud/occ maintenance:install \
   --database "mysql" \
   --database-name "owncloud" \
   --database-user "owncloud"\
   --database-pass "password" \
   --admin-user "admin" \
   --admin-pass "your new owncloud admin password"

Edit the OwnCloud config file to add the domain you used earlier in the Apache2 vhost file:

sudo nano /var/www/owncloud/config/config.php

'trusted_domains' =>
  array (
    0 => 'localhost',
    1 => 'whatever your domain is goes here',
  ),

---

Personally I restart the server at this point, which will restart all services. Then visit the domain / IP of your settings and you should see the OwnCloud login page. Use the credentials you setup for the admin user.

---

System cron setting:

sudo crontab -u www-data -e

*/15  *  *  *  * /usr/bin/php -f /var/www/owncloud/occ system:cron

Memcache with Redis we installed earlier:

sudo nano /var/www/owncloud/config/config.php

    'filelocking.enabled' => true,
    'memcache.local' => '\OC\Memcache\APCu',
    'memcache.locking' => '\OC\Memcache\Redis',
    'redis' => [
        'host' => 'localhost',
        'port' => 6379,
    ],

Go restart the server again and enjoy!

Comment out in=>

/usr/lib/python3/dist-packages/middlewared/plugins/vm/vms.py

# elif flags['intel_vmx']:
# if vcpus > 1 and flags['unrestricted_guest'] is False:
# verrors.add(f'{schema_name}.vcpus', 'Only one Virtual CPU is allowed in this system.')
# elif flags['amd_rvi']:
# if vcpus > 1 and flags['amd_asids'] is False:
# verrors.add(
# f'{schema_name}.vcpus', 'Only one virtual CPU is allowed in this system.'
# ) 

At this point we must comment out each time we update the system.

dmidecode -t processor

dmidecode

Type   Information
     --------------------------------------------
        0   BIOS
        1   System
        2   Baseboard
        3   Chassis
        4   Processor
        5   Memory Controller
        6   Memory Module
        7   Cache
        8   Port Connector
        9   System Slots
       10   On Board Devices
       11   OEM Strings
       12   System Configuration Options
       13   BIOS Language
       14   Group Associations
       15   System Event Log
       16   Physical Memory Array
       17   Memory Device
       18   32-bit Memory Error
       19   Memory Array Mapped Address
       20   Memory Device Mapped Address
       21   Built-in Pointing Device
       22   Portable Battery
       23   System Reset
       24   Hardware Security
       25   System Power Controls
       26   Voltage Probe
       27   Cooling Device
       28   Temperature Probe
       29   Electrical Current Probe
       30   Out-of-band Remote Access31   Boot Integrity Services
       32   System Boot
       33   64-bit Memory Error
       34   Management Device
       35   Management Device Component
       36   Management Device Threshold Data
       37   Memory Channel
       38   IPMI Device
       39   Power Supply
       40   Additional Information
       41   Onboard Devices Extended Information
       42   Management Controller Host Interface

 Keyword     Types
       ------------------------------
       bios        0, 13
       system      1, 12, 15, 23, 32
       baseboard   2, 10, 41
       chassis     3
       processor   4
       memory      5, 6, 16, 17
       cache       7
       connector   8
       slot        9

Maria database

sudo su
mariadb
CREATE DATABASE <put your database name here without the carrots>;
CREATE USER <put your password here without the carrots>@localhost IDENTIFIED BY 'put your password here';
GRANT ALL ON your database name.* TO your_username@localhost;
FLUSH PRIVILEGES;
exit;
exit

After a couple years the blue LED in the AP-Pro’s withered to a mere shadow, not that this really matters for functionality, but it does. It’s a status report.

Anyway I searched around to find the next size up from the 0603 which appear to be the original size, both the 0805 and the 0603 rates ~3v@ 20Ma. I opted to use the larger of the two. The size of the 0805 claims 2/1.25/.8 mm, where the 0603 sits 1.6/.8/.6

For reference here is the 0805 in my hand , and on a Lowe’s gift card. The Anode (+) is the green mark.

The job could have used a solder tip 1/4 of the smallest size I had which was ~1.5mm, as well the solder could have been 0.3mm Vs. 0.6mm

The blue LED is located at ‘D11’, the white is ‘D12’

Below is the before and after replacement of the LED’s The new LED floods the lens.

At any rate, it was more difficult to spudge the cases open than the LED’s were to replace. There is a small amount of silicone type compund around the rim, and three interlocking standoffs on the case. Snapped back together as if they were happy.

Before / after

This whole thing started after running a CT of Unifi for the controller. They use a version of MariaDB that is no longer maintained, therefore the base OS cannot be updated without hacking together a system. There is a shell script someone came up with that Ubiquity is linking to, I was not entertained. Considering I’ve used the container to manage the AP’s for a while I was ready to update some hardware.

The UDM-SE wants to live in front of everything else, considering I’m a PfSense user, that was not going to happen. I gave it it’s own physical LAN port on the Netgate 4100 in it’s own VLAN, chose to set the DHCP to relay, nothing I’ve done so far allows the IP’s the DHCP server in PfSense lease to the AP clients, to pass data through the UDM. Spanning tree refused to allow me entry to the UDM when setup this way. Turning off RSTP allowed access to UDM (but only by a direct physical connection to the UDM.) likely due to the subnet difference, Loving level2.

I’ll need to segregate and run a PCAP while a client.

So for now the UDM sits on the side in it’s own VLAN corner, serving IP’s to clients in it’s own subnet. The double NAT doesn’t seem to effect throughput by any noticeable difference.

I posted this over at TestMy.net if you have any questions or comments.

Mount NFS from Truenas

mkdir -p /media/rick/pool1

chown -R rick:rick  /media/rick/pool1

Add the automount to: /etc/fstab

truenas.thecave:/mnt/pool1   /media/rick/pool1   nfs    user,auto    0   0

Retstart Nautilus to see the share in files:

killall nautilus

For other shares, just repeat the same process under directory ‘media’ with the name of the share substituted

FYI for FreeBSD the driver only supports block size chunks, therefore:

dd if=/dev/cd0 of=/name-the.iso bs=2048

sort -g /var/log/nginx/access.log | awk '{print $1}' | uniq

Locate devices:

camcontrol devlist

Output; in this case only:

<ST3500418AS CC35>                 at scbus3 target 0 lun 0 (pass0,ada0)
<ST500DM002-1BD142 KC45>           at scbus5 target 0 lun 0 (pass1,ada1)
<AHCI SGPIO Enclosure 1.00 0001>   at scbus9 target 0 lun 0 (ses0,pass2)
<Generic STORAGE DEVICE 1532>      at scbus10 target 0 lun 0 (da0,pass3)
<Generic STORAGE DEVICE 1532>      at scbus10 target 0 lun 1 (da1,pass4)

Where ada0 and ada1 are mechanical drives, da0 is a miniSD card in a USB enclosure da1

Or to print all partitions:

gpart show

Output (after formatting USB device):

=>       63  976773105  ada0  MBR  (466G)
         63          1        - free -  (512B)
         64  976773096     1  freebsd  [active]  (466G)
  976773160          8        - free -  (4.0K)

=>        0  976773096  ada0s1  BSD  (466G)
          0    4194304       1  freebsd-zfs  (2.0G)
    4194304    4194304       2  freebsd-swap  (2.0G)
    8388608  968384480       4  freebsd-zfs  (462G)
  976773088          8          - free -  (4.0K)

=>       63  976773105  ada1  MBR  (466G)
         63          1        - free -  (512B)
         64  976773096     1  freebsd  [active]  (466G)
  976773160          8        - free -  (4.0K)

=>        0  976773096  ada1s1  BSD  (466G)
          0    4194304       1  freebsd-zfs  (2.0G)
    4194304    4194304       2  freebsd-swap  (2.0G)
    8388608  968384480       4  freebsd-zfs  (462G)
  976773088          8          - free -  (4.0K)

=>     32  2012128  da0  MBR  (983M)
       32  2012128    1  fat32  (982M)

---

List partitions on dev da0:

gpart show da0

Delete existing partitions:

gpart delete -i da0

Destroy label:

gpart destroy da0

Create new mbr spanning entire disk:

gpart create -s mbr da0

Create new fat32 partition spanning entire disk:

gpart add -t fat32 da0

Initialize fat32 file system:

newfs_msdos -F32 /dev/da0s1

---

---

---

Lets break something!

Don’t do any of this unless you are prepared to break it all, or better yet, you read the man pages and find out what they actually do, very useful tools however.

I’m just making notes from other notes, various resources on the net.

gpart destroy -F da0

Zero out the drive === !!!Don’t do this jazz regularly on any USB!!! The type of memory has a finite read/write number===

dd if=/dev/zero of=/dev/da0 bs=2m count=1

Format the drive

newfs_msdos -F32 /dev/da0s1

Alternatively or in addition to the above to install bhyve:

pkg install vm-bhyve bhyve-firmware bhyve-rc-3 grub2-bhyve

Output:

To ensure binaries built with this toolchain find appropriate versions of the necessary run-time libraries, you may want to link using

-Wl,-rpath=/usr/local/lib/gcc48

For ports leveraging USE_GCC, USES=compiler, or USES=fortran this happens transparently.

===> NOTICE:

This port is deprecated; you may wish to reconsider installing it:

Unsupported by upstream. Use GCC 6 or newer instead… Message from vm-bhyve-1.1.8_1:

To enable vm-bhyve, please add the following lines to /etc/rc.conf, depending on whether you are using ZFS storage or not. Please note that the directory or dataset specified should already exist.

vm_enable="YES"
vm_dir="zfs:pool/dataset"

OR

vm_enable="YES"
vm_dir="/directory/path"

Then run :

vm init

---

If upgrading from 1.0 or earlier, please note that the ‘guest’ configuration option is no longer used.

Guests that are not using UEFI boot will need either loader=“grub” or loader=“bhyveload” in their configuration in order to make sure the correct loader is used.

---

Message from bhyve-rc-3:

Configuration is done completely though rc.conf. The rc script won’t touch any devices for you (neither disk, nor tap) so you need to make sure all of those have been initialized properly.

General setup:

kldload vmm
net.link.tap.up_on_open=1

Make it persistent:

echo "net.link.tap.up_on_open=1" >> /etc/sysctl.conf
cat >> /boot/loader.conf << EOF
vmm_load="YES"
EOF

Minimal example:

cat >> /etc/rc.conf << EOF
cloned_interfaces="tap0 bridge0"
bhyve_enable="YES"
bhyve_diskdev="/dev/zvol/anything/bhyve/virt"
EOF

ifconfig tap0 create
ifconfig bridge0 create

service bhyve start
tmux list-sessions
tmux attach -t bhyve
service bhyve status
service bhyve stop

Multi profile configuration example:

cat >> /etc/rc.conf << EOF
cloned_interfaces="tap0 tap1 bridge0"
bhyve_enable="YES"
bhyve_profiles="virt1 virt2"
bhyve_virt1_diskdev="/dev/zvol/anything/bhyve/virt1"

bhyve_virt2_tapdev="tap1"
bhyve_virt2_diskdev="/dev/zvol/anything/bhyve/virt2"
bhyve_virt2_memsize="8192"
bhyve_virt2_ncpu="4"
EOF

ifconfig tap0 create
ifconfig tap1 create
ifconfig bridge0 create

service bhyve start # start all
service bhyve start virt2 # start individual
tmux attach -t bhyve_virt1
tmux attach -t bhyve_virt1
service bhyve stop virt2 # stop individual
service bhyve stop # stop all

(by default ctrl-b d detaches from tmux).

If attempting to install FreeBSD on a disk which previously belongs to a ZFS, and you get this error: Before installing, select the option ‘shell’

Once in the shell, remove geom protections by running:

sysctl kern.geom.debugflags=0x10

When your finished, type exit and return to the install / configure screen.