488 private links
Note: You can easily create a random password with the command:
cat /dev/urandom | tr -dc 'A-Za-z0-9' | fold -w 32 | head -n 1
In your screenshot the "Read-only" checkbox is indeterminate because the graphical dialog never sets this attribute on directories, only on files (as the read-only flag has no effect on directories anyway and is repurposed for something else instead), so the dialog pretends that directories can't even be queried for its state. Either way, even if the files inside had this flag, it would only deny 'write' access but wouldn't stop you from opening the file for reading.
WSL2 runs as a VM guest and its access to /mnt/c is only through a filesystem proxy, which runs under your own Windows account and only has the same access as you do – no matter which Linux user does the access. The inability for WSL2 to bypass Windows access controls is intentional (even more so because the entire WSL2 VM is under your control, as that would otherwise turn it into a trivial security bypass).
The file permissions shown for /mnt/c in WSL are meaningless; there's no translation done from NTFS ACLs to Linux ACLs. (It would be a very lossy translation due to several mismatching semantics, anyway – even if you had used getfacl instead of ls -l, some things like inheritance or the 10+ fine-grained permissions cannot be expressed through "POSIX draft ACLs" that Linux implements. Some Unix-like systems implement NFSv4 ACLs which are 95% the same as Windows, but Linux unfortunately does not.)
zcat /var/log/dpkg.log.*.gz | cat - /var/log/dpkg.log | grep -E 'install |upgrade |remove '
zcat /var/log/dpkg.log.$.gz | grep -E 'install |upgrade |remove ' | wc -l to get count by month
:(){ :|:& };:The command shown in the heading is known as a Bash “Fork Bomb.”
A fork bomb is a denial-of-service attack where a process continuously creates child processes at an exponential rate, consuming system resources like CPU, memory, and process slots, ultimately causing the system to crash. //
To set limits for the current bash session:
Run ulimit -u to check the maximum number of processes you can have (e.g., 30593).
Run ulimit -u NUM, where NUM is significantly lower than your maximum (e.g., 1024).
Setting persistent user limits
The above method works unless the user reopens their terminal and runs the fork bomb again.
To set persistent user limits, add the same ulimit command to your ~/.bashrc or ~/.bash_profile file.
ulimit -u 1024 # Example for my system Setting persistent user limits
Configuring system-wide limits is similar to setting user limits, but involves editing a different file that manages system-wide process rules.
Typically, you would run sudo nano /etc/security/limits.conf and add the following user limits:
username hard nproc 1024
Remember to replace “username” with the user you wish to limit.
Based on AlmaLinux, the operating system — which is the successor to Oreon Lime — has been designed with simplicity and familiarity in mind, bridging the gap between the ease of use people expect from Windows and the power and flexibility of Linux.
The brand new operating system sports an intuitive interface that will be instantly recognizable to Windows users, and it offers seamless compatibility with popular applications, and solid performance. Oreon 10 promises to make transitioning to a Linux environment not only approachable but (whisper it!) enjoyable.
https://oreonproject.org/download/
The vulnerability, which affects Linux kernel versions 5.14 through 6.6, resides in the NF_tables, a kernel component enabling the Netfilter, which in turn facilitates a variety of network operations, including packet filtering, network address [and port] translation (NA[P]T), packet logging, userspace packet queueing, and other packet mangling. It was patched in January, but as the CISA advisory indicates, some production systems have yet to install it. At the time this Ars post went live, there were no known details about the active exploitation.
Researchers at Qualys refuse to release exploit code for five bugs in the Linux world's needrestart utility that allow unprivileged local attackers to gain root access without any user interaction. //
The little tool is available separately and in various Linux distributions, and as Abbasi highlighted, is present by default in Ubuntu Server, at least. //
Needrestart is installed by default and was introduced in version 0.8 more than ten years ago. All versions of the utility before 3.8 are considered vulnerable and attackers could execute code as root. Versions after 3.8 have the fix applied.
As for analyzing the traffic, here’s a useful oneliner that works on Rocky Linux 9. Other operating systems / versions may vary. Adjust the “10000” packet count limit as you see fit.
tcpdump -n -c 10000 inbound and ip and udp and dst port 123 | cut -d" " -f3 | cut -d. -f1-4 | sort | uniq -c | sort -rn | head
• Backup test
This is very primitive and is unix-centric, but if I rsync from a source to a destination, I will do the following on both:
# find /backup | wc -l
# du -ah /backup | tail -1... and I expect them to be identical (or nearly so) on both ends. Again, very blunt tooling here and this is after a successful, no errors rsync ... but I'm feeling good at that point.
FrogsAndChipsSilver badge
He's right, of course
The importance of using the active voice cannot be emphasized enough.
DostoevskyBronze badge
Reply Icon
Re: He's right, of course
It appears my idea was stolen by you.
2 days
Bill Gray
Reply Icon
Re: He's right, of course
I suspect about 50% of us came here to make that post. I first came across it from a list of 'fumblerules', I think collected by William Safire circa 1980, that included :
Don't use no double negatives.
Sentences should a verb.
One will never have used the future perfect in one's entire life.
Avoid run-on sentences they are hard to read and figure out.
I've told you a thousand times : avoid hyperbole.
(plus quite a bit more not currently coming to mind) //
2 days
rafff
Reply Icon
Re: He's right, of course
"I have searched for a word that refers to itself."
In a logic text book I once read the word is "homologous". "Heterologous" denotes a word that does not refer to itself. Clearly, there are no other possibilities.
"Short" is a short word, and so is homologous; "long" is not a long word and so is heterologous. But what about "Heterologous" itself? If "heterologous" is heterologous then it does not refer to itself and so must be homologous. But if it is homologous then it does refer to itself and so is heterologous.
Benegesserict CumbersomberbatchSilver badge
Reply Icon
Re: He's right, of course
There's a Dr Gödel here who would like to have a word with you. //
Grammatical errors in the post itself notwithstanding (Muphry's law is axiomatic in this type of post, and likely also in this article describing it), The Reg thinks Torvalds is correct. The passive construction, which may be found in scientific papers and technical writing, can be confusing and annoying. It creates a lack of clarity that leads not only to confusion about responsibility or agency, but often hides important information about who should be doing what and when. Ideal for certain vendor manuals, then. //
The Linux supremo declared:
But what does make extra work is when some maintainers use passive voice, and then I try to actively rewrite the explanation (or, admittedly, sometimes I just decide I don't care quite enough about trying to make the messages sound the same). So I would ask maintainers to please use active voice, and preferably just imperative. //
Illustrating the point, and showing how far the Linux kernel chieftain has come from his more belligerent days, Torvalds said he'd "love it" (yep, he's a new man) if people would avoid writing their "descriptions as 'In this pull request, the Xyzzy driver error handling was fixed to avoid a NULL pointer dereference.' Instead, write it as 'This fixes a NULL pointer dereference in ..'"
The directive comes years after the great punctuation rant of 2016, where Torvalds pressed "brain-damaged shit-for-brains devs" to drop the "disgusting drug-induced crap" and use asterisks properly. He's toned it down several notches, basically.
There are several Linux Server distributions available for different purposes. Debian and Ubuntu are popular systems, but there are other smaller providers which are worth considering. CentOS’s support is declining, but there are some young successors such as AlmaLinux or Rocky Linux who are ready to step in.
This article explains how to show a history of recently installed, upgraded or removed packages, on Debian, Ubuntu or Linux Mint, from the command line. //
Show a list of recently upgraded packages, the date / time they were upgraded, as well as the old and new package version, on Debian, Ubuntu or Linux Mint:
grep "upgrade " /var/log/dpkg.log
zgrep "upgrade " /var/log/dpkg.log.2.gzapt package manager logs into /var/log/dpkg.log
Chmod calculator allows you to quickly generate permissions in numerical and symbolic formats. All extra options are included (recursive, sticky, etc). You’ll be ready to copy paste your chmod command into your terminal in seconds.
Hardware hacker Dmitry Grinberg recently achieved what might sound impossible: booting Linux on the Intel 4004, the world's first commercial microprocessor. With just 2,300 transistors and an original clock speed of 740 kHz, the 1971 CPU is incredibly primitive by modern standards. And it's slow—it takes about 4.76 days for the Linux kernel to boot.
Initially designed for a Japanese calculator called the Busicom 141-PF, the 4-bit 4004 found limited use in commercial products of the 1970s before being superseded by more powerful Intel chips, such as the 8008 and 8080 that powered early personal computers—and then the 8086 and 8088 that launched the IBM PC era.
If you're skeptical that this feat is possible with a raw 4004, you're right: The 4004 itself is far too limited to run Linux directly. Instead, Grinberg created a solution that is equally impressive: an emulator that runs on the 4004 and emulates a MIPS R3000 processor—the architecture used in the DECstation 2100 workstation that Linux was originally ported to. This emulator, along with minimal hardware emulation, allows a stripped-down Debian Linux to boot to a command prompt.
- The process proliferator: :(){ :|:& };:
I know it looks like a typo, but this command is the infamous Bash fork bomb. It is a Denial of Service (DoS) attack that will fill Linux's process table. The exact results depend on the system limit setting and who's running it, but all too often, it pegs out your processor, and the only way back is to reboot your system.
Script to create (1) a local certificate authority, (2) a host certificate signed by that authority for the hostname of your choice
While Let’s Encrypt and its API has made it wonderfully easy for anyone to generate and install SSL certificates on their servers, it does little to help developers with HTTPS in their development environments. Creating a local SSL certificate to serve your development sites over HTTPS can be a tricky business. Even if you do manage to generate a self-signed certificate, you still end up with browser privacy errors.
In this article, we’ll walk through creating your own certificate authority (CA) for your local servers so that you can run HTTPS sites locally without issue. //
dobes_vandermeer
I put this all together in a shell script you can run: https://gist.github.com/dobesv/13d4cb3cbd0fc4710fa55f89d1ef69be
The WSL commands below are listed in a format supported by PowerShell or Windows Command Prompt. To run these commands from a Bash / Linux distribution command line, you must replace wsl with wsl.exe. For a full list of commands, run wsl --help.
Zenwalk is a 64 bits "pure" Slackware system [distribution] with added post-install configurations, optimizations and out of the box tweaks, with a ready to use polished desktop environment, with added graphical system tools, added office and multimedia applications, and striped to keep just "one application per task"!