Recent Questions - Unix & Linux Stack Exchange

---

• Mate desktop does not display properly in CBL-Mariner Linux
• I created and enabled a systemd service that manually starts, but won't auto-start after reboot. How do I figure out why it won't auto-start?
• Can we use $PIPESTATUS with the tee (or pee) command?
• Getting syntax error due to curly braces with multiple commands [duplicate]
• Touchpad (ELAN 04F3:3072) not working/detected after BIOS upgrade (Lenovo Ideapad Flex 3 11ADA05)
• Can GNU Parallel be made to output the command line executed when run in linewise mode?
• gpg2 exports invalid private key
• Unix group becomes everyone when assigned to a group ID that does not exist
• Why I can't move the content of a directory (including hidden files) to a file using only echo?
• How to delay traffic and limit bandwidth at the same time with tc (Traffic Control)?
• Run script without pressing enter
• Segfault when non-sudo
• Engrave on M-Disc
• Apache HTTPD does not list all files in directory
• Merging files from most recent
• I don't understand how "ls" command works
• How can a shell script know it was invoked on the shell's CLI?
• lesskey: add alt+right keybinding to less
• How to identify unknown devices in traceroute or ping
• Finding duplicate files with slight difference in filename
• nftables table and chain priority
• Future-proofing top-level domains for private networks
• Adding persistent routes to Debian 10 without restarting
• Debian 10 - add static route via alternate network link
• systemctl reload networking no longer works on buster
• "Stale file handle" on certain directories occurring immediately after NFS mount; no file handles open
• Add space before uppercase letter
• Is it possible to find which vim/tmux has my file open?
• CPU > 80% - how can I debug?
• How to reduce the volume of a background music stream when a different audio source is playing?

Mate desktop does not display properly in CBL-Mariner Linux Posted: 07 Oct 2021 10:42 AM PDT I have been running MS CBL-Mariner Linux in vmware and I am able to compile, install, and run NsCDE, Lxde, and xfce properly. The only issue I have is that when I downloaded and compiled and installed mate (1.26.0), I have no desktop and an invisible mouse. Apparently, Mate is doing something different and displaying is different than other desktop environments. Anyone have a clue?

I created and enabled a systemd service that manually starts, but won't auto-start after reboot. How do I figure out why it won't auto-start? Posted: 07 Oct 2021 10:42 AM PDT I created and enabled a systemd service that launches a CLI application in Tmux (had to disable SELinux) but the service needs to be manually started after reboot. How do I figure out why it won't auto-start? Here's some info on the service: [itadmin@SRV-LNX-RHEL01 ~]$ systemctl cat aescripts-LicenseServer.service # /etc/systemd/system/aescripts-LicenseServer.service [Unit] Description="Service that keeps runing the aescripts license server from startup." [Install] WantedBy=rescue.target [Service] User=itadmin Type=forking ExecStart=/usr/bin/tmux new-session -s itadmin -d bash -c '/home/itadmin/Dev/aescriptsLicenseServe> WorkingDirectory=/home/itadmin/Dev/aescriptsLicenseServer_v3.5.6/Linux Restart=always RestartSec=5 StandardOutput=syslog StandardError=syslog SyslogIdentifier=%n [itadmin@SRV-LNX-RHEL01 ~]$ systemctl status aescripts-LicenseServer.service ● aescripts-LicenseServer.service - "Service that keeps runing the aescripts license server from s> Loaded: loaded (/etc/systemd/system/aescripts-LicenseServer.service; enabled; vendor preset: di> Active: active (running) since Tue 2021-10-05 17:21:04 PDT; 5min ago Process: 7723 ExecStart=/usr/bin/tmux new-session -s itadmin -d bash -c /home/itadmin/Dev/aescri> Main PID: 7725 (tmux: server) Tasks: 2 (limit: 8144) Memory: 2.3M CGroup: /system.slice/aescripts-LicenseServer.service ├─7725 /usr/bin/tmux new-session -s itadmin -d bash -c /home/itadmin/Dev/aescriptsLicen> └─7726 /home/itadmin/Dev/aescriptsLicenseServer_v3.5.6/Linux/aescriptsLicenseServer Oct 05 17:21:04 SRV-LNX-RHEL01 systemd[1]: Starting "Service that keeps runing the aescripts licen> Oct 05 17:21:04 SRV-LNX-RHEL01 systemd[1]: Started "Service that keeps runing the aescripts licens> [itadmin@SRV-LNX-RHEL01 ~]$ systemctl list-dependencies aescripts-LicenseServer.service aescripts-LicenseServer.service ● ├─-.mount ● ├─home.mount ● ├─system.slice ● └─sysinit.target ● ├─dev-hugepages.mount ● ├─dev-mqueue.mount ● ├─dracut-shutdown.service ● ├─import-state.service ● ├─iscsi-onboot.service ● ├─kmod-static-nodes.service ● ├─ldconfig.service ● ├─loadmodules.service ● ├─lvm2-lvmpolld.socket ● ├─lvm2-monitor.service ● ├─multipathd.service ● ├─nis-domainname.service ● ├─plymouth-read-write.service ● ├─plymouth-start.service ● ├─proc-sys-fs-binfmt_misc.automount ● ├─selinux-autorelabel-mark.service ● ├─sys-fs-fuse-connections.mount ● ├─sys-kernel-config.mount ● ├─sys-kernel-debug.mount ● ├─systemd-ask-password-console.path ● ├─systemd-binfmt.service ● ├─systemd-firstboot.service ● ├─systemd-hwdb-update.service ● ├─systemd-journal-catalog-update.service ● ├─systemd-journal-flush.service ● ├─systemd-journald.service ● ├─systemd-machine-id-commit.service ● ├─systemd-modules-load.service ● ├─systemd-random-seed.service ● ├─systemd-sysctl.service ● ├─systemd-sysusers.service ● ├─systemd-tmpfiles-setup-dev.service ● ├─systemd-tmpfiles-setup.service ● ├─systemd-udev-trigger.service ● ├─systemd-udevd.service ● ├─systemd-update-done.service ● ├─systemd-update-utmp.service ● ├─cryptsetup.target ● ├─local-fs.target ● │ ├─-.mount ● │ ├─boot-efi.mount ● │ ├─boot.mount ● │ ├─home.mount ● │ └─systemd-remount-fs.service ● └─swap.target ● └─dev-mapper-rhel\x2dswap.swap

Can we use $PIPESTATUS with the tee (or pee) command? Posted: 07 Oct 2021 10:29 AM PDT In my bash scripts, I often use pipes and would like to know which stage of the pipe was causing the problem in case of errors. The basic structure of such snippets is: #!/bin/bash ProduceCommand 2>/dev/null | ConsumeCommand >/dev/null 2>&1 PipeErrors=("${PIPESTATUS[@]}") [[ "${PipeErrors[0]}" -eq '0' ]] || { HandleErrorInProduceCommand; } [[ "${PipeErrors[1]}" -eq '0' ]] || { HandleErrorInConsumeCommand; } Now (interestingly enough for the first time) I am in a situation where it would be great if I could use either tee or pee. But what happens to $PIPESTATUS when using these commands? For example: #!/bin/bash ProduceCommand 2>/dev/null | tee >(ConsumeCommand1) >(ConsumeCommand2) >/dev/null 2>&1 PipeErrors=("${PIPESTATUS[@]}") or #!/bin/bash ProduceCommand 2>/dev/null | pee ConsumeCommand1 ConsumeCommand2 2>/dev/null PipeErrors=("${PIPESTATUS[@]}") I believe that in both cases ${PipeErrors[0]} reflects the error status of ProduceCommand. Further, it would be logical to assume that ${PipeErrors[1]} reflects the error status of tee or pee itself, respectively. But this leads me into at least two understanding problems: What is the error status (return value) of tee or pee? I didn't find precise statements about that in the man pages. Do they return a hard-coded error status if one of the consume commands fails, or do they relay the error status of the consume commands somehow (as ssh does, for example)? If the former is the case, how can we find out which of the consume commands is the culprit? If the latter is the case, which error status is relayed? Is it simply that of the command which fails first? AFAIK, bash or the tee or pee command itself, respectively, internally use pipes (fifos) to get ProduceCommand's output to the consume commands. This means that we have a pipe whose (first and in this case, only) receiving side is a pipe itself. This should not influence $PipeErrors in the sample code above, but I am really unsure. Could somebody shed some light on this?

Getting syntax error due to curly braces with multiple commands [duplicate] Posted: 07 Oct 2021 10:12 AM PDT I am trying to run the following multiple commands a command prompt but I get syntax error near unexpected token '}'. The following page examples where it is working but I am getting the syntax error. I am running Ubuntu desktop 18.04.5. What am I missing? Thanks. {echo "Today's date and time"; date;} > f1

Touchpad (ELAN 04F3:3072) not working/detected after BIOS upgrade (Lenovo Ideapad Flex 3 11ADA05) Posted: 07 Oct 2021 09:57 AM PDT Reposting this from https://bbs.archlinux.org/viewtopic.php?id=269900, because I suspect that it isn't distribution specific. After a BIOS update from FPCN18WW (2021-07-12) to FPCN24WW (2021-08-19) my touchpad is not recognized in the following distributions: (home) Archlinux 5.14.8 (and mainline kernel) (live) Ubuntu 21.04 The touchpad works in Windows and in the BIOS setup menu. The changelog of the new BIOS firmware is: ... Fix win11 TPM 2.0 UEFI Preboot Interface Test fail issue. Optimize Boot Menu UI. ... I know the touchpad is not anymore recognized because of the following missing entries in dmesg: Sep 19 17:21:49 kallisto kernel: pcie_mp2_amd 0000:03:00.7: enabling device (0000 -> 0002) Sep 19 17:21:49 kallisto kernel: mc: Linux media interface: v0.10 Sep 19 17:21:49 kallisto kernel: hid-generic 0020:1022:0001.0002: hidraw1: <UNKNOWN> HID v0.00 Device [hid-amdtp 1022:0001] on Sep 19 17:21:49 kallisto kernel: input: MSFT0001:00 04F3:3072 Mouse as /devices/platform/AMDI0010:01/i2c-1/i2c-MSFT0001:00/0018:04F3:3072.0003/input/input9 Sep 19 17:21:49 kallisto kernel: input: MSFT0001:00 04F3:3072 Touchpad as /devices/platform/AMDI0010:01/i2c-1/i2c-MSFT0001:00/0018:04F3:3072.0003/input/input11 Sep 19 17:21:49 kallisto kernel: hid-generic 0018:04F3:3072.0003: input,hidraw2: I2C HID v1.00 Mouse [MSFT0001:00 04F3:3072] on i2c-MSFT0001:00 My BIOS settings remain unchanged: Secure Boot is disabled and the AMD PSP is enabled. I've already contacted Lenovo support, but (as I can fully understand), they are not reading my texts correctly and think the device is broken. Since a touchpad on a laptop is a nice feature, I decided to try continue troubleshooting on my own, though I'm now at a dead end. Just today I found out that some I2C device is added under /sys/devices/platform/AMDI0010:01/i2c-1/device/MSFT0001:00, which seems to be my touchpad, maybe. Quick note: All the other touchpad troubleshooting hints were tried before. I've read through the main article about this issue: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1887190, but as the touchpad is different, all suggested solutions failed. Is there any way I can troubleshoot and maybe resolve this issue?

Can GNU Parallel be made to output the command line executed when run in linewise mode? Posted: 07 Oct 2021 09:53 AM PDT Suppose I have a list of commands in file cmd_file. I run these commands via: cat cmd_file | parallel -k -I {} "{}" One of the commands fails. All of the commands use the exact same CLI tool with different inputs. Right now, I have to run across all of the commands one at a time to find the erroring command by substituting my command list for a command builder loop (much more involved): for ...; do # assemble the vars for the command echo "<the command literal>" <the command literal> done Is there a mechanic for getting parallel to display the command that failed, or the execution order onto stderr, for example?

gpg2 exports invalid private key Posted: 07 Oct 2021 09:43 AM PDT I need to export both ssh keys from my gpg authentication subkey First I get the fingerprint from my [A] authentication subkey: gpg --list-secret-keys --with-keygrip Having the fingerprint 15EDA5801C8D18FF, I proceed: public=/tmp/id_rsa.pub private=/tmp/id_rsa rm -f $public $private gpg2 --armor --export-secret-subkeys 15EDA5801C8D18FF > $private chmod 400 $private ssh-keygen -y -e -f $private > $public Both produced key files look fine to me, yet the code above returns Load key "/tmp/id_rsa": invalid format

Unix group becomes everyone when assigned to a group ID that does not exist Posted: 07 Oct 2021 09:39 AM PDT Can you please assist why the ID is assigned to a group named everyone? #id entitlement uid=315(entitlement) gid=200(everyone) groups=200(everyone) Below commands do not return anything: #cat /etc/group | grep everyone #cat /etc/group | grep 200 No NIS is configured, so ypcat is not available. I tried doing it to another group but this time it is failing. #usermod -g 201 entitlement usermod: group '201' does not exist I am trying to search but can't find any feature of Linux that does this.

Why I can't move the content of a directory (including hidden files) to a file using only echo? Posted: 07 Oct 2021 10:02 AM PDT I have a directory named Musique and I want to have the list of files saved to nom.txt using ONLY echo. However I also want to copy the directory's hidden files and separate them from the "normal" files of the directory with a line break (\n). I tried these commands but it doesn't work and I don't know why they don't work ? : echo -e Musique/ \n.* > nom.txt echo -e \n.* Musique/ > nom.txt echo -e /Musique \n.* > nom.txt Can someone explain me? Thanks

How to delay traffic and limit bandwidth at the same time with tc (Traffic Control)? Posted: 07 Oct 2021 10:46 AM PDT I want to throttle bandwidth and add delay to a network interface to simulate satellite communication. For example 800ms delay and 1mb/s. The following limits the bandwidth correctly but does not increase the latency: 17:16:51 root@Panasonic_FZ-55 ~ # tc qdisc add dev eth0 root tbf rate 1024kbit latency 800ms burst 1540 17:18:48 root@Panasonic_FZ-55 ~ # ping 10.10.91.58 PING 10.10.91.58 (10.10.91.58): 56 data bytes 64 bytes from 10.10.91.58: seq=0 ttl=64 time=0.938 ms 64 bytes from 10.10.91.58: seq=1 ttl=64 time=3.258 ms 64 bytes from 10.10.91.58: seq=2 ttl=64 time=1.259 ms 64 bytes from 10.10.91.58: seq=3 ttl=64 time=1.407 ms ^C --- 10.10.91.58 ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max = 0.938/1.715/3.258 ms 17:18:56 root@Panasonic_FZ-55 ~ # iperf -c 10.10.91.58 ------------------------------------------------------------ Client connecting to 10.10.91.58, TCP port 5001 TCP window size: 85.0 KByte (default) ------------------------------------------------------------ [ 3] local 10.10.91.57 port 34790 connected with 10.10.91.58 port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0-10.5 sec 1.38 MBytes 1.09 Mbits/sec 17:19:19 root@Panasonic_FZ-55 ~ # I got my information from this site.

Run script without pressing enter Posted: 07 Oct 2021 08:47 AM PDT Is there any way to run a program without pressing enter? I've been googling this a bit and can't seem to find it. What I'm thinking is to have for instance, a script that cd's one folder up. Then I can hold down ctrl and every time i then hit some button, i cd one folder up via script. Could make life a bit easier in the shell as I could go up the folder struture much faster. And could even clear the screen each time and run ls. Or do whatever by just a single click of a button, while in the shell. I use bash on Linux Mint. My terminal emulator is Mint's default (sorry, not sure which one that is).

Segfault when non-sudo Posted: 07 Oct 2021 08:12 AM PDT For some weird reason, several programs have started to segfault when I try to run them without escalated privileges. Among these are gnome-abrt and variety which used to run fine without sudo up until yesterday; if I run them with sudo they work fine. I still haven't figured out if there are other applications that have the same issues but I am guessing that if I find out what is causing it for one of the applications, it will solve it for all of them. The output I get from running e.g. gnome-abrt in the terminal is: Segmentation fault (core dumped) Any help is greatly appreciated. EDIT: running sudo chown -R $USER:$USER $HOME && sudo restorecon -r $HOME seems to have created unexpected changes. Opening up Steam gives me this error: Repairing installation, linking /home/myuser/.steam/steam to /home/myuser/.local/share/Steam rm: cannot remove '/home/myuser/.steam/steam': Permission denied Setting up Steam content in /home/myuser/.local/share/Steam ln: failed to access '/home/myuser/.steam/steam': Permission denied Please help me "undo" this command. EDIT 2: those two particular packages were updated today, so it seems that something has gone wrong on the devs' end.

Engrave on M-Disc Posted: 07 Oct 2021 07:47 AM PDT I want to use 100GB M-Disc for Backup. How can one determine whether the M-Disc Writing was engraved properly and successfully on the non-volatile substance? I plan to use Brasero for writing. What does one have to do, burn with brasero and everything is figured out automatically when you insert an M-Disc? I have just got a Pioneer BDR-XS07S Blu-Ray Burner. I am using Ubuntu 20.04 LTS.

Apache HTTPD does not list all files in directory Posted: 07 Oct 2021 09:16 AM PDT Server version: Apache/2.4.6 (CentOS) Server built: Nov 16 2020 16:18:20 When I go to browser and type IP/result I do not see all the files in directory. Alias /result "/var/geojson" <Directory "/var/geojson"> Options +Indexes AllowOverride None Order allow,deny Allow from all Require all granted </Directory>

Merging files from most recent Posted: 07 Oct 2021 09:22 AM PDT I wish to get the command for merging files from the most recent to the oldest in bash from a particular directory. Meaning files with newer dates are saved before ones with older dates

I don't understand how "ls" command works Posted: 07 Oct 2021 10:49 AM PDT I wanted to check what is the size of pg_backup folder, so I used this command: [postgres@server02 ~]$ pwd /var/lib/pgsql [postgres@server02 ~]$ ls -lh total 4.0K drwxr-x---. 7 postgres postgres 86 Oct 6 22:00 pg_backup As seen in the above output, the size is 86 bytes. Hovewer, pg_backup directory itself contains several other directories: [postgres@server02 ~]$ ls -lh pg_backup total 0 drwxr-xr-x. 3 postgres postgres 121 Oct 2 23:00 20211002 drwxr-xr-x. 2 postgres postgres 109 Oct 3 22:00 20211003 drwxr-xr-x. 2 postgres postgres 109 Oct 4 22:00 20211004 drwxr-xr-x. 2 postgres postgres 109 Oct 5 22:00 20211005 drwxr-xr-x. 2 postgres postgres 109 Oct 6 22:00 20211006 [postgres@server02 ~]$ And then one of these sub-directories contains some big files: [postgres@server02 ~]$ ls -lh pg_backup/20211006 total 23G -rw-r--r--. 1 postgres postgres 23G Oct 6 23:21 file.dump -rw-r--r--. 1 postgres postgres 418K Oct 6 22:00 backup_dba.dump -rw-r--r--. 1 postgres postgres 1.4K Oct 6 22:00 backup_postgres.dump -rw-r--r--. 1 postgres postgres 830 Oct 6 22:00 backup_dwh.dump I confused why the ls -lh command shows the size of pg_backup as only 86 bytes if in reality this directory CONTAINS a number of larger sub-directories which in turn CONTAIN files that might reach 23GB in size? Why the total sum of the files in all sub-directories of pg_backup is not reflected in the initial ls -lh command?

How can a shell script know it was invoked on the shell's CLI? Posted: 07 Oct 2021 09:00 AM PDT I would like to implement a zsh script that behaves differently depending on whether it was invoked directly on the shell's CLI or not. I thought at first that the script could do this by looking for i in the value of $-, but I was wrong. In fact, when I run the script below from the command-line #!/bin/zsh printf -- '%s\n' "$-" ...the output I get does not include i1. Is there some other way for my shell script to figure out this information? NB: Although I am working on a zsh script at the moment, I would also like to know what the answer would be for a bash script. If the answer depends on the OS, I'm primarily interested in Linux and Darwin. 1The script's output is 569X, if anyone cares to know.

lesskey: add alt+right keybinding to less Posted: 07 Oct 2021 08:05 AM PDT I used cat -vte to see what escape codes my terminal emulator sends when I press alt+right: ❯ cat -vte ^[[1;3C Then I added this escape code to my lesskey file ~/.less: \e[1;3C forw-scroll Finally I launch less: LESSKEY=~/.less less some_file But pressing alt+right does not work.

How to identify unknown devices in traceroute or ping Posted: 07 Oct 2021 10:43 AM PDT In attempting to troubleshoot a failed ping from the Windows host to the IP address of one Linux guest virtual machine (192.168.1.19), I did a traceroute: $ traceroute 192.168.1.19 traceroute to 192.168.1.19 (192.168.1.19), 30 hops max, 60 byte packets 1 Samsung.station (192.168.1.17) 3132.517 ms !H 3132.491 ms !H 3132.489 ms !H $ ping 192.168.1.19 PING 192.168.1.19 (192.168.1.19) 56(84) bytes of data. From 192.168.1.17 icmp_seq=1 Destination Host Unreachable From 192.168.1.17 icmp_seq=2 Destination Host Unreachable $ ping hostname PING hostname (192.168.1.19) 56(84) bytes of data. From Samsung.station (192.168.1.17) icmp_seq=1 Destination Host Unreachable From Samsung.station (192.168.1.17) icmp_seq=2 Destination Host Unreachable I can ping the host IP (192.168.1.15) from the guest. The thing is, I know what I have on my network, but I have no idea what this Samsung.station machine is supposed to be. I've logged onto the Wi-Fi router and cannot identify any device with a "192.168.1.17" IP address. I have turned off or disconnected the Wi-Fi of all the few Samsung devices on the network, but I still get the same result. My end goal is to get the ping working both ways, but now I also would like to know if there is anything I can do to identify this mysterious device! I've seen a related question but I am not yet trying to block devices, I first want to learn what would be the best next step here, before I reboot the router. If someone can confidently say that there are no Linux tools that can help me solve this or gain further information, that is also a valid answer. Thank you. Update The host machine is running Windows 10, connected to the network on the built-in Wi-Fi interface. The virtual machine is on VirtualBox. I have chosen a "Bridged Adapter" intentionally, to get a dedicated DHCP IP address, which makes it easy and convenient to access its local webserver. This setup was working fine on a previous Ubuntu VM, but the VM in question here is a new Debian 11 minimal (no desktop) install. I have also rebooted the Wi-Fi router, so some things have changed: The Windows host is now at 192.168.1.16 but it shows up on the Wi-Fi router with the "hostname" of the VM! This was likely the same as before the reboot, I probably had just missed the fact that the hostname for the Windows host was not on the list of devices. The VM still reports an IP of 192.168.1.19. But now it also fails to ping the host IP (.16) and traceroute to 192.168.1.16 just shows * * * for all 30 hops. Doing traceroute from the host to the reported guest IP still shows the mysterious hop to the dot 17 IP, but it no longer has the Samsung.station hostname next to it, don't know where that came from before. Here it is: $ traceroute 192.168.1.19 traceroute to 192.168.1.19 (192.168.1.19), 30 hops max, 60 byte packets 1 192.168.1.17 (192.168.1.17) 3121.263 ms !H 3121.242 ms !H 3121.239 ms !H I would paste the output of ip address from the VM but I don't have clipboard integration working, and even the shared folder which was easy on the previous VM is not visible on this one, so I can't redirect output to a file either. It's now evident that the root of the connectivity issue seems to be that the bridged adapter failed to get its own DHCP IP from the router's DHCP server, which I likely missed before the reboot due to the VM hostname appearing on the list of Wi-Fi devices on the router. This turned out to be more of a VirtualBox troubleshooting than anything, apologies for that. I'll probably just assign a fixed IP to the VM. Any tips on the mystery of the unexpected hop would still be interesting. Second Update Just remembered that I can use tcpdump to get more information. It's been one of my favorite network troubleshooting tool for years! Will post an update or an answer depending on what I find. Also, I have not restarted Windows yet. Other suggestions are still welcome.

Finding duplicate files with slight difference in filename Posted: 07 Oct 2021 08:49 AM PDT I'd like to use a bash script or command to find files that have very similar names but differ only in a part inside the brackets. e.g. Filename (year1) Filename (year2) should match. Or more specifically, Filename (2000) Filename (2001) should match.

nftables table and chain priority Posted: 07 Oct 2021 09:03 AM PDT I have a problem with my nftables setup. I have two tables, each one has a chain with the same hook but a different name and priority. The tables are in different files which are loaded by an include argument. Because of the priority, I would think that the VPN-POSTROUTING chain will be executed before the INTERNET chain. But in my setup, the INTERNET chain is executed first. table ip nat { chain INTERNET { type nat hook postrouting priority srcnat + 1; policy accept; oifname br2 masquerade } } table ip vpn { chain VPN-POSTROUTING { type nat hook postrouting priority srcnat - 1; policy accept; oifname br2 ip saddr 10.0.0.0/24 ip daddr 192.168.0.0/24 accept } } where is my mistake? Edit: I changed the rules and add all chains to the same table, with the same result. In the next step, I followed A.B.'s advice and add counters and logs to the rules. The order of the chains corresponds to the priority, but the accept rule for the VPN is not triggered. When I add the VPN accept rule to the INTERNET chain, right before the masquerade rule, it works like expected.

Future-proofing top-level domains for private networks Posted: 07 Oct 2021 08:13 AM PDT I recently installed some new servers on my home network to discover that systemd-resolved doesn't resolve hostnames without dots. This got me on a journey on the internet trying to find what is the best practice for choosing a TLD for a private network and future-proof it. To summon it up: there is no possibility to be sure of this. In the early age, during the 90s, the Internet was more a playground for everyone. Then, in the end of the 90s, commercialism took a good grip over the Internet, it's future and over the TLDs. After reading this: https://www.theregister.com/2018/02/12/icann_corp_home_mail_gtlds it is obvious that we will never be sure. The private IP-ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) that will never see the day of light on the public Internet is really common knowledge and regarded as a fact. But concerning TLDs for private networks, there seems to be a lot of confusion. Some of the camps and sources for them are: Never use private TLD - buy a domain! According to https://www.rfc-editor.org/rfc/rfc2606 these are the only valid ones: .test, .example, .invalid, .localhost Here https://www.rfc-editor.org/rfc/rfc6762#appendix-G they advocate to not use private TLDs at all, but if you must, choose one of these: .intranet, .internal, .private, .corp, .home, .lan According to https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#User-assigned_code_elements there are some 2 character TLDs that can be used for private networks. Please read an active draft from ICANN on this subject: https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-private-use-tld-00 Some suggests using .[0-9] as a private TLD because it is not valid according to RFC-3696 and therefore will never be delegated by ICANN. See: https://cr.yp.to/djbdns/dot-local.html As you can see, for example choosing .home as your private local network TLD could be a gamble. Maybe ICANN will drop it for commercial purposes, maybe not. Questions that comes to mind are: why don't we have a plethora of TLDs for private networks? Is it because there is no money for ICANN in this? Is it because there is no advocate for private users there? Of course this is a reflection of where the main body of people come from that are engaged in these organizations: the universities, the commercial sector and the government. Question: what would be the best mature path to take in this matter? ::: UPDATED WITH CONCLUSIONS ::: After further readings on this subject and looking at the answers and discussions on SE and elsewhere, I have come to the conclusion that these are the future-proof TLDs for private networks: AA, QM to QZ, XA to XZ, and ZZ [0-9]{1,}

Adding persistent routes to Debian 10 without restarting Posted: 07 Oct 2021 07:49 AM PDT I am trying to add a static persistent route on a Debian 10 machine without needing to restart it. My /etc/network/interfaces looks like this: # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug ens192 iface ens192 inet static address xxx.xxx.xxx.xxx/xx gateway xxx.xxx.xxx.xxx # dns-* options are implemented by the resolvconf package, if installed dns-nameservers xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx dns-search domain.com up /bin/ip route add yyy.yyy.yyy.yyy/yy via yyy.yyy.yyy.yyy After I issue /etc/init.d/networking restart I lose network connectivity. A ping to any IP address throws the message connect: Network is unreachable. If I reboot the machine everything - including the new static route - works fine. Can anyone give me a hint on how to add static persistent routes without needing to restart the machine?

Debian 10 - add static route via alternate network link Posted: 07 Oct 2021 08:01 AM PDT I have a network 192.168.2.0/24 on which I have 2 computers, a desktop machine and a server. The server has a VM running on it, which has the network address 192.168.122.0/24. The link between the desktop and the server is 100 Mb/s. However there exists another link. It is a static link on the network 10.0.0.0/8. In other words, one end of the cable has ip 10.0.0.1 and the other end has 10.0.0.2. This link is 1Gb/s. Since the VM contains a file server, I would like to direct traffic to the ip address 192.168.122.0/24 via the static link. I believe this can be done by adding a static route. But I do not know how to do it. I tried to use the command sudo route add -net 192.168.122.166/255.255.255.0 gw 10.0.0.2 dev enp6s0 however this produced an error which just displays the command usage. (Implying incorrect syntax.) My system is Debian 10. Am I trying to do something sensible/possible and if so what am I doing wrong at the moment?

systemctl reload networking no longer works on buster Posted: 07 Oct 2021 08:04 AM PDT On Jessie, the command sudo systemctl reload networking runs without any complaints. On Buster, it fails with Failed to reload networking.service: Job type reload is not applicable for unit networking.service. What should be done instead? (and why is this so? I could not find an easy answer in the systemd docs. https://github.com/systemd/systemd/blob/master/NEWS#L474 mentions that you can reload, but it seems to no longer work)

"Stale file handle" on certain directories occurring immediately after NFS mount; no file handles open Posted: 07 Oct 2021 10:05 AM PDT For some time I've been experiencing a strange issue with NFS where a seemingly random subset of directories (always the same ones) under / consistently show up with stale file handles immediately after NFS mount. I've been able to correct the problem by explicitly exporting the seemingly-random set of problem directories, but I'd like to see if I can fix things more completely so I don't have to occasionally add random dirs to the export table. Below, I mount a filesystem, show that there are no open file handles, run ls, and rerun lsof. Empty lines added between commands for clarity: # mount -t nfs -o vers=4,noac,hard,intr 192.168.0.2:/ /nfs -vvv mount.nfs: trying text-based options 'vers=4,noac,hard,intr,addr=192.168.0.2,clientaddr=192.168.0.4' 192.168.0.2:/ on /nfs type nfs (rw,vers=4,noac,hard,intr) # lsof | grep /nfs # ls -lh /nfs ls: cannot access /nfs/usr: Stale file handle ls: cannot access /nfs/root: Stale file handle ls: cannot access /nfs/etc: Stale file handle ls: cannot access /nfs/home: Stale file handle lrwxrwxrwx 1 root root 7 Mar 27 2017 bin -> usr/bin drwxr-xr-x 6 root root 16K Jan 1 1970 boot drwxr-xr-x 438 i336 users 36K Feb 28 12:12 data drwxr-xr-x 2 root root 4.0K Mar 14 2016 dev d????????? ? ? ? ? ? etc d????????? ? ? ? ? ? home lrwxrwxrwx 1 root root 7 Mar 27 2017 lib -> usr/lib lrwxrwxrwx 1 root root 7 Mar 27 2017 lib64 -> usr/lib drwxr-xr-x 15 root root 4.0K Oct 15 15:51 mnt drwxr-xr-x 2 root root 4.0K Aug 9 2017 nfs drwxr-xr-x 14 root root 4.0K Jan 28 17:00 opt dr-xr-xr-x 2 root root 4.0K Mar 14 2016 proc d????????? ? ? ? ? ? root drwxr-xr-x 2 root root 4.0K Mar 14 2016 run lrwxrwxrwx 1 root root 7 Mar 27 2017 sbin -> usr/bin drwxr-xr-x 6 root root 4.0K Jun 22 2016 srv dr-xr-xr-x 2 root root 4.0K Mar 14 2016 sys drwxrwxrwt 2 root root 4.0K Dec 10 2016 tmp d????????? ? ? ? ? ? usr drwxr-xr-x 15 root root 4.0K May 24 2017 var # lsof | grep /nfs # The subdirectories in question are not mountpoints; they seem completely normal: $ ls -dlh /usr /root /etc /home drwxr-xr-x 123 root root 12K Mar 3 13:34 /etc drwxr-xr-x 7 root root 4.0K Jul 28 2017 /home drwxrwxrwx 32 root root 4.0K Mar 3 13:55 /root drwxr-xr-x 15 root root 4.0K Feb 24 17:48 /usr There are no related errors in syslog about these directories. The only info that does show up mentions a different set of directories: ... rpc.mountd[10080]: Cannot export /proc, possibly unsupported filesystem or fsid= required ... rpc.mountd[10080]: Cannot export /dev, possibly unsupported filesystem or fsid= required ... rpc.mountd[10080]: Cannot export /sys, possibly unsupported filesystem or fsid= required ... rpc.mountd[10080]: Cannot export /tmp, possibly unsupported filesystem or fsid= required ... rpc.mountd[10080]: Cannot export /run, possibly unsupported filesystem or fsid= required Here's what /etc/exports currently looks like: / *(rw,subtree_check,no_root_squash,nohide,crossmnt,fsid=0,sync) The server side is running Arch Linux and currently on kernel 4.10.3. The client side is Slackware 14.1 with kernel 4.1.6.

Add space before uppercase letter Posted: 07 Oct 2021 10:28 AM PDT I have a strings: AddData TestSomething TellMeWhoYouAre and so on. I want to add space before uppercase letters. How can I do it?

Is it possible to find which vim/tmux has my file open? Posted: 07 Oct 2021 09:40 AM PDT I use tmux at work as my IDE. I also run vim in a variety of tmux panes and will fairly often background the process (or alternatively I just close the window - I have vim configured not to remove open buffers when the window is closed). Now I've a problem, because a file that I want to edit is open in one of my other vim sessions but I don't know which one. Is it possible to find out which one, without manually going through all my windows and panes? In my particular case, I know that I didn't edit it with vim ~/myfile.txt because ps aux | grep myfile.txt doesn't return anything.

CPU > 80% - how can I debug? Posted: 07 Oct 2021 09:53 AM PDT I am running a laravel application on a Ubuntu 14.04 digital ocean vps and I am using New Relic to monitor the server. I got an email alert that my CPU usage was above 80%. I logged in to New Relic and now it's showing my CPU usage at 99% for 18 hours now. But when I log into my shell and run 'top' the CPU usage of the processes don't even sum up to 10%. What could be wrong? Which are other commands I could run to check the real usage and what is using it so much? (Perhaps an infinite loop on the application?) This is my htop result: And this is htop after shift+K Any links or help would be greatly appreciated.

How to reduce the volume of a background music stream when a different audio source is playing? Posted: 07 Oct 2021 08:51 AM PDT With PulseAudio it is possible to manage volume on an application basis, but I find it hardly useful to do it manually. What I'd rather have is the following: I'm usually listening to music but sometimes I want to watch a YouTube video - then I have to manually pause or reduce the volume of the music, often I forget to turn it back on when the video is over. What would I need to do to automatically reduce the volume of a audio stream (the background music) when another application plays sound?

You are subscribed to email updates from Recent Questions - Unix & Linux Stack Exchange. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States