How to set a static IP Address from the Command Line in GNU/Linux using ip addr and ip route

Assuming you want to make the following changes to the network device eth0

  1. Change the IP to the static value 192.168.1.2
  2. Set the Subnet Mask to 255.255.255.0
  3. Set the Default Gateway for the device to be 192.168.1.1

and you want to avoid using ifconfig and route that are obsolete you can perform these changes using the following two commands


sudo ip addr add 192.168.1.2/24 dev eth0;
sudo ip route add default via 192.168.1.1 dev eth0;

Please note that the netmask is given in CIDR notation (it is the /24 right after the IP of the device in the ip addr command).

A subnet mask (netmask) is a bitmask that encodes the prefix length in quad-dotted notation: 32 bits, starting with a number of 1 bits equal to the prefix length, ending with 0 bits, and encoded in four-part dotted-decimal format: 255.255.255.0. A subnet mask encodes the same information as a prefix length, but predates the advent of CIDR. In CIDR notation, the prefix bits are always contiguous, whereas subnet masks may specify non-contiguous bits.

From Wikipedia: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing


File permissions change date

Recently we wanted to check when did the permissions of a specific file changed.
Unfortunately, there exists no such flag and we do not have a 100% working solution for it.

What we did was to check the last modification time of the file status information (ctime) using the ls -lc command.
This command could indicate the last permissions change time but it is not a reliable source as it represents the modification time of other elements as well.

The modification time of the file status information (ctime) gets updated when any inode information regarding the file changes.
This means that the modification time of the file status information (ctime) will get updated when any of the following changes:

  • owner – The numeric user ID (UID) of the file’s owner.
  • group – The numeric group ID (GID) of the file’s group.
  • link count – The number of links to the file.
  • mode – The bit string that indicated the permissions and privileges
  • serial – The serial number of the file.
  • device – The numeric ID of the device containing the file.

Explanation of ls parameters

  • The parameter -c of the ls command when used with the -l will show ctime and sort by name.
  • The parameter -c of the ls command when used with the -l and the -t will show ctime and sort by ctime (newest first).

Example that demonstrates that we get different values in the time column of -l when -c is used

$ ls -lc ~/.ssh/
total 28
-rwx------. 1 george george  225 May 16 17:05 config
-rwx------. 1 george george 1743 Jun  2 13:36 id_rsa
-rwxrwx---. 1 george george  405 May 16 17:05 id_rsa.pub
-rwxrwx---. 1 george george   32 May 16 17:05 Details.txt
-rw-r--r--. 1 george george 9155 May 30 14:32 known_hosts

$ ls -l ~/.ssh/
total 28
-rwx------. 1 george george  225 Mar 22 11:36 config
-rwx------. 1 george george 1743 Jan 25 10:22 id_rsa
-rwxrwx---. 1 george george  405 Jan 25 10:22 id_rsa.pub
-rwxrwx---. 1 george george   32 Jan 25 10:22 Details.txt
-rw-r--r--. 1 george george 9155 May 30 14:32 known_hosts

How to instruct SSH use only my password and ignore my (rsa) key

Recently, we wanted to connect to a machine via SSH without using the default RSA key that was available in the client’s profile (~/.ssh/id_rsa).

We needed to avoid using the public key authentication method for two reasons:

  1. The client did not want to share the passphrase with us
  2. We did not want to move the key, not even temporarily

So, to connect via SSH while ignoring the key completely we connected using the following command


ssh -o PreferredAuthentications=keyboard-interactive,password -o PubkeyAuthentication=no [email protected];

Explanation of parameters:

  • -o Was used to give options in the format used in the configuration file (/etc/ssh/ssh_config). It is useful for specifying options for which there is no separate command-line flag available.
  • -o PreferredAuthentications can be used to change the default order of authentication and bypass the GSSAPI-based authentication, the host-based authentication, the public key authentication and the challenge-response authentication.
    -o PreferredAuthentications=keyboard-interactive,password instructs the server to perform the authentication through the keyboard-interactive method and if that method is not available to use the password method.
    The keyboard-interactive authentication method is a request for all different pieces of information needed for the authentication. The server can specify, which inputs need to be hidden when user types them and which are not.
    The password authentication is a request for a single password. There is no configuration sent by the server. So the client decides how to format the prompt.
  • -o PubkeyAuthentication=no Specifies whether to try public key authentication. By setting the value to no it disables it.

Excel / Calc: Convert a Hexadecimal number to Decimal

The following examples allow you to convert hexadecimal values of the format 0xYYYYYY to decimal using a spreadsheet editor like Calc or Excel.

The following codes will remove the first two characters (the value 0x) of the cell B2 and then convert the result to decimal using the HEX2DEC function.

Using the RIGHT function

In this example, we used the RIGHT function with the num_chars parameter to be equal to the number of characters in the cell minus 2. This used to delete the 0x value from the HEX column by removing the first two characters of the cell.
To get the number of characters in the cell we use the LEN function on the cell of interest.

=HEX2DEC(RIGHT(B2,LEN(B2)-2))

Using the SUBSTITUTE function

In the following example we used the SUBSTITUTE function to automatically find the 0x prefix of the HEX value and delete it by replacing it with an empty string.

=HEX2DEC(SUBSTITUTE(B2,"0x",""))

Using the REPLACE function

The last example uses the REPLACE function. Starting from the character in position 1 in the cell, it replaces the sub-string of size 2 with the empty string and thus deleting the prefix. Please note that this function is not zero-based so the first character is at position 1 and not at position 0.

=HEX2DEC(REPLACE(B2,1,2,""))

Functions Legend:

  • RIGHT(text,[num_chars])RIGHT returns the last character or characters in a text string, based on the number of characters you specify in the variable num_chars. RIGHT always counts each character, whether single-byte or double-byte, as 1, no matter what the default language setting is.
  • LEN(text)LEN returns the number of characters in a text string. Again, LEN always counts each character, whether single-byte or double-byte, as 1, no matter what the default language setting is.
  • HEX2DEC(number)HEX2DEC converts a hexadecimal number to decimal.
  • SUBSTITUTE(text, old_text, new_text, [instance_num]) – Substitutes new_text for old_text in a text string. You can use SUBSTITUTE when you want to replace specific text in a text string.
  • REPLACE(old_text, start_num, num_chars, new_text)REPLACE replaces part of a text string, based on the number of characters you specify, with a different text string. Use REPLACE when you want to replace any text that occurs in a specific location in a text string. REPLACE always counts each character, whether single-byte or double-byte, as 1, no matter what the default language setting is.

Dying is the number 1 cause of death!


Create a .tar file with different compression methods

The following commands will create .tar archives  and compress them using the different methods that are available. We provide multiple solutions, each one for a different type of .tar archive depending on the compression method that is desired.

For .tar archives

tar -c -f archive.tar $FILES_TO_ARCHIVE;

For .tar.bz2 archives

tar -c -j -f archive.tar.bz2 $FILES_TO_ARCHIVE;

For .tar.xz archives

tar -c -J -f archive.tar.xz $FILES_TO_ARCHIVE;

For .tar.gz and .tgz archives

tar -c -z -f archive.tar.gz $FILES_TO_ARCHIVE;

tar Parameters Legend

  • -z or --gzip instructs tar to filter the archive through gzip
  • -j or --bzip2 filters the archive through bzip2
  • -J or --xz filters the archive through xz
  • -f or --file=OUTPUT uses the archive file OUTPUT
  • -c or --create a new archive

Bonus Example: Create a tar.xz archive using the current date in the archive name

The following command will create an archive out of the folders Folder1 and Folder2 and then it will compress it to the .tar.xz format.
The filename of the archive will contain the current date in the format YYYY-MM-DD.

tar -c -J  -f archive.`date +%F`.tar.xz Folder1 Folder2;

The above command will result in something similar to:

archive.2017-06-04.tar.xz

Studies have shown that an increased amount of birthdays correlates with an increased risk of death.


How To Install on GNU/Linux CentOS 7 the LAMP stack (Apache, MySQL, PHP) + phpMyAdmin

Following you will find the commands to perform the installation of the LAMP stack (Apache, MySQL, PHP) and phpMyAdmin on a GNU/Linux CentOS 7.
In this guide we kept the information to the bare minimum about what is what.

Installation

To perform the installation, please execute the following as a user with administrative rights:


#Update your system
sudo yum update -y;
#Install Apache, MariaDB (MySQL), PHP (with MySQL support and phpMyAdmin which is a free software tool written in PHP, intended to handle the administration of MySQL over the Web)
sudo yum install httpd mariadb-server mariadb php php-mysql phpmyadmin -y;
#Start Apache (PHP will start with Apache as module)
sudo systemctl start httpd;
#Enable Apache to start on boot
sudo systemctl enable httpd;
#Start MariaDB(MySQL)
sudo systemctl start mariadb;
#Enable MariaDB(MySQL) to start on boot
sudo systemctl enable mariadb;

Configuration of MariaDB (MySQL)

By now, your system should have all necessary packages installed and the services up and running.
Now it is best to configure your MariaDB (MySQL) in a way to disable some test data and test accounts and assign a password to your root user.
Execute the following to do so:


sudo mysql_secure_installation;

This tool will ask you for your current database root password. Since you just installed MariaDB (MySQL) you should not have one, so leave the field empty and press enter.
We recommend to answer with Y (Yes) in all of the security questions of this tool and set a strong password for your root user.


sudo mysql_secure_installation;

Following is the output we got from this tool:

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
 SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
 password for the root user.  If you've just installed MariaDB, and
 you haven't set the root password yet, the password will be blank,
 so you should just press enter here.

Enter current password for root (enter for none):
 OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
 root user without the proper authorisation.

Set root password? [Y/n] Y
 New password:
 Re-enter new password:
 Password updated successfully!
 Reloading privilege tables..
 ... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
 to log into MariaDB without having to have a user account created for
 them.  This is intended only for testing, and to make the installation
 go a bit smoother.  You should remove them before moving into a
 production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
 ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
 access.  This is also intended only for testing, and should be removed
 before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
 will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
 installation should now be secure.

Thanks for using MariaDB!

Configuration of the firewall

Executing the following will enable access to your web-server from the network for http and https.


sudo firewall-cmd --permanent --zone=public --add-service=http;
sudo firewall-cmd --permanent --zone=public --add-service=https;
sudo firewall-cmd --reload;

Location of files / Where to upload your website

In CentOS 7, the directory where the website pages are located is at /var/www/html/.
You can place your html and php code there.

Configuration of phpMyAdmin

phpMyAdmin should be available at http://<IP of the web server>/phpmyadmin
The access to phpMyAdmin is controlled by the Apache Virtual Host File for phpMyAdmin that is found here /etc/httpd/conf.d/phpMyAdmin.conf.
By default, this configuration file only allows access to phpMyAdmin from the localhost (127.0.0.1).
In case you want to access it from another machine, you need to modify this file.
Before doing any changes, make a backup of the original file first:

 sudo cp /etc/httpd/conf.d/phpMyAdmin.conf /etc/httpd/conf.d/phpMyAdmin.conf.original;

To enable access only for a specific IP

Edit the Apache Virtual Host File for phpMyAdmin (/etc/httpd/conf.d/phpMyAdmin.conf) and change every reference of 127.0.0.1 with the IP address of the machine you want to give access to.

There should be four lines that you need to change.
In our installation it was the following lines:

  1. 17Require ip 127.0.0.1
  2. 25Allow from 127.0.0.1
  3. 34Require ip 127.0.0.1
  4. 42Allow from 127.0.0.1

Then restart the Apache service to apply the changes:


sudo systemctl restart httpd;

To enable access to any IP

Delete the existing file and create a new one.


sudo rm /etc/httpd/conf.d/phpMyAdmin.conf;
sudo touch /etc/httpd/conf.d/phpMyAdmin.conf;

Using the editor of your choice add the following content and save it:

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
 AllowOverride None
 Options None
 Allow from All
 Require all granted
</Directory>

Then restart the Apache service to apply the changes:


sudo systemctl restart httpd;

Following is the original content of our Apache Virtual Host File for phpMyAdmin (/etc/httpd/conf.d/phpMyAdmin.conf)

$ cat /etc/httpd/conf.d/phpMyAdmin.conf
 # phpMyAdmin - Web based MySQL browser written in php
 #
 # Allows only localhost by default
 #
 # But allowing phpMyAdmin to anyone other than localhost should be considered
 # dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
 AddDefaultCharset UTF-8

 <IfModule mod_authz_core.c>
  # Apache 2.4
  <RequireAny>
   Require ip 192.168.0.20
   Require ip ::1
  </RequireAny>
 </IfModule>
 <IfModule !mod_authz_core.c>
  # Apache 2.2
  Order Deny,Allow
  Deny from All
  Allow from 192.168.0.20
  Allow from ::1
  </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
 <IfModule mod_authz_core.c>
  # Apache 2.4
  <RequireAny>
   Require ip 192.168.0.20
   Require ip ::1
  </RequireAny>
 </IfModule>
 <IfModule !mod_authz_core.c>
  # Apache 2.2
  Order Deny,Allow
  Deny from All
  Allow from 192.168.0.20
  Allow from ::1
 </IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
 <Directory /usr/share/phpMyAdmin/libraries/>
  Order Deny,Allow
  Deny from All
  Allow from None
 </Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
  Order Deny,Allow
  Deny from All
  Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
 Order Deny,Allow
 Deny from All
 Allow from None
</Directory>

# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc.  This may break your mod_security implementation.
#
#<IfModule mod_security.c>
#    <Directory /usr/share/phpMyAdmin/>
#        SecRuleInheritance Off
#    </Directory>
#</IfModule>

C++: How to print an unsigned character (unsigned byte – uint8_t) using cout

When you try to print an unsigned 8-bit (1 byteuint8_t) integer through cout, you will notice that instead of getting the arithmetic value of the variable on the output, you will get its character representation of the ASCII table. This issue occurs due to the fact that there is no data type for unsigned 8-bit integer in C++ and the uint8_t is nothing more than a typedef of the unsigned char data type. When cout tries to print the uint8_t it will call the ostream& operator<< (ostream& os, unsigned char c); which will insert the character representation of the character variable c to the os.

Below we propose a few methods to resolve this issue.

Method A: Convert the variable to an unsigned int before printing it

The following example will convert the value of the variable to an unsigned int before printing it so that cout will call the ostream& operator<< (unsigned int val); and it will print it as a number.


//For unsigned characters
cout << unsigned(c) << endl;
//For signed characters
cout << int(c) << endl;

Method B: Static cast the variable to an unsigned int before printing it

The following example will use static_cast to cast the value of the variable to an unsigned int before printing it so that cout will call the ostream& operator<< (unsigned int val); and it will print it as a number.


//For unsigned characters
cout << static_cast<unsigned int>(c) << endl;
//For signed characters
cout << static_cast<int>(c) << endl;

Method C: Cast the variable to an unsigned int before printing it

The following example will cast the value of the variable to an unsigned int before printing it so that cout will call the ostream& operator<< (unsigned int val); and it will print it as a number.


//For unsigned characters
cout << (unsigned int) c << endl;
//For signed characters
cout << (int) c << endl;

Method D: Add a unary + operator before the variable to create an arithmetic operation that does not affect the value and print its result

The following example will add a unary + operator before the variable so that it will produce an arithmetic result and print that one so that cout will treat the result as a number.


cout << +c << endl;

Method E: Use Argument-dependent name lookup (ADL)

Argument-dependent name lookup, applies to the lookup of an unqualified function name depending on the types of the arguments given to the function call.
Reference: http://en.wikipedia.org/wiki/Argument-dependent_name_lookup

In the following example we change the behavior of cout using a custom namespace to achieve the goal of printing and char as an 8-bit integer.
Specifically, we overload the inline std::ostream &operator<<(std::ostream &os, const char c); for cases where we the variable is not defined to be signed or not, to check if the input char variable is signed or unsigned and then perform a static_cast to the proper type.
Also, inline std::ostream &operator<<(std::ostream &os, const signed char c); and inline std::ostream &operator<<(std::ostream &os, const unsigned char c); are also overloaded to perform the correct static_cast immediately when the the type of the variable is known.


#include <iostream>

namespace bytes {
    inline std::ostream &operator<<(std::ostream &os, const char c) {
        return os << (std::is_signed<char>::value
                ? static_cast<int>(c)
                : static_cast<unsigned int>(c));
    }

    inline std::ostream &operator<<(std::ostream &os, const signed char c) {
        return os << static_cast<int>(c);
    }

    inline std::ostream &operator<<(std::ostream &os, const unsigned char c) {
        return os << static_cast<unsigned int>(c);
    }
}

using namespace std;

int main() {

    const uint8_t c = 64;

    {
        using namespace bytes;
        cout << c << endl;
    }
    {
        cout << c << endl;
    }

    return 0;
}