Files to txt.

linux/debian-readonly-root-fs.txt

@@ -0,0 +1,96 @@
+### Debian GNU/Linux with read only root filesystem.
+
+* Example:
+    /dev/sda: SSD disk (solid state disk)
+    /dev/sdb: HDD disk (mechanical disk)
+
+    /dev/sda1:  /
+    /dev/sdb1: swap
+    /dev/sdb2: /home /tmp /var/tmp
+
+* Install Debian in /dev/sda1
+
+* Boot Debian in /dev/sda1
+
+* Update & upgrade
+    apt-get update
+    apt-get dist-upgrade
+
+* Mount HDD disk
+    mount /dev/sdb2 /mnt
+
+* Make /tmp directory
+    mkdir /mnt/tmp
+    chmod 1777 /mnt/tmp
+    chown 0.0 /mnt/tmp
+
+* If needed, copy all users data from SSD to HDD
+    rsync -av /home/ /mnt/
+    rm -fr /home/* ; rm -fr /home/.*  <-- CAUTION!
+
+* Get the UUID of the partitions
+    Example:
+      blkid
+        /dev/sda1: UUID="505267d4-ad80-4eae-b6ed-ebfec59e4748" TYPE="ext4" PARTUUID="60a30271-01"
+        /dev/sdb1: UUID="6b684928-5786-4882-af6d-b9d8c98bccf0" TYPE="swap" PARTUUID="5e1c8d9b-01"
+        /dev/sdb2: UUID="30e81e2b-faaa-43a4-b188-db37c13588a6" TYPE="ext4" PARTUUID="5e1c8d9b-02"
+
+* Edit /etc/fstab
+    UUID=505267d4-ad80-4eae-b6ed-ebfec59e4748   /           ext4    noatime,errors=remount-ro                       0   1
+    UUID=30e81e2b-faaa-43a4-b188-db37c13588a6   /home       ext4    noatime,errors=remount-ro,x-systemd.requires=/  0   1
+    UUID=6b684928-5786-4882-af6d-b9d8c98bccf0   none        swap    sw                                              0   0
+    /home/tmp                                   /tmp        none    bind,x-systemd.requires=/home                   0   0
+    /home/tmp                                   /var/tmp    none    bind,x-systemd.requires=/home                   0   0
+
+* For optional NFS server, add in /etc/fstab
+    [NFSSERVER_IP]:/path/to/nfs/share1  /media/share1  nfs     _netdev,rw,noauto,user,users,noexec,nosuid,nolock,noatime,nfsvers=3,sec=sys,udp,rsize=32768,wsize=32768     0   0
+
+* Reboot. Check if all working fine.
+
+* Install bilibop.
+    apt-get install bilibop
+
+    Do you intend to install bilibop-rules on a Live System ?   --> No
+    What kind of GRUB device map do you want to use ?           --> a dynamically updated device map
+
+* Clean.
+    apt-get clean
+    apt-get autoremove
+
+* Make root filesystem as readonly.
+    Edit /etc/bilibop/bilibop.conf
+        BILIBOP_LOCKFS=true
+        BILIBOP_LOCKFS_POLICY=hard
+        BILIBOP_LOCKFS_SWAP_POLICY=soft
+        BILIBOP_LOCKFS_WHITELIST="UUID=30e81e2b-faaa-43a4-b188-db37c13588a6 /home/tmp"
+        BILIBOP_LOCKFS_SIZE="/=64M"
+        BILIBOP_LOCKFS_NOTIFY_POLICY=never
+
+    BILIBOP_LOCKFS_WHITELIST: partitions from /etc/fstab in read-write
+        mode. Whitespace separated list of mountpoints or device names
+        as known in fstab.
+
+    BILIBOP_LOCKFS_SIZE: RAM size of the overlay writable branch.
+        Whitespace separated list of mountpoint=size pairs.
+        Sizes can be absolute (suffixed with k, K, m, M, g or G),
+        or relative to the total amount of RAM (and suffixed with %).
+
+* Rebuild the initram-fs.
+    dpkg-reconfigure bilibop-lockfs
+
+* Reboot.
+
+* Later, to make permanent changes:
+    Reboot
+    In grub menu, press 'e' to edit the item.
+    Add 'nolockfs'.
+    Press CTRL-X to boot.
+
+    Make the changes.
+
+    Rebuild the initram-fs.
+        dpkg-reconfigure bilibop-lockfs
+
+    Reboot.
+
+* Done!.

linux/debian-textonly-qemu.txt

@@ -0,0 +1,185 @@
+### Install text only Debian GNU/Linux as qemu guest
+
+* Create the hdd disk image.
+    qemu-img create -f qcow2 debian.qcow2 16G
+
+* Basic networking: NAT
+    As root:
+        tunctl -t tap0 -u username
+        ifconfig tap0 192.168.45.1 netmask 255.255.255.0 up
+        echo 1 > /proc/sys/net/ipv4/ip_forward
+        iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+
+* Run qemu to install the guest operating system.
+    qemu-system-x86_64 \
+        -name DEBIAN1 \
+        -m 512 \
+        -k en-us \
+        -smp cpus=1 \
+        -enable-kvm \
+        -hda debian.qcow2 \
+        -cdrom /path/to/debian-x.x.x-amd64-DVD-1.iso \
+        -serial telnet::2000,server,nowait \
+        -monitor tcp:127.0.0.1:4000,server,nowait \
+        -curses \
+        -boot d \
+        -net none \
+        -net nic,model=e1000,vlan=1,macaddr=00:01:00:ff:01:01 \
+        -net tap,vlan=1,ifname=tap0,script=no,downscript=no
+
+* The text "640 x 480 Graphic mode" appears in the center of screen.
+    Press ESC to see the prompt "boot:".
+    Enter "help" to see the menu.
+    Press F3 to see the available boot methods.
+    Press F8 to see how to disable framebuffer.
+    To install in text mode, use:
+        "install vga=normal fb=false" or
+        "expert vga=normal fb=false"
+
+* Make a normal installation.
+    Select keyboard: EN US
+
+* When the installation is done, the guest machine reboot and
+  goes back to the CD installer.
+  Enter to monitor mode with ESC+2 or "telnet 127.0.0.1 4000"
+  from another terminal and execute "quit", or kill the qemu
+  process to poweroff the guest machine.
+
+* Disable framebuffer in the guest operating system.
+
+    * Mount the guest hdd file.
+        modprobe nbd max_part=63
+        qemu-nbd -c /dev/nbd0 debian.qcow2
+        mount /dev/nbd0p1 /mnt/
+
+    * Disable framebuffer in grub.
+        Edit /mnt/etc/default/grub.
+            GRUB_TERMINAL=console
+            GRUB_TERMINAL_OUTPUT=console
+            GRUB_CMDLINE_LINUX_DEFAULT="quiet nomodeset"
+            GRUB_CMDLINE_LINUX="vga=normal nomodeset"
+            GRUB_GFXPAYLOAD_LINUX="text"
+
+    * Update grub.
+        mount --bind /dev /mnt/dev
+        mount --bind /dev/pts /mnt/dev/pts
+        mount --bind /proc /mnt/proc
+        mount --bind /sys /mnt/sys
+        chroot /mnt
+        grub-install /dev/nbd0
+        grub-install --recheck /dev/nbd0
+        update-grub
+        exit
+        umount /mnt/sys
+        umount /mnt/proc
+        umount /mnt/dev/pts
+        umount /mnt/dev
+
+    * Umount the guest hdd file.
+        umount /mnt/
+        qemu-nbd -d /dev/nbd0
+        rmmod nbd
+
+* Boot the virtual machine.
+    qemu-system-x86_64 \
+        -name DEBIAN1 \
+        -m 512 \
+        -k en-us \
+        -smp cpus=1 \
+        -enable-kvm \
+        -hda debian.qcow2 \
+        -serial telnet::2000,server,nowait \
+        -monitor tcp:127.0.0.1:4000,server,nowait \
+        -curses \
+        -boot c \
+        -net none \
+        -net nic,model=e1000,vlan=1,macaddr=00:01:00:ff:01:01 \
+        -net tap,vlan=1,ifname=tap0,script=no,downscript=no
+
+* In the grub menu, edit the first entry.
+    * Change root=/dev/nbd0p1 to root=/dev/sda1
+    * CTRL-x to boot
+
+* Login as root.
+
+* Update grub.
+    update-grub
+
+* To change the keyboard layout:
+    dpkg-reconfigure keyboard-configuration
+
+* Reboot.
+    reboot
+
+* Change /etc/apt/sources.list to a mirror near you.
+  Disable the "deb cdrom" entry.
+
+* Update & upgrade.
+    apt-get update
+    apt-get dist-upgrade
+
+* Install packages.
+    apt-get install aria2 bridge-utils bmon ccrypt \
+        dnsutils elinks ethtool flip fping ftp git \
+        hdparm hping3 ifstat iperf3 iperf iptraf \
+        joe less locate lsb-release lshw lsof lynx \
+        mc mtr netdiag net-tools nload nmap nmon \
+        p7zip psutils rar rename rsync screen socat \
+        ssh tcpdump tcptraceroute telnet traceroute \
+        tshark uml-utilities unzip vlan wput wipe \
+        zip man dstat ifstat nicstat sysstat
+
+* Clean.
+    apt-get clean
+    apt-get autoremove
+
+* Disable daemons.
+    systemctl disable cron.service
+    systemctl disable rsync.service
+    systemctl disable rsyslog.service
+    systemctl disable sysstat.service
+    systemctl disable uml-utilities.service
+    systemctl disable systemd-timesyncd.service
+
+* If necessary, edit /etc/network/interfaces to
+    configure a fixed IP address.
+
+* Reboot.
+    reboot
+
+* Remove unnecessary files.
+
+* Zero out the disk.
+    dd if=/dev/zero of=/tmp/zero
+    sync
+    rm -f /tmp/zero
+    sync
+    poweroff
+
+* Shrink the disk file.
+    mv debian.qcow2 debian.backup
+    qemu-img convert -O qcow2 debian.backup debian.qcow2
+
+* The debian.qcow2 file contain a clean Debian GNU/Linux.
+  You can make a backup for future use.
+
+* To start in daemon mode:
+    qemu-system-x86_64 \
+        -name DEBIAN1 \
+        -m 512 \
+        -k en-us \
+        -smp cpus=1 \
+        -enable-kvm \
+        -hda debian.qcow2 \
+        -serial telnet::2000,server,nowait \
+        -monitor tcp:127.0.0.1:4000,server,nowait \
+        -display none \
+        -daemonize \
+        -boot c \
+        -net none \
+        -net nic,model=e1000,vlan=1,macaddr=00:01:00:ff:01:01 -net tap,vlan=1,ifname=tap0,script=no,downscript=no \
+        -net nic,model=e1000,vlan=2,macaddr=00:01:00:ff:01:02 -net socket,vlan=2,udp=127.0.0.1:9012,localaddr=:9002 \
+        -net nic,model=e1000,vlan=3,macaddr=00:01:00:ff:01:03 -net socket,vlan=3,udp=127.0.0.1:9013,localaddr=:9003 \
+        -net nic,model=e1000,vlan=4,macaddr=00:01:00:ff:01:04 -net socket,vlan=4,udp=127.0.0.1:9014,localaddr=:9004
+
+* Done!

linux/interfaces.sh

@@ -1,44 +0,0 @@
-#
-#   /etc/network/interfaces
-#
-
-# Loopback.
-auto lo
-iface lo inet loopback
-
-# Another loopback.
-auto lo:50
-iface lo:50 inet static
-    address 192.168.0.1
-    netmask 255.255.255.255
-
-# VLANs.
-auto eth0
-auto eth0.100
-auto eth0.333
-auto eth0.333.400
-
-# Physical interface,
-iface eth0 inet manual
-    mtu 1508
-    pre-up /sbin/ifconfig eth0 mtu 1508
-
-# Vlan 100.
-iface eth0.100 inet static
-    address <IP_ADDR>
-    netmask <IP_MASK>
-    gateway <GATEWAY>
-    dns-nameservers <DNS1> <DNS2>
-    mtu 1500
-
-# Vlan 333.
-iface eth0.333 inet manual
-    mtu 1500
-    up /sbin/vconfig add eth0.333 400
-
-# Vlan 333.400.
-iface eth0.333.400 inet static
-    address <IP_ADDR>
-    netmask <IP_MASK>
-    mtu 1500
-    pre-up /sbin/ifconfig eth0.333 up

linux/interfaces.txt

@@ -0,0 +1,60 @@
+#
+#   /etc/network/interfaces
+#
+
+# Loopback.
+auto lo
+iface lo inet loopback
+
+# Another IPv4 loopback.
+auto lo:50
+iface lo:50 inet static
+    address 192.168.0.1
+    netmask 255.255.255.255
+
+# Another IPv6 loopback.
+iface lo inet6 static
+    address 2000:www:xxx::zzzz
+    netmask 128
+
+# Physical interface.
+auto eth0
+iface eth0 inet manual
+    mtu 1508
+    pre-up /sbin/ifconfig eth0 mtu 1508
+
+# Vlan 100: IPv4 address.
+auto eth0.100
+iface eth0.100 inet static
+    address <IP_ADDR>
+    netmask <IP_MASK>
+    gateway <GATEWAY>
+    dns-nameservers <DNS1> <DNS2>
+    mtu 1500
+
+# Vlan 333.
+auto eth0.333
+iface eth0.333 inet manual
+    mtu 1500
+    up /sbin/vconfig add eth0.333 400
+
+# Vlan 333.400: IPv4 address.
+auto eth0.333.400
+iface eth0.333.400 inet static
+    address 10.10.10.2
+    netmask 255.255.255.0
+    mtu 1500
+    pre-up /sbin/ifconfig eth0.333 up
+    post-up /sbin/ip route add 10.3.0.0/16 via 10.10.10.1 src 192.168.0.1
+    post-up /sbin/ip route add 10.4.0.0/16 via 10.10.10.1 src 192.168.0.1
+    post-up /sbin/ip route add default via 10.10.10.1 src 192.168.0.1
+
+# Vlan 555: IPv6 address.
+auto eth0.555
+iface eth0.555 inet6 static
+    address 2001:wwww:xxxx::2
+    netmask 64
+    mtu 1500
+    post-up /sbin/ip -6 route add default via 2001:wwww:xxxx::1 src 2000:www:xxx::zzzz
+
+# End.

linux/qemu-to-real-network.txt

@@ -0,0 +1,65 @@
+### Connect a qemu guest to real network.
+
+* Guest: Debian GNU/Linux - eth0
+* Host: Debian GNU/Linux - eth0.201
+
+    guest      host        host           host
+    eth0 <---> tap0 <---> bridge0 <---> eth0.201 <---> real network
+
+* One time:
+    apt-get install bridge-utils
+    apt-get install uml-utilities
+    apt-get install vlan
+
+* Bridge connection with vlan
+    As root:
+        vconfig add eth0 201
+        tunctl -t tap0 -u username
+        brctl addbr bridge0
+        brctl stp bridge0 off
+        brctl addif bridge0 eth0.201
+        brctl addif bridge0 tap0
+        ifconfig eth0.201 up
+        ifconfig tap0 up
+        ifconfig bridge0 up
+        
+* Bridge connection to physical interface
+    As root:
+        tunctl -t tap0 -u username
+        ifconfig eth0 0.0.0.0
+        brctl addbr bridge0
+        brctl stp bridge0 off
+        brctl addif bridge0 eth0
+        brctl addif bridge0 tap0
+        ifconfig eth0 up
+        ifconfig tap0 up
+        ifconfig bridge0 192.168.45.X netmask 255.255.255.0 up
+        route add default gw 192.168.45.Z
+
+* NAT connection
+    As root:
+        tunctl -t tap0 -u username
+        ifconfig tap0 192.168.45.1 netmask 255.255.255.0 up
+        echo 1 > /proc/sys/net/ipv4/ip_forward
+        iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+
+* As normal user, run the qemu guest:
+    qemu-system-x86_64 \
+        -name DEVICE1 \
+        -m 512 \
+        -smp cpus=1 \
+        -enable-kvm \
+        -hda device1.qcow2 \
+        -serial telnet::2000,server,nowait \
+        -monitor tcp:127.0.0.1:4000,server,nowait \
+        -display none \
+        -daemonize \
+        -net none \
+        -net nic,model=e1000,vlan=1,macaddr=00:01:00:ff:01:01 \
+        -net nic,model=e1000,vlan=2,macaddr=00:01:00:ff:01:02 \
+        -net nic,model=e1000,vlan=3,macaddr=00:01:00:ff:01:03 \
+        -net nic,model=e1000,vlan=4,macaddr=00:01:00:ff:01:04 \
+        -net tap,vlan=1,ifname=tap0,script=no,downscript=no \
+        -net socket,vlan=2,udp=127.0.0.1:9012,localaddr=:9002 \
+        -net socket,vlan=3,udp=127.0.0.1:9013,localaddr=:9003 \
+        -net socket,vlan=4,udp=127.0.0.1:9014,localaddr=:9004

linux/radius-client.txt

@@ -7,7 +7,7 @@
     To create the local user automatically:
         Enable the pam-radius module.
         Enable rsyslog and cron.
-        The user try to login the first time.
+        The user try to login the first time (and fail).
         The the ssh daemon log the incident.
         Cron execute a script every minute:
             Read the log file and find the username.

linux/snoopy.txt

@@ -1,4 +1,5 @@
 ### Compile snoopy in Debian.
+    snoopy: log all commands executed by all users.
 
 * Install
     apt-get install dh-autoreconf socat git

linux/virtualbox.txt

@@ -1,4 +1,4 @@
-#----- VirtualBox command line -----
+#### VirtualBox command line.
 
 # Set the directory for the vms.
     VBoxManage setproperty machinefolder /home/user/path/to/vms/