QWORQS

Reload

firewall-cmd --reload

Dealing with zones

* firewall-cmd --get-zones <- Show all zone names
* firewall-cmd --list-all-zones <- Detailed info about all zones
* firewall-cmd --zone=zone-name --list-all <- show everything about a certain zone
* firewall-cmd --get-default-zone <- What is the current default zone
* firewall-cmd --set-default-zone zone-name <- set new default zone
* firewall-cmd --get-active-zones <- List the active zones and the interfaces assigned to them
* firewall-cmd --permanent --zone=public --change-interface=enp1s0 <- connect the public zone to eth0, REQUIERS RELOAD

In this mini tutorial, I will be adding the user kareem to the system, and allow kareem to sftp into a web directory where he can post his web design work, as usual, the steps first, then whatever explanations !

There are two ways to do this, one to add one user, the other to add a group of users, you can either pick one, or do both !

The part in common between both solutions

apt-get install openssh-server
adduser kareem
Then enter a new password twice for kareem

The interesting thing about this sftp user business is that the directory we will specify as the root for the user kareem has to be owned by root ! so go ahead and create the directory /var/www/html/usr/kareem, then execute the following commands

chown root:root /var/www/html/usr
chmod 755 /var/www/html/usr

chown kareem:kareem /var/www/html/usr/kareem

Now, the user kareem owns a directory within his root directory that he can write to, and can not write outside that directory since he does not have the OS permissions, Now, let us add kareem to the list of people who have sftp access but not ssh access.

Edit /etc/ssh/sshd_config and append the following to the document

Match User kareem
ForceCommand internal-sftp
PasswordAuthentication yes
ChrootDirectory /var/www/html/usr
PermitTunnel no
AllowAgentForwarding no
AllowTcpForwarding no
X11Forwarding no

Now, restart the service by executing the following command

systemctl restart ssh

You are done, try connecting with something like winSCP

Besides winSCP, you can also simply mount the linux filesystem where you have permissions on your windows machine, here are the complete instructions on how to do that https://www.qworqs.com/2022/10/09/mounting-a-remote-linux-file-system-as-a-windows-drive/

I haven’t played any games in 20 years, up until early this month, I played a simple game on my phone, nice, but I’m not addicted, no urge to pick up the phone

So, having no windows PC of my own, i decided to install the open source supertuxkart on my debian (gnome) machine

the game is a joke compared to modern day graphics and physics, but it is fun, with things like bombs and banana skins and stuff, i don’t think i will be playing it often, but there you have it

The answer to this should be simple, I initiated the test with

badblocks -nsv /dev/sdb

, first, interrupt bad blocks with ctrl+c, the output should be

Checking for bad blocks in non-destructive read-write mode
From block 0 to 1953514583
Checking for bad blocks (non-destructive read-write test)
Testing with random pattern:   0.92% done, 49:38 elapsed. (0/0/0 errors)
 21.32% done, 18:49:24 elapsed. (0/0/0 errors)

Interrupted at block 416437376

Interrupt caught, cleaning up

Okay, so we know what blocks it was supposed to check (1 through 1953514583), and where it was interrupted (416437376)

So i will ask it to resume testing from where it finished (-1), up to the end

badblocks -nsv /dev/sdb 1953514583 416437375

n = Non destructive
s = Show progress
v = tell us about what you find !

The new run should tell you the percentage correctly, but the time counter will be reset to zero, as it is only counting how long this run has been running for

One thing to note is that bad blocks can be used to instruct the filesystem to avoid the bad blocks, but it also allows the disk’s firmware to substitute bad blocks with spare blocks, so that the disk works again with no intervention from your end !

So for my 2TB hard drive…

416437375 = 21% (13 hours)
619014719 = 31.6% (+23:22)
627995199 = 32.15% (+1:04)
667782398 = 34.18% (+4:46)
715469885 = 36.62% (+5:44)
827834875 = 42.38%

While running the tests, you might want to keep an eye on the hard drive temperature with a command like

hddtemp /dev/sdb

To create a log file of the bad blocks, every run should have it’s own file !

badblocks -nsv -o /root/badblocks3.txt /dev/sdb 1953514583 627995198

The concatenation of those files you are creating is very useful in creating a file system if you ever decide to format the drive later !, but the recommended way is using badblocks with the other disk tools directly

while the test is running, you will see 3 numbers that correspond to readerror/writeerror/corruptionerror

To begin with, the links here are Amazon associate links, what this means is that buying things using those links will result in a commission for me ! to recap. “As an Amazon Associate I earn from qualifying purchases.”

What I am trying to do is to create a cover that allows me to switch between USB OTG devices easily at the workshop, so i created a 3D printed connector that fits with the following parts, the STL for that model will be provided once I use it and make sure it works, In addition to the pixel 6 pro, have made the 3D printed connector holder for the Samsung Galaxy S10, S10+, Ulefone Power 5, Ulefone Armor 3,

The external camera also has a 3D printed case design which I will also share… the screen protector has nothing to do with the project, but i am getting it anyways because it is nice if you have screen protection at the workshop, the screen protection uses UV curing adhesive ! which may or may not ruin your oleophobic coating on your screen (remains to be seen)

Things that I am getting

Screen protector Here said to work best with the fingerprint sensor (Once you use the penny trick), and tough enough to stay put with those curved edges !

2 phone covers here (Shaded Spurce (Green) and Slate (Grey))

4 of USB C Magnetic Adapter here, 2 Elbow and 2 Flat Elbow

Things that I don’t want to buy but are worth mentioning

Google’s Air Buds (Pixel) are on sale for $99 (here) and the pro are discounted at $199 (Here), I personally like my ugreen with qualcom chipset, So i don’t think i will get the google ones any time soon, but they are here for ref.

A couple of hours ago, i received a video that is 50 frames per second, and compressed in H264, the video was 58MB, and she wanted it less than 15 to send it via email, the video was 1:45 long, so i re-encoded it in H-265 but she had a problem playing it (No codec), so i decided to re-encode it with VP9 (webm).

to arrive at a number less than 10, i needed to be encoding at around 1 MegaBIT per second, now, to do this, I made a 2pass encoding with ffmpeg as follows

ffmpeg -i source.mp4 -c:v libvpx-vp9 -b:v 1M -filter:v fps=25 -pass 1 -an -f null /dev/null && \
ffmpeg -i source.mp4 -c:v libvpx-vp9 -b:v 1M -filter:v fps=25 -pass 2 -c:a libopus out.webm

The first pass collects statistics about the source video in a text log file, the second pass encodes the new video, from the options above, i have taken the frame rate to 25fps (from 50), and instead of defining the crf, i simply told ffmpeg what the biterate I need is, which is 1Mbit per second (Every 8 seconds, 1 MBYTE)

The previous one, H-265 was done with the command

ffmpeg -i source264.mp4 -c:v libx265 -crf 28 -preset fast -c:a aac -b:a 128k  -filter:v fps=25 out265.mp4

the H265 was smaller due to the crf factor used, as well as the lower frame rate

Like the name implies, this is a cheat sheet to quickly find the command you need, they are ordered by the frequency a command is used, or at least what i think is going to be needed more frequently, I have also grouped them by function

The container name in the examples is mycontainer, it is just a name that you will need to replace with your own container name, the container ID here is always 12345abcdef

Command	Arguments	What it does
============>	Containers – list
docker container ls		Display running containers
docker container ls -a	a: also show containers that are not running	Display all containers, running or not
docker ps	Show running containers	PS is the same as LS but older
============>	Containers – Run
docker run --name mycontainer -i -t imagename	1- The name of the container to run (mycontainer) 2- The i flag indicating you’d like to open an interactive SSH session to the container. The i flag does not close the SSH session even if the container is not attached. 3- The t flag allocates a pseudo-TTY which much be used to run commands interactively. 4- The base image to create the container from (imagename).	Runs the container, and leaves you on a shell prompt that executes commands on that container (As if you have ssh-ed into it)
docker run --name mycontainer -d imagename	-d for running the container in the background
docker stop my_container		Stop the running container
docker exec -it mycontainer /bin/bash	-it flag allows you to run a container in interactive mode	If this doesn’t work, you may not have bash installed, you can try the next command Gives you access to the shell, much like opening an SSH session to the container
docker exec -it username/mycontainer /bin/sh
ctrl+p followed by ctrl+q		Detach from container

Sometimes, accessing a container throght the command line may not be enough, there is a chance you want to access it for file transfer for example, in that case, you want port 22 exposed, and you want to be connected to it like you would connect to a virtual machine

Superior in both Lossless compression, and Lossy compression, webp is the new image format by google

Already supported by all web browsers *(that i have tested it with), webP is indeed a promising format, so let us get to compressing our images

I have a big bunch of bitmaps that my scanner spits out (To avoid lossy jpeg compression the scanner’s driver produces), and i need them converted to lossless webp to save space (the first image I compressed went from 552MB bitmap to 183), that is 33% of the original size

So, under linux, this is how i would convert all BMPs into webp images, I think it is exectly the same on windows

on the command line, the command for compressing one image looks like

cwebp -lossless 00.bmp -o 00.webp

Now, the next step is to run them in a batch, copy the following text into a file and name it with the extension

To install Hyper-v, you typically open the add features menu in windows and add Hyper-v, this works in Windows Pro, but does not work in windows Home

In Windows Home, it is a very simple process

Create a file and name it (hv.bat), mind you, this is the whole name, where bet is the new file extension, make sure you don’t have an hv.bat.txt undreneath (Make sure windows is showing you the extensions)

Now, All you need to do is put the following text in the batch file (hv.bat), then Run it as administrator

     pushd "%~dp0"
     dir /b %SystemRoot%\servicing\Packages\*Hyper-V*.mum >hv.txt
     for /f %%i in ('findstr /i . hv.txt 2^>nul') do dism /online /norestart /add-package:"%SystemRoot%\servicing\Packages\%%i"
     del hv.txt
     Dism /online /enable-feature /featurename:Microsoft-Hyper-V -All /LimitAccess /ALL
     pause

Once done, the command prompt will ask you whether you would like to restart your computer to apply changes, I would suggest you respond with N (For no) and take your time closing all your applications etc… then restart manually

Right after the restart, hit the windows key on your computer, and type hyper-v, the application should appear and you can run it, it works just like it does on the pro version

Happy computing 😉

On windows, you might have been using text editors that search or search&replace within files in a folder, one such tool i have used in windows is “source edit” by Joacim Andersson (Brixoft Software). that text editor does not seem to be maintained any longer as the developer seems to have moved into making games, but there are certainly many other editors that allow you to do the same thing.

On the other hand, on Linux, I don’t need to do that, the basic tools that come with the operating system allow for that, multi gigabyte files can be searched and have certain text replaced at the speed it takes to read them (Without having to open them for editing)

So, let us assume we have a folder with many text files (Including css or js or html or php files for example), to search that folder, we can combine

grep -Ril "text-to-find-here" /path/to/file/

-R (-r) look for files recursively
-l show file names, not the contents that were found
-i ….

Another tool which is better suited for looking in code is ack (ack-grep) which i will come back to cover in this article, and a newer tool that i have never used is

Now, replacing a string inside a file is simple, there is a cool tool called sed

sed -i '/TEXTTOFIND/ s//TEXTTOREPLACEWITH/g' verylargefile.txt

Now, to find all occurances of a string in all the files in a directory and it’s subdirectories, you can use the following command, Mind you, this is always treated as a regular expression, if your string contains a dot or anything else that is part of regular expression syntax, you will need to escape it, to avoid that, check out the sd command below

find -type f -exec sed -i 's/find/replace/g' {} +

{} + invokes the “exec” command with multiple file names at once, instead of once per file

The sd command

the -s flag disables regular expressions, sd and fd have rust crates, apt install fd-find sd

fd --type file --exec sd 'Find' 'Replace'
Or with backup
fd --type file --exec cp {} {}.bk \; --exec sd 'from "react"' 'from "preact"'

-s : No regular expressions

In some cases you can even forget about fd, as sd is now capable of dealing with multiple files
sd -i "\n" "," *.txt