# pre-installed on Ubuntu 18:
tracepath -n IP/HOST
mtr -n IP/HOST
Tag Archives: ubuntu
Ubuntu synchronize NTP clock
Reading time: < 1 minute Synchronise Linux clock when NTP service is running but the clock is not on time:
sudo service ntp stop sudo ntpd -gq sudo service ntp start
Upgrading Redmine in a nutshell
Reading time: 1 – 2 minutes
I use Redmine to track my personal projects, and every time that I have to update I have to re-read the full upgrading page which is long and full of exceptions. So I decided to write my own reduced cookbook to solve that. FYI I’m using Ubuntu 16.04, Apache2, MySQL and Passenger for running Redmine.
Being root user run:
- backup MySQL database
- download new redmine package and unpack in /var/www
- change ‘redmine’ soft link to new folder
- copy old files and directories overwriting the new ones:
config/database.yml config/configuration.yml files/ plugins/
- locating work directory on new redmine folder, run:
bundle install --without development test bundle exec rake generate_secret_token bundle exec rake db:migrate RAILS_ENV=production bundle exec rake redmine:plugins:migrate RAILS_ENV=production bundle exec rake tmp:cache:clear tmp:sessions:clear RAILS_ENV=production
- restart apache server
Ubuntu server as wifi AP and Mikrotik as a DHCP server
Reading time: 2 – 3 minutes
It’s important to have a very clear picture about the scenario that we’re going to configure in that case because it’s a little bit particular. This is an evolution of the previous post: Ubuntu server as wifi AP and Mikrotik as a DHCP server
There is a server running Ubuntu 16.04 and offering wifi service as an AP. The wifi interface is in bridge mode with the ethernet port and send all traffic to the Mikrotik gateway where there is a DHCP server in charge to serve IP address to wifi clients.
Start by configuring the bridge in the Ubuntu server. File “/etc/network/interfaces”:
source /etc/network/interfaces.d/* auto lo br0 iface lo inet loopback #ethernet interface allow-hotplug enp2s0 iface enp2s0 inet manual #wifi interface allow-hotplug wlp3s0 iface wlp3s0 inet manual # Setup bridge iface br0 inet static bridge_ports enp2s0 address 192.168.2.2 netmask 255.255.255.0 network 192.168.2.0
Pay attention on “bridge_ports” the wifi interface is not added on the list, this is because until the hostapd is running it doesn’t make sense to do that. You’ll see “bridge=br0” option on hostapd.conf which will fix that misbehavior.
Wifi AP configuration, “/etc/default/hostapd”:
DAEMON_CONF="/etc/hostapd/hostapd.conf"
and “/etc/hostapd/hostapd.conf”:
bridge=br0 # bridge interface interface=wlp3s0 # wifi interface name driver=nl80211 ssid=the_ssid_name # name of your network hw_mode=g channel=1 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0 wpa=3 wpa_passphrase=the_secret_key # secret key to joing with the wifi network wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP logger_syslog=-1 logger_syslog_level=3 logger_stdout=-1 logger_stdout_level=1
DHCP server configuration on Mikrotik:
# setting the interface address, in my case ether4 /ip address add address=192.168.2.1/24 interface=ether4 network=192.168.2.0 # setting up DHCP on interface 4 of the mikrotik device /ip dhcp-server add address-pool=dhcp-pool disabled=no interface=ether4 name=dhcp-pool # network of the DHCP server /ip dhcp-server network add address=192.168.2.1.0/24 dns-server=8.8.8.8 domain=your_network.local gateway=192.168.2.1 netmask=24 # IP pool used by the DHCP server /ip pool add name=dhcp-pool ranges=192.168.2.65-192.168.2.70
Cookbook: set-up a TFTP server on Ubuntu
Reading time: 1 – 2 minutes
Sometimes TFTP is the only protocol available to exchange files with an embedded system. So, it’s very easy to have that supported in our workstation or any other place to exchange files with those systems.
Set up steps:
apt-get install tftpd-hpa
modify file “/etc/default/tftpd-hpa”:
TFTP_OPTIONS="--secure --create"
–secure: Change root directory on startup. This means the remote host does not need to pass along the directory as part of the transfer, and may add security. When –secure is specified, exactly one directory should be specified on the command line. The use of this option is recommended for security as well as compatibility with some boot ROMs which cannot be easily made to include a directory name in its request.
–create Allow new files to be created. By default, tftpd will only allow upload of files that already exist. Files are created with default permissions allowing anyone to read or write them, unless the –permissive or –umask options are specified.
Needed to allow uploads in that directory:
chown -R tftp /var/lib/tftpboot
Restart and check if the service is running:
service tftpd-hpa restart service tftpd-hpa status netstat -a | grep tftp
Remove old kernels when there is no space in /boot
Reading time: 1 – 2 minutes
The first step is get some space in the partition “/boot” because without that it’s impossible to do anything.
So go to /boot and remove some “initrd” files as they are the biggest ones. A few of them will be enough.
After that a good point is to ensure there is no partial installation pending to finish:
apt-get -f install
Now it’s a good idea to purge all kernels except the running one:
dpkg -l 'linux-*' | sed '/^ii/!d;/'"$(uname -r | sed "s/\(.*\)-\([^0-9]\+\)/\1/")"'/d;s/^[^ ]* [^ ]* \([^ ]*\).*/\1/;/[0-9]/!d' | xargs sudo apt-get -y purge
To avoid that in future before filling the partition, it’s a good idea to install and run periodically: purge-old-kernels. Installation and example of use are:
# installation apt-get install bikeshed # keep three old kernels: purge-old-kernels --keep 3 # if you want to put that in the crontab use that command purge-old-kernels --keep 3 -qy
If you’re a Grub user don’t forget to run:
update-grub2
Personally I have a nightmare with that problem and Ubuntu, especially with version 12.04 which is installed in a lot of servers that I manage. I repeated the previous process a lot of times and in the end, I decided to document it because I always have to go to Google and find the proper steps to solve that problem.
Relay mail from your server without MTA
Reading time: < 1 minute
Sometime you need to send notifications or simply you need to use sendmail command from your server, but you don't want to use a local mail server. Maybe use simple SMTP (ssmtp) could be a good idea to solve this kind of situations.
I use to configure SSMTP with a GMail account to send notifications from server different daemons, for example, crontab, supervisord, etc.
This is a cookbook configuration for SSMTP and GMail:
/etc/ssmtp/ssmtp.conf
root=user@gmail.com
mailhub=smtp.gmail.com:587
rewriteDomain=
hostname=user@gmail.com
UseSTARTTLS=YES
AuthUser=user@gmail.com
AuthPass=password
FromLineOverride=YES
/etc/ssmtp/revaliases
root:username@gmail.com:smtp.gmail.com:587
localusername:username@gmail.com:smtp.gmail.com:587
Installation in ubuntu server is as easy as: apt-get install ssmtp
Changing Ubuntu CLI language
Reading time: < 1 minute My mother tongue is Catalan and of course I speak and understand Spanish very well, but when I'm using a Linux CLI it's impossible to be agile if the interface is not in English. Then when I need to change Ubuntu interface to English I modify the file /etc/default/locale:
LANG=en_US.UTF-8 LANGUAGE="en_US:en"
Deshabilitar AppArmor
Reading time: < 1 minute Les noves versions d'Ubuntu incorporen AppArmor i a vegades això suposa un problema, així que cal recordar com anul·lar-lo completament per depurar els problemas abans de tornar-lo a activar.
/etc/init.d/apparmor teardown
APT protocol o AptURL – instal·lant soft des del browser
Reading time: < 1 minute