Linux

Accessing psql sudo -i -u postgres psql Create a new database and user Create a new user: CREATE USER theusername WITH PASSWORD 'thepassword'; Create a new database: CREATE DATABASE thedatabase; Grant privileges: GRANT ALL PRIVILEGES ON DATABASE thedatabase TO theusername; Allow Remote Access Edit postgresql.conf, usually located in /etc/postgresql/<version>/main/, and set listen_addresses = '*'. #------------------------------------------------------------------------------ # CONNECTIONS AND AUTHENTICATION #------------------------------------------------------------------------------ # - Connection Settings - listen_addresses = '*' # what IP address(es) to listen on; # comma-separated list of addresses; # defaults to 'localhost'; use '*' for all # (change requires restart) port = 5432 # (change requires restart) max_connections = 100 # (change requires restart) #reserved_connections = 0 # (change requires restart) #superuser_reserved_connections = 3 # (change requires restart) unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories # (change requires restart) #unix_socket_group = '' # (change requires restart) #unix_socket_permissions = 0777 # begin with 0 to use octal notation # (change requires restart) #bonjour = off # advertise server via Bonjour # (change requires restart) #bonjour_name = '' # defaults to the computer name # (change requires restart) # - TCP settings - # see "man tcp" for details #tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; # 0 selects the system default #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; # 0 selects the system default #tcp_keepalives_count = 0 # TCP_KEEPCNT; # 0 selects the system default #tcp_user_timeout = 0 # TCP_USER_TIMEOUT, in milliseconds; # 0 selects the system default #client_connection_check_interval = 0 # time between checks for client # disconnection while running queries; # 0 for never Edit pg_hba.conf and add a line to allow connections — for example, host all all 0.0.0.0/0 scram-sha-256 — for network access. ...

In this code snippet, I would like to run an application with a URL payload based on date and time. This code will be executed in a specific schedule everyday and I would like to dynamically inject the date and time in the program argument when the program executes. ./json2csv rules.json "ncp" "http://localhost:8080/api/zget?eid=get-ncp-mv-by-starttime-endtime&starttime;=$(date --date='yesterday' +\%Y-\%m-\%d)+00:00:00&endtime;=$(date --date='yesterday' +\%Y-\%m-\%d)+23:59:00&container;=false" > $(echo "nercc_mv_$(date --date='yesterday' +\%Y-\%m-\%d).csv") The way to do this is using the Bash String Manipulation Inside a string, the bash will evaluate statement inside “$()” in this example: ...

Use Linux diff command to compare files line by line. This handy tool helps you identify line differences between files and console output. Command diff -y file1 file1 Marker Meaning | = line present in both files but the text differs. < = line present only in the left file. > = line present only in the right file. Examples Comparing two package.json files johnpili@com ~ % diff -y package1.json package2.json { { "name": "date-diff", | "name": "time-zones", "version": "0.0.0", "version": "0.0.0", "scripts": { "scripts": { "ng": "ng", "ng": "ng", "start": "ng serve", "start": "ng serve", "build": "ng build --base-href /tools/date-diff/ --config | "build": "ng build", "watch": "ng build --watch --configuration development", "watch": "ng build --watch --configuration development", "test": "ng test" "test": "ng test" }, }, "private": true, "private": true, "dependencies": { "dependencies": { "@angular/common": "^19.2.0", "@angular/common": "^19.2.0", "@angular/compiler": "^19.2.0", "@angular/compiler": "^19.2.0", "@angular/core": "^19.2.0", "@angular/core": "^19.2.0", "@angular/forms": "^19.2.0", "@angular/forms": "^19.2.0", "@angular/platform-browser": "^19.2.0", "@angular/platform-browser": "^19.2.0", "@angular/platform-browser-dynamic": "^19.2.0", "@angular/platform-browser-dynamic": "^19.2.0", "@angular/router": "^19.2.0", "@angular/router": "^19.2.0", "@tailwindcss/postcss": "^4.1.4", "@tailwindcss/postcss": "^4.1.4", "daisyui": "^5.0.28", "daisyui": "^5.0.28", "moment": "^2.30.1", | "moment-timezone": "^0.5.48", "postcss": "^8.5.3", "postcss": "^8.5.3", "rxjs": "~7.8.0", "rxjs": "~7.8.0", "tailwindcss": "^4.1.4", "tailwindcss": "^4.1.4", "tslib": "^2.3.0", "tslib": "^2.3.0", "zone.js": "~0.15.0" "zone.js": "~0.15.0" }, }, "devDependencies": { "devDependencies": { "@angular-devkit/build-angular": "^19.2.8", "@angular-devkit/build-angular": "^19.2.8", "@angular/cli": "^19.2.8", "@angular/cli": "^19.2.8", "@angular/compiler-cli": "^19.2.0", "@angular/compiler-cli": "^19.2.0", "@types/jasmine": "~5.1.0", "@types/jasmine": "~5.1.0", "jasmine-core": "~5.6.0", "jasmine-core": "~5.6.0", "karma": "~6.4.0", "karma": "~6.4.0", "karma-chrome-launcher": "~3.2.0", "karma-chrome-launcher": "~3.2.0", "karma-coverage": "~2.2.0", "karma-coverage": "~2.2.0", "karma-jasmine": "~5.1.0", "karma-jasmine": "~5.1.0", "karma-jasmine-html-reporter": "~2.1.0", "karma-jasmine-html-reporter": "~2.1.0", "typescript": "~5.7.2" "typescript": "~5.7.2" } } } } johnpili@com ~ % The example below shows how to use diff to compare installed PHP modules. This is very useful when you’re switching to a different version of PHP ...

Delete files with specified file extension recursively. This is useful when you want to remove those temporary files or those unwanted auto-generated artifacts inside nested folders. Be careful when using these commands because it will delete files permanently Linux Bash find . -type f -name "*.tmp" -delete find . -type f -name "*.tmp" -exec rm -v "{}" + Windows Powershell Get-ChildItem * -Include *.tmp -Recurse | Remove-Item

If you prefer to boot up your Linux machine with the boot messages rather than the distro splash screen. You can enable that by editing the file /etc/default/grub and set the value of GRUB_CMDLINE_LINUX_DEFAULT to an empty string. Example: GRUB_DEFAULT=0 GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="" GRUB_CMDLINE_LINUX="" After editing the file, execute update-grub to load your configuration into the bootloader. sudo /usr/sbin/update-grub Output of update-grub Generating grub configuration file ... Found background image: /usr/share/images/desktop-base/desktop-grub.png Found linux image: /boot/vmlinuz-6.1.0-10-arm64 Found initrd image: /boot/initrd.img-6.1.0-10-arm64 Warning: os-prober will not be executed to detect other bootable partitions. Systems on them will not be added to the GRUB boot configuration. Check GRUB_DISABLE_OS_PROBER documentation entry. Adding boot menu entry for UEFI Firmware Settings ... done

Reduce SSH brute force attacks by changing your default SSH server (sshd) port from port 22 to a different one. Below is a sshd log example of a brute force attacks. Changing the port You can change the default port by editing the sshd configuration file. sudo nano /etc/ssh/sshd_config Find the line that say #Port. Remove the # symbol and set the port number you prefer. Refer to the image below as reference. ...

Some Linux servers were security hardened by changing the default SSH port from port 22 to a different port number. To use rsync with a different SSH port, add ‘ssh -p 12345’ in the rsync parameters. Push rsync -azvP -e 'ssh -p 12345' SOURCE USER@HOST:DEST Pull rsync -azvP -e 'ssh -p 12345' USER@HOST:SOURCE DEST

Setting up a static IP address in Debian Linux is straightforward. In this guide, I will be configuring the IP address using the old way (ifconfig) and requires that you have system administration rights to do the following steps: Open the network interface file with the following command: sudo vi /etc/network/interfaces Once opened, you might see something similar like this Your interface label might be different from the example but in this case we are interested in making interface ens33 to have a static IP. I configured interface ens33 as follows: ...

In some situation, we may want to delegate a sudo capability to Linux users or groups without completely giving them full access to the operating system. We can achieve this by using User_Alias inside the /etc/sudoers configuration file. I will share the simple settings that I used in my RHEL server. ## Sudoers allows particular users to run various commands as ## the root user, without needing the root password. ## ## Examples are provided at the bottom of the file for collections ## of related commands, which can then be delegated out to particular ## users or groups. ## ## This file must be edited with the 'visudo' command. ## Host Aliases ## Groups of machines. You may prefer to use hostnames (perhaps using ## wildcards for entire domains) or IP addresses instead. # Host_Alias FILESERVERS = fs1, fs2 # Host_Alias MAILSERVERS = smtp, smtp2 ## User Aliases ## These aren't often necessary, as you can use regular groups ## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname ## rather than USERALIAS # User_Alias ADMINS = jsmith, mikem User_Alias POWERUSERS = piotr.pawlowski, martin.marshall POWERUSERS ALL=(ALL) NOPASSWD: /sbin/reboot ## Command Aliases ## These are groups of related commands... ## Networking # Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool ## Installation and management of software # Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum ## Services # Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig, /usr/bin/systemctl start, /usr/bin/systemctl stop, /usr/bin/systemctl reload, /usr/bin/systemctl restart, /usr/bin/systemctl status, /usr/bin/systemctl enable, /usr/bin/systemctl disable ## Updating the locate database # Cmnd_Alias LOCATE = /usr/bin/updatedb ## Storage # Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount ## Delegating permissions # Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp ## Processes # Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall ## Drivers # Cmnd_Alias DRIVERS = /sbin/modprobe # Defaults specification # # Refuse to run if unable to disable echo on the tty. # Defaults !visiblepw # # Preserving HOME has security implications since many programs # use it when searching for configuration files. Note that HOME # is already set when the the env_reset option is enabled, so # this option is only effective for configurations where either # env_reset is disabled or HOME is present in the env_keep list. # Defaults always_set_home Defaults match_group_by_gid # Prior to version 1.8.15, groups listed in sudoers that were not # found in the system group database were passed to the group # plugin, if any. Starting with 1.8.15, only groups of the form # %:group are resolved via the group plugin by default. # We enable always_query_group_plugin to restore old behavior. # Disable this option for new behavior. Defaults always_query_group_plugin Defaults env_reset Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS" Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE" Defaults env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES" Defaults env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE" Defaults env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY" # # Adding HOME to env_keep may enable a user to run unrestricted # commands via sudo. # # Defaults env_keep += "HOME" Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin ## Next comes the main part: which users can run what software on ## which machines (the sudoers file can be shared between multiple ## systems). ## Syntax: ## ## user MACHINE=COMMANDS ## ## The COMMANDS section may have other options added to it. ## ## Allow root to run any commands anywhere root ALL=(ALL) ALL ## Allows members of the 'sys' group to run networking, software, ## service management apps and more. # %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS ## Allows people in group wheel to run all commands %wheel ALL=(ALL) ALL ## Same thing without a password # %wheel ALL=(ALL) NOPASSWD: ALL ## Allows members of the users group to mount and unmount the ## cdrom as root # %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom ## Allows members of the users group to shutdown this system # %users localhost=/sbin/shutdown -h now %psi ALL=(ALL) NOPASSWD: /bin/systemctl start db-replication.service %psi ALL=(ALL) NOPASSWD: /bin/systemctl stop db-replication.service %psi ALL=(ALL) NOPASSWD: /bin/systemctl restart db-replication.service %psi ALL=(ALL) NOPASSWD: /bin/systemctl status db-replication.service ## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment) #includedir /etc/sudoers.d The configuration before handles the individual User_Alias. It assigns users under the alias name POWERUSERS and we let those user reboot the system without asking for password. ...

Systemd is a Linux software suite that handles system services (daemon) and timers; it enables you to start, stop and restart your application using systemctl command. It can also start your application during operating systems boot-up sequence. Note that you will need to have root or sudo privileges for this operation. To create a systemd unit file, create a service file inside the directory /etc/systemd/system/. The filename must end with .service for example: ...