Ubuntu Tips

From JoeHacker

Distribution Tips

Server Documentation

Ubuntu has put up really nice documentation for configuring servers. https://help.ubuntu.com/9.10/serverguide/C/index.html

General Changes

dash is the default shell linked to /bin/sh. This can cause a number of problems with some scripts. To change /bin/sh back to bash use the following command.

dpkg-reconfigure dash

Admin Commands

allow a user to sudo

sudo adduser <username> 
sudo adduser <username> admin

Old Kernel cleanup

I have not found an easy way to clean up old kernels on Ubuntu so I wrote a small function that runs in bash to removed them. It should leave most 2 recent kernels on the system. Use at your own risk. Below is the snippet of code I put in my ~/.bashrc file to allow me to clean up old kernels. After you source the .bashrc file, you can then type kernel_cleanup and it will prompt you to remove the kernel and header files.

function kernel_cleanup()
{
        cur=$(uname -r)
        for ver in $(dpkg -l | grep linux-image-2| grep -v $cur |  awk '{print $3}'| sed 's/\.[0-9]*$//' | sort -rn| tail  -n +2 )
        do
                echo $ver
                prm=$(dpkg -l | grep $ver | awk '{print $2}')
                echo $prm
                echo -n "Remove Packages (Y/n): "
                read x
                if [ "$x" = "n" ] ; then
                        echo "Not removing"
                        continue
                fi
                sudo dpkg -P $prm
                sudo rm -rf /lib/modules/$ver-generic
        done
}

To run it:

. ~/.bashrc
kernel_cleanup

Apache

remake ssl snakeoil cert

sudo make-ssl-cert generate-default-snakeoil --force-overwrite

Disable default site

a2dissite default

Enable ldap

a2enmod authnz_ldap

LDAP TLS

The following line needs to be defined in /etc/ldap/ldap.conf

TLS_CACERT      /etc/ssl/certs/[CA_CERT.pem]

Where CA_CERT.pem is your Root CA.

Helpful page to configure ldap server https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html

Wireless Keys

It remove a saved passphase for a wireless connection that NetworkManager uses, the following command will let you update the keys. The are on the Password tab.

seahorse

Building Help

Debian source packages need a debian directory in the extracted source tree to build a package. There are plenty of sites that explain what those files are and how to create them. These are my shortcut notes to modify a package. I'll expand this section when I know more.

An an example, I wanted to get the newest version of luma packaged. I downloaded luma-2.4 and saved the tar. I then ran the following and got the current source for luma.

apt-get source luma

It created the luma-2.3 directory structure. I extracted the new tar and copied the debian directory to the new directory.

tar -xvjf luma-2.4.tar.bz2
cp -a luma-2.3/debian luma-2.4/.

Now I needed to update the changelog and change the version information.

cd luma-2.4/debian
dch -i
cd ..

After adding the comments for the new version, I built the package.

dpkg-buildpackage -rfakeroot


General Troubleshooting

Apt-cacher-ng

This one took a while to figure out while trying to do an upgrade. I've seen numerous problems with trying to use apt-cacher-ng with the upgrade process, but this one was caused by a corrupted file in the cache. When trying an upgrade, I got the following error

Checking for a new ubuntu release
Failed Upgrade tool signature
Done Upgrade tool
Done downloading            
extracting 'jaunty.tar.gz'
authenticate 'jaunty.tar.gz' against 'jaunty.tar.gz.gpg' 
exception from gpg: GnuPG exited non-zero, with code 131072
Debug information: 
...

It turns out that /var/lib/update-manager/meta-release was corrupt and everytime I edited the file the corruption came back. I removed the file from apt-cache-ng cache directory, retried the upgrade and everything was fixed.

rm /var/cache/apt-cacher-ng/changelogs.ubuntu.com/meta-release

VirtualBox Hash sum mismatch

When trying to get virtualbox, I kept seeing errors from apt-get update. I removed the following files and was able to install/upgrade virtualbox.

rm /var/lib/apt/lists/download.virtualbox.org_virtualbox_*
rm /var/lib/apt/lists/partial/download.virtualbox.org_virtualbox_*

Adding Keys to Apt

I have added some launchpad repos and keep forgetting how to add the keys to prevent apt errors. Here is basically the command to use.

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 12345678

Replace 12345678 with the key id.

Disable IPv6 on Karmic 9.10

Karmic does not include ipv6 as a module, so the only way to disable it is with passing a kernel parameter during boot. I found the same problem with jaunty 9.04, but it was easy to edit the menu.lst file to add this option. I know this is a hack, but I only need ipv4 working at this time. In the future I'm sure I will have to undo these changes, but for now they speed up my system.

Using yout favorite editor using sudo, edit /etc/default/grub and change

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"

to

GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash"

then

sudo update-grub

It also looks like 2 of my favorite apps do DNS AAAA record lookups after ipv6 is disabled. The following removes the AAAA lookup which causes delays in firefox/seamonkey and ssh.

  • Firefox

Edit the config by opening the page about:config and filter for ipv6. Toggle network.dns.disableIPv6 to true.

  • ssh

Edit /etc/ssh/ssh_config or ~/.ssh/config and add the following to the global host

host *
      AddressFamily inet

Display Grub2 menu

By default, if there is only one OS with grub2, no menu will be displayed. Comment out the following line in /etc/default/grub

#GRUB_HIDDEN_TIMEOUT=0

This link has everything you want to know about the new grub2 options. http://ubuntuforums.org/showthread.php?t=1195275

Check dpkg MD5 checksums

I'm sure there is an easier way, but I kept looking up this information. If you want to ensure that the files installed on your system match the checksums when the package was install, you can create the following script. I call mine, dpkg_md5check

#!/bin/bash

cd /
for i in /var/lib/dpkg/info/*.md5sums; 
do
        sudo md5sum -c $i |grep -v 'OK$'
done

You may get some false positives, but at least it gives you an indication of the majority of the files. I think RedHat has an easier and better method and I'll update this section when I find a better method for Ubuntu.

Disable automounting of USB drives

Sometimes I need to be able to connect a USB drive and not have it automatically mount the device. The following command will disable this function

gconftool-2 --type bool --set /apps/nautilus/preferences/media_automount false

And this command will enable it again.

gconftool-2 --type bool --set /apps/nautilus/preferences/media_automount true

Links

Here are some useful links