Suramya's Blog : Welcome to my crazy life…

November 15, 2022

Extracting Firefox Sites visited for archiving

Filed under: Computer Software,Linux/Unix Related,Tech Related — Suramya @ 3:01 AM

I have been using Firefox since it first version (0.1) launched back in 2003. At that time it was called Phoenix but had to change its name due to a trademark claim from Phoenix Technologies to Firebird which was then renamed to Firefox. Over the years I have upgraded in place so I had assumed that all my Browser History etc was still safely stored in the browser. A little while ago I realized that this wasn’t the case as there is a history page limit defined under the about:config. The property is called

places.history.expiration.transient_current_max_pages: 137249

and on my system it is configured for 137249 entries. This was a disappointment as I wanted to save an archive of the sites I have visited over the years so I started looking at how to export the history from Firefox from the command line so that I can save it in another location as part of my regular backup. I knew that the history is stored in a SQLite database so I looked at the contents of the DB using a SQLite viewer. The DB was simple enough to understand but I didn’t want to recreate the wheel so I searched on Google to see if anyone else has already written the queries to extract the data and found this Reddit post that gave the command to extract the data into a file.

I tried the command out and it worked perfectly with just one small hitch. The command would not run unless I shutdown Firefox as the DB file was locked by FF. This was a big issue as it meant that I would have to close the browser every time the backup ran which is not feasible as the backup process needs to be as transparent and seamless as possible.

Another search for the solution pointed me to this site that explained how to connect to a locked DB in Read Only mode. Which was exactly what I needed, so I took the code from there and merged it with the previous version and came up with the following command:

sqlite3 'file:places.sqlite?immutable=1' "SELECT strftime('%d.%m.%Y %H:%M:%S', visit_date/1000000, 'unixepoch', 'localtime'),
                                                   url FROM moz_places, moz_historyvisits WHERE moz_places.id = moz_historyvisits.place_id ORDER BY visit_date;" > dump.out 

this command gives us an output that looks like:

28.12.2020 12:30:52|http://maps.google.com/
28.12.2020 12:30:52|http://maps.google.com/maps
...
...
14.11.2022 04:37:17|https://www.google.com/?gfe_rd=cr&ei=sPvqVZ_oOefI8AeNwZbYDQ&gws_rd=ssl,cr&fg=1

Once the file is created, I back it up with my other files as part of the nightly backup process on my system. In the next phase I am thinking about dumping this data into a PostgreSQL DB so that I can put a UI in front of it that will allow me to browse/search through the file. But for now this is sufficient as the data is being backed up.

I was able to get my browsing history going back to 2012 by restoring the oldest Firefox backup that I have on the system and then extracting the data from it. I still have some DVD’s with even older backups so when I get some time I will restore and extract the data from there as well.

Well this is all for now. Will write more later.

– Suramya

October 7, 2022

I am now a CEH (Certified Ethical Hacker)

Filed under: Computer Security,Linux/Unix Related,My Life — Suramya @ 6:23 PM

Gave my CEH (Certified Ethical Hacker) exam on 3rd Oct and have successfully cleared it.


Certification Number Certification Name Issue Date Expiry Date
ECC8907421563 Certified Ethical Hacker October 3, 2022 October 02, 2025

The exam was interesting and required a bit of memorization but over all not bad. I do wish they allow us to access the books or use the tools on the computer. I have a hard time remembering the parameters for commands and there were a few questions in there about what parameter would you use to do x. Normally I would do a man command before running it but here I had to remember the commands so it was a bit more annoying and required some extra effort to memorize, other than that the questions were great and required a lot of thinking and knowing the system.

Well this is all for now, will write more later.

– Suramya

October 4, 2022

Workaround for VPN Unlimited connection issues with latest Debian

VPN’s are a great way to ensure that your communication remains private when using a pubic internet connection such as when you are connected to an Airport or Coffee shop Wifi. Plus they are good for getting access when a site is blocked where you are, for example in India VideoLan.org the main site for VLC Media player has been blocked for a while. I primarily use VPN Unlimited on all my systems as I have a lifetime subscription though I also have other VPN’s that I use sometimes.

Unfortunately, the native VPN Unlimited application for Linux has stopped working a while ago due to a compatibility issue with SSL. When I upgraded to the latest version of Debian back in July 2022 it suddenly stopped working with the following error message:

vpn-unlimited: symbol lookup error: /lib/libvpnu_private_sdk.so.1: undefined symbol: EVP_CIPHER_block_size

Reinstalling the software didn’t resolve the issue and neither did a search on the internet help. When I reached out to support they told me that Debian 11 wasn’t yet supported and they didn’t have an ETA for the new version to be released. They did recommend that I manually create & download an openvpn config from their site that would allow me to connect to the VPN manually using OpenVPN instead of the App. Unfortunately, the config generated didn’t work either as it would fail to connect with the following error message in the logs:

Sep 21 02:56:55 StarKnight NetworkManager[1123]:  [1663709215.0845]vpn[0x559d7fc46900,833a72d8-a08a-474e-a854-c926cd6c694a,"VPN Unlimited"]: starting openvpn
Sep 21 02:56:55 StarKnight NetworkManager[1123]:  [1663709215.0847] audit: op="connection-activate" uuid="833a72d8-a08a-474e-a854-c926cd6c694a" name="VPN Unlimited" pid=2829 uid=1000 result="success"
Sep 21 02:56:55 StarKnight kded5[2780]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: 2
Sep 21 02:56:55 StarKnight kded5[2780]: org.kde.plasma.nm.kded: Unhandled VPN connection state change: 3
Sep 21 02:56:55 StarKnight NetworkManager[233850]: 2022-09-21 02:56:55 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless
"allow-compression yes" is also set.
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: OpenVPN 2.6_git x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: library versions: OpenSSL 3.0.5 5 Jul 2022, LZO 2.10
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: OpenSSL: error:0A00018E:SSL routines::ca md too weak
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: Cannot load certificate file /home/suramya/.local/share/networkmanagement/certificates/E87E7A7D6DA16A89C7B4565273D3A792_hk_openvpn/cert.crt
Sep 21 02:56:55 StarKnight nm-openvpn[233850]: Exiting due to fatal error
Sep 21 02:56:55 StarKnight NetworkManager[1123]:  [1663709215.1095] vpn[0x559d7fc46900,833a72d8-a08a-474e-a854-c926cd6c694a,"VPN Unlimited"]: dbus: failure: connect-failed (1)
Sep 21 02:56:55 StarKnight NetworkManager[1123]:  [1663709215.1095] vpn[0x559d7fc46900,833a72d8-a08a-474e-a854-c926cd6c694a,"VPN Unlimited"]: dbus: failure: connect-failed (1)

After a little more back and forth with the support team (which was extremely responsive and quick) which in turn reached out to their developers we identified the issue with the OpenVPN config. The fix for this will be deployed to all their servers by the end of this month. In the mean time I was given a workaround that resolved the issue for me. To fix the issue add this line to your OVPN file under the VPN section:

tls-cipher=DEFAULT:@SECLEVEL=0 

More information on this is available in the OpenVPN forum. Keep in mind that this is not a really secure configuration and if you are working on something really top secret you should use another VPN till the issue is actually fixed instead of this workaround as it is not secure.

However, just wanted to share this here for others who might be having this same issue. Hope this helps.

– Suramya

October 3, 2022

Debian to allow non-free firmware in its default installer

Filed under: Linux/Unix Related,My Thoughts,Tech Related — Suramya @ 10:19 AM

One of the problems preventing new users from using Debian is that if your hardware is not supported by an Open (‘free’) driver/firmware then the system doesn’t install any and then it is a painful process to download and install the driver, especially if it is for the Wireless card. In earlier laptops you could always connect via a network cable to install the drivers but the newer systems don’t come with a LAN connection (which I think sucks BTW) so installing Debian on those systems is a pain.

Debian leadership has been debating on how to fix this over the past few months and there was a vote to decide Debian would handle non-free firmware going forward. Now the voting has completed and the verdict is in, Debian has decided that the Debian Official Installer Media can include firmware that is otherwise not part of the Debian system. The non-free firmware would be automatically installed and activated when the installer determines that it is needed for the OS to function. The setup would notify the user in such cases and provide instructions on how to disable the changes if required.

The Debian Project also makes the following statement:

We will include non-free firmware packages from the “non-free-firmware” section of the Debian archive on our official media (installer images and live images). The included firmware binaries will normally be enabled by default where the system determines that they are required, but where possible we will include ways for users to disable this at boot (boot menu option, kernel command line etc.).

When the installer/live system is running we will provide information to the user about what firmware has been loaded (both free and non-free), and we will also store that information on the target system such that users will be able to find it later. Where non-free firmware is found to be necessary, the target system will also be configured to use the non-free-firmware component by default in the apt sources.list file. Our users should receive security updates and important fixes to firmware binaries just like any other installed software.

We will publish these images as official Debian media, replacing the current media sets that do not include non-free firmware packages.

This is a great choice and will allow the installer to work pretty seamlessly for most users. I know there are purists who will be shouting and screaming that this is not the ‘true way for free software‘ but they will be a minority for the most part. Installers need to be simple, while allowing power users more granular control of the process. This change removes a major barrier in the adoption of Debian and makes the lives of millions of system administrators a lot easier.

Source: Slashdot: Debian Considers Changing How It Handles Non-Free Firmware
More details at: Debian Choose A Reasonable, Common Sense Solution To Dealing With Non-Free Firmware

– Suramya

October 2, 2022

Upgrading Debian Unstable – How to avoid obvious problems

Filed under: Computer Tips,Linux/Unix Related,Tech Related — Suramya @ 11:59 PM

If you are using Debian Unstable there is a possibility that your system might not work correctly after an upgrade, because as the name states it is an ‘unstable’ distribution that might have bugs. I use it because Debian Stable has older versions of the software available and I want to the latest versions if possible. Plus I don’t mind tinkering with the system if things break so that helps as well. Over the years I have found some easy ways to prevent the most obvious problems when upgrading and I will share them here.

First option is to upgrade the system regularly. You can decide what the frequency of the upgrade is but do it regularly. I upgrade twice a month and that ensures that the system has the latest updates and we are not so far out of sync that we need to download a ton of files for the upgrade. This is very useful when you don’t have much free space available in the root partition as the longer you wait the more files you have to download and the less free space we have for the actual upgrade.

Another thing I do that has helped me a lot is to ensure that you look at the packages being upgraded, specifically any packages being removed. Don’t upgrade if there are a lot of packages being removed without updated versions being installed. To give an example, I tried upgrading my system yesterday and it told me that it was going to “457 upgraded, 11 newly installed, 297 to remove and 0 not upgraded.” Looking at the packages it was going to remove I found that if I had blindly allowed the upgrade to proceed it would have ended up uninstalling my entire KDE install, VPN server and a whole bunch of other stuff. I waited for a day and tried again and the bug that was causing the system to insist on removing KDE during the upgrade was resolved and I was able to upgrade successfully.

I also pipe the output from the apt-get dist-upgrade command to a log file so that I have a log of what was changed and any errors are logged so I can look at it later in case there are issue. The command I use for that is as below:

apt-get dist-upgrade 2>&1 |tee ~suramya/Documents/Suramya/Computer\ Update\ Logs/StarKnight/2022/10032022

I keep all the logs from the upgrades so I can see exactly what was changed on the system and when. Makes it a lot easier to troubleshoot issues caused due to an upgrade.

If you have multiple systems, then I recommend you don’t upgrade all of them at the same time. I stagger them by a day or two so that in case of issues I have a working system. This has saved my sanity a few times.

Well, this is all for now. Do share any tips you might have for avoiding issues during an upgrade.

– Suramya

August 28, 2022

Debian looking at changing how it handles non-free firmware

Filed under: Computer Software,Linux/Unix Related,Tech Related — Suramya @ 5:38 PM

One of the major problems when installing Debian as a newbie is that if your hardware is not supported by an Open (‘free’) driver/firmware then the system doesn’t install any and then it is a painful process to download and install the driver, especially if it is for the Wireless card. In earlier laptops you could always connect via a network cable to install the drivers but the newer systems don’t come with a LAN connection (which I think sucks BTW) so installing Debian on those systems is a pain.

How this should be addressed is a question that has been debated for a while now. It was even one of the questions Jonathan Carter discussed in his post on ‘How is Debian doing’. There are a lot of people with really strong opinions on the topic and ‘adulterating’ Debian by allowing non-free drivers to be installed by default has a lot of people up in arms. After a lot of debate on how to resolve there are three proposals to solve this issue that are up for vote in September:

Proposal A and B both start with the same two paragraphs:
We will include non-free firmware packages from the “non-free-firmware” section of the Debian archive on our official media (installer images and live images). The included firmware binaries will normally be enabled by default where the system determines that they are required, but where possible we will include ways for users to disable this at boot (boot menu option, kernel command line etc.).

When the installer/live system is running we will provide information to the user about what firmware has been loaded (both free and non-free), and we will also store that information on the target system such that users will be able to find it later. The target system will also be configured to use the non-free-firmware component by default in the apt sources.list file. Our users should receive security updates and important fixes to firmware binaries just like any other installed software.

But Proposal A adds that “We will publish these images as official Debian media, replacing the current media sets that do not include non-free firmware packages,” while Proposal B says those images “will not replace the current media sets,” but will instead be offered alongside them.

And Proposal C? “The Debian project is permitted to make distribution media (installer images and live images) containing packages from the non-free section of the Debian archive available for download alongside with the free media in a way that the user is informed before downloading which media are the free ones.

Debian is not the more new user friendly system out there and a lot of distributions got popular because they took the Debian base and made it more userfriendly by allowing non-free drivers and firmware. So this is a good move in my opinion. Personally I feel that option B might be the best option that will keep both the purists and the reformers happy. I don’t think Option C is a good option at all as it would be confusing.

Source: Slashdot: Debian Considers Changing How It Handles Non-Free Firmware

– Suramya

August 16, 2022

Debian: My Favorite Linux Distro turns 29!

Filed under: Linux/Unix Related,My Thoughts — Suramya @ 9:23 PM

Debian, one of the most popular Linux Distributions that has served as the base for over 100 derivative distributions (See here for the partial list) is celebrating it’s 29th Birthday! I have been using it since 2003, so it’s been 19 years since I started using it and I have to say the OS has been improving constantly over the years while keeping the core values/stability.

I have tried other distro’s in the middle: Ubuntu, Mint, Knoppix but keep coming back to Debian because of the stability and functionality. I do use Kali as the primary OS on my laptop as I use that for my security research/testing but all other systems run Debian. I even managed to get it to work on my Tablet. 🙂

One note of caution/advice is to always look at the packages being changed/removed when you are upgrading esp if you are on the Unstable branch as things can break in that branch. Usually if I see that packages are being removed that I want to keep I just have to wait for a few days and the issue gets resolved. It is not the best distribution if you are looking for ‘newbie friendly’ but is one that will let you learn Linux the fastest. (Linux from Scratch will get you to learn more about Linux internals than you ever wanted if you can manage to get it to work and have the time required to install/configure it. For me the effort spent for the gain wasn’t worth it, but your mileage may vary.

In any case, I think I will be sticking with Debian for the foreseeable future. Here’s to another 30 years!

– Suramya

August 12, 2022

Multiple Linux Live CDs on a single USB Drive

Filed under: Computer Tips,Linux/Unix Related,Tech Related — Suramya @ 6:55 PM

Portable Boot disks are a life saver for a techie and I usually carry one with me most of the time (Its part of my keychain 🙂 ) However, the issue I would face was that I could only carry one live CD at a time on a USB stick and if I wanted another one then I would either have to search for the pendrive where I had already installed it or burn another one to the drive which was annoying, especially when I had to switch between OS’s frequently.

So I started searching for an alternative, something similar to the Ultimate Boot CD that allowed you to have multiple diagnostic tools on a CD but for Live Distros and installation media. Tried a bunch of ways but the easiest way I found was to use Ventoy to create a bootable USB.

You can download Ventoy from their GitHub Releases page, and the installation of the tool is as easy as extracting the file to a folder on your system and then running the correct executable for your system (They have executable’s for all architectures). Once you run the file as root, select the USB disk you want to use and click install. It takes about a minute for the software to install on the drive and once completed, it creates two partitions on the disk. The first partition named VTOYEFI is reserved for the boot files by Ventoy so ensure that you don’t change anything in that partition.

The second partition called Ventoy, is an exFAT partition and this is where we will copy all the ISO files for the distributions we want the disk to support. Installing a new OS/Tool/CD is as simple as copying the ISO file for the CD on to the partition. Once we have copied the files to the partition all you have to do is unmount the partition and your new disk is ready to use.

I installed the Debian Installer, Kali Live CD and Kali Installed on a 8GB drive with no issues. When I boot from the disk, I get a menu asking me to select the ISO I want to boot into and then the system boots into the boot menu for that image. So now I can carry one pen-drive with all the OS’s I would need to troubleshoot a system or reinstall the OS. I think you should be able to boot into windows installer as well using this method but I haven’t tried it yet so can’t confirm for sure.

Well, this is all for now. Will post more later.

– Suramya

July 30, 2022

Identifying the least used packages on Debian

My main system was running low on disk space in the root partition and I wanted to clean out some of the unused software from the system. In order to do that I thought that I should find out what the least used applications on my system were and then remove them. Unfortunately I couldn’t find any existing way of doing this so it was a dead end. However, the problem remained stuck in my head and I came up with a quick and dirty way of identifying the packages and when they were last used.

The way it works is:

  • Get a list of all files on the system (using locate, since its already there so why duplicate effort)
  • For each file figure out what package it belongs to using dpkg-query -S
  • If the file belongs to a package, get the last access time (using stat) and log it
  • Once we do this for all files, sort the results.

This gives us a list of packages and the latest access date for each package (based on the latest access date for any of the files in it). Since this is a quick and dirty implementation, it is slow as molasses, doesn’t have any error checking or anything but still gets the job done. Would love to get some feedback. The code is available at: https://github.com/suramyatomar/leastUsedPackage.

The output of the script looks like:

...
...
xz-utils | 2022-07-18
yelp-xsl | 2022-04-05
yelp-xsl | 2022-04-05
youtube-dl | 2022-07-17
zim | 2022-07-17
zip | 2022-07-17
zlib1g-dev | 2022-07-17
zlib1g-dev | 2022-07-17
zlib1g-dev | 2022-07-17
zstd | 2022-07-18

Feel free to try it out if you have a similar usecase. Let me know if you have any suggestions on improving the script or if you found it useful.

– Suramya

July 9, 2022

Some lesser known Useful Linux commands

Filed under: Computer Tips,Knowledgebase,Linux/Unix Related,Tech Related — Suramya @ 7:15 AM

In this post I am sharing some useful Linux commands originally posted by Traw on Twitter. As it is almost impossible to find stuff on Twitter (even if you favorite it) I am consolidating the entire thread here as a blog post for my reference:

lsmem:

lsmem lists the ranges of available memory with their online status. The listed memory blocks correspond to the memory block representation in sysfs. The command also shows the memory block size, the device size, and the amount of memory in online and offline state. The output looks like:

suramya@StarKnight:~$ lsmem
RANGE                                  SIZE  STATE REMOVABLE  BLOCK
0x0000000000000000-0x00000000cfffffff  3.3G online       yes   0-25
0x0000000100000000-0x000000052fffffff 16.8G online       yes 32-165

Memory block size:       128M
Total online memory:      20G
Total offline memory:      0B

lsusb

lsusb lists all the USB buses in the system and the associated devices connected to them. A good way to figure out what USB devices are connected and what the vendor ID and the product ID associated with them. The output looks like:

suramya@StarKnight:~$ lsusb
Bus 006 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 005 Device 032: ID 03f0:3b17 HP, Inc LaserJet M1005 MFP
Bus 005 Device 029: ID 8564:4000 Transcend Information, Inc. microSD/SD/CF UHS-II Card Reader [RDF8, RDF9]
Bus 005 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 003 Device 002: ID 0b05:18f3 ASUSTek Computer, Inc. AURA LED Controller
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 005: ID 8087:0029 Intel Corp. AX200 Bluetooth
Bus 001 Device 004: ID 05e3:0610 Genesys Logic, Inc. Hub
Bus 001 Device 003: ID 413c:2113 Dell Computer Corp. KB216 Wired Keyboard
Bus 001 Device 002: ID 0951:16bc Kingston Technology HyperX Pulsefire FPS Gaming Mouse
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

lsb_release

The lsb_release command displays LSB (Linux Standard Base) information about your specific Linux distribution, including version number, release codename, and distributor ID. The output looks like:

suramya@StarKnight:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux bookworm/sid
Release:        testing/unstable
Codename:       n/a

lsfd

lsfd is a replacement for lsof and lists the file descriptors On Linux systems, it is tailored to the Linux kernel and supports Linux-specific features such as namespaces etc. The output looks like:

suramya@StarKnight:~$ lsfd |more
COMMAND            PID    USER  ASSOC MODE TYPE              SOURCE MNTID      INODE NAME
syncthing         1134 suramya    exe  ---  REG                sda5     0     265927 /usr/bin/syncthing
syncthing         1134 suramya    cwd  ---  DIR                sda5     0          2 /
syncthing         1134 suramya    rtd  ---  DIR                sda5     0          2 /
syncthing         1134 suramya cgroup  ---  REG                 0:4     0 4026531835 cgroup:[4026531835]
syncthing         1134 suramya    ipc  ---  REG                 0:4     0 4026531839 ipc:[4026531839]
syncthing         1134 suramya    mnt  ---  REG                 0:4     0 4026533012 mnt:[4026533012]
syncthing         1134 suramya    net  ---  REG                 0:4     0 4026531840 net:[4026531840]
syncthing         1134 suramya    pid  ---  REG                 0:4     0 4026531836 pid:[4026531836]
syncthing         1134 suramya  pid4c  ---  REG                 0:4     0 4026531836 pid:[4026531836]
syncthing         1134 suramya   time  ---  REG                 0:4     0 4026531834 time:[4026531834]
syncthing         1134 suramya time4c  ---  REG                 0:4     0 4026531834 time:[4026531834]
syncthing         1134 suramya   user  ---  REG                 0:4     0 4026531837 user:[4026531837]
syncthing         1134 suramya    uts  ---  REG                 0:4     0 4026531838 uts:[4026531838]
syncthing         1134 suramya    mem  r-x  REG                sda5     0     265927 /usr/bin/syncthing
syncthing         1134 suramya    mem  r--  REG                sda5     0     265927 /usr/bin/syncthing
syncthing         1134 suramya    mem  rw-  REG                sda5     0     265927 /usr/bin/syncthing

lsof

The command lsof stands for List Of Open Files. This command displays a list of files that have been opened. Essentially, it provides information to determine which files are opened by which process. The output looks like:

root@StarKnight:/tmp# lsof |more
COMMAND      PID    TID TASKCMD               USER   FD      TYPE             DEVICE    SIZE/OFF       NODE NAME
systemd        1                              root  cwd       DIR                8,5        4096          2 /
systemd        1                              root  rtd       DIR                8,5        4096          2 /
systemd        1                              root  txt       REG                8,5     1841792     277271 /usr/lib/systemd/systemd
systemd        1                              root  mem       REG                8,5      161864     280226 /usr/lib/x86_64-linux-gnu/libgpg-error.so.0.33.0
systemd        1                              root  mem       REG                8,5     3081088     264360 /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
systemd        1                              root  mem       REG                8,5       26984     273912 /usr/lib/x86_64-linux-gnu/libcap-ng.so.0.0.0
systemd        1                              root  mem       REG                8,5      633512     270536 /usr/lib/x86_64-linux-gnu/libpcre2-8.so.0.11.0
systemd        1                              root  mem       REG                8,5     1321424     264366 /usr/lib/x86_64-linux-gnu/libm-2.33.so
systemd        1                              root  mem       REG                8,5      158400     279628 /usr/lib/x86_64-linux-gnu/liblzma.so.5.2.5
systemd        1                              root  mem       REG                8,5      751840     263041 /usr/lib/x86_64-linux-gnu/libzstd.so.1.5.2
systemd        1                              root  mem       REG                8,5      137568     269425 /usr/lib/x86_64-linux-gnu/liblz4.so.1.9.3
systemd        1                              root  mem       REG                8,5       35280     262500 /usr/lib/x86_64-linux-gnu/libip4tc.so.2.0.0
systemd        1                              root  mem       REG                8,5     1332480     262198 /usr/lib/x86_64-linux-gnu/libgcrypt.so.20.4.1
systemd        1                              root  mem       REG                8,5       18768     264301 /usr/lib/x86_64-linux-gnu/libdl-2.33.so
systemd        1                              root  mem       REG                8,5      202680     264320 /usr/lib/x86_64-linux-gnu/libcrypt.so.1.1.0
systemd        1                              root  mem       REG                8,5       38864     267169 /usr/lib/x86_64-linux-gnu/libcap.so.2.44

lscpu

lscpu gathers CPU architecture information from sysfs, /proc/cpuinfo, and any architecture-specific libraries that are applicable (e.g. librtas on Powerpc). The command output can be optimized for parsing or human readability. This can include the number of CPU’s, threads, cores, etc. The output looks like:

suramya@StarKnight:~$ lscpu
Architecture:            x86_64
  CPU op-mode(s):        32-bit, 64-bit
  Address sizes:         43 bits physical, 48 bits virtual
  Byte Order:            Little Endian
CPU(s):                  16
  On-line CPU(s) list:   0-15
Vendor ID:               AuthenticAMD
  Model name:            AMD Ryzen 7 3800X 8-Core Processor
    CPU family:          23
    Model:               113
    Thread(s) per core:  2
    Core(s) per socket:  8
    Socket(s):           1
    Stepping:            0
    Frequency boost:     enabled
    CPU(s) scaling MHz:  52%
    CPU max MHz:         4558.8862
    CPU min MHz:         2200.0000
    BogoMIPS:            7786.11
    Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse
                         3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_p
                         state ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbr
                         v svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sme sev sev_es
Virtualization features: 
  Virtualization:        AMD-V
Caches (sum of all):     
  L1d:                   256 KiB (8 instances)
  L1i:                   256 KiB (8 instances)
  L2:                    4 MiB (8 instances)
  L3:                    32 MiB (2 instances)
NUMA:                    
  NUMA node(s):          1
  NUMA node0 CPU(s):     0-15
Vulnerabilities:         
  Itlb multihit:         Not affected
  L1tf:                  Not affected
  Mds:                   Not affected
  Meltdown:              Not affected
  Spec store bypass:     Mitigation; Speculative Store Bypass disabled via prctl
  Spectre v1:            Mitigation; usercopy/swapgs barriers and __user pointer sanitization
  Spectre v2:            Mitigation; Retpolines, IBPB conditional, STIBP conditional, RSB filling
  Srbds:                 Not affected
  Tsx async abort:       Not affected

lslogins

lslogins displays information about known users in the system. It examines the wtmp and btmp logs, /etc/shadow (if necessary) along with /etc/passwd to get the desired data.

suramya@StarKnight:~$ lslogins
  UID USER              PROC PWD-LOCK PWD-DENY  LAST-LOGIN GECOS
    0 root               306                   Apr06/15:36 root

lspci

lspci is a command on Unix-like operating systems that prints detailed information about all PCI buses and devices in the system. It is based on a common portable library libpci which offers access to the PCI configuration space on a variety of operating systems. The output looks like:

suramya@StarKnight:~$ lspci
00:00.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse Root Complex
00:00.2 IOMMU: Advanced Micro Devices, Inc. [AMD] Starship/Matisse IOMMU
00:01.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:01.2 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge
00:02.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:03.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
00:03.2 PCI bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP Bridge
00:04.0 Host bridge: Advanced Micro Devices, Inc. [AMD] Starship/Matisse PCIe Dummy Host Bridge
...
0b:00.4 Audio device: Advanced Micro Devices, Inc. [AMD] Starship/Matisse HD Audio Controller

lsipc

lsipc shows information on the System V inter-process communication facilities for which the calling process has read access. The output looks like:

suramya@StarKnight:~$ lsipc
RESOURCE DESCRIPTION                                              LIMIT USED  USE%
MSGMNI   Number of message queues                                 32000    0 0.00%
MSGMAX   Max size of message (bytes)                                 8K    -     -
MSGMNB   Default max size of queue (bytes)                          16K    -     -
SHMMNI   Shared memory segments                                    4096    4 0.10%
SHMALL   Shared memory pages                       18446744073692774399 1728 0.00%
SHMMAX   Max size of shared memory segment (bytes)                  16E    -     -
SHMMIN   Min size of shared memory segment (bytes)                   1B    -     -
SEMMNI   Number of semaphore identifiers                          32000    0 0.00%
SEMMNS   Total number of semaphores                          1024000000    0 0.00%
SEMMSL   Max semaphores per semaphore set.                        32000    -     -
SEMOPM   Max number of operations per semop(2)                      500    -     -
SEMVMX   Semaphore max value                                      32767    -     -

lslocks

lslocks lists information about all the currently held file locks in a Linux system. It also lists OFD (Open File Description) locks which are not associated with any process (PID is -1). OFD locks are associated with the open file description on which they are acquired. The output looks like:

suramya@StarKnight:~$ lslocks |more
COMMAND            PID  TYPE  SIZE MODE  M      START        END PATH
pipewire          1483 FLOCK       WRITE 0          0          0 /run/user/1000/pipewire-0.lock
firefox-bin      18608 POSIX       WRITE 0          0          0 /mnt/data/Configs/.mozilla/firefox/6hzbxva3.default/.parentlock
firefox-bin      18608 POSIX       READ  0          0          0 /tmp/MozillaUpdateLock-CBDE0CC28E6567B7
plasmashell       1742 POSIX   88K READ  0 1073741826 1073742335 /home/suramya/.local/share/kactivitymanagerd/resources/database
plasmashell       1742 POSIX   32K READ  0        128        128 /home/suramya/.local/share/kactivitymanagerd/resources/database-shm
systemsettings    2116 POSIX   88K READ  0 1073741826 1073742335 /home/suramya/.local/share/kactivitymanagerd/resources/database
systemsettings    2116 POSIX   32K READ  0        128        128 /home/suramya/.local/share/kactivitymanagerd/resources/database-shm
cron               900 FLOCK       WRITE 0          0          0 /run...
kactivitymanage   1754 POSIX   88K READ  0 1073741826 1073742335 /home/suramya/.local/share/kactivitymanagerd/resources/database
kactivitymanage   1754 POSIX   32K READ  0        128        128 /home/suramya/.local/share/kactivitymanagerd/resources/database-shm
firefox-bin      18608 POSIX   75M WRITE 0 1073741826 1073742335 /mnt/data/Configs/.mozilla/firefox/6hzbxva3.default/places.sqlite
firefox-bin      18608 POSIX 74.3M WRITE 0 1073741826 1073742335 /mnt/data/Configs/.mozilla/firefox/6hzbxva3.default/favicons.sqlite
kactivitymanage   1754 POSIX   32K READ  0        124        124 /home/suramya/.local/share/kactivitymanagerd/resources/database-shm

lsmod

lsmod shows the current status of loaded modules in the Linux Kernel. It nicely formats the contents of the /proc/modules , showing what kernel modules are currently loaded. The output looks like:

suramya@StarKnight:~$ lsmod
Module                  Size  Used by
loop                   32768  0
dm_crypt               61440  0
dm_mod                172032  1 dm_crypt
mptcp_diag             16384  0
tcp_diag               16384  0
udp_diag               16384  0
raw_diag               16384  0
inet_diag              24576  4 tcp_diag,mptcp_diag,raw_diag,udp_diag
unix_diag              16384  0
af_packet_diag         16384  0
netlink_diag           16384  0
uinput                 20480  0
xfrm_user              49152  2
xfrm_algo              16384  1 xfrm_user
...
...
twofish_generic        20480  0
twofish_avx_x86_64     53248  0
twofish_x86_64_3way    32768  1 twofish_avx_x86_64

lsirq

lsirq is a utility to display kernel interrupt information. The output looks like:

IRQ     TOTAL NAME
LOC 438495596 Local timer interrupts
RES 395250211 Rescheduling interrupts
CAL 244198954 Function call interrupts
TLB  50704087 TLB shootdowns
 43  36669756 IR-PCI-MSI 2621443-edge enp5s0-tx-0
 44  33219249 IR-PCI-MSI 2621444-edge enp5s0-tx-1
 42  29631348 IR-PCI-MSI 2621442-edge enp5s0-rx-1
 41  24214613 IR-PCI-MSI 2621441-edge enp5s0-rx-0
 63   5830480 IR-PCI-MSI 3670016-edge ahci[0000:07:00.0]
 45   4564010 IR-PCI-MSI 3147776-edge xhci_hcd
105   4129317 IR-PCI-MSI 4718592-edge nvidia
 64   3354988 IR-PCI-MSI 4194304-edge ahci0
 69   1788338 IR-PCI-MSI 4194309-edge ahci5
 65    157846 IR-PCI-MSI 4194305-edge ahci1
104     27444 IR-PCI-MSI 5775360-edge snd_hda_intel:card1
..
..

lsns

The lsns command lists information about all currently accessible namespaces or a given namespace. The namespace identifier is an inode number. The output looks like:

suramya@StarKnight:~$ lsns
        NS TYPE   NPROCS    PID USER    COMMAND
4026531834 time       87   1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531835 cgroup     87   1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531836 pid        87   1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531837 user       75   1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531838 uts        87   1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531839 ipc        76   1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531840 net        76   1134 suramya /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
4026531841 mnt        85   1454 suramya /lib/systemd/systemd --user
4026532954 user        1 267290 suramya /usr/local/firefox/firefox-bin -contentproc -parentBuildID 20220705093820 -prefsLen 44808 -prefMapSize 237085 -appDir /usr/local/firefox/browser 267229 true socket
4026532955 ipc         1 267290 suramya /usr/local/firefox/firefox-bin -contentproc -parentBuildID 20220705093820 -prefsLen 44808 -prefMapSize 237085 -appDir /usr/local/firefox/browser 267229 true socket
...
...

lsattr

lsattr lists the file attributes on a second extended file system. The chattr command modifies the attributes of files, and lsattr lists (displays) them. File attributes are flags which affect how the file is stored and accessed by the filesystem. They are metadata stored in the file’s associated inode. The output looks like:

suramya@StarKnight:~$ lsattr
--------------e------- ./node_modules
--------------e------- ./Temp
--------------e------- ./Screenshot_20220704_122444.png
--------------e------- ./go
--------------e------- ./LinkedIn

lsblk

lsblk is used to display details about block devices and these block devices(Except ram disk) are basically those files that represent devices connected to the pc. It queries /sys virtual file system and udev db to obtain information that it displays. And it basically displays output in a tree-like structure. This command comes pre-installed with the util-Linux package. The output looks like:

suramya@StarKnight:~$ lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
sda      8:0    0 111.8G  0 disk 
├─sda1   8:1    0   3.7G  0 part [SWAP]
├─sda2   8:2    0     1K  0 part 
├─sda5   8:5    0  18.6G  0 part /
└─sda6   8:6    0  89.4G  0 part /mnt/data
sdb      8:16   0   2.7T  0 disk 
└─sdb1   8:17   0   2.7T  0 part /mnt/Backup
sdc      8:32   0 223.6G  0 disk 
└─sdc1   8:33   0 223.6G  0 part /mnt/storage
sdd      8:48   0  12.7T  0 disk 
└─sdd1   8:49   0  12.7T  0 part /mnt/repository

There are a lot more useful Linux commands and no blog post can possibily list all of them. But some of these were new to me so I thought I should share.

– Suramya

« Newer PostsOlder Posts »

Powered by WordPress