Techno Babble Archives - Page 4 of 41

Install ZoneMinder – Video Surveillance Software on Debian 9

Whether it’s in the home or the enterprise, physical security is always a foundational component of an all encompassing security policy. The usage of security cameras tends to be a corner stone of a physical security monitoring solution.

One of the biggest challenges with cameras tends to be the management and the storage of the video feeds/images. One of the best known open source solutions for addressing this task is Zone Minder.

Zone Minder presents users with a large number of solutions for monitoring, managing, and analyzing the video feeds from security cameras. Some of the highlights of Zone Minder include:

Free, Open source and constantly updating.
Works with most IP cameras (even ones with special functionality like PTZ, night vision, and 4k resolutions).
Web based management console.
Android and iOS applications for monitoring from anywhere.

To see more features of Zone Minder please visit the project’s home page at: https://zoneminder.com/features/

This article will cover the installation of Zone Minder on Debian 9 Stretch and another article will cover the configuration of Zone Minder to monitor security camera feeds.

Zone Minder Lab Setup Diagram

While this is a simplification of most IP camera installations, the concepts will still work assuming that the cameras have network connectivity to the Zone Minder server.

This article will assume that the reader already has a minimal base install of Debian 9 Stretch up and running. A bare install with SSH connectivity is all that is assumed.

A graphical environment is not needed on the server as everything will be served through the Apache web server to the clients connecting to the Zone Minder web interface.

Please see this article on Tecmint for installing Debian 9: https://www.tecmint.com/installation-of-debian-9-minimal-server/.

Server Specifications:

Since Zone Minder will potentially be saving lots of video/images, the biggest components necessary for this server will be network and storage capacity. Other items to take into consideration are the number of cameras, the quality of the images/video being sent to the server, number of users connecting to the Zone Minder system, and viewing the streams live through the Zone Minder system.

Important: The server being used in this guide, while old, is not the typical home user system. Please make sure to thoroughly evaluate usage requirements before setting up a Zone Minder system.

Zone Minder wiki article for Specs: https://wiki.zoneminder.com/How_Many_Cameras

System Specs:

1 HP DL585 G1 (4 x Dual core CPU’s)
RAM: 18 GB
1 x 1Gbps network connections for IP cameras
1 x 1Gbps network connection for management
Local Storage: 4 x 72GB in RAID 10 (OS only; ZM images/video will be offloaded later)
1 x 1.2 TB HP MSA20 (Storage of Images/Videos)

Installation of Zone Minder

The installation of Zone Minder is very straight forward and assumes root or sudo access on the particular server that Zone Minder is being installed.

Debian Stretch doesn’t have Zone Minder 1.30.4 in the repositories by default. Luckily a newer version of Zone Minder is available in Debian Stretch backports.

To enable backports in a clean installation of Debian, issue the following command:

# echo -e “\n\rdeb http://ftp.debian.org/debian stretch-backports main” >> /etc/apt/sources.list

Once backports have been enabled, the system will likely have a series of updates that will need to occur. Run the following commands to update the packages in preparation for the rest of this article.

# apt-get update
# apt-get upgrade
# apt-get dist-upgrade

The first step for the installation and configuration of Zone Minder is to install the necessary dependencies for with the following commands:

# apt-get install php mariadb-server php-mysql libapache2-mod-php7.0 php7.0-gd zoneminder

During this installation process, the MariaDB server installation may prompt the user to configure a root password for the database, **DO NOT FORGET THIS PASSWORD**.

Once the installation is complete, it is strongly suggested that the database be secured using the following command:

# mysql_secure_installation

The above command may prompt for the root password created during the MariaDB installation first and then will ask the user several security questions about disabling a test user, remote root login to the database, and removing testing databases. It is safe and suggested that ‘Yes’ be the answer to all of these questions.

Now the database needs to be prepared and a Zone Minder user for the database. The Zone Minder package provides the necessary schema for import. The import will create the user ‘zmuser’, the database ‘zm’, and setup a default password on the system *See below on how to change this*.

The following commands will prompt the user for the MariaDB database root user password.

# mariadb -u root -p < /usr/share/zoneminder/db/zm_create.sql
# mariadb -u root -p -e "grant all on zm.* to ‘zmuser’@localhost identified by ‘zmpass’;"

This part is only needed if the user wants to change the default user/password for the database! It may be desirable to change the database name, username, or password for the database.

For example, say the admin wanted to use a different user/password combination:

User: zm_user_changed
Password: zmpass-test

This would change the above MariaDB user command to:

# mariadb -u root -p -e "grant all on zm.* to ‘zm_user_changed’@localhost identified by ‘zmpass-test’;"

By doing this though, Zone Minder will need to be made aware of the changed database and user name. Make the proper changes in the ZM configuration file at ‘/etc/zm/zm.conf’.

Locate and change the following lines:

ZM_DB_USER = zmuser ? Change ‘zmuser’ to the new user above. ‘zm_user_changed’
ZM_DB_PASS = zmpass ? Change ‘zmpass’ to the new password used above. ‘zmpass-test’

The next step is to fix ownership of the Zone Minder configuration file so that it can be read by the apache user (www-data) using the following command:

# chgrp www-data /etc/zm/zm.conf

The www-data user also needs to be a part of the ‘video’ group on this system. To accomplish this the following command should be used:

# usermod -aG video www-datada

It is also necessary to set the proper time zone in the php.ini file locate at ‘/etc/php/7.0/apache2/php.ini’. Find the proper time zone and then using a text editor, locate the follow line and append the timezone information.

# nano /etc/php/7.0/apache2/php.ini

Change the line ‘;date.timezone =‘ to ‘date.timezone = America/New_York’.

Now Apache needs to be configured to serve out the Zone Minder web interface. The first step is to disable the default Apache page and enable the Zone Minder configuration file.

# a2dissite 000-default.conf
# a2enconf zoneminder

There are also some Apache modules that need to be enabled for Zone Minder to function properly. This can be accomplished with the following commands:

# a2enmod cgi
# a2enmod rewrite

The final steps are to enable and start Zone Minder! Use the following commands to accomplish this:

# systemctl enable zoneminder.service
# systemctl restart apache2.service
# systemctl start zoneminder.service

Now if everything went well, navigating to the server’s IP and Zone Minder directory should yield the Zone Minder management console as such:

http://10.0.0.10/zm

Zone Minder Dashboard

Congratulations! Zone Minder is now up and running on Debian 9. In next upcoming articles we will walk through the configuration of storage, cameras, and alerts within the Zone Minder console.

How to Block USB Storage Devices in Linux Servers

In order to protect sensitive data extraction from servers by users who have physical access to machines, it’s a best practice to disable all USB storage support in Linux kernel.

In order to disable USB storage support, we first need to identify if the storage driver is loaded into Linux kernel and the name of the driver (module) responsible with storage driver.

Run the lsmod command to list all loaded kernel drivers and filter the output via grep command with the search string “usb_storage”.

# lsmod | grep usb_storage

List USB Storage Drivers

From lsmod command, we can see that the sub_storage module is in use by UAS module. Next, unload both USB storage modules from kernel and verify if the removal has been successfully completed, by issuing the below commands.

# modprobe -r usb_storage
# modprobe -r uas
# lsmod | grep usb

Next, list the content of the current runtime kernel usb storage modules directory by issuing the below command and identify the usb-storage driver name. Usually this module should be named usb-storage.ko.xz or usb-storage.ko.

# ls /lib/modules/`uname -r`/kernel/drivers/usb/storage/

In order to block USB storage module form loading into kernel, change directory to kernel usb storage modules path and rename the usb-storage.ko.xz module to usb-storage.ko.xz.blacklist, by issuing the below commands.

# cd /lib/modules/`uname -r`/kernel/drivers/usb/storage/
# ls
# mv usb-storage.ko.xz usb-storage.ko.xz.blacklist

Block USB Storage in Linux

In Debian based Linux distributions, issue the below commands to block usb-storage module from loading into Linux kernel.

# cd /lib/modules/`uname -r`/kernel/drivers/usb/storage/ # ls
# mv usb-storage.ko usb-storage.ko.blacklist

Block USB in Debian and Ubuntu

Now, whenever you plug-in a USB storage device, the kernel will be fail to load the storage device driver intro kernel. To revert changes, just rename the usb module blacklisted back to its old name.

# cd /lib/modules/`uname -r`/kernel/drivers/usb/storage/
# mv usb-storage.ko.xz.blacklist usb-storage.ko.xz

However, this method applies only to runtime kernel modules. In case you want to blacklist USB storage modules form all available kernels in the system, enter each kernel module directory version path and rename the usb-storage.ko.xz to usb-storage.ko.xz.blacklist.

Firefox Quantum Eats RAM Like Chrome

For a long time, Mozilla’s Firefox has been my web browser of choice. I have always preferred it to using Google’s Chrome, because of its simplicity and reasonable system resource (especially RAM) usage. On many Linux distributions such as Ubuntu, Linux Mint and many others, Firefox even comes installed by default.

Recently, Mozilla released a new, powerful and faster version of Firefox called Quantum. And according to the developers, it’s new with a “powerful engine that’s built for rapid-fire performance, better, faster page loading that uses less computer memory.”

Read Also: How to Install Firefox Quantum in Linux

However, after I updated to Firefox Quantum, I noticed two significant changes with by far the biggest update to Firefox: first, it is fast, I mean really fast, and secondly, it’s greedy of RAM just like Chrome, as you open more tabs and continue to use it for a long time.

Therefore I carried out an simple investigation to examine Quantum’s memory usage, and also tried to compare it to Chrome’s memory usage, using the following testing environment:

Operating system - Linux Mint 18.0
CPU Model - Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz RAM - 4 GB(3.6 Usable)

Firefox Quantum Eats RAM With Many Tabs Opened

If you open Quantum with just few tabs, let’s say up to 5, you’ll notice that memory consumption by Firefox is fairly good, but as you open more tabs and continue to use it for long, it tends to eat up RAM.

I performed a few tests using glances – a real-time Linux system monitoring tool, to view top process by RAM usage. Under this tool, to sort processes by RAM usage, simply press m key.

I started by running glances and sorting processes by highest RAM usage before launching Firefox, as shown in the screenshot below.

$ glances

Glances – Processes Memory Usage

After launching Firefox and using it for close to half an hour with less than 8 tabs open, I captured a screenshot of glances with processes sorted by RAM usage shown below.

Glances – Firefox Memory Usage Monitoring

As I continued using Firefox through the day, the memory usage was steadily increasing as seen in the next screen shot.

Glances – Firefox Memory Usage Increasing

At the end of the day, Firefox had already consumed more than 70% off my system RAM as shown by the red warning-indicator in the following screen shot.

Note that during the test, I did not run any other RAM-consuming applications apart from Firefox itself (so it was definitely the one consuming the most amount of RAM).

Glances – Firefox High Memory Usage

From the results above, Mozilla was rather misleading in telling users that Quantum uses less computer memory.

Having known Chrome for eating RAM, the following day, I decided to also compared its (Quantum’s) memory usage with Chrome as explained in the next section.

Firefox Quantum Vs Chrome: RAM Usage

Here, I started my test by launching both browsers with the same number of tabs and opening the same sites in corresponding tabs as seen in the screen shot below.

Opened Same Tabs on Firefox and Chrome

Then from glances, I watched their RAM usage (sorted processes by memory usage as before). As you can see in this screenshot, considering all Chrome and Firefox processes (parent and child processes) on average Chrome still consumes more percentage of RAM than Quantum.

Compare Chrome and Firefox Memory Usage

To better understand memory usage by the two browsers, we need to clearly interpret the output the meaning of the %MEM, VIRT and RES columns from the process list headers:

VIRT – represents the total amount of memory a process is able to access at the moment, which includes RAM, Swap and any shared memory being accessed.
RES – is the accurate representation of how much amount of resident memory or actual physical memory a process is consuming.
%MEM – represents the percentage of physical (resident) memory used by this process.

From the explanation and values in the screenshots above, Chrome still eats more physical memory than Quantum.

All in all, I suppose Quantum’s speedy new engine, that ships in with many other performance improvements speaks for its high memory utilization. But is it worth? I would like to here from you, via the comment form below.

How to Install Tripwire IDS (Intrusion Detection System) on Linux

Tripwire is a popular Linux Intrusion Detection System (IDS) that runs on systems in order to detect if unauthorized filesystem changes occurred over time.

In CentOS and RHEL distributions, tripwire is not a part of official repositories. However, the tripwire package can be installed via Epel repositories.

To begin, first install Epel repositories in CentOS and RHEL system, by issuing the below command.

# yum install epel-release

After you’ve installed Epel repositories, make sure you update the system with the following command.

# yum update

After the update process finishes, install Tripwire IDS software by executing the below command.

# yum install tripwire

Fortunately, tripwire is a part of Ubuntu and Debian default repositories and can be installed with following commands.

$ sudo apt update
$ sudo apt install tripwire

On Ubuntu and Debian, the tripwire installation will be asked to choose and confirm a site key and local key passphrase. These keys are used by tripwire to secure its configuration files.

Create Tripwire Site and Local Key

On CentOS and RHEL, you need to create tripwire keys with the below command and supply a passphrase for site key and local key.

# tripwire-setup-keyfiles

Create Tripwire Keys

In order to validate your system, you need to initialize Tripwire database with the following command. Due to the fact that the database hasn’t been initialized yet, tripwire will display a lot of false-positive warnings.

# tripwire --init

Initialize Tripwire Database

Finally, generate a tripwire system report in order to check the configurations by issuing the below command. Use --help switch to list all tripwire check command options.

# tripwire --check --help
# tripwire --check

After tripwire check command completes, review the report by opening the file with the extension .twr from /var/lib/tripwire/report/ directory with your favorite text editor command, but before that you need to convert to text file.

# twprint --print-report --twrfile /var/lib/tripwire/report/tecmint-20170727-235255.twr > report.txt
# vi report.txt

Tripwire System Report

That’s It! you have successfully installed Tripwire on Linux server. I hope you can now easily configure your Tripwire IDS.

Guider – A System Wide Linux Performance Analyzer

Guider is a free and opens source, powerful system-wide performance analysis tool written mostly in Python for Linux operating systems.

It is designed to measure amount of system resource usage and to trace system behavior thus making it easy to analyze system performance issues effectively or allow for performance tunning.

It shows you a great wealth of information concerning CPU, memory, disk usage per thread, processes, system functions (user/kernel); therefore making it really simple to get to the bottom of an issue causing abnormal system performance or to improve overall system performance.

System Requirements

Linux kernel (>= 3.0)
Python (>= 2.7)
Kernel buffer size of 40960.

In this article, we will show you how to install guider from source and use it to analyze and improve overall Linux operating system performance.

How to Build and Install Guider – Linux Performance Analyzer

To install Guider on Linux, first clone the guider repository from github as shown.

$ git clone https://github.com/iipeace/guider.git
$ cd guider
$ guider.py [Run without installing]

You can run guider.py without installing it. Alternatively, you can run the commands below to build and install it as shown.

$ make
$ sudo make install

If you can use PIP in your system then install it using the following command.

$sudo pip install --pre guider

How to Use Guider to Analyze Linux System Performance

By default, guider is supposed to set buffer size for its operations. However, if it fails to do that and shows an error once you invoke it, you can check your buffer size, with this command.

$ sudo cat /sys/kernel/debug/tracing/buffer_size_kb

If the value is less than 40960, then set it to the required value as follows.

$ echo 40960 | sudo tee /sys/kernel/debug/tracing/buffer_size_kb

Set Linux Kernel Buffer Size

You can invoke guider in thread, function, top, file and system modes using the following syntax.

$ guider [ mode | file ] [options]

As is the case with most command line based Linux system performance analysis tools, you will need a wider screen to clearly view guider’s output.

Perform CPU Usage Analysis in Thread Mode

The following command will start accurate tracing in thread mode (press [Ctrl+c] terminate the tracing process). Once you terminate the process, it will save data and start the analysis process, and there after show you the analysis report.

$ sudo guider record

CPU Tracing in Thread Mode

The analysis report includes general system info, OS info, CPU info, memory info, disk info as well as thread info towards the end of the pager. Simply use the Up and Down arrows to scroll up and down the pager.

Linux System Information

Perform Real Time Linux Monitoring in Top Mode

The following command will show resource usage of Linux processes in real-time.

$ sudo guider.py top

Real Time Linux Processes Monitoring

You can set an interval for showing output using the -i switch as shown.

$ sudo guider top -i 2

To monitor all information concerning resource usage, use the -a flag.

$ sudo guider top -a

Analyze a Single Linux Process Using PID

First get the process ID using the pidof or ps command.

$ pidof apache2
OR
$ ps -e | grep apache2

Then analyze its resource usage using the following command, which outputs CPU cycle, instruction number, IPC, faults, cache miss, branch miss and so much more in real-time. The -g switch sets a filter which in this case is the process ID.

$ sudo guider top -eP -g 1913

Monitor Apache Process Usage

Save Guider Output to a File

You can as well save trace data or any output in a file for later analysis. The following command saves the trace data in a file called guider.dat (by default) in the current directory, you can specify a different location as well.

$ sudo guider -s .

To save any other output in a file called guider.out (by default) in the current directory.

$ sudo guider top -o .

Then you can inspect these files through the cat command.

$ cat guider.dat
$ cat guider.out

We can not exhaust all the possible options here because the list of options is endless. You can see all options and more usage examples from the guider help page.

$ guider -h

Guider Github repository: https://github.com/iipeace/guider

Conclusion

Guider is a great system-wide performance analysis tool for the future. It is suitable for Linux experts. Try out most of its features and share your thoughts with us via the feedback form below. If you have come across any similar tools, let us know as well.

Get Computer Hacker Professional Certification Bundle (5-Courses)

by Ravi Saive | Published: January 17, 2018 | January 17, 2018

Take a dive into professional computer hacking today, with more than 60 hours of preparation towards CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), and more certification exams, in The Computer Hacker Professional Certification Bundle.

The first course in this bundle will cover ethical hacker certification training, where you’ll master the skills of hacking and penetration in order to learn how to beat malicious hackers. You lean about automated tools for breaching security such as trojans, backdoors, viruses, worms as well as DOS attacks. You will also learn the role of social engineering in stealing secrets.

The second course takes you through information systems security training where you’ll learn about accounts and identity management, perform technical penetration testing and discuss layers of protection plus so much more.

There after, you will proceed to information systems auditor training where you will learn about internal control classifications and IT strategy, study information systems maintenance practices and media disposal process. You’ll also learn how to assess service level management practices and much more.

Towards the end of the bundle, you will get training in information security management. You will study various risk assessment methodologies and implement an information risk assessment process. You will also learn how to develop an information security strategy and beyond.

Finally, you will be trained as a computer hacking forensics investigator. Here, you will learn how to carry out an investigation according to industry best practices and legal guidelines. You will learn searching and seizing resources as required for the investigation.

What’s included in this Bundle?

Ethical Hacker Certification Training
Certified Information Systems Security Pro (CISSP)
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
Computer Hacking Forensics Investigator Certification Training

Take advantage of this bundle today, by getting it at 96% off or for as low as $49 on Tecmint Deals.

‘,
enableHover: false,
enableTracking: true,
buttons: { twitter: {via: ‘tecmint’}},
click: function(api, options){
api.simulateClick();
api.openPopup(‘twitter’);
}
});
jQuery(‘#facebook’).sharrre({
share: {
facebook: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
click: function(api, options){
api.simulateClick();
api.openPopup(‘facebook’);
}
});
jQuery(‘#googleplus’).sharrre({
share: {
googlePlus: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
urlCurl: ‘https://www.tecmint.com/wp-content/themes/tecmint/js/sharrre.php’,
click: function(api, options){
api.simulateClick();
api.openPopup(‘googlePlus’);
}
});
jQuery(‘#linkedin’).sharrre({
share: {
linkedin: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
buttons: {
linkedin: {
description: ‘Get Computer Hacker Professional Certification Bundle (5-Courses)’,media: ‘https://www.tecmint.com/wp-content/uploads/2018/01/Learn-Computer-Hacker-Pro-Certification.png’ }
},
click: function(api, options){
api.simulateClick();
api.openPopup(‘linkedin’);
}
});
// Scrollable sharrre bar, contributed by Erik Frye. Awesome!
var shareContainer = jQuery(“.sharrre-container”),
header = jQuery(‘#header’),
postEntry = jQuery(‘.entry’),
$window = jQuery(window),
distanceFromTop = 20,
startSharePosition = shareContainer.offset(),
contentBottom = postEntry.offset().top + postEntry.outerHeight(),
topOfTemplate = header.offset().top;
getTopSpacing();
shareScroll = function(){
if($window.width() > 719){ var scrollTop = $window.scrollTop() + topOfTemplate,
stopLocation = contentBottom – (shareContainer.outerHeight() + topSpacing);
if(scrollTop > stopLocation){
shareContainer.offset({top: contentBottom – shareContainer.outerHeight(),left: startSharePosition.left});
}
else if(scrollTop >= postEntry.offset().top-topSpacing){
shareContainer.offset({top: scrollTop + topSpacing, left: startSharePosition.left});
}else if(scrollTop 1024)
topSpacing = distanceFromTop + jQuery(‘.nav-wrap’).outerHeight();
else
topSpacing = distanceFromTop;
}
});
]]>

How to Check and Patch Meltdown CPU Vulnerability in Linux

Meltdown is a chip-level security vulnerability that breaks the most fundamental isolation between user programs and the operating system. It allows a program to access the operating system kernel’s and other programs’ private memory areas, and possibly steal sensitive data, such as passwords, crypto-keys and other secrets.

Spectre is a chip-level security flaw that breaks the isolation between different programs. It enables a hacker to trick error-free programs into leaking their sensitive data.

These flaws affect mobile devices, personal computers and cloud systems; depending on the cloud provider’s infrastructure, it might be possible to access/steal data from other customers.

We came across a useful shell script that scans your Linux system to verify whether your kernel has the known correct mitigations in place against Meltdown and Spectre attacks.

spectre-meltdown-checker is a simple shell script to check if your Linux system is vulnerable against the 3 “speculative execution” CVEs (Common Vulnerabilities and Exposures) that were made public early this year. Once you run it, it will inspect your currently running kernel.

Optionally, if you have installed multiple kernels and you’d like to inspect a kernel you’re not running, you can specify a kernel image on the command line.

It will significantly try to detect mitigations, including backported non-vanilla patches, not considering the kernel version number advertised on the system. Note that you should launch this script with root privileges to get accurate information, using the sudo command.

$ git clone https://github.com/speed47/spectre-meltdown-checker.git $ cd spectre-meltdown-checker/
$ sudo ./spectre-meltdown-checker.sh

Check Meltdown and Spectre Vulnerabilities

From the results of the above scan, our test kernel is vulnerable to the 3 CVEs. In addition, here are a few important points to note about these processor bugs:

If your system has a vulnerable processor and runs an unpatched kernel, it is not safe to work with sensitive information without the chance of leaking the information.
Fortunately, there are software patches against Meltdown and Spectre, with details provided in Meltdown and Spectre research homepage.

The latest Linux kernels have been redesigned to defang these processor security bug. Therefore update your kernel version and reboot the server to apply updates as shown.

$ sudo yum update [On CentOS/RHEL]
$ sudo dnf update [On Fedora]
$ sudo apt-get update [On Debian/Ubuntu]
# pacman -Syu [On Arch Linux]

After reboot make sure to scan again with spectre-meltdown-checker.sh script.

You can find a summary of the CVEs from the spectre-meltdown-checker Github repository.

How to Control Systemd Services on Remote Linux Server

by Aaron Kili | Published: January 16, 2018 | January 16, 2018

Systemd system and services manager can be controlled using the systemctl command line utility. It enables you to manage systemd locally or on a remote Linux machine over the SSH protocol.

In this short article, we will show you how to manage systemd system and service manager on a remote Linux machine over a SSH session.

Attention: We recommend using public/private key pairs for passwordless authentication for SSH, as opposed to passwords, and also employing additional methods to secure SSH service, as explained in these guides.

SSH Passwordless Login Using SSH Keygen in 5 Easy Steps
5 Best Practices to Secure and Protect SSH Server
How to Block SSH and FTP Access to Specific IP and Network Range

To connect to a remote server, run systemctl with the --host or -H flag as follows. In the command below, we are connecting to the remote server as the root user and status is a subcommand of systemctl utility used to view the status of the httpd service on centos.temint.lan (remote Linux server).

$ systemctl --host [email protected] status httpd.service
OR
$ systemctl -H [email protected] status httpd.service

Manage Systemd Service on Remote Linux

Similarly, you can also start, stop or restart remote systemd service as shown.

$ systemctl --host [email protected] start httpd.service $ systemctl --host [email protected] stop httpd.service
$ systemctl --host [email protected] restart httpd.service

To end the session, simply type [Ctrl+C]. For more information and usage options, see the systemctl man page:

$ man systemctl

That’s all for now! What follows is an assortment of systemd articles which you’ll find useful:

The Story Behind: Why ‘init’ Needed to be Replaced with ‘systemd’ in Linux
Managing System Startup Process and Services (SysVinit, Systemd and Upstart)
Manage Log Messages Under Systemd Using Journalctl [Comprehensive Guide]
How to Create and Run New Service Units in Systemd Using Shell Script
How to Change Runlevels (targets) in SystemD

In this article, we showed you how to manage systemd system and service manager on a remote Linux machine. Use the feedback section to ask questions or share your thoughts about this guide.

‘,
enableHover: false,
enableTracking: true,
buttons: { twitter: {via: ‘tecmint’}},
click: function(api, options){
api.simulateClick();
api.openPopup(‘twitter’);
}
});
jQuery(‘#facebook’).sharrre({
share: {
facebook: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
click: function(api, options){
api.simulateClick();
api.openPopup(‘facebook’);
}
});
jQuery(‘#googleplus’).sharrre({
share: {
googlePlus: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
urlCurl: ‘https://www.tecmint.com/wp-content/themes/tecmint/js/sharrre.php’,
click: function(api, options){
api.simulateClick();
api.openPopup(‘googlePlus’);
}
});
jQuery(‘#linkedin’).sharrre({
share: {
linkedin: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
buttons: {
linkedin: {
description: ‘How to Control Systemd Services on Remote Linux Server’,media: ‘https://www.tecmint.com/wp-content/uploads/2018/01/Control-Systemd-Services-on-Remote-Linux.png’ }
},
click: function(api, options){
api.simulateClick();
api.openPopup(‘linkedin’);
}
});
// Scrollable sharrre bar, contributed by Erik Frye. Awesome!
var shareContainer = jQuery(“.sharrre-container”),
header = jQuery(‘#header’),
postEntry = jQuery(‘.entry’),
$window = jQuery(window),
distanceFromTop = 20,
startSharePosition = shareContainer.offset(),
contentBottom = postEntry.offset().top + postEntry.outerHeight(),
topOfTemplate = header.offset().top;
getTopSpacing();
shareScroll = function(){
if($window.width() > 719){ var scrollTop = $window.scrollTop() + topOfTemplate,
stopLocation = contentBottom – (shareContainer.outerHeight() + topSpacing);
if(scrollTop > stopLocation){
shareContainer.offset({top: contentBottom – shareContainer.outerHeight(),left: startSharePosition.left});
}
else if(scrollTop >= postEntry.offset().top-topSpacing){
shareContainer.offset({top: scrollTop + topSpacing, left: startSharePosition.left});
}else if(scrollTop 1024)
topSpacing = distanceFromTop + jQuery(‘.nav-wrap’).outerHeight();
else
topSpacing = distanceFromTop;
}
});
]]>

Get SpiderOak ONE 2TB Cloud Storage: 1-Yr Subscription

by Ravi Saive | Published: January 15, 2018 | January 15, 2018

‘,
enableHover: false,
enableTracking: true,
buttons: { twitter: {via: ‘tecmint’}},
click: function(api, options){
api.simulateClick();
api.openPopup(‘twitter’);
}
});
jQuery(‘#facebook’).sharrre({
share: {
facebook: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
click: function(api, options){
api.simulateClick();
api.openPopup(‘facebook’);
}
});
jQuery(‘#googleplus’).sharrre({
share: {
googlePlus: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
urlCurl: ‘https://www.tecmint.com/wp-content/themes/tecmint/js/sharrre.php’,
click: function(api, options){
api.simulateClick();
api.openPopup(‘googlePlus’);
}
});
jQuery(‘#linkedin’).sharrre({
share: {
linkedin: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
buttons: {
linkedin: {
description: ‘Get SpiderOak ONE 2TB Cloud Storage: 1-Yr Subscription’,media: ‘https://www.tecmint.com/wp-content/uploads/2018/01/SpiderOak-One-Cloud-Storage.png’ }
},
click: function(api, options){
api.simulateClick();
api.openPopup(‘linkedin’);
}
});
// Scrollable sharrre bar, contributed by Erik Frye. Awesome!
var shareContainer = jQuery(“.sharrre-container”),
header = jQuery(‘#header’),
postEntry = jQuery(‘.entry’),
$window = jQuery(window),
distanceFromTop = 20,
startSharePosition = shareContainer.offset(),
contentBottom = postEntry.offset().top + postEntry.outerHeight(),
topOfTemplate = header.offset().top;
getTopSpacing();
shareScroll = function(){
if($window.width() > 719){ var scrollTop = $window.scrollTop() + topOfTemplate,
stopLocation = contentBottom – (shareContainer.outerHeight() + topSpacing);
if(scrollTop > stopLocation){
shareContainer.offset({top: contentBottom – shareContainer.outerHeight(),left: startSharePosition.left});
}
else if(scrollTop >= postEntry.offset().top-topSpacing){
shareContainer.offset({top: scrollTop + topSpacing, left: startSharePosition.left});
}else if(scrollTop 1024)
topSpacing = distanceFromTop + jQuery(‘.nav-wrap’).outerHeight();
else
topSpacing = distanceFromTop;
}
});
]]>

How to Show Asterisks While Typing Sudo Password in Linux

by Aaron Kili | Published: January 15, 2018 | Last Updated: January 17, 2018

Most applications normally display a feedback using asterisks (*******) when a user is typing a password, but on the Linux terminal, when a normal user runs the sudo command to gain super user privileges, he/she is asked for a password, but no visual feedback is seen by the user while typing the password.

In this article, we will show how to display asterisks as feedback when you type passwords in the terminal in Linux.

Take a look at the following screen shot, here the user tecmint has invoked the sudo command to install the vim text editor in CentOS 7, but there is no visual feedback as the password is typed (in this case the password has already been entered):

$ sudo yum install vim

No Sudo Password Shown

You can enable the password feedback feature in /etc/sudoers file, but first create a backup of the file, then open it for editing using the visudo command.

$ sudo cp /etc/sudoers /etc/sudoers.bak
$ sudo visudo

Search for the following line.

Defaults env_reset

And append pwfeedback to it, so that it looks like this.

Defaults env_reset,pwfeedback

Configure Sudoers File

Now press Esc key and type :wq to save and close the file. But if you are using nano editor, save the file by hitting “Ctrl+x” and then “y” followed by “ENTER” to close it.

Then run the command below to reset your terminal for the above changes to start working.

$ reset

That’s it, now you should be able to see a visual feedback (****) every time when you typing a password on the terminal, as shown in the following screen shot.

$ sudo yum update

Visible Sudo Password

You might also like to read these following related articles.

10 Useful Sudoers Configurations for Setting ‘sudo’ in Linux
How to Run ‘sudo’ Command Without Entering a Password in Linux
Let Sudo Insult You When You Enter Incorrect Password
How to Run Shell Scripts with Sudo Command in Linux

If you have any Linux terminal tips or tricks to share with us, use the comment section below.

‘,
enableHover: false,
enableTracking: true,
buttons: { twitter: {via: ‘tecmint’}},
click: function(api, options){
api.simulateClick();
api.openPopup(‘twitter’);
}
});
jQuery(‘#facebook’).sharrre({
share: {
facebook: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
click: function(api, options){
api.simulateClick();
api.openPopup(‘facebook’);
}
});
jQuery(‘#googleplus’).sharrre({
share: {
googlePlus: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
urlCurl: ‘https://www.tecmint.com/wp-content/themes/tecmint/js/sharrre.php’,
click: function(api, options){
api.simulateClick();
api.openPopup(‘googlePlus’);
}
});
jQuery(‘#linkedin’).sharrre({
share: {
linkedin: true
},
template: ‘{total}’,
enableHover: false,
enableTracking: true,
buttons: {
linkedin: {
description: ‘How to Show Asterisks While Typing Sudo Password in Linux’,media: ‘https://www.tecmint.com/wp-content/uploads/2018/01/Show-Asterisks-Sudo-Password.png’ }
},
click: function(api, options){
api.simulateClick();
api.openPopup(‘linkedin’);
}
});
// Scrollable sharrre bar, contributed by Erik Frye. Awesome!
var shareContainer = jQuery(“.sharrre-container”),
header = jQuery(‘#header’),
postEntry = jQuery(‘.entry’),
$window = jQuery(window),
distanceFromTop = 20,
startSharePosition = shareContainer.offset(),
contentBottom = postEntry.offset().top + postEntry.outerHeight(),
topOfTemplate = header.offset().top;
getTopSpacing();
shareScroll = function(){
if($window.width() > 719){ var scrollTop = $window.scrollTop() + topOfTemplate,
stopLocation = contentBottom – (shareContainer.outerHeight() + topSpacing);
if(scrollTop > stopLocation){
shareContainer.offset({top: contentBottom – shareContainer.outerHeight(),left: startSharePosition.left});
}
else if(scrollTop >= postEntry.offset().top-topSpacing){
shareContainer.offset({top: scrollTop + topSpacing, left: startSharePosition.left});
}else if(scrollTop 1024)
topSpacing = distanceFromTop + jQuery(‘.nav-wrap’).outerHeight();
else
topSpacing = distanceFromTop;
}
});
]]>