sábado, maio 04, 2019

ActiveDirectory Winbind Howto authenticate linux user with AD or samba-server


https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto

Packages to install
aptitude install winbind samba  smbclient libpam-winbind libnss-winbind


$ vi /etc/samba/smb.conf

[global]
       security = ADS
       workgroup = DOMAIN
       realm = AD.DOMAIN
       #log file = /var/log/samba/%m.log
       #log level = 1
       idmap config *:range = 10000-20000

        winbind enum users = yes
        winbind enum groups = yes
        template homedir = /home/%D/%U
        template shell = /bin/bash
        winbind use default domain = yes
#
       map acl inherit = yes
       store dos attributes = yes
       winbind refresh tickets = yes
       winbind enum users = Yes
       winbind enum groups = Yes
       winbind use default domain = Yes

       idmap config * : schema_mode = rfc2307
       idmap config * : default = yes
       idmap config DOMAIN : backend = ad
       idmap config * : backend = tdb

       log file = /var/log/samba/log.%m
       max log size = 1000
       logging = fil

$ net ads join -U Administrator

$ systemctl restart winbind.service
$ systemctl restart smbd.service
$ systemctl restart nmbd.service
$ pam-auth-update
 (make sure winbind is selected)

vi /etc/nsswitch.conf
changes:
passwd:         compat systemd winbind
group:          compat systemd winbind

Test it
$ getent passwd
$ wbinfo -u

This commands above should bring users from AD

In order to have users login you need to create it's home at /home/DOMAIN/user1

If you want sudo to work do:
for a group (this enable and do not ask for password)
%domain\ admins ALL=(ALL) NOPASSWD: ALL
for a user only
user1 ALL=(ALL) NOPASSWD: ALL




sexta-feira, maio 03, 2019

3 Command Line Tools to Install Local Debian (.DEB) Packages dpkg | gdebi | apt install .deb

Dpkg
https://www.tecmint.com/install-local-deb-packages-in-debian-ubuntu-linux-mint/

sudo dpkg -i teamviewer_amd64.deb
sudo apt-get install -f
sudo dpkg -r teamviewer       [Remove Package]
sudo dpkg --purge teamviewer  [Remove Package with Configuration Files]
sudo apt install ./teamviewer_amd64.deb
sudo apt-get install ./teamviewer_amd64.deb
sudo apt-get remove teamviewer
sudo apt-get purge teamviewer
OR
sudo apt remove teamviewer
sudo apt purge teamviewer

sudo gdebi teamviewer_13.1.3026_amd64.deb
gdebi install with all dependencies.


To remove a package installed from gdebi, you can use apt, apt-get or dpkg commands using purge option as shown.

$ sudo apt purge teamviewer
OR
$ sudo apt-get purge teamviewer
OR
$ sudo dpkg --purge teamviewer

quinta-feira, maio 02, 2019

using raspberry pi 3 as windows 10 desktop

https://github.com/WOA-Project/WOA-Deployer-Rpi/blob/master/Readme.md

https://github.com/WOA-Project/guides/blob/master/GettingWOA.md

Super easy to use. No-hassle.

Please keep reading carefully. All you need is here.

Requirements

  • Raspberry Pi 3 Model B (or B+)
  • MicroSD card. Recommended with A1 rating.
  • A Windows 10 ARM64 Image (.wim). Please, check this link to get it.

Additional requirements

  • To run WOA Deployer you need a recent version of Windows 10 (please, use the latest to ensure it'll run correctly, don't open issues otherwise)
  • .NET Framework 4.6.1 (should come included in recent versions of Windows)

Download it

Download the latest version

Executing the tool

  1. Extract the .zip to a folder in your PC
  2. Navigate to the GUI folder
  3. Find the .exe file
  4. Run it

Show the love 🧡

Do you like my tool? Has it been useful for you? Then, I hope you point_right support my work

Donate to the contributors of this project

Please, don't forget that the RaspberryPi WOA Project is supported by other individuals and companies (see the credits and acknowledgements section).

Need help?

Then visit our projects website at https://pi64.win, the one-stop solution for all your questions blush
It's also recommended that you read the FAQ blue_book And, of course, don't hesitate to join our great Telegram group iphone

Credits and Acknowledgements

This WOA Deployer is possible because the great community behind it. I would like to thank the brilliant minds behind this technical wonder. If you think you should be listed, please, contact me using the e-mail address on my profile.
  • Andrei Warkentin for the 64-bit Pi UEFI, UEFI Pi (HDMI, USB, SD/MMC) drivers, improved ATF and Windows boot/runtime support.
  • MCCI for their great contribution to the RaspberryPI WOA project:
    • for porting their TrueTask USB stack to Windows 10 ARM64, and allowing non-commercial use with this project (see license)
    • for funding the site of the project http://pi64.win and the discourse site http://discourse.pi64.win
    • Special thanks to Terry Moore for all the great support and commitment, and for setting up the online presence for the project and its infrastructure.
  • Ard Bisheuvel for initial ATF and UEFI ports
  • Googulator for his method to install WOA in the Raspberry Pi
  • Bas Timmer (@NTauthority) for leaving ample thick hints that led to the development of HypDXe and the first bootable WOA builds
  • Microsoft for their original 32-bit UEFI for PiWindows BSP drivers, and for removing the HAL check that required HypDxe in the first place, so now we can run any new build.
  • Mario Bălănică for his awesome tool, and for tips and support :)
    • daveb77
    • thchi12
    • falkor2k15
    • driver1998
    • XperfectTR
    • woachk
    • novaspirit
    • zlockard
    ...for everything from ACPI/driver work to installation procedures, testing and so on.
  • Microsoft for the 32-bit IoT firmware.
In addition to:
And our wonderful group at Telegram for their testing and support!

Related projects

These are the related projects. The Core Packages comes from them. Big thanks!

sexta-feira, abril 26, 2019

ssh-agent load only once with ssh-ident, ssh-add, ssh-keygen, eval `ssh-agent`



    Installation
    ============
    
    All you need to run ssh-ident is a standard installation of python >= 2.6,
    python > 3 is supported.
    
    If your system has wget and are impatient to use it, you can install
    ssh-ident with two simple commands:
    
       mkdir -p ~/bin; wget -O ~/bin/ssh goo.gl/MoJuKB; chmod 0755 ~/bin/ssh
    
       echo 'export PATH=~/bin:$PATH' >> ~/.bashrc
    
    Logout, login, and done. SSH should now invoke ssh-ident instead of the
    standard ssh.
Problem with ssh-agent. That can be solved with ssh-ident above!

Configuring all of this on your machine

So, let's summarize the steps:
  1. Generate a set of keys, with ssh-keygen.
  2. Install your keys on remote servers, with ssh-copy-id.
  3. Start an ssh-agent to use on your machine, with eval ssh-agent.
  4. ssh-add your key, type your password once.
  5. Profit! You can now ssh to any host that has your public key without having to enter a password, and use ssh -A to forward your agent.
Easy, isn't it? Where people generally have problems is on how and where to start the ssh-agent, and when and how to start ssh-add.
The long running advice has been to start ssh-agent from your .bashrc, and run ssh-add similarly.
In today's world, most distributions (including Debian and derivatives), just start an ssh-agent when you first login. So, you really don't have anything to do, except run ssh-add when you need your keys loaded, and be done with it.
Still many people have snippets to the extent of:
if [ -z "$SSH_AUTH_SOCK" ] ; then
    eval `ssh-agent`
    ssh-add
fi
in their .bashrc, which basically says "is there an ssh-agent already running? no? start one, and add my keys".
This is still very annoying: for each console or each session you login into, you end up with a new ssh-agent. Worse: this agent will run foreverwith your private keys loaded! Even long after you logged out. Nothing and nobody will ever kill your agent.
So, your three lines of .bashrc snippet soon becomes 10 lines (to cache agents on disk), then it breaks the first time you use NFS or any other technology to share your home directory, and then... more lines to load only some keys, some magic in .bash_logout to kill your agent, and your 4 lines of simple .bashrc get out of control

sábado, abril 20, 2019

complete How to Remove Viruses malware From Your Computer

https://youtu.be/CHtZ9-9ch2w

Download : https://www.reddit.com/r/TronScript/
Manual : https://github.com/bmrf/tron/blob/master/README.md

DO NOT DOWNLOAD TRON FROM GITHUB, IT WILL NOT WORK!! YOU NEED THE ENTIRE PACKAGE FROM r/TronScript


Tron is a script that "fights for the User." Think of it as a tech-on-a-thumb-drive that aims to automate ~85% of the tedious work in cleaning a Windows system, with the understanding that some things are better left to the discretion of the tech. It is built with heavy reliance on community input and updated regularly.
Bug reports, suggestions etc are welcome. If you have issues with this release, post a top-level comment and myself or one of the mods will answer, typically in < 24 hours.




domingo, abril 14, 2019

Raspberry Pi With 4 Relay Module ( for Home Automation )

https://www.instructables.com/id/Raspberry-Pi-With-4-Relay-Module-for-Home-Automati/

https://github.com/kasadawa/PiRelay/

Picture of How It Works

Cheap, Effective and Modern Home Automation
Firstly we will connect the raspberry and the 4 array module and test it locally. The next step is to make a web app that will control our module . We will make it with apache server , php , javascript , jquery , bootstrap , bootstrap- switch buttons and some python . Everything is explained with a comments when you open the file , you also can see the documentation in github. The files are uploaded here and can be also find in github .


Step 1: What You Need
 Picture of What You Need
We need :

Raspberry Pi
4 Array Relay Module
6 Wires
Wifi Dongle
Filezilla (optional)
SHH (optional)

Step 2: Wiring Picture of Wiring
 Picture of Wiring
 Picture of Wiring
We need to connect our Raspberry and the module .We will get the 5V from the Raspberry (not very recommended but its easy ) .So lets begin :

PI GPIO | Relay module

Pin 4 ---------VCC

Pin 6 ---------GND

Pin 8 ----------IN4

Pin 10 ---------IN3

Pin 11 ---------IN2

Pin 12 ---------IN1


Step 3: Testing
 Picture of Testing
 Picture of Testing
Now we need to start the raspberry and to connect to the power supply and connect to it over FTP with Filezilla or start it on monitor . Next download and put the test_relay.py file in the main dir (home/pi).Then start the python script by typing :

sudo python test_relay.py
If leds start flashing from IN1 to IN4 and shutdown from IN4 to IN1 then everything is okey and the wiring is like currect .We can move to the next step .

Explanation

The relay boards are powered by 5v and the relays are triggered by taking the input pin to ground. Since the Raspberry Pi's GPIO pins output 3.3v I used a set of transistors to take the relay pins to ground.

So when you are setting the GPIO output value:

1) 0 the relay starts ;

2) 1 the relay stops .

Attachments
test_relay.pytest_relay.pyDownload
Add TipAsk QuestionCommentDownload
Step 4: Installing Apache and Php
We will need them for the server part .Helpfull link.

To install apache2 we need to run :

sudo apt-get install apache2 -y
To test the webserver we can you on the raspberry browser

http://localhost/
or
http://192.168.1.10
(raspberry ip address) .Type
ifconfig
to get the current IP .
Next install PHP5 module for APACHE :

sudo apt-get install php5 libapache2-mod-php5 -y
And remove index.html file :

sudo rm index.html
The next thing is to navigate to the default directory:

For Raspbian Wheezy is /var/www ,
For Rspbian Jessie is /var/www/html
So we type :

cd /var/www/html
ls -al
And this will output :

total 12
drwxr-xr-x  2 root root 4096 Jan  8 01:29 .
drwxr-xr-x 12 root root 4096 Jan  8 01:28 ..
-rw-r--r--  1 root root  177 Jan  8 01:29 index.html
We need to change the permission if we want to upload or modify files :

sudo chown pi: index.html
Delete the index.html file from the dir.


Step 5: Uploading the Needed Files for Your Web App
 Picture of Uploading the Needed Files for Your Web App
You need to download the .rar file , extract it and copy the files with Filezilla to the main dir of Raspberry home/pi and to the var/www. For pasting the files into var/www you need to set a permision .

at var/www
bootstrap.css
bootstrap-switch.css
bootstrap-switch.js
changeState.php
firstCheck.php
index.html
jquery.js
at home/pi
firstCheck.py
relay_off.py
relay_on.py
When you are done coping the files , just go to your browser , type RaspberryIP/index.html (ex: 192.168.1.23/index.html) and the webpage will be opened .And also you can test it and remotely control the relays from any device that is connected to your local network(router) .

Enable sudo for APACHE
vi /etc/sudoers.d/010_apache2-nopasswd
User_Alias      APACHE = www-data
Cmnd_Alias      FIREWALL = /usr/bin/python

APACHE  ALL = (ALL) NOPASSWD: FIREWALL
----

Attachments
PiRelay.zip PiRelay.zip Download

Step 6: How It Works Picture of How It Works




I will explain it shortly. If you want to get to more details you can see the project in github.

When we click on the button , the ajax request has been called and the php file from it is called . From the php we execute a python script file with some params . The python script return us json converted array , which we pass to the php and the php passes it to html file .We can go only in the one way but if we want to reload the page we need in what position the relays are . The other point is if we dont do it that way there is no feedback and we cant see what is happening .


Bypassing USB Power Port on My Raspberry Pi Model B+ || power on raspberry 3 solder pp1 without micro usb

https://blog.shahada.abubakar.net/post/bypassing-usb-power-port-on-my-raspberry-pi-model-b?


With a Raspberry Pi 3. On this unit I used PP2 (Positive) and PP3 (negative), which according to the schematic here shows it as being located before the reverse protection diode. You can also use PP5 for negative but I found that a bit too close to PP1. Of course, it's best to cover the whole thing with hot-melt glue to minimize strain on the wires.


domingo, março 31, 2019

Strict NAT pfSense PS4 and XBOX fix

Hi guys, out of popular demand I give you a quick tutorial on how to fix the Strict NAT or NAT Type 3 problem on your PS4 or XBOX Gaming Console.I came across this question several times and people are recommending hilariously complicated solutions where you just really need to create an Outbound NAT rule within a few seconds.


Creating an Outbound NAT Rule

Log in to your pfSense Web Interface and Navigate to Firewall / NAT.

Navigate to Outbound and change the Outbound NAT Mode to Hybrid outbound NAT Rule Generation and click on Save.

Don’t forget to click on Apply Changes and click on Add to Add a new Rule next.


Adjust the rule like in the example below. The Source IP is the IP of your Gaming Console. You can see that under Status / DHCP leases or ideally give your console a static IP Address. You can do that over your pfSense DHCP Server. Also make sure you select 32 as your subnet mask, which means that this rule ONLY applies to this one IP Address or your Gaming Console.
Make sure you tick Static Port. Give it a Description and hit Save.

Now hit Apply Changes again and you are good.

You should now have NAT Type 2 on your console and be able to use Voice Communication and play with your friends.





sábado, março 30, 2019

How to keep X11 display after su or sudo

https://blog.mobatek.net/post/how-to-keep-X11-display-after-su-or-sudo/

You can also use a single (magic) command in order to achieve this!

For instance, here is a simple scenario:
  • I start a SSH session to remote server “Server1” with user “john”
  • In this session, I perform a “su -” command in order to become “root”
  • If I run “xclock”, the following error occurs:
MobaXterm X11 proxy: Authorisation not recognised
Error: Can’t open display: localhost:10.0
I just have to execute the following command in order to retrieve my display and make “xclock” work:
xauth add $(xauth -f ~john/.Xauthority list|tail -1)

We hope this will help you if you need to have a working X11 display through SSH after becoming root.
Get your $DISPLAY and export it if you changed to root user. Check if they are the same, it has to be!

segunda-feira, março 04, 2019

Ubnt unifi lost password

Some commands I used, to catch user and to "add" when needed.

 very important, find your backup, you may needed, even after you reset the password.
/var/lib/unifi/backup/autobackup/*.unf

mkpasswd -m sha-512
Password:
$6$9Ter1EZ9$lSt6/tkoPguHqsDK0mXmUsZ1WE2qCM4m9AQ.x9/eVNJxws.hAxt2Pe8oA9TFB7LPBgzaHBcAfKFoLpRQlpBiX1


password (word password in hash...)
mongo --port 27117 ace --eval 'db.admin.update( { "name" : "admin" }, { $set : { "x_shadow" : "$6$9Ter1EZ9$lSt6/tkoPguHqsDK0mXmUsZ1WE2qCM4m9AQ.x9/eVNJxws.hAxt2Pe8oA9TFB7LPBgzaHBcAfKFoLpRQlpBiX1" } } )'


https://community.ubnt.com/t5/UniFi-Wireless/Controller-not-letting-me-change-admin-password/td-p/1560207/page/2

d = { "name" : "ubnt", "lang" : "en_US", "x_password" : "ubnt" , "time_created" : "", "last_site_name" : "default"}
db.admin.insert ( d )

Execute 'mongod --dbpath /usr/lib/unifi/data/db --repair' (this broke my install)


List users admin's

mongo --port 27117 ace --eval "db.admin.find().forEach(printjson);"

Run windows programs and apps on Linux with Wine

https://wiki.winehq.org/Debian

Debian...

Wine enables Linux, Mac, FreeBSD, and Solaris users to run Windows applications without a copy of Microsoft Windows. Wine is free software under constant development. Other platforms may benefit as well.

Debian Sources List Generator

https://debgen.simplylinux.ch/


This generate lines for repository file on apt

/etc/apt/sources.list

sábado, março 02, 2019

terça-feira, fevereiro 26, 2019

Archlinux my install procedure

https://wiki.archlinux.org/index.php/installation_guide
timedatectl set-ntp true
fdisk -l ...


#OR https://wiki.archlinux.org/index.php/RAID
mdadm --create /dev/md0 --level=6 --raid-devices=4 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1
mdadm --create /dev/md1 --level=6 --raid-devices=4 /dev/sdb2 /dev/sdc2 /dev/sdd2 /dev/sde2
mkfs.ext4 /dev/md1
mkswap /dev/md0
swapon /dev/md0
mount /dev/md1 /mnt
pacstrap /mnt base
genfstab -U /mnt >> /mnt/etc/fstab
mdadm --detail --scan >> /mnt/etc/mdadm.conf

arch-chroot /mnt
---
passwd
ln -sf /usr/share/zoneinfo/America/Sao_Paulo /etc/localtime
hwclock --systohc
locale-gen
vi /etc/hostname
vi /etc/hosts
pacman -S grub
cat /etc/mdadm.conf
vi /etc/mkinitcpio.conf
BINARIES=(mdmon)
HOOKS=(base udev autodetect modconf block mdadm lvm2 mdadm_udev filesystems keyboard fsck)
mkinitcpio -p linux
vi default/grub
GRUB_PRELOAD_MODULES="... mdraid09 mdraid1x"
cd /boot/
grub-install /dev/vda
grub-mkconfig -o /boot/grub/grub.cfg
cp /etc/netctl/examples/ethernet-static /etc/netctl/enp0s3
(edit file as needed...) https://www.ostechnix.com/configure-static-dynamic-ip-address-arch-linux/
netctl start ens3
netctl enable ens3
netctl list # (check interfaces)

sábado, fevereiro 23, 2019

archlinux with RAID install error Failed to connect to lvmetad. Falling back to device scanning.

to install grub with raid you need to trick some files before boot...

if using intel platform follow as said in guide

$ edit /etc/mkinitcpio.conf
 change:
BINARIES=(mdmon)
add
HOOKS=(base udev block mdadm filesystems)

save file and run:

$ mkinitcpio -p linux
make sure mdadm in hooks was added, when generating should see output (line above)

run grub-mkconfig -o /boot/grub/grub.cfg (when you get the error above)

If get error warning: failed to connect to lvmetad. falling back to device scanning. raid
instructions
leave chroot /mnt

$ mkdir /mnt/hostlvm
$ mount --bind /run/lvm /mnt/hostlvm
$ arch-chroot /mnt
$ ln -s /hostlvm /run/lvm

-- alternativa --
mkdir /mnt/hostrun
mount --bind /run /mnt/hostrun

Then, we chroot into the guest, and mount our host's /run/lvm in the guest's /run

arch-chroot /mnt
mkdir /run/lvm
mount --bind /hostrun/lvm /run/lvm


rerun grub-mkconfig -o /boot/grub/grub.cfg (when you get the error above)


quarta-feira, fevereiro 20, 2019

PXE Boot setup custom menu default

https://www.syslinux.org/wiki/index.php?title=PXELINUX#Custom_Menu_Example_with_sub-menus



Custom Menu Example with sub-menus

Many advanced options here. Read full documentation on Syslinux to understand it all.
Its password protected from modification during PXE boot, very useful to prevent tampering.
Note: this example uses the legacy way to generate submenus, which is compatible with older Syslinux versions. Syslinux 3.62 supports a slightly different syntax, which is faster and somewhat more flexible.
Directory Structure:
    /tftpboot/
    /tftpboot/memdisk
    /tftpboot/pxelinux.0
    /tftpboot/menu.c32
    
    /tftpboot/pxelinux.cfg/
    /tftpboot/pxelinux.cfg/default
    /tftpboot/pxelinux.cfg/graphics.conf
    /tftpboot/pxelinux.cfg/fixes.menu
    /tftpboot/pxelinux.cfg/setup.menu
    
    /tftpboot/TRK/
    /tftpboot/TRK/chkdsk.trk
    /tftpboot/TRK/initrd.trk
    /tftpboot/TRK/kernel.trk
    
    /tftpboot/Memtest/memtest.x86
    
    /tftpboot/Suse/
    /tftpboot/Suse/initrd92
    /tftpboot/Suse/linux92
    
    /tftpboot/Floppy/
    /tftpboot/Floppy/kbfloppy.img
/tftpboot/pxelinux.cfg/default:
 DEFAULT menu.c32
 PROMPT 0
 
 MENU TITLE PXE Special Boot Menu
 MENU INCLUDE pxelinux.cfg/graphics.conf
 MENU AUTOBOOT Starting Local System in # seconds
 
 LABEL bootlocal
   MENU LABEL ^Boot Point of Sale
   MENU DEFAULT
   LOCALBOOT 0
 TIMEOUT 80
 TOTALTIMEOUT 9000
 
 LABEL FixesMenu
   MENU LABEL ^Fixes Menu
   KERNEL menu.c32
   APPEND pxelinux.cfg/graphics.conf pxelinux.cfg/fixes.menu
 
 LABEL SetupMenu
   MENU LABEL ^Setup Menu
   KERNEL menu.c32
   APPEND pxelinux.cfg/graphics.conf pxelinux.cfg/setup.menu
/tftpboot/pxelinux.cfg/graphics.conf:
 MENU COLOR TABMSG    37;40  #80ffffff #00000000
 MENU COLOR HOTSEL    30;47  #40000000 #20ffffff
 MENU COLOR SEL       30;47  #40000000 #20ffffff
 MENU COLOR SCROLLBAR 30;47  #40000000 #20ffffff
 MENU MASTER PASSWD yourpassword
 MENU WIDTH 80
 MENU MARGIN 22
 MENU PASSWORDMARGIN 26
 MENU ROWS 6
 MENU TABMSGROW 15
 MENU CMDLINEROW 15
 MENU ENDROW 24
 MENU PASSWORDROW 12
 MENU TIMEOUTROW 13
 MENU VSHIFT 6
 MENU PASSPROMPT Enter Password:
 NOESCAPE 1
 ALLOWOPTIONS 0
Change ALLOWOPTIONS to 1 (one) so to be able to edit any of the entries while booted with PXE on the menu system for testing purposes. Also change NOESCAPE to 0 (zero) for the same reasons.
/tftpboot/pxelinux.cfg/fixes.menu:
 MENU TITLE Fixes Menu
 
 LABEL MainMenu
   MENU LABEL ^Return to Main Menu
   KERNEL menu.c32
   APPEND pxelinux.cfg/default
 
 LABEL fsck
   MENU LABEL ^File system check
   KERNEL TRK/kernel.trk
   APPEND initrd=TRK/chkdsk.trk ramdisk_size=32768 root=/dev/ram0 vga=0
 
 LABEL memtest
   MENU LABEL ^Memory Test: Memtest86+ v1.65
   KERNEL Memtest/memtest.x86
 
 LABEL trk3
   MENU LABEL ^Trinity Rescue Kit
   KERNEL TRK/kernel.trk
   APPEND initrd=TRK/initrd.trk ramdisk_size=32768 root=/dev/ram0 vga=0 trknfs=IPADDR:/trk ip=::::::dhcp splash=verbose
/tftpboot/pxelinux.cfg/setup.menu:
 MENU TITLE Setup Menu
 
 LABEL MainMenu
   MENU LABEL ^Return to Main Menu
   KERNEL menu.c32
   APPEND pxelinux.cfg/default
 
 LABEL setupkb
   MENU LABEL ^Any floppy disk image
   KERNEL memdisk
   APPEND initrd=Floppy/kbfloppy.img
 
 LABEL linux
   MENU PASSWD yourpassword
   MENU LABEL Install - ^Classic
   KERNEL Suse/linux92
   APPEND initrd=Suse/initrd92 ramdisk_size=65536 vga=0 textmode=1 install=http://IPADDR serverdir=/9.2/install autoyast=http://IPADDR/9.2/scripts/ay92.xml
 
 LABEL trkclone
   MENU PASSWD yourpassword
   MENU LABEL Install - ^Faster
   KERNEL TRK/kernel.trk
   APPEND initrd=TRK/initrd.trk ramdisk_size=65536 root=/dev/ram0 vga=0 install=Y trknfs=IPADDR:/trk ip=::::::dhcp splash=verbose
 
 LABEL linuxfull
   MENU PASSWD yourpassword
   MENU LABEL Install - ^Developer
   KERNEL Suse/linux92
   APPEND initrd=Suse/initrd92 ramdisk_size=65536 vga=0 textmode=1 install=http://IPADDR serverdir=/9.2/install autoyast=http://IPADDR/9.2/scripts/develdesktop.xml




--------
https://forums.fogproject.org/topic/8488/how-to-pxe-boot-cent-os-7/61
:MENU
menu
item --gap -- ---------------- iPXE boot menu ----------------
item mac Macrium Reflect
item clonezilla Clonezilla 2015
item ubuntu6 Ubuntu 16:04.1 x64
item ubuntu6 Ubuntu 16:04.1 x32
item ubuntu Ubuntu 15:10 x64
item ubuntu Ubuntu 15:10 x32
item kubuntu6 Kubuntu 16:04.1 x64 
item kubuntu6 Kubuntu 16:04.1 x32
item kubuntu Kubuntu 15:10 x64 
item kubuntu Kubuntu 15:10 x32
item mint18 Linux Mint 18 "Sarah" - MATE (32-bit)
item Mint18 Linux Mint 18 "Sarah" - MATE (64-bit)
item mint Linux Mint 17.2 "Rafaela" - MATE (32-bit)
item Mint Linux Mint 17.2 "Rafaela" - MATE (64-bit)
item mint Linux Mint 17.2 "Rafaela" - Cinnamon (32-bit)
item Mint Linux Mint 17.2 "Rafaela" - Cinnamon (64-bit)
item BOOTCD Hirens 15.2 BOOTCD
item pgon Paragon Harddisk Manager 12
item ubd Ultimate Boot Disk
item ez  EZ Gig IV Cloning Software
item centos Centos
item centos2 Centos Live
item hostinfo details about this computer
item shell ipxe shell
item return return to previous menu
choose --default return --timeout 5000 target && goto ${target}
:mac
initrd http://${fog-ip}/fog/service/ipxe/mac/mac.iso
chain memdisk iso raw ||
goto MENU

:clonezilla
kernel http://${fog-ip}/bootimgs/clonezilla/vmlinuz
initrd http://${fog-ip}/bootimgs/clonezilla/initrd.img
imgargs vmlinuz boot=live username=user fetch=http://${fog-ip}/bootimgs/clonezilla/filesystem.squashfs locale=en_US.UTF-8 keyboard-layouts=NONE
boot || echo failed to boot
prompt
goto MENU```

:ubuntu6
kernel http://${fog-ip}/bootimgs/16.04.1_64/casper/vmlinuz.efi
initrd http://${fog-ip}/bootimgs/16.04.1_64/casper/initrd.lz
imgargs vmlinuz.efi root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/16.04.1_64/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:ubuntu6
kernel http://${fog-ip}/bootimgs/16.04.1_32/casper/vmlinuz
initrd http://${fog-ip}/bootimgs/16.04.1_32/casper/initrd.lz
imgargs vmlinuz.efi root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/16.04.1_32/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:ubuntu
kernel http://${fog-ip}/bootimgs/15.10_64/casper/vmlinuz.efi
initrd http://${fog-ip}/bootimgs/15.10_64/casper/initrd.lz
imgargs vmlinuz.efi root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/15.10_64/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:ubuntu
kernel http://${fog-ip}/bootimgs/15.10_32/casper/vmlinuz
initrd http://${fog-ip}/bootimgs/15.10_32/casper/initrd.lz
imgargs vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/15.10_32/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:kubuntu6
kernel http://${fog-ip}/bootimgs/kubuntu6_64/casper/vmlinuz.efi
initrd http://${fog-ip}/bootimgs/kubuntu6_64/casper/initrd.lz
imgargs vmlinuz.efi root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/kubuntu6_64/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:kubuntu6
kernel http://${fog-ip}/bootimgs/kubuntu6_32/casper/vmlinuz
initrd http://${fog-ip}/bootimgs/kubuntu6_32/casper/initrd.lz
imgargs vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/kubuntu6_32/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed

:kubuntu
kernel http://${fog-ip}/bootimgs/kubuntu5_64/casper/vmlinuz.efi
initrd http://${fog-ip}/bootimgs/kubuntu5_64/casper/initrd.lz
imgargs vmlinuz.efi root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/kubuntu5_64/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:kubuntu
kernel http://${fog-ip}/bootimgs/kubuntu5_32/casper/vmlinuz
initrd http://${fog-ip}/bootimgs/kubuntu5_32/casper/initrd.lz
imgargs vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/kubuntu5_32/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:mint18
kernel http://${fog-ip}/bootimgs/lm18_32/casper/vmlinuz
initrd http://${fog-ip}/bootimgs/lm18_32/casper/initrd.lz
imgargs vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/lm18_32/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:Mint18
kernel http://${fog-ip}/bootimgs/lm18_64/casper/vmlinuz.efi
initrd http://${fog-ip}/bootimgs/lm18_64/casper/initrd.lz
imgargs vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/lm18_64/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:mint
kernel http://${fog-ip}/bootimgs/lm_32/casper/vmlinuz
initrd http://${fog-ip}/bootimgs/lm_32/casper/initrd.lz
imgargs vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/lm_32/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:Mint
kernel http://${fog-ip}/bootimgs/lm_64/casper/vmlinuz
initrd http://${fog-ip}/bootimgs/lm_64/casper/initrd.lz
imgargs vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/lm_64/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:mint
kernel http://${fog-ip}/bootimgs/lmc_32/casper/vmlinuz
initrd http://${fog-ip}/bootimgs/lmc_32/casper/initrd.lz
imgargs vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/lmc_32/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:Mint
kernel http://${fog-ip}/bootimgs/lmc_64/casper/vmlinuz
initrd http://${fog-ip}/bootimgs/lmc_64/casper/initrd.lz
imgargs vmlinuz root=/dev/nfs boot=casper netboot=nfs nfsroot=${fog-ip}:/var/www/html/bootimgs/lmc_64/ locale=en_US.UTF-8 keyboard-configuration/layoutcode=la mirror/country=US
boot || goto failed
goto start

:centos
initrd http://${fog-ip}/bootimgs/centos/images/pxeboot/initrd.img
chain http://${fog-ip}/bootimgs/centos/images/pxeboot/vmlinuz initrd=initrd.img method=http://${fog-ip}/bootimgs/centos/ devfs=nomount ip=dhcp
boot || goto MENU

:centos2
initrd http://${fog-ip}/bootimgs/centos/images/pxeboot/initrd.img
chain http://${fog-ip}/bootimgs/centos/images/pxeboot/vmlinuz initrd=initrd.img root=live:http://${fog-ip}/bootimgs/centos/LiveOS/squashfs.img ip=dhcp rootflags="loop" rootfstype=auto ro rd.live.image quiet rhgb rd.luks=0 rd.md=0 rd.dm=0 
boot || goto MENU

:BOOTCD
initrd http://${fog-ip}/bootimgs/bootcd/hirensboot.iso ||
chain memdisk iso raw ||
boot ||
goto MENU

:pgon
initrd http://${fog-ip}/bootimgs/pgon/phdman12.iso ||
chain memdisk iso raw ||
boot ||
goto MENU

:ubd
initrd http://${fog-ip}/bootimgs/ubcd/ubcd535.iso ||
chain memdisk iso raw ||
boot ||
goto MENU

:ez
initrd http://${fog-ip}/bootimgs/ez/EZGIG438.iso ||
chain memdisk iso raw ||
boot ||
goto MENU

:hostinfo
echo This computer : ||
echo MAC address....${net0/mac} ||
echo IP address.....${ip} ||
echo Netmask........${netmask} ||
echo Serial.........${serial} ||
echo Asset number...${asset} ||
echo Manufacturer...${manufacturer} ||
echo Product........${product} ||
echo BIOS platform..${platform} ||
echo ||
echo press any key to return to Menu ||
prompt
goto MENU

:shell
shell ||
goto MENU
:return
chain http://${fog-ip}/${fog-webroot}/bootimgs/boot.php?mac=${net0/mac} ||
prompt
goto MENU
Autoboot

terça-feira, fevereiro 19, 2019

GParted Live on PXE Server

https://gparted.org/livepxe.php

GParted Live on PXE Server

Besides GParted Live CD and Live USB, we can put the GParted Live image on a PXE server so that a client can boot via the network to use GParted. The steps to do this are as follows:
  1. Set up a PXE server. You might refer to documentation, such as setting up a server for PXE network booting, or DRBL (Diskless Remote Boot in Linux) to assist you.
    In these steps we assume the pxelinux config file is /tftpboot/nbi_img/pxelinux.cfg/default, and the image files are in /tftpboot/nbi_img/.
  2. Set up an http service on the PXE server.
  3. Download GParted live zip file. You have to use 0.3.7-2 or later because network drivers are only included after that.
  4. Unzip all the files in a temp dir /tmp/gparted/. You can do this with a command such as:
        mkdir -p /tmp/gparted; unzip gparted-live-*.zip -d /tmp/gparted/
        
    NOTE: Replace gparted-live-*.zip with the file name you just downloaded.
  5. Copy the necessary boot files (vmlinuz and initrd.img) to /tftpboot/nbi_img/. For example:
        cp /tmp/gparted/live/{vmlinuz,initrd.img} /tftpboot/nbi_img/
        
  6. Copy /tmp/gparted/live/filesystem.squashfs to your http server. For example:
        cp /tmp/gparted/live/filesystem.squashfs /var/www/
        
  7. Edit your PXE config file /tftpboot/nbi_img/pxelinux.cfg/default, and append the following:
        label GParted Live
                MENU LABEL GParted Live
                kernel vmlinuz
                append initrd=initrd.img boot=live config components union=overlay username=user noswap noeject ip= vga=788 fetch=http://$webserverIP/filesystem.squashfs
        
    If the GParted live version you are using is <= 0.22.0-1, then the config file is like:
        label GParted Live
                MENU LABEL GParted Live
                kernel vmlinuz
                append initrd=initrd.img boot=live config union=aufs noswap noprompt vga=788 fetch=http://$webserverIP/filesystem.squashfs
        
    NOTE1: Replace $webserverIP with the IP address of your http server.
    NOTE2: Remember to check the boot parameters in syslinux/syslinux.cfg from the zip file. You should replace the above listed parameters with these more recent ones because these newer boot parameters might be different. For example the vmlinuz path might be different.
    NOTE3: Do not use the parameter "ip=frommedia" in your PXE config file.
For more information about pxelinux, refer to the following article on PXELinux.

Change linux password error asking Current Kerberos password:

The error is:
# passwd user1
Current Kerberos password:


This user1 is a local user not an AD or remote user, so why this happens...


Run;
# pam-auth-update



Check if Kerberos is enabled, if is, "disable"

This is done on Linux Debian 8.6

Now the password can be changed via command line using shell