wbsouza · April 21, 2022 13:07
diff --git a/linux b/linux
 # force yum to update all the caches avoiding the error
 #  [Errno 14] HTTP Error 404 - Not Found
 echo "http_caching=packages" >> /etc/yum.conf
 yum clean all
 yum makecache
 yum update

 # reload sysctl configs
 sudo sysctl --system


 # force all the files in /var/www/html to be under the nginx group
 chown user:nginx -fR /var/www/html
 find /var/www/html -type d | awk '{ printf("\"%s\"\n", $0); }' | xargs chmod 2775
 sudo setfacl -Rdm g:adm:rwx /var/www/html

 # Using sed to replace text in files
 sed 's/word1/word2/g' input.file
 ## *bsd/macos sed syntax#
 sed 's/word1/word2/g' input.file > output.file
 sed -i 's/word1/word2/g' input.file
 sed -i -e 's/word1/word2/g' -e 's/xx/yy/g' input.file
 ## use + separator instead of / ##
 sed -i 's+regex+new-text+g' file.txt

 find -type  f -print0 | xargs -0 sed -i '/real_date_done/s/real_date_done/done_date/g'


 # Renaming files
 apt-get install rename

 find . -name "* *" -type d | rename 's/ /_/g'    # do the directories first
 find . -name "* *" -type f | rename 's/ /_/g'



 # Using sed to remove lines
 sed -i '/KeyRegenerationInterval/d' /etc/ssh/sshd_config
 sed -i '/ServerKeyBits/d' /etc/ssh/sshd_config
 sed -i '/RSAAuthentication/d' /etc/ssh/sshd_config


 # finding the biggest directory
 du -a /home | sort -n -r | head -n 5


 # updating SELinux rules to accept nginx reverse proxy
 cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M nginx
 sudo semodule -i nginx.pp

 # reinstalling and updating SELinux
 setenforce 0
 yum erase selinux\*
 rm -rf /etc/selinux
 yum install selinux-policy-targeted 
 touch /.autorelabel
 reboot

 # show the oscap profiles
 oscap info /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml 

 # generate an oscap report
 oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_pci-dss --results-arf arf.xml \
  --report /var/lib/reports/$(hostname)-scap-report-$(date +%Y%m%d).html \
  --oval-results /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml 

 # run an oscap ansible script to update the linux system 
 ls /usr/share/scap-security-guide/ansible
 ansible-playbook -i "localhost," -c local /usr/share/scap-security-guide/ansible/ssg-centos7-role-pci-dss.yml 

 # secure the files under the /etc/pam.d location ##
 chattr +i -R /etc/pam.d
 lsattr -d /etc/pam.d
 lsattr -l /etc/pam.d
 cd /etc/pam.d

 ## Try to add or delete something ##
 echo "test" > foo.txt
 mkdir foo
 ls -l
 rm system-auth
 
 ## remove the immutable attributes again ##
 cd /etc/pam.d
 chattr -i -R  /etc/pam.d
 lsattr -d  /etc/pam.d

 # fixing the umount for a pendrive takes forever
 # edit your /etc/rc.local and add
 echo $((16*1024*1024)) > /proc/sys/vm/dirty_background_bytes
 echo $((48*1024*1024)) > /proc/sys/vm/dirty_bytes


 # show IPs associated with the network interfaces
 show_iface_ips() {
  ip addr | awk '/^[0-9]+:/ {  sub(/:/,"",$2); iface=$2 } /^[[:space:]]*inet / {  split($2, a, "/"); print iface":"a[1] }'
 }
 # or in two steps
 net_device=$(ip route | grep default | grep -v tun | awk '{ print $5 }' | sed -z 's/\n//')
 ip_address=$(ip route| grep $net_device | grep -v default | grep src | awk '{ print $9 }' | sed -z 's/\n//')
 echo $ip_address


 # Show the main IP from the machine
 ifconfig | grep -E "([0-9]{1,3}\.){3}[0-9]{1,3}" | grep -v 127.0.0.1 | awk '{ print $2 }' | cut -f2 -d: | head -n1


 # Expanding an volume partition
 1) Use fdisk to add an extra partition
 2) vgextend centos /dev/sda3 # (adding a partition to the Volume Group)
 3) lvcreate -n home -L261GB centosID

 # show the current partitions with their respective uuids
 blkid

 # checking for errors and fixing them
 e2fsck -f  /dev/nvme1n1p1 

 # change the uuid partition 
 tune2fs /dev/nvme1n1p1 -U $(uuidgen)

 # utility to allow change the uuid / PARUUID
 gdisk /dev/nvme0n1   # PRESS x => expert, c => change PARUUID, w => write and exit

 # changing the PTUUID (unique identifier for the entire disk)
 fdisk /dev/nvme0n1 <<EOF > /dev/null
 p
 x
 i
 0x${PTUUID}
 r
 p
 w
 EOF


 # compressing directory and transfering the stream via ssh and decompressing 
 ssh user@host "cd /tmp/media; tar -cz Music" | tar xvz

 # or upload directory the same way
 tar -cz ./Music | ssh user@host "tar zx -C /new/path/to/data/"

 # copy partitions from different computers
 ssh root@source_host  "dd if=/dev/sda1 " | pv | dd of=/dev/vda1

 # split a big file into smal and compressed files
 split --bytes=1024M --filter='gzip > $FILE.gz' ./source/file.dat ./output/path
 
 #---------------- mounting partition inside of a raw image from a disk ----------------
 # The filesystem itself starts on sector 63. You can also view this with fdisk -l:
 fdisk -l harddrive.img
                    Device Boot      Start         End      Blocks   Id  System
 harddrive.img                *          63    33640109    16820023+  83  Linux

 # We need to skip 63 sectors, and each sector is 512 bytes long
 # So, we need to use an offset of 32,256 bytes.
 mount -o ro,loop,offset=32256 harddrive.img /mnt/loop
 mount | grep harddrive.img
  /root/harddrive.img on /mnt/loop type ext3 (ro,loop=/dev/loop1,offset=32256)


 # reset number of invalid authentications 
 pam_tally --reset --user <USERNAME> 
 pam_tally2 --reset --user <USERNAME>.

 #===== GZip parallell compression
 # Compress
 # Always use -k to keep the original file
 $ pigz -k -p8 image.png

 # Decompress
 $ pigz -dk -p8 image.gz

 # Convert video .mkv to mp4
 ffmpeg -i ./test.mkv -acodec cop test.mp4

 
 # force reinstall packages
 sudo apt-get remove --purge ufw
 sudo apt-get -o Dpkg::Options::="--force-confmiss" install --reinstall ufw
 systemctl enable ufw
 ufw enable
	# force yum to update all the caches avoiding the error
	# [Errno 14] HTTP Error 404 - Not Found
	echo "http_caching=packages" >> /etc/yum.conf
	yum clean all
	yum makecache
	yum update

	# reload sysctl configs
	sudo sysctl --system


	# force all the files in /var/www/html to be under the nginx group
	chown user:nginx -fR /var/www/html
	find /var/www/html -type d \| awk '{ printf("\"%s\"\n", $0); }' \| xargs chmod 2775
	sudo setfacl -Rdm g:adm:rwx /var/www/html

	# Using sed to replace text in files
	sed 's/word1/word2/g' input.file
	## *bsd/macos sed syntax#
	sed 's/word1/word2/g' input.file > output.file
	sed -i 's/word1/word2/g' input.file
	sed -i -e 's/word1/word2/g' -e 's/xx/yy/g' input.file
	## use + separator instead of / ##
	sed -i 's+regex+new-text+g' file.txt

	find -type f -print0 \| xargs -0 sed -i '/real_date_done/s/real_date_done/done_date/g'


	# Renaming files
	apt-get install rename

	find . -name "* *" -type d \| rename 's/ /_/g' # do the directories first
	find . -name "* *" -type f \| rename 's/ /_/g'



	# Using sed to remove lines
	sed -i '/KeyRegenerationInterval/d' /etc/ssh/sshd_config
	sed -i '/ServerKeyBits/d' /etc/ssh/sshd_config
	sed -i '/RSAAuthentication/d' /etc/ssh/sshd_config


	# finding the biggest directory
	du -a /home \| sort -n -r \| head -n 5


	# updating SELinux rules to accept nginx reverse proxy
	cat /var/log/audit/audit.log \| grep nginx \| grep denied \| audit2allow -M nginx
	sudo semodule -i nginx.pp

	# reinstalling and updating SELinux
	setenforce 0
	yum erase selinux\*
	rm -rf /etc/selinux
	yum install selinux-policy-targeted
	touch /.autorelabel
	reboot

	# show the oscap profiles
	oscap info /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml

	# generate an oscap report
	oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_pci-dss --results-arf arf.xml \
	--report /var/lib/reports/$(hostname)-scap-report-$(date +%Y%m%d).html \
	--oval-results /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml

	# run an oscap ansible script to update the linux system
	ls /usr/share/scap-security-guide/ansible
	ansible-playbook -i "localhost," -c local /usr/share/scap-security-guide/ansible/ssg-centos7-role-pci-dss.yml

	# secure the files under the /etc/pam.d location ##
	chattr +i -R /etc/pam.d
	lsattr -d /etc/pam.d
	lsattr -l /etc/pam.d
	cd /etc/pam.d

	## Try to add or delete something ##
	echo "test" > foo.txt
	mkdir foo
	ls -l
	rm system-auth

	## remove the immutable attributes again ##
	cd /etc/pam.d
	chattr -i -R /etc/pam.d
	lsattr -d /etc/pam.d

	# fixing the umount for a pendrive takes forever
	# edit your /etc/rc.local and add
	echo $((1610241024)) > /proc/sys/vm/dirty_background_bytes
	echo $((4810241024)) > /proc/sys/vm/dirty_bytes


	# show IPs associated with the network interfaces
	show_iface_ips() {
	ip addr \| awk '/^[0-9]+:/ { sub(/:/,"",$2); iface=$2 } /^[[:space:]]*inet / { split($2, a, "/"); print iface":"a[1] }'
	}
	# or in two steps
	net_device=$(ip route \| grep default \| grep -v tun \| awk '{ print $5 }' \| sed -z 's/\n//')
	ip_address=$(ip route\| grep $net_device \| grep -v default \| grep src \| awk '{ print $9 }' \| sed -z 's/\n//')
	echo $ip_address


	# Show the main IP from the machine
	ifconfig \| grep -E "([0-9]{1,3}\.){3}[0-9]{1,3}" \| grep -v 127.0.0.1 \| awk '{ print $2 }' \| cut -f2 -d: \| head -n1


	# Expanding an volume partition
	1) Use fdisk to add an extra partition
	2) vgextend centos /dev/sda3 # (adding a partition to the Volume Group)
	3) lvcreate -n home -L261GB centosID

	# show the current partitions with their respective uuids
	blkid

	# checking for errors and fixing them
	e2fsck -f /dev/nvme1n1p1

	# change the uuid partition
	tune2fs /dev/nvme1n1p1 -U $(uuidgen)

	# utility to allow change the uuid / PARUUID
	gdisk /dev/nvme0n1 # PRESS x => expert, c => change PARUUID, w => write and exit

	# changing the PTUUID (unique identifier for the entire disk)
	fdisk /dev/nvme0n1 <<EOF > /dev/null
	p
	x
	i
	0x${PTUUID}
	r
	p
	w
	EOF


	# compressing directory and transfering the stream via ssh and decompressing
	ssh user@host "cd /tmp/media; tar -cz Music" \| tar xvz

	# or upload directory the same way
	tar -cz ./Music \| ssh user@host "tar zx -C /new/path/to/data/"

	# copy partitions from different computers
	ssh root@source_host "dd if=/dev/sda1 " \| pv \| dd of=/dev/vda1

	# split a big file into smal and compressed files
	split --bytes=1024M --filter='gzip > $FILE.gz' ./source/file.dat ./output/path

	#---------------- mounting partition inside of a raw image from a disk ----------------
	# The filesystem itself starts on sector 63. You can also view this with fdisk -l:
	fdisk -l harddrive.img
	Device Boot Start End Blocks Id System
	harddrive.img * 63 33640109 16820023+ 83 Linux

	# We need to skip 63 sectors, and each sector is 512 bytes long
	# So, we need to use an offset of 32,256 bytes.
	mount -o ro,loop,offset=32256 harddrive.img /mnt/loop
	mount \| grep harddrive.img
	/root/harddrive.img on /mnt/loop type ext3 (ro,loop=/dev/loop1,offset=32256)


	# reset number of invalid authentications
	pam_tally --reset --user <USERNAME>
	pam_tally2 --reset --user <USERNAME>.

	#===== GZip parallell compression
	# Compress
	# Always use -k to keep the original file
	$ pigz -k -p8 image.png

	# Decompress
	$ pigz -dk -p8 image.gz

	# Convert video .mkv to mp4
	ffmpeg -i ./test.mkv -acodec cop test.mp4


	# force reinstall packages
	sudo apt-get remove --purge ufw
	sudo apt-get -o Dpkg::Options::="--force-confmiss" install --reinstall ufw
	systemctl enable ufw
	ufw enable