Outils d'utilisateurs
Sidebar
tips
Table des matières
Misc Tips
Various tips about things that I can never remember when using Linux, OpenBSD, Apache, LaTeX and a few other computery tools.
Split this page and use tags!
Xorg
Specify proper keymap
Using setxkbmap
$ setxkbmap -layout us -variant intl -options "lv3:ralt_switch_multikey"
Using Hal FDIs
In /etc/hal/fdi/policy, for exemple 10-x11-input.fdi (templates are usually found in /usr/share/hal/fdi/policy/):
<?xml version="1.0" encoding="ISO-8859-1"?>
<deviceinfo version="0.2">
<device>
<!-- FIXME: Support tablets too. -->
<match key="info.capabilities" contains="input.mouse">
<merge key="input.x11_driver" type="string">mouse</merge>
<match key="/org/freedesktop/Hal/devices/computer:system.kernel.name"
string="Linux">
<merge key="input.x11_driver" type="string">evdev</merge>
</match>
</match>
<match key="info.capabilities" contains="input.keys">
<!-- If we're using Linux, we use evdev by default (falling back to
keyboard otherwise). -->
<merge key="input.x11_driver" type="string">keyboard</merge>
<match key="/org/freedesktop/Hal/devices/computer:system.kernel.name"
string="Linux">
<merge key="input.x11_driver" type="string">evdev</merge>
</match>
<match key="info.product" string="Dell Dell USB Keyboard">
<merge key="input.x11_options.XkbModel" type="string">dellusbmm</merge>
</match>
<merge key="input.x11_options.XkbOptions" type="string">lv3:ralt_switch_multikey</merge>
<merge key="input.x11_options.XkbVariant" type="string">intl</merge>
</match>
</device>
</deviceinfo>
Pass options to synpatics touchpad using Hal
Dans /etc/hal/fdi/policy/11-x11-input-synaptics.fdi:
<?xml version="1.0" encoding="ISO-8859-1"?>
<deviceinfo version="0.2">
<device>
<match key="info.capabilities" contains="input.touchpad">
<match key="info.product" contains="Synaptics TouchPad">
<merge key="input.x11_driver" type="string">synaptics</merge>
<!-- Arbitrary options can be passed to the driver using
the input.x11_options property since xorg-server-1.5. -->
<!-- EXAMPLE:
<merge key="input.x11_options.LeftEdge" type="string">120</merge>
-->
</match>
<match key="info.product" contains="AlpsPS/2 ALPS">
<merge key="input.x11_driver" type="string">synaptics</merge>
</match>
<match key="info.product" contains="appletouch">
<merge key="input.x11_driver" type="string">synaptics</merge>
</match>
<match key="info.product" contains="bcm5974">
<merge key="input.x11_driver" type="string">synaptics</merge>
</match>
</match>
<match key="input.x11_driver" string="synaptics">
<merge key="input.x11_options.SHMConfig" type="string">true</merge>
<merge key="input.x11_options.VertEdgeScroll" type="string">true</merge>
<merge key="input.x11_options.HorizEdgeScroll" type="string">true</merge>
<merge key="input.x11_options.CornerCoasting" type="string">true</merge>
<merge key="input.x11_options.TapButton1" type="string">1</merge>
<merge key="input.x11_options.TapButton2" type="string">2</merge>
<merge key="input.x11_options.RightEdge" type="string">900</merge>
<merge key="input.x11_options.BottomEdge" type="string">700</merge>
<merge key="input.x11_options.EmulateTwoFingerMinZ" type="string">90</merge>
<merge key="input.x11_options.VertTwoFingerScroll" type="string">true</merge>
<merge key="input.x11_options.HorizTwoFingerScroll" type="string">true</merge>
</match>
</device>
</deviceinfo>
Modelines for Dell 2007WFP
I just found the screen on the side of the road. Surprisingly, it works. There just appears to be an EDID-reading problem, but who cares when one can manually set the modlines?
- /etc/X11/xorg.conf.d/5-dell_2007wfp.conf
Section "Monitor" Identifier "DVI1" Option "DPMS" # DCF HR SH1 SH2 HFL VR SV1 SV2 VFL ModeLine "1680x1050" 119.0 1680 1728 1760 1840 1050 1053 1059 1080 -HSync +VSync EndSection
This can also be done manually at run-time, using XRandR.
$ xrandr --newmode "1680x1050" 119.0 1680 1728 1760 1840 1050 1053 1059 1080 -HSync +VSync $ xrandr --addmode VGA1 1680x1050 $ xrandr --output VGA1 --mode 1680x1050
BenQ G900W
Lucky day, I also found another almost perfectly working screen the very same day. It's a BenQ G900W, with the same problem; somebody must have fried their video card. It's nominal resolution is 1440×900, let's try the same trick.
- /etc/X11/xorg.conf.d/5-benq_g900w.conf
Section "Monitor" Identifier "VGA1" Option "DPMS" # DCF HR SH1 SH2 HFL VR SV1 SV2 VFL ModeLine "1440x900" 106.50 1440 1520 1672 1904 900 903 909 934 -HSync +Vsync EndSection
Apache
Quick access control with Apache
In the .htaccess file:
AuthUserFile /PATH/TO/.htpasswd
AuthName "Nice name"
AuthType Basic
<Limit GET>
require valid-user
</Limit>
Create and maintain the .htpasswd file:
$ htpasswd -c /PATH/TO/.htpasswd user1 New password: Re-type new password: Adding password for user user1 $ htpasswd /PATH/TO/.htpasswd user2 New password: Re-type new password: Adding password for user user2
OpenSSL
Certificate manipulation with OpenSSL
The key:
$ export SERVER=`hostname -f` $ openssl genrsa -out $SERVER.key 1024
The certificate request:
$ openssl req -new -key $SERVER.key -out $SERVER.csr
The certificate:
$ openssl x509 -req -days 1000 -in $SERVER.csr -signkey $SERVER.key -out $SERVER.crt
Convert a binary certificate to PEM:
$ openssl x509 -inform der -in $SERVER.crt -out $SERVER.pem
Reference: How to generate self-signed SSL certificates
Change a key's passphrase :
$ openssl rsa -in $SERVER.key -out $SERVER-newpass.key -passout "pass:PASS"
Read the content of a certificate request/certificate/key:
$ openssl req|x509|rsa -in $SERVER.crt -text
Several AltNames for a single certificate (vu ici). In openssl-custom.cnf (or the system's, but it's not as tidy):
[req] ... req_extensions = v3_req ... [ v3_req ] # Extensions to add to a certificate request basicConstraints = CA:FALSE keyUsage = nonRepudiation, digitalSignature, keyEncipherment # Some CAs do not yet support subjectAltName in CSRs. # Instead the additional names are form entries on web # pages where one requests the certificate... subjectAltName = @alt_names [alt_names] DNS.1 = IPADDRESS DNS.2 = SECONDNAME DNS.3 = THIRDNAME ...
The certificate request is then generated as usual, but the custom configuration file is specified.
$ openssl req -config openssl-custom.cnf -new -key $SERVER.key -out $SERVER.csr
Manually connect to an SSL secured port
$ openssl s_client -connect www.narf.ssji.net:443 CONNECTED(00000003) --- Certificate chain 0 s:/CN=distant-sun.narf.ssji.net i:/O=CAcert Inc./OU=http://www.CAcert.org/CN=CAcert Class 3 Root --- Server certificate -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- subject=/CN=distant-sun.narf.ssji.net issuer=/O=CAcert Inc./OU=http://www.CAcert.org/CN=CAcert Class 3 Root --- No client certificate CA names sent --- SSL handshake has read 2983 bytes and written 409 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: C68B84A9F17B7F2FB2B5E043272B41BC37C34AA826D6B6458C321DE103BD95FC Session-ID-ctx: Master-Key: E9BFE1B8E6E7B26895541B5E87CC76D7E9E5FD620DE9BB5BDA2B2CFC446F17323CE79717466F8EEC828C1FC2C9E8C770 Key-Arg : None PSK identity: None PSK identity hint: None TLS session ticket: 0000 - 37 a3 3f ae ad 81 6d 0d-97 36 10 44 6f 58 ec 49 7.?...m..6.DoX.I 0010 - d0 74 e0 c6 d5 e6 76 a5-44 a7 1b b6 55 51 f5 65 .t....v.D...UQ.e 0020 - 75 b0 f1 57 29 01 80 24-a1 bd 67 bf b6 9c b8 50 u..W)..$..g....P 0030 - 67 f4 87 31 25 d2 0e ac-53 ab 1f 39 97 65 3d 38 g..1%...S..9.e=8 0040 - a8 87 85 5b f3 7e ec a9-9d bc 01 1b fd e7 dc 0b ...[.~.......... 0050 - 4b ac 1e ea f9 8c 2f 6c-83 33 c3 45 ce 95 b2 7e K...../l.3.E...~ 0060 - 9c 51 04 f0 14 9e 0d 03-fb f5 a8 ed 6d b1 90 f3 .Q..........m... 0070 - 08 3f 47 3b a9 91 f9 d8-99 dc 73 1b a9 86 f6 b0 .?G;......s..... 0080 - 13 38 30 ae f1 e3 b8 34-7c c2 64 3c 4c ea 8a 10 .80....4|.d<L... 0090 - 6b e1 59 52 d8 89 f3 9f-6b 17 c7 6c 55 ed 86 0f k.YR....k..lU... 00a0 - 70 c6 50 94 21 44 f2 ac-28 f4 ee 59 c3 60 3f f3 p.P.!D..(..Y.`?. 00b0 - fb f9 bd 54 89 62 44 c5-96 e9 d5 0e 4f be 17 4a ...T.bD.....O..J Start Time: 1291767269 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) --- HEAD / HTTP/1.1 Host: www.narf.ssji.net HTTP/1.1 200 OK Date: Wed, 08 Dec 2010 00:15:08 GMT Server: Apache Content-Location: index.xhtml Vary: negotiate TCN: choice Content-Type: application/xhtml+xml
It also works for TLS connections.
$ openssl s_client -connect SMTP:587 -starttls smtp
[... certificate details ...]
---
250 XRDST
Get Remote Certificate
$ openssl s_client -connect HOST:PORT | sed '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/!d' > HOST.crt verify error:num=19:self signed certificate in certificate chain verify return:0 -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE---- ^D DONE
The same can be done to get the fingerprint, with some more filtering:
$ openssl s_client -connect HOST:PORT | sed '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/!d' | openssl x509 -fingerprint ^D verify error:num=19:self signed certificate in certificate chain verify return:0 DONE SHA1 Fingerprint=00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00:11:22:33 -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----
Java
GTK Look and Feel by default
In $JAVA_HOME/lib/swing.properties:
# Swing properties swing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel
Recreating the Java KeyStore
If Java complains with a
Unexpected error: javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
odds are that the $JAVA_HOME/jre/lib/security/cacerts file is empty (i.e. it's only 32 Bytes in size).
To recreate it from, say, Mozilla's list of trusted certificates, the following (tested on ArchLinux) can be done:
for FILE in /usr/share/ca-certificates/mozilla/*.crt; do keytool -deststorepass changeit -import -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -file $FILE -alias `basename ${FILE/.crt/}` -noprompt done
Le minimum avec Mutt
Le .procmailrc:
:0 $HOME/mbox
Le .mutt(ng)rc:
set mbox="~/mbox" set spoolfile="~/mbox"
Et bien mieux.
OfflineImap: Rename IMAP folders
How to rename/move IMAP folder from ${OLDNAME} to ${NEWNAME} (those being full tree paths within the IMAP hierarchy, with dots), for an account named ${IMAP}? This assumes the shell is Bash and an OfflineImap configuration such as this (namely: IMAP separators locally mapped to slashes, and consistent repository naming).
- Unsubscribe from the old path and move the folder in IMAP.
- Subscribe to that new folder.
- Move
${OLDNAME}files in all three filesAccount-${IMAP}/LocalStatus,Repository-${IMAP}andRepository-${IMAP}Localto${NEWNAME}in OfflineImap's status directory:.offlineimap$ for FILE in `find . -name ${OLDNAME}`; do mv $FILE ${FILE/${OLDNAME}/${NEWNAME}}; done - Move the local Maildir copy:
Maildir$ mv ${OLDNAME/.//} ${NEWNAME/.//} - Adjust the
FMD5in the filenames (see OfflineImap's FAQ, “Why are your Maildir message filenames so long?”):Maildir/${NEWNAME/.//}$ for FILE in `find ${NEWNAME/.//} -type f`; do > mv ${FILE} ${FILE/`echo -n "${OLDNAME/.//}" | md5sum | cut -f 1 -d " "`/`echo -n "${NEWNAME/.//}" | md5sum | cut -f 1 -d " "`}; > done - Sync!
Des fontes GTK de taille normale
- mettre
Xft.dpi: 100dans~/.Xresources - mettre
xrdb -load ~/.Xresourcesdans~/.xsession(si nécessaire) - redémarrer X
Peut aussi marcher:
$ apt-get install xfonts-base-transcoded
NFS
nfs:/data/Sources on /data/Sources type nfs (rw,rsize=32768,wsize=16384,timeo=3,retrans=5,acregmin=1,acregmax=30,acdirmin=10,acdirmax=60,retry=1000,namlen=255,port=2049,mountprog=100005,nfsprog=100003,posix,bg,hard,intr,noac,udp,addr=192.168.1.64)
lambda-d5.mtek.chalmers.se:/lfs/d5.dd/mehani on /chalmers/users/mehani type nfs (rw,nosuid,hard,intr,grpid,proto=tcp,addr=129.16.61.41)
Monter une image Qemu
$ mount -oloop,offset=sector_size*partition_start -t vfat /opt/qemu/tempImage /mnt/tempImage
En général sector_size=512 et partition_start=63.
Pour être sûr:
$ fdisk -lu /opt/qemu/tempImage
Convertir de l'EPS en SVG
$ pstoedit -f plot-svg fichier.eps fichier.svg
Créer une vidéo à partir d'images
Les noms des images sont du type img00.jpg à 50 Hz :
$ ffmpeg -f image2 -i img%02d.jpg -r 50 -vcodec mpeg4 vid.avi
CUPS
Two-sided printing option for landscape documents:
$ lpr -o sides=two-sided-short-edge
A2PS
Two-sided printing
Two-sided printing with proper folding depending on the printing orientation (i.e. tumble when landscape printing), in /etc/a2ps/a2ps-site.cfg:
Printer: atp-b15-nl2-p1 | #{lp} #o #?l|-oDuplex=DuplexTumble||
or (simpler)
Options: -s2
And stapling:
Variable: lp.options | #{lp} #o #?l|"-oStaple=1Staple(Left)"|"-oStaple=1Staple(Right)"|
Forced two-sided printing
Prevent psnup (and other psutils) from cancelling two-sided printing, as per this post.
Still in /etc/a2ps/a2ps-site.cfg:
Variable: forceduplex \
cat /etc/a2ps/duplex.ps -
Variable: forcetumble \
cat /etc/a2ps/tumble.ps -
Variable: lp.hook \
#?d! #?l|#{forcetumble}|#{forceduplex}| | !!
With PS headers duplex.ps and tumble.ps setting the right options.
PDF manipulation
Fill PDF form with an FDF file
This can be done using pdftk.
$ pdftk form.pdf fill_form data.fdf output data.pdf
Unfortunately, the project seems to be dead…
Crop a PDF file
$ gs -o cropped.pdf -sDEVICE=pdfwrite -c "[/CropBox [0 0 280.59 419.52] /PAGES pdfmark" -f input.pdf
The unit of 'CropBox' (and 'MediaBox') are expressed in an unclear (to me) unit. In this example, 280.59 was 99mm.
Using Ghostscript unfortunately scrapes the metadata.
Copy PDF metadata
Once again, PDFTK comes to the rescue.
$ pdftk input.pdf dump_data | pdftk cropped.pdf update_info - output cropped2.pdf
PPTP-based VPN
PPPd and PPTPClient are needed for this to work
General setup
Using the PPTPClient-provided options, one can quickly create a new peer in, say, /etc/ppp/peers/pptppeer:
file /etc/ppp/options.pptp name LOGIN pty "/usr/sbin/pptp PPTPSERVER --nolaunchpppd" #debug #nodetach
Of course, the password needs to be added to the /etc/ppp/chap-secrets file:
# client server secret IP addresses LOGIN * PASSWORD *
Once a network connection has been established, the routes may have to be taken care of before and/or after the establishment of the :
$ sudo route add PPTPSERVER DEFAULTGW $ sudo pppd call pptppeer $ sudo route add default gw PPTPPEERGW
Where DEFAULTGW is the default route _before_ the PPTP link has been established, and PPTPPEERGW is the remote endpoint of the P-t-P connection.
Gentoo setup
First emerge the necessary package
$ sudo emerge pptpclient pppd
Then configure the new interface, with dependencies and needed route setup in /etc/conf.d/net:
config_ppp0=( "ppp" )
link_ppp0="pty 'pptp PPTPSERVER --nolaunchpppd'"
username_ppp0='LOGIN'
password_ppp0='PASSWORD'
pppd_ppp0=(
"noauth"
"defaultroute"
"holdoff 3"
"child-timeout 60"
"lcp-echo-interval 15"
"lcp-echo-failure 3"
noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp persist
)
depend_ppp0() {
depend net
}
preup() {
case $1 in
ppp0)
route add PPTPSERVER gw DEFAULTGW
return 0
;;
*)
;;
esac
}
postup() {
case $1 in
ppp0)
route add default gw PPTPPEERGW dev $1
return 0
;;
*)
;;
esac
}
predown() {
case $1 in
ppp0)
route del default gw PPTPPEERGW
return 0
;;
*)
;;
esac
}
postdown() {
case $1 in
ppp0)
route del PPTPSERVER gw DEFAULTGW
return 0
;;
*)
;;
esac
}
Finally, the startup link has to be created, and can be used directly:
$ sudo ln -s /etc/init.d/net.lo /etc/init.d/net.ppp0 $ sudo /etc/init.d/net.ppp0 start
ELF Files Manipulation
Get Library Dependencies without ldd
As seen here.
readelf -d ELFBIN | grep NEEDED
tips.txt · Dernière modification: 2013/03/22 03:11 par oliviermehani
Sauf mention contraire, le contenu de ce wiki est placé sous la licence suivante : CC Attribution-Noncommercial-Share Alike 3.0 Unported
