Sometimes, you need to know your public IP address because of... reasons. My particular reason was creating firewall rule to limit SSH only from my current public IP address, to a machine on the Internet. And how to do it?
You can always use free services like What Is My IP?, which shows you your public IP address in a nice form:
The other day I was creating some Linux virtual machines (I know, I know...) and, with Azure being my preferred hosting platform, I've decided to create this machines by using a simple PowerShell script. Not because I'm so good at PowerShell, but because I like it... and sometimes I really don't like clicking through the wizard to create multiple machines.
I wanted to create multiple machines with ease, each with "static" IP address from the provided subnet, accessible via the Internet (SSH, HTTP) and running the latest Ubuntu Linux, of course.
Learn software management with advanced Linux administration in this tutorial by Frederik Vos, a Linux trainer and evangelist and a senior technical trainer of virtualization technologies, such as Citrix XenServer and VMware vSphere.
-- post by Frederik Vos, provided by Packt --
Software management
In the old days, installing software was a matter of extracting an archive to a filesystem. There were several problems with this approach:
It was difficult to remove the software if the files were copied into directories that were also used by another software
It was difficult to upgrade software, maybe because the files were still in use or were renamed
It was difficult to handle shared libraries
That's why Linux distributions invented software managers.
The RPM software manager
In 1997, Red Hat released the first version of their package manager, RPM. Other distributions such as SUSE adopted this package manager. RPM is the name of the rpm utility, as well as the name of the format and the filename extension.
The RPM package contains the following:
A CPIO archive
Metadata with information about the software, such as a description and dependencies
Scriptlets for pre and post-installation scripts
In the past, Linux administrators used the rpm utility to install/update and remove software on a Linux system. If there was a dependency, the rpm command was able to tell exactly which other packages you needed to install. However, the rpm utility couldn’t fix the dependencies or possible conflicts between packages.
Nowadays, the rpm utility isn’t used any longer to install or remove software; instead, you use more advanced software installers. After the installation of software with yum (Red Hat/CentOS) or zypper (SUSE), all the metadata goes into a database. Querying this rpm database with the rpm command can be very handy.
A list of the most common rpm query parameters are as follows:
Parameter
Description
-qa
List all the installed packages.
-qi <software>
List information.
-qc <software>
List the installed configuration files.
-qd <software>
List the installed documentation and examples.
-ql <software>
List all the installed files.
-qf <filename>
Shows the package that installed this file
-V <software>
Verifies the integrity/changes after the installation of a package; use -va to do it for all installed software.
-qp
Use this parameter together with other parameters if the package is not already installed. It's especially useful if you combine this parameter with --script to investigate the pre and post-installation scripts in the package.
The following screenshot is an example of getting information about the installed SSH server package:
The output of the -V parameter indicates that the modification time has changed since the installation. Now, make another change in the sshd_config file:
If you verify the installed package again, there is an S added to the output, indicating that the file size is different, and a T, indicating that the modification time has changed:
Other possible characters in the output are as follows:
S
File size
M
Mode (permissions)
5
Checksum
D
Major/minor on devices
L
Readlink mismatch
U
User ownership
G
Group ownership
T
Modification time
P
Capabilities
For text files, the diff command can help show the differences between the backup in the /tmp directory and the configuration in /etc/ssh:
Shell
1
sudo diff/etc/ssh/sshd_config/tmp/sshd_config
You can also restore the original file as follows:
Shell
1
sudo cp/tmp/sshd_config/etc/ssh/sshd_config
The DPKG software manager
The Debian distribution doesn't use the RPM format; instead, it uses the DEB format invented in 1995. The format is in use on all Debian and Ubuntu-based distributions.
A DEB package contains:
A file, debian-binary, with the version of the package
An archive file, control.tar, with metadata (package name, version, dependencies, and maintainer)
An archive file, data.tar, containing the actual software
Management of DEB packages can be done with the dpkg utility. Like rpm, the utility is not in use any longer to install software. Instead, the more advanced apt command is used. All the metadata goes into a database, which can be queried with dpkg or dpkg-query.
The important parameters of dpkg-query are as follows:
-l
Lists all the packages without parameters, but you can use wildcards, for example, dpkg -l *ssh*
-L <package>
Lists files in an installed package
-p <package>
Shows information about the package
-s <package>
Shows the state of the package
The first column from the output of dpkg -l also shows a status as follows:
The first character in the first column is the desired action, the second is the actual state of the package, and a possible third character indicates an error flag (R). ii means that the package is installed.
The possible desired states are as follows:
(u) unknown
(h) hold
(r) remove
(p) urge
The important package states are as follows:
n(ot) installed
H(a)lf installed
Hal(F) configured
Software management with YUM
Your Update Manager or Yellowdog Updater Modified (YUM) is a modern software management tool that was introduced by Red Hat in Enterprise Linux version 5, replacing the up2date utility. It is currently in use in all Red Hat-based distributions but will be replaced with dnf, which is used by Fedora. The good news is that dnf is syntax-compatible with yum.
Yum is responsible for:
Installing software, including dependencies
Updating software
Removing software
Listing and searching for software
The important basic parameters are as follows:
Command
DescriptionÂ
yum search
Search for software based on package name/summary
yum provides
Search for software based on a filename in a package
yum install
Install software
yum info
Information and status
yum update
Update all software
yum remove
Remove software
You can also install patterns of software, for instance, the pattern or group File and Print Server is a convenient way to install the NFS and Samba file servers together with the Cups print server:
Command
Description
yum groups list
List the available groups.
yum groups install
Install a group.
yum groups info
Information about a group, including the group names that are in use by the Anaconda installer. This information is important for unattended installations.
yum groups update
Update software within a group.
yum groups remove
Remove the installed group.
Another nice feature of yum is working with history:
Command
Description
yum history list
List the tasks executed by yum
yum history info <number>
List the content of a specific task
yum history undo <number>
Undo the task; a redo is also available
The yum command uses repositories to be able to do all the software management. To list the currently configured repositories, use:
Shell
1
yum repolist
To add another repository, you'll need the yum-config-manager tool, which creates and modifies the configuration files in /etc/yum.repos.d. For instance, if you want to add a repository to install Microsoft SQL Server, use the following:
Shell
1
2
3
yum-config-manager--add-repo\
 https://packages.microsoft.com/config/rhel/7/\
 mssql-server-2017.repo
The yum functionality can be extended with plugins, for instance, to select the fastest mirror, enabling the filesystem / LVM snapshots and running yum as a scheduled task (cron).
Software management with Zypp
SUSE, like Red Hat, uses RPM for package management. But instead of using yum, they use another toolset with Zypp (also known as libZypp) as backend. Software management can be done with the graphical configuration software YaST or the command-line interface tool Zypper. The important basic parameters are as follows:
Command
Description
zypper search
Search for software
zypper install
Install software
zypper remove
Remove software
zypper update
Update software
zypper dist-upgrade
Perform a distribution upgrade
zypper info
Show information
There is a search option to search for a command, what-provides, but it's very limited. If you don't know the package name, there is a utility called cnf instead. Before you can use cnf, you'll need to install scout; this way, the package properties can be searched:
Shell
1
sudo zypper install scout
After this, you can use cnf:
If you want to update your system to a new distribution version, you have to modify the repositories first. For instance, if you want to update from SUSE LEAP 42.3 to version 15.0, execute the following procedure:
First, install the available updates for your current version:
Shell
1
sudo zypper update
Update to the latest version in the 42.3.x releases:
Besides installing packages, you can also install the following:
patterns: Groups of packages, for instance, to install a complete web server including PHP and MySQL (also known as a lamp)
patches: Incremental updates for a package
products: Installation of an additional product
To list the available patterns, use:
Shell
1
zypper patterns
To install them, use:
Shell
1
sudo zypper install--typepattern<pattern>
The same procedure applies to patches and products. Zypper uses online repositories to view the currently configured repositories:
Shell
1
sudo zypper repos
You can add repositories with the addrepo parameter, for instance, to add a community repository for the latest PowerShell version on LEAP 15.0:
Shell
1
2
3
4
sudo zypper addrepo\
 https://download.opensuse.org/repositories\
 /home:/aaptel:/powershell-stuff/openSUSE_Leap_15.0/\
 home:aaptel:powershell-stuff.repo
If you add a repository, you must always refresh the repositories:
Shell
1
sudo zypper refresh
Software management with apt
In Debian/Ubuntu-based distributions, software management is done via the apt utility, which is a recent replacement for the utilities, apt-get and apt-cache.
The most-used commands include:
Command
Description
apt list
List packages
apt search
Search in descriptions
apt install
Install a package
apt show
Show package details
apt remove
Remove a package
apt update
Update catalog of available packages
apt upgrade
Upgrade the installed software
apt edit-sources
Edit the repository configuration
Repositories are configured in /etc/apt/sources.list and files in the /etc/apt/sources.list.d/ directory. Alternatively, there is a command, apt-add-repository, available:
Shell
1
2
apt-add-repository\
 'deb http://myserver/path/to/repo stable'
The apt repositories have the concept of release classes:
Old stable, tested in the previous version of a distribution
Stable
Testing
Unstable
They also have the concept of components:
Main: Tested and provided with support and updates
Contrib: Tested and provided with support and updates, but there are dependencies that are not in main, but for instance, in non-free
Universe: Community provided, no support, updates possible
Restricted: Proprietary device drivers
Multiverse: Software restricted by copyright or legal issues
If you found this article interesting, you can explore Frederik Vos’ Hands-On Linux Administration on Azure to administer Linux on Azure. Hands-On Linux Administration on Azurewill help you efficiently run Linux-based workloads in Azure and make the most of the important tools required for deployment.
In light of "Microsoft loves Linux" initiative, you can now deploy your Linux virtual machines by using templates in the System Center 2016: Virtual Machine Manager. As I was searching on how to do this (successfully), there were couple of articles that helped, so I’ve decided to do a short list of all the necessary steps (in one place).
Steps to make your Linux VM template deployments work:
create a new (Generation 2) virtual machine (as you would normally do)
install the Linux operating system in that virtual machine (as you would normally do)
HINT: A list of supported Linux distributions and versions on Hyper-V is available here.
install the Linux Integration Services (LIS) (as per this post):
open the "modules" file
Shell
1
sudo nano/etc/initramfs-tools/modules
add the following to the end of this file:
1
2
3
4
hv_vmbus
hv_storvsc
hv_blkvsc
hv_netvsc
save it (Ctrl+X and Y)
install LIS and reboot the machine by using the following commands:
check if the services are running by using the command:
Shell
1
sudo lsmod
install the Virtual Machine Manager agent (as per this post):
share the folder C:\Program Files\Microsoft System Center 2016\Agents\Linux on your VMM machine
copy the VMM agent files to Linux virtual machine
as a real Windows admin, I did it through the GUI
install the agent:
Shell
1
sudo./install scvmmguestagent.1.0.2.1075.x64.tar
fix the boot for Generation 2 virtual machine (boot information is by default stored in the VM configuration file, not on disk – Ben wrote a great article on this “issue”)
Ben’s way (didn’t work for me):
change directory to the boot EFI directory
Shell
1
sudo cd/boot/efi/EFI
copy the ubuntu directory in to a new directory named boot
Shell
1
sudo cp-rubuntu/boot
change directory to the newly created boot directory
Shell
1
sudo cdboot
rename the shimx64.efi file
Shell
1
sudo mvshimx64.efibootx64.efi
TriJetScud’s way in the comments (worked for me with Ubuntu 16.04 Generation 2 VM):
The other day I was “playing” with setting up Office 365 for one of our clients – they have Linux machines for their DNS servers, and BIND as their DNS solution. As this was my first encounter with configuring BIND by myself, I just wanted to share steps I’ve taken to make it work (in my lab environment) – maybe it will help someone…
DISCLAIMER: I’m not a Linux/UNIX expert! I try to figure out what I need, and then try to make this work… with the help of Internet resources (or experts), of course. There is plenty of resources on how to do this already, but I like to have things in one place if I need them again.
So, I’ve began my experiment with wondering which Linux distribution should I take. After some consulting (thanks, Ingrid ), the final choice was pretty easy – Fedora(criteria – had to be relatively easy to use (for non-Linux person like me), had to work in Hyper-V without much trouble, and there should be someone who can help if I got stuck).
After a pretty simple installation process (wizard, Next, …, Next, Finish), I’ve had my Fedora box up and running.
Now, the more complicated part – setup this box to be BIND server, and load the correct records in it, so that Office 365 can add and verify my domain.
Here are the high-level steps (I’ve used Terminal, with su rights):
1. install few packages to get things up and running:
Shell
1
yum-yinstall bind bind-utils bind-libs nano
2. configure the BIND (DNS) server to run at startup:
1
chkconfig named on
3. query the firewall rules for UDP port 53 access:
