Tag Archivio per: Linux


“Today, we will learn how to install KVM on Linux Mint 21 using the command line. KVM is a complete virtualization solution for Linux on x86 hardware. Using this, we can easily create Aparente Machines just like we do in VMware or VirtualBox. The best part about KVM is that it is open source and more efficient than its rival virtualization solutions.”

We have used basic Linux commands implemented on Linux Mint’s Terminal to install KVM. Let’s see how it is done!

Guide

Following are the steps involved in installing KVM on Linux Mint 21:

Step 1: Update and Upgrade Linux Mint

Before installing KVM, it is recommended to update your system and upgrade it. The following commands will help us in updating and upgrading our Linux Mint machine:

Step 2: Check System Compatibility With KVM

Next, we need to check whether KVM is compatible with our system or not. If it is not compatible, then we’ll keep running into errors.

egrep -c ‘(vmx|svm)’ /proc/cpuinfo

Output:

If you get an output above 0, that means KVM is compatible with your system and can be easily installed. In our case, we got an 8. This means we can install KVM on our system.

Step 3: Install KVM

Now that we have made sure that KVM can be installed, let’s install it by executing this command:

sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virt-manager

Step 4: Add Your User to the KVM and Libvirt Group

It is now time to add your user to KVM and libvirt group to set up KVM so that you don’t run into any permissions-related errors. Add the user to the KVM group like this::

sudo usermod -aG kvm $USER

Add the user to the libvirt group with this command:

sudo usermod -aG libvirt $USER

How to Create a Aparente Machine(VM) in KVM?

Now that we have installed KVM let’s see how we can create a VM on it. First, download the iso you want to create a VM of. We have downloaded an iso for Ubuntu 20.04.

Now open Aparente Machine Manager on your machine. This is how the interface will appear:

Click on File; you will see a list of options to choose from. Now click on New Aparente Machine:

This window will open with a list of options to choose from for your VM:

Please select the first option, as it allows you to create a VM using an ISO image. Merienda selected, click Forward.

Now select the iso that you downloaded, as shown below:

After that, allot memory and CPU utilization for the VM like this:

Next, allot storage to the VM:

Now, give the VM a name. For example, if the VM is Ubuntu, you can name it Ubuntu, followed by its version.

These are all the settings that were required. Click on Finish to finish the VM setup. The VM creation process will begin after that.

Merienda the VM is created, a new window will open for OS installation. You can then install the OS easily.

Conclusion

In today’s guide, we saw in detail how to install KVM on Linux Mint 21. We began by updating and upgrading the system. Then we verified KVM compatibility. Afterward, we installed KVM on our machine. In the end, we also saw how to create a Aparente Machine on KVM.



Source link


“It’s crucial to manage storage capacity on a Linux system. Programs that act as package managers, for instance, alert you to the amount of disc space needed for setup. You need to be aware of the amount of free space on your machine for that knowledge to be useful. There are several utilities available in the Linux systems to discover what is using the disk space of our system. Discover how to examine the disc space in Ubuntu using the df utility as well as how to view the file system’s disc space consumption using the “du” tool throughout this lesson.”

Update System

Before checking the disk space usage, we need to update our system to make it fully updated so that the memory space can be displayed correctly. For this, try opening the console application of your Linux system with the use of the “Ctrl+Alt+T” shortcut. It will be launching the console quickly in a few seconds. We have tried the apt instruction with the sudo rights followed by the keyword “update”. The execution asks for the “password” of the currently active user at the moment. We have added the password, and the process continues.

Check Disk Space Usage With Df Utility

The main system part that uses the memory more than anything is the disk, usually in all operating systems. To find the amount of space used by the disk in the Ubuntu 20.04 system, we will be utilizing the “df” utility of our system. The df tool, which refers to disk free, displays how much space each drive is using. Values are shown by df by a standard in 1-kilobyte units. Within the “df” command output below, we have been shown the space used by the file system and the system’s related parts. It also displayed the percentage usage of space in the output.

Check Disk Space Usage in Mega & Gega Bytes

Within the above output, the disk space usage has been displayed in the 1-kilobyte format, while in the “used” and “available” column, we can only see disk space value in numbers, i.e., merely understandable. So, to display the disk space output in a more human-readable presentable format so that any computer user can understand it quickly and get any type of information required. For this, we need to use the “df” instruction with its “-h” option in the query area, as we have used this instruction in the attached photo. The output for the Size, Used, and Avail column has now displayed the result in Kilobytes, megabytes, and gigabytes after the conversion. While the “Use%”, and “Mounted on” columns have got no change in them.

You can also make use of the “df” instruction according to your needs. Let’s say you only want to look for the size of disk space, its available space, and its used space on your shell screen. For this, you need to use the “df” instruction with the “-H” option and the column names from the particular space table, i.e., Size, used, avail, as presented in the image below. The output below has displayed the data for these three columns and didn’t identify the program or disk.

Check Disk Space Usage for File System

The very same “df” instruction can be utilized in the console with its “-h” option to display the disk space used by the file system used in your Linux system. So, we have tried this instruction to check the space used by the “dev/sda2” device file system. The output shows that the disk “dev/sda” has a size of 2.4GB while 0 bytes are used, and the rest is available to be used.

The use of the “df” instruction with the “-h” option and the “/” character shows the amount of space used on the primary disk storage device. So, we have tried it and found that the primary disk “dev/sda5” has a size of 30GB while 14GB has been used and 15GB has been left unused and can be utilized shortly.

Check Disk Space Usage for File System by Type

You can try to find out the disk space usage for the file system according to the type of file system. For this, you need to use the “-ht” option within the “df” instruction along with the file system type, i.e., ext4 in our case. The output on our screens is showing quiebro similar output as above while the “mounted on” column has only a “/”.

Check Disk Space Usage With Du Utility

Disk use is seen via the du utility. You may see your disc performance in further detail with this utility by using Ubuntu 20.04 Console application to show the disk usage for certain folders. Use it to show how much storage your present directory is using, as we did in the below presentation. The left side numerical value shows the data size, and the right side shows all files and folders of our system.

The “du” instruction, along with the “-h” option, has been showing the space used by the folders in kilobytes at the console application screen of our system, as presented in the attached image.

If you want to find out the space used by your current working directory, you must utilize the “du” instruction with the combined option “-hs”. The result displays that it contains a total of 106MB of data within the system.

Conclusion

We have elaborated on the popular use of the disk space concept along with the different utilities of our Linux operating system. Firstly, we have tried to update our system to avoid any issues. After that, we discussed the use of “df” and “du” instructions separately to see how much space has been utilized by a particular disk drive. We have tried the “df” and “du” instructions with the “-H” or “-h” instructions for the view of disk space usage in the Kilobytes, Megabytes, and Giga bytes. Hence, we have tried to cover every minor detail in this article.



Source link


“Linux Secure Shell, or SSH, is a protocol used by Linux computers to access remote computers and execute commands securely. It is a replacement for rlogin and rsh. Thus, SSH provides encrypted and secure communications between untrusted hosts over an insecure or untrusted network.
Also known as Secure Socket Shell, this protocol is a security application for Linux users connecting to remote servers. The framework allows users to transfer files, run command lines and graphical programs, and create secure supuesto networks over the internet.
The framework has an SSH command to secure remote connections and data transfers between clients and hosts. The utility ensures encryption of all communications.t
The command works by transferring client inputs to the host. Merienda done, the command returns the output from the host to the client and often executes through IP/TCP port 22. This encrypted connection is also used in port forwarding, Linux server, tunneling, and many more.”

Components of the SSH Command

Like every other computing command, the ssh command has syntax. The syntax for this command is as shown in the below image;

And as shown in the command, the following make the components of the ssh comma;

  • ssh command-The command provides instructions to machines to create secure encrypted connections with the host network or system.
  • User Name– This is the name of the Linux client or user accessed by your host machine or system.
  • Host– This is the machine that the user accesses or establishes a connection with and domain names or IP addresses. Ideally, hosts can either be routers or computers.

The ssh Command Synopsis and Flags

The image below illustrates the ssh command synopsis;

The ssh command tags are as follows;

Tag Description
-1 Compels ssh to try only the version 1 protocol
-2 Forces ssh to test only the version 2 protocol
-4 Makes ssh to use only IPV4 addresses
-6 Forces ssh to only use IPv6 addresses only
-A It initiates authentication agent connection forwarding. Usually, you can specify this flag on a per-host basis.
Notably, you should enable agent authentication forwarding with a lot of caution. Those with the authority to bypass file permissions on remote hosts can often access the nave agent through a forwarded connection. While attackers may not access key material from the agents, they can use the keys to perform operations and authenticate using identities within the agent.
-a Disables the authentication agent connection forwarding
-b bind_address You can use bind_address on nave machines as the source address of the connection. This flag only comes in handy for systems with multiple devices.
-C It is used for requesting compression of all data. It uses the same algorithm used by gzip to compress data, including stdout, stdin, and stderr.
-c cipher_spec It chooses the cipher specification to use during the encrypting session.
Protocol version 1 only allows the specification of one cipher. But for protocol version 2, a comma separates the list of ciphers beginning with the most preferred.
-D –Xo It controls the Sm off and Sm on components. It specifies the nave dynamic for port forwarding at the application level. Notably, it allocates a socket that listens to the port on your nave system. Every connection through this port is forwarded over the system’s secure channel.
-e escape_char This tag helps to set escape characters for sessions with pty.
-F configfile It specifies the configuration file for each user.
-f The flag initiates a request for ssh to return to the background before executing a command. This is handy when the user wants the password or passphrase requests to happen in the background.
-g Establishes connections between remote hosts and nave forwarded ports
-i identity_file Selects the system file from which your machine will read the identity for DSA or RSA authentication.
-k Disables delegation or forwarding of GSSAPI credentials and identities to the server
-L -Xo Controls the Sm off and Sm on components by specifying that the port provided on the client/nave host should be forwarded to your port and host on the remote machine.
-l login_name It directs the user to log in on the remote side.
-M It puts the client into a master mode to enable connection sharing. There can be multiple –M options to place an ssh client on master mode and require confirmation before the system accepts slave connections.
-m mac_spec This is an additional flag for protocol version 2. It provides a comma-separated list of message authentication code (MAC) algorithms.
-N Instructs users not to commit remote commands.
-n It redirects the stdin data from /dev/null and prevents its reading. It is only useable when ssh runs in the background.
-O ctl_cmd It controls an active connection from multiplexing the master process.
-o option This flag is often used to provide options in the exact format used in your configuration file.

Conclusion

This article is an elaborate introduction to the Secure Socket Shell or SSH. It has described the ssh command alongside its syntax and the relevant flags. Hopefully, you can use the above information to initiate your interaction with the SSH protocol.

Sources



Source link


JamesDSP for Linux

JamesDSP for Linux is an open source Qt audio effect processor for PipeWire and PulseAudio. Use it to enhance the music you listen to by adding reverberation, bass boost and other filters using a parametric or fixed band equalizer. It also allows you to write your own audio effects using the EEL2 scripting language.

The application is designed for use with PipeWire, which the developer recommends for its lower latency when injecting audio effects, but PulseAudio is also supported (for backwards compatibility).

It was initially released as an audio effects processor for Android, and it then ported to Linux.

JamesDSP for Linux features include:

  • Automatic bass boost (frequency-detecting bass-boost): automatically sets its own parameters, such as gain, bandwidth, and cut-off frequency, by analyzing the incoming audio stream
  • Automatic dynamic range compressor: a highly automated multiband dynamic range adjusting effect
  • Complex reverberation IIR network (Progenitor 2)
  • Interpolated FIR equalizer with flexible bands
  • Arbitrary response equalizer (also known as GraphicEQ from EqualizerAPO). AutoEQ database integration (requires network connection)
  • Partitioned convolver (Automóvil segmenting convolution). Supports mico, stereo, full/true stereo (LL, LR, RL, RR) impulse response
  • Crossfeed: realistic surround effects
  • Soundstage wideness: a multiband stereo wideness controller
  • ViPER-DDC: perform parametric equalization on audio & create VDC input files using thepbone/DDCToolbox
  • Analog modeling: an aliasing-free even harmonic generator
  • Output limiter

The application also comes with a scripting engine that allows you to write your own audio effects using the EEL2 scripting language. JamesDSP even automatically generates a basic user interface for  your scripts which allows modifying parameters.

To edit the scripts, JamesDSP comes with a minimal scripting IDE with console output support, detailed error messages, syntax highlighting, and more.

Besides this, JamesDSP for Linux also comes with universal presets that you load and save, a tray icon, and more.

The application had a major release (2.0) over the weekend, which adds PipeWire support, UI updates, and more. There’s no official change log so there might be something I missed, check out the commit log for details.

You might also like: NoiseTorch Is A Real-Time Microphone Noise Suppression Application For Linux

Getting started with JamesDSP

When you first run JamesDSP, its setup wizard is displayed, allowing you to choose the output device, set if the app should shutdown when closed or stay minimized, etc.:

JamesDSP onboarding Linux

In case you later want to change some settings presented in this setup wizard, you can do so from the application settings (cog icon in the bottom left-hand side of the JamesDSP for Linux window).

Merienda that’s done, you can start applying some effects to your computer’s audio output. For example, go to the Equalizer tab, click Enable EQ, and select an equalizer preset:

JamesDSP Linux equalizer

If you can’t hear a difference with and without a preset, make sure your audio output device is set to JamesDSP Sink in System Settings (sometimes it’s not set automatically), e.g. in GNOME:

JamesDSP system sound settings

You  might also find useful: Fix No Sound (Dummy Output) Issue In Ubuntu With SND HDA Intel

Vs EasyEffects

You might be wondering how JamesDSP compares to EasyEffects (previously PulseEffects), another audio effect processor application for Linux. The most obvious difference is that JamesDSP works with both PulseAudio and PipeWire, while EasyEffects only supports PipeWire (you must install an older version of EasyEffects from the time it was called PulseEffects if you want to use it with PulseAudio).

Besides that, EasyEffects comes with more effects, although there are some effects available in JamesDSP that aren’t available with EasyEffects, such as soundstage wideness, a multiband stereo wideness controller, or ViPER-DDC which allows you to perform parametric equalization on audio. And EasyEffects allows applying audio effects to both sound input and output, while JamesDSP is for output only. On the other hand, JamesDSP has a simpler user interface, and it comes with a scripting engine that’s not available in EasyEffects.

So while these 2 applications have many things in common, there are also some differences, so use the one that best fits your needs.

Download JamesDSP for Linux

Before installing JamesDSP for Linux, check if you’re using PipeWire or PulseAudio as described here. Then you can install JamesDSP for Linux (for either PipeWire or PulseAudio) from a repository (Debian / Ubuntu), AUR (Arch Linux / Manjaro), or build it from source.

You might like: Hushboard Mutes Your Microphone While Typing


Ventoy Linux GUI

Ventoy, a tool for easy bootable USB drive creation (simply copy the ISO to the USB), has been updated recently with a native GUI for Linux.

Ventoy is available for Microsoft Windows and Linux, and it can create bootable USB drives containing Linux and Windows ISO files. 

You need to install Ventoy to a USB drive, then every time you want to create a bootable USB drive, all you have to do is copy the ISO to the USB. There’s no need to format the USB drive. You can copy as many ISO files as you wish (even combined Windows and Linux ISOs), and when booting from the USB, Ventoy shows a list of available ISO files, allowing you to boot from the one you select. I don’t think I’m exaggerating when I’m saying that Ventoy is probably the best bootable USB creator for both Linux and Windows.

What’s more, since you don’t need to format the USB drive, you can continue to use it for other purposes. So you can copy other files to the USB, and it won’t interfere with Ventoy.

Ventoy also features support for legacy and UEFI Secure Boot, it supports persistence for some Linux distributions, it supports ISO files larger than 4GB, and it can be upgraded without reformatting the USB.

Initially, Ventoy was released for Linux as a command line tool. Back in March 2021, it added a web UI, but that was a bit clunky to use, especially since its aim was to simplify things, which it didn’t fully do.

With the latest 1.0.52 though, Ventoy has added a native GUI for Linux, which you can use to install Ventoy onto USB devices, which is similar to the one that’s been available on Windows since the early Ventoy releases. Merienda you install Ventoy on a USB stick, all you have to do is copy some ISO files to the USB, and you’ll get a bootable USB drive.

The release notes mention that the new GUI uses either GTK or Qt, depending on what you prefer (I’m not sure which one is used in the precompiled binaries).

You might like: How To Login With A USB Flash Drive Instead Of A Password On Linux Using pam_usb (Fork)

The new Ventoy Linux GUI lets you choose the USB device, shows the current Ventoy version and the Ventoy version installed on the USB drive, and it has various options that allow you to:

  • Enable Secure Boot support
  • Choose the partition type (MBR or GPT)
  • Set the partition configuration (align partitions with 4KB and preserve some space at the end of the disk)
  • Remove Ventoy from a USB device
  • Choose the user interface language

When you download the latest Ventoy binary, you’ll notice some Ventoy GUI executables: VentoyGUI.x86_64VentoyGUI.aarch64VentoyGUI.i386, and VentoyGUI.mips64el. To run it, all you have to do is double-click the VentoyGUI executable corresponding to your OS architecture (if you’re a desktop user, chances are you’re using an x86_64 architecture, so double click VentoyGUI.x86_64).

In case double-clicking the executable doesn’t work, open a terminal, navigate to the folder where you’ve extracted Ventoy and run it using, e.g. for the x86_64 architecture:

./VentoyGUI.x86_64

Other changes in Ventoy 1.0.52 include:

  • Add support for Emergency Boot Kit
  • Continue to boot when the ISO file size is invalid.
  • Fix a bug when booting puppy-4.3.1
  • languages.json update

Download Ventoy

On the downloads page you’ll find Linux and Windows binaries. If you prefer to download the source code, visit the Ventoy GitHub repository.


Oracle Java 17 LTS has been released recently, and is now available to install from the Linux Uprising Oracle Java PPA on Ubuntu, Debian, and Linux distributions based on these, such as Pop!_OS, Linux Mint, Zorin OS, etc.

Java 17 is the latest long-term support (LTS) release, and with it, the license has changed, the binaries being free (no cost) to use in production and free (no cost) to redistribute until a full year after the next LTS release. Previously (from Oracle Java 11 until now), Oracle Java used a commercial license that allowed downloading and using it at no cost for development and testing only, but it required paying a fee to use in production.

If you prefer to use open source JDK builds, check out those offered by AdoptOpenJDK or Zulu OpenJDK.

I’d like to note that even though Oracle Java 17 can be redistributed, the Launchpad PPA terms don’t seem to allow packing it into a PPA due to its license. So the Linux Uprising Oracle Java PPA continues to use a script that automatically downloads Oracle Java (the binaries are not hosted in the Launchpad PPA).

This Oracle Java 17 installer is based on the Web Upd8 Java package (so the credits go to its innovador creators), with minor modifications. This package automatically downloads, installs (with some tweaks such as better font rendering, add applications menu entries, etc.) and optionally sets Oracle Java 17 as the default Java (runs update-alternatives, exports the JAVA_HOME environment variable, etc.) on your system. 

Oracle does offer DEB packages for Oracle Java, however, these packages simply copy the Java binaries to /usr/lib/jvm, without doing anything else, so it’s exactly the same as copying the Java directory to that location yourself.

Using this PPA you can install Oracle Java 17 for x64 and aarch64 architectures.

You might also like: How To Install / Switch Between Multiple Java Versions Using SDKMAN

How to install Oracle JDK 17 On Ubuntu, Debian, Linux Mint, Pop!_OS or Zorin Os using an APT PPA repository

Add the Linux Uprising Oracle Java PPA repository and update the software sources on Ubuntu, Linux Mint, Pop!_OS or Zorin Os using the following commands:

sudo add-apt-repository ppa:linuxuprising/java

sudo apt update

Add the Linux Uprising Oracle Java PPA repository (and its key) and update the software sources on Debian and other Linux distributions based on Debian (but not Ubuntu and Ubuntu-based) using:

su -

echo "deb http://ppa.launchpad.net/linuxuprising/java/ubuntu focal main" | tee /etc/apt/sources.list.d/linuxuprising-java.list

apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 73C3DB2A

apt-get update

exit

Now you can install Oracle JDK 17 on Debian / Ubuntu and Linux distributions based on these:

  • Install and make Oracle JDK 17 the default JDK version:

sudo apt install oracle-java17-installer --install-recommends

  • Install but don’t make Oracle JDK 17 the default JDK version:
sudo apt install oracle-java17-installer --no-install-recommends

You can control if Oracle JDK 17 is the default JDK version (runs update-alternatives, exports the JAVA_HOME environment variable, etc.) or note with the help of the oracle-java17-set-default package. If this is installed, Oracle JDK 17 is set as default; remove this package, so Oracle Java 17 is not set as default (unless it’s the only Java version on the system).

This package is set as a recommended package for the Oracle Java 17 installer, that’s why installing oracle-java17-installer with --install-recommends also installs oracle-java17-set-default.

To check which Java version is set as default on your system, you could run java -version and / or javac -version. Example with output that shows Oracle Java 17 set as default:

$ java -version
java version "17" 2021-09-14 LTS
Java(TM) SE Runtime Environment (build 17+35-LTS-2724)

Java HotSpot(TM) 64-Bit Server VM (build 17+35-LTS-2724, mixed mode, sharing)

$ javac -version
javac 17

In some cases, the installer may fail to download the Oracle Java 17 .tar.gz archive from Oracle. There are multiple possible issues for this: you’re behind a router / firewall that prevents this, your Internet connection went down during the download process, etc. 

To work around this, you can download this file yourself from Oracle by other means, e.g. by going to a friend’s house, using a web browser with a proxy, etc., and then placing the downloaded Oracle Java 17 .tar.gz file in /var/cache/oracle-jdk17-installer (create this folder as root if it doesn’t exist), then install the oracle-java17-installer package from the Linux Uprising PPA as explained above.

This way, the Oracle Java 17 installer uses the nave archive instead of trying to download it itself. Make sure the downloaded Oracle Java 17 .tar.gz and the Oracle Java Installer package from the PPA are both the same version, or else this won’t work.

How to accept the Oracle Java 17 license automatically

Downloading and installing Oracle Java 17 requires the user to accept a license. In some cases, like when using this in an automated script, you may want to automatically accept the license using a command. You can do that by using:

echo oracle-java17-installer shared/accepted-oracle-license-v1-3 select true | sudo /usr/bin/debconf-set-selections

If that doesn’t work, also try this command:

echo oracle-java17-installer shared/accepted-oracle-licence-v1-3 boolean true | sudo /usr/bin/debconf-set-selections


Eversticky sticky notes for Linux

EverSticky is a simple new Qt sticky notes tool for Linux that synchronizes with Evernote and displays rich text formatting.

The application lets users quickly take notes using post-it note-like windows displayed on their desktop. The notes are automatically saved, and synchronized to Evernote (including free Evernote accounts) at a given interval or on demand.

Eversticky sticky notes

The sticky notes are accompanied by a tray icon from where users can create a new note (new notes can also be created by using the + button from an existing sticky note), force sync to Evernote, bring the notes to the foreground, log out of Evernote, and access the application settings. In the settings you’ll find options like setting the sync interval, check for application updates, and set the tray icon style to light or dark.

The stick notes are quiebro basic, supporting only a few keyboard shortcuts like Ctrl + b to make the selected text bold or Ctrl + i to make the text italic.

However, you can paste rich text and EverSticky will display it. E.g. you can copy a checkbox and paste it into a sticky note, and the checkbox will behave as expected, allowing you to check/uncheck it. Or you can paste an image, but note that you must copy the image itself (for example by selecting the image or a region of an image in GIMP, then copy it), and not the image path. You may also edit the notes in Evernote and EverSticky will display them with all the included formatting.

While not explicitly supporting Wayland, EverSticky does run on Wayland, and it behaves in the same way as on X11. For example, using the Dash to Panel, when clicking the Show Desktop button, all windows are hidden, but the sticky notes remain visible on the desktop (this doesn’t happen when using Ctrl + Shift + D though).

You might also like: Joplin: Encrypted Open Source Note Taking And To-Do Application

EverSticky doesn’t come with a built-in option to start automatically on login, but you can add it manually. If your desktop environment / Linux distribution comes with a tool to add startup applications (for example Startup Application in some Ubuntu flavors including GNOME, in KDE Plasma it’s in System Settings -> Startup and Shutdown -> Autostart, etc.), add it from there, using eversticky as the command. Or, on most Linux distributions, you can also add it manually to startup by creating a file called eversticky.desktop in ~/.config/autostart with the following contents:

[Desktop Entry]
Type=Application
Exec=eversticky
Hidden=false
NoDisplay=false
X-GNOME-Autostart-enabled=true
Name=Eversticky

Download EverSticky

The application is available as a DEB package on GitHub (so it can be installed on Debian, Ubuntu, Pop!_OS, Linux Mint, etc., though note that Ubuntu 20.04 / Linux Mint 20 and newer are required), as well as on AUR for Arch Linux / Manjaro users. For other Linux distributions, you’ll need to build it from source (this requires a production Evernote API key).


This article explains how to find all files containing specific text on Linux. For this we’ll use grep, a standard Unix program.

grep is a command-line utility which prints lines that match a given pattern, and should be installed by default.

Let’s start simple. Say you want to search for the word text (case-sensitive!) in all the files in the current directory and its subdirectories. To do this, you need to open the terminal, navigate to the folder where you want to perform the search, and run:

grep -r 'text'

This lists all the files in the current folder and subfolders containing text. This includes strings like texting for example, because it contains our search pattern, text. -r stands for recursive, reading all the files in the directory and its subdirectories. If you require following all symbolic links, use -R instead of -r.

If you only want to list the filenames containing the exact whole word text (as opposed to the default partial word matching), and not things like texting, 123text, and so on, you’d need to append the -w (whole words) command line option, like this:

grep -rw 'text'

If you don’t want to search in the current folder, but in a specific folder, you can specify the path in which grep should look into, by adding it at the end of the command, like this:

grep -rw 'text' /path/to/search/into

You might also be interested in: How To Repeat A Command Every X Seconds On Linux

Grep has many options, but below I’ll only list a few that you might find especially useful when trying to find all files containing specific text on Linux (besides those already mentioned above):

  • -n shows the line numbers. When a match is found, besides the file path in which it was found, grep will also display the line number on which the pattern was found
  • -i performs the search case-insensitive (it’s case-sensitive by default). Depending on the number of files, this can slow down the search, so take this into consideration when using it
  • --include=GLOB / --exclude=GLOB includes or excludes certain files
  • --exclude-dir=GLOB is used to exclude folders from being searched

Let’s take a look at an example which combines these command line flags. Let’s say you want to find all files containing the case-insensitive (-i) text in the ~/Documents folder and its subfolders except for the Private e Personal subfolders (--exclude-dir), and only search in the files that have the .txt e .js extensions (--include). Also, you want to show the line numbers (-n), search recursively and also follow all symbolic links (-R). In that case, the command you’d need to use would be (this is a single command):

grep -Rni --exclude-dir={Private,Personal} --include={*.txt,*.js} 'text' ~/Documents

Example output:

/home/logix/Documents/test/folder/file1.js:7:text
/home/logix/Documents/test/folder/file2.txt:7:text

Here, 7 is the line number on which the pattern we’ve searched for (text) was found.

For more information and advanced usage, see the grep man page.

You may also want to check out ripgrep, a line-oriented search tool that recursively searches the current directory for a regex pattern that comes with some extra features, and is very fast.

You  might also like: rga: Search Text In PDF, Ebooks, Office Documents, Archives And More (ripgrep Wrapper) e How To Find Files Modified In The Last N Days Or Minutes Using find


TLP is a command line advanced Linux power management tool that helps save laptop battery power. It’s designed to install and forget about it, TLP taking care of everything automatically. TLP is highly configurable though, so you can tweak it to suit your specific needs, either to manual editing of its configuration file (/etc/tlp.conf), or by using TLPUI, a third-party GUI for TLP.

With version 1.4, TLP has added support for setting start and/or stop charge battery thresholds for some laptops: ASUS, Huawei MateBooks, LG Gram, Lenovo (now for non-Thinkpads too; Thinkpads have been supported for a while) and Samsung. This article explains how to use this TLP feature to set start and/or stop thresholds in case you own a supported laptop.

Limiting the battery charge level helps prolong battery lifespan. By setting a battery stop charge threshold, you limit the maximum charge level to below 100%. Some laptops also supports setting a battery start charge threshold, which prevents the charging process from continuing as soon as the charger is connected, after a short discharge.

According to the TLP 1.4.0 release notes, the following laptops / battery charge thresholds are supported:

  • ASUS laptops: stop threshold
  • Huawei MateBooks: start and stop threshold
  • LG Gram laptops: stop threshold at 80% aka «battery care limit»
  • Lenovo (non-ThinkPads) laptops: stop threshold at 60% aka «battery conservation mode»
  • Samsung laptops: stop threshold at 80% aka «battery life extender»

TLP already had support for Thinkpad start and stop charging thresholds. It’s also important to note that not all the laptop brands mentioned above support setting a charge threshold (you’ll also need to be using a fairly recent kernel). To see if your laptop supports this, see the prerequisites section below.

For ASUS laptops, you can also easily set charging thresholds using a command line tool called bat.

Prerequisites

Before proceeding, you’ll obviously need to have TLP 1.4.0 or newer installed on your system. See this page for installing TLP on various Linux distributions, including Arch Linux, Debian / Ubuntu (and Pop!_OS, Linux Mint, etc.), Fedora, openSUSE, etc.

To see if your ASUS, Huawei MateBooks, LG Gram, Lenovo or Samsung laptop supports start and/or stop charge battery thresholds (with TLP >= 1.4.0 installed), run:

sudo tlp-stat -b

This command displays various battery information for your laptop, including if it supports charge start and/or stop thresholds. 

For example, this is the output of this command on my ASUS Zenbook:

--- TLP 1.4.0 --------------------------------------------

+++ Battery Care
Plugin: asus
Supported features: charge threshold
Driver usage:
* natacpi (asus_wmi) = active (charge threshold)
Parameter value range:
* STOP_CHARGE_THRESH_BAT0/1: 0(off)..100(default)
...........................................

As you can see from this output, the laptop supports stop charge thresholds (STOP_CHARGE_THRESH), which can have a value between 0 and 100 (with 0 meaning to disable this feature).

It’s also worth noting that some ASUS laptops silently ignore charge thresholds other than 40, 60 or 80, so if setting a different value doesn’t work for you, try one of these 3 values.

Now that we know the laptop supports setting a battery stop charge threshold and the supported values, we can proceed to set battery charge thresholds.

How to set battery charge thresholds for ASUS, Huawei MateBooks, LG Gram, Lenovo and Samsung laptops on Linux using TLP

There are 2 ways of setting a battery charging threshold for your laptop running TLP. Either using TLPUI, a graphical user interface for TLP, or by manually editing the TLP configuration file.

Using TLPUI

If you don’t already have TLPUI installed, see its installaton page. For Ubuntu and Ubuntu-based Linux distributions (Pop!_OS, Linux Mint, etc., you can install it from the Linux Uprising Apps PPA).

In TLPUI, click on ThinkPad Battery in the sidebar. This is called like that because until version 1.4, TLP supported setting battery charge thresholds only for ThinkPads, and I guess the TLPUI developer forgot to change it. But despite its name, this is also for some ASUS, Huawei MateBooks, LG Gram, non-ThinkPad Lenovo and Samsung laptops.

TLPUI battery charge thresholds

There you can set charge thresholds for the main battery (BAT0 – this is for the main battery, even if the laptop battery is called BAT1, BATT, etc.) and/or for the auxiliary/Ultrabay battery (BAT1).

It’s important to note that you must set both a start and a stop charge battery threshold. If your laptop doesn’t support start thresholds (only Huawei MateBooks and Lenovo ThinkPads support this), or you don’t want to set a start charge battery threshold, enable (check the box next to it) the start charge threshold option but set it to 0 (disabled).

Make sure to only use a charge battery threshold value supported by your laptop, as reported by the sudo tlp-stat -b command.

Remember to click the Save button when you’re done to save the new configuration and apply it.

Editing the TLP configuration file

If you don’t use TLPUI, you can set charging thresholds for your ASUS, Huawei MateBooks, LG Gram, Lenovo and Samsung laptops on Linux by editing the TLP configuration file.

Start by opening /etc/tlp.conf as root with a text editor. Scroll down to START_CHARGE_THRESH_BAT. There’s you’ll find start and stop charge threshold settings for BAT0 e BAT1. BAT0 is the main battery, even if your laptop’s battery has a different name (e.g. BAT1, BATT, etc.), and BAT1 is for the auxiliary/Ultrabay battery.

Uncomment (remove the # symbol from the beginning of the line) for both START_CHARGE_THRESH_BATxSTOP_CHARGE_THRESH_BATx for the battery you want to enable charge thresholds for (BAT0 or BAT1), then set their values to the start/stop values you want to use. 

Important:

  • make sure the battery charge thresholds values you set are supported by your laptop (as reported by sudo tlp-stat -b)
  • if your laptop doesn’t support setting a battery start charge threshold, or you don’t want to use a start charge threshold, set the START_CHARGE_THRESH_BATx value to 0 (which disables it)

When you’re done setting the battery charge thresholds, run the following command to validate the parameters and configuration, and report any errors:

sudo tlp setcharge

Example output from my ASUS Zenbook:

Setting temporary charge threshold for BAT0:
  stop =  60 (no change)


This post is authored by Hayden Blauzvern and originally appeared on Sigstore’s blog. Sigstore is a new standard for signing, verifying, and protecting software. It is a project of the Linux Foundation. 

Developers, package maintainers, and enterprises that would like to sigstore logo adopt Sigstore may already sign published artifacts. Signers may have existing procedures to securely store and use signing keys. Sigstore can be used to sign artifacts with existing self-managed, long-lived signing keys. Sigstore provides a simple user experience for signing, verification, and generating structured signature metadata for artifacts and container signatures. Sigstore also offers a community-operated, free-to-use transparency log for auditing signature generation.

Sigstore additionally has the ability to use code signing certificates with short-lived signing keys bound to OpenID Connect identities. This signing approach offers simplicity due to the lack of key management; however, this may be too drastic of a change for enterprises that have existing infrastructure for signing. This blog post outlines strategies to ease adoption of Sigstore while still using existing signing approaches.

Signing with self-managed, long-lived keys

Developers that maintain their own signing keys but want to migrate to Sigstore can first switch to using Cosign to generate a signature over an artifact. Cosign supports importing an existing RSA, ECDSA, or ED25519 PEM-encoded PKCS#1 or PKCS#8 key with cosign import-key-pair –key key.pem, and can sign and verify with cosign sign-blob –key cosign.key artifact-path e cosign verify-blob –key cosign.pub artifact-path.

Benefits

  • Developers can get accustomed to Sigstore tooling to sign and verify artifacts.
  • Sigstore tooling can be integrated into CI/CD pipelines.
  • For signing containers, signature metadata is published with the OCI image in an OCI registry.

Signing with self-managed keys with auditability

While maintaining their own signing keys, developers can increase auditability of signing events by publishing signatures to the Sigstore transparency log, Rekor. This allows developers to audit when signatures are generated for artifacts they maintain, and also instructor when their signing key is used to create a signature.

Developers can upload a signature to the transparency log during signing with COSIGN_EXPERIMENTAL=1 cosign sign-blob –key cosign.key artifact-path. If developers would like to use their own signing infrastructure while still publishing to a transparency log, developers can use the Rekor CLI or API. To upload an artifact and cryptographically verify its inclusion in the log using the Rekor CLI:

rekor-cli upload --rekor_server https://rekor.sigstore.dev 
  --signature  
  --public-key  
  --artifact <url_to_artifact|local_path></url_to_artifact|local_path>rekor-cli verify --rekor_server https://rekor.sigstore.dev 
  --signature  
  --public-key  
  --artifact <url_to_artifact|local_path></url_to_artifact|local_path>

In addition to PEM-encoded certificates and public keys, Sigstore supports uploading many different key formats, including PGP, Minisign, SSH, PKCS#7, and TUF. When uploading using the Rekor CLI, specify the –pki-format flag. For example, to upload an artifact signed with a PGP key:

gpg --armor -u user@example.com --output signature.asc --detach-sig package.tar.gzgpg --export --armor "user@example.com" > public.keyrekor-cli upload --rekor_server https://rekor.sigstore.dev 
  --signature signature.asc 
  --public-key public.key 
  --pki-format=pgp 
  --artifact package.tar.gz

Benefits

  • Developers begin to publish signing events for auditability.
  • Artifact consumers can create a verification policy that requires a signature be published to a transparency log.

Self-managed keys in identity-based code signing certificate with auditability

When requesting a code signing certificate from the Sigstore certificate authority Fulcio, Fulcio binds an OpenID Connect identity to a key, allowing for a verification policy based on identity rather than a key. Developers can request a code signing certificate from Fulcio with a self-managed long-lived key, sign an artifact with Cosign, and upload the artifact signature to the transparency log.

However, artifact consumers can still fail-open with verification (allow the artifact, while logging the failure) if they do not want to take a hard dependency on Sigstore (require that Sigstore services be used for signature generation). A developer can use their self-managed key to generate a signature. A verifier can simply extract the verification key from the certificate without verification of the certificate’s signature. (Note that verification can occur offline, since inclusion in a transparency log can be verified using a persisted signed bundle from Rekor and code signing certificates can be verified with the CA root certificate. See Cosign’s verification code for an example of verifying the Rekor bundle.)

Merienda a consumer takes a hard dependency on Sigstore, a CI/CD pipeline can move to fail-closed (forbid the artifact if verification fails).

Benefits

  • A stronger verification policy that enforces both the presence of the signature in a transparency log and the identity of the signer.
  • Verification policies can be enforced fail-closed.

Identity-based (“keyless”) signing

This final step is added for completeness. Signing is done using code signing certificates, and signatures must be published to a transparency log for verification. With identity-based signing, fail-closed is the only option, since Sigstore services must be online to retrieve code signing certificates and append entries to the transparency log. Developers will no longer need to maintain signing keys.

Conclusion

The Sigstore tooling and infrastructure can be used as a whole or modularly. Each separate integration can help to improve the security of artifact distribution while allowing for incremental updates and verifying each step of the integration.



Source link