Bash Index : N - Httqm's Docs

Due to a global misunderstanding and bad practices, ntpdate is being deprecated and removed from distributions (Debian Buster, RHEL 8).

Some interesting readings about time synchronization :

Security risks with NTP servers (i.e. why having a local NTP server is a good idea)
Local or public NTP servers?
Using a hardware clock (preferably redundant) is the only way to ensure correct, precise time, because you are sure your source is correct. Running a NTP daemon on a server without synchronizing it on a REAL NTP server does not ensure the integrity of your source (servers are subject to a lot of other purposes and potential disturbances), and thus can be compromised in a multitude of fashions.
It is preferable to use the GPS synchronized servers because they actually use the atomic clocks aboard the GPS satellites, and are single-function boxes. (source)

ntpdate can update the system date and time from an NTP source. To find the nearest public NTP server, visit http://www.pool.ntp.org/en/.

Flag	Usage
-s	send output to syslog rather than to stdout

For a one-shot date/time update, as root :

ntpdate 0.fr.pool.ntp.org

It is possible to load server(s) list from /etc/default/ntpdate when using ntpdate-debian.

To automate the clock synchronization :

Create a new CRON task for root :
crontab -e
Then :
@hourly /usr/sbin/ntpdate -s 0.fr.pool.ntp.org;/sbin/hwclock --adjust;/sbin/hwclock --systohc

nl myFile

displays myFile with the corresponding line numbers

NTP query program

Flag	Usage
-n --numeric	Output all host addresses in dotted-quad numeric format rather than converting to the canonical host names
-p --peers	Print a list of the peers known to the server as well as a summary of their state

ntpq -pn

     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*10.27.25.129    10.27.53.3       5 u  643 1024  377    0.723   26.117  14.169

output fields (sources : 1, 2, 3) :

remote

name or IP address of peer, with an optional leading character :

* : current synchronization source
# : the host is selected for synchronization, but distance from the host to the server exceeds the maximum value
o : the host is selected for synchronization, and the PPS signal is in use
- : indicates a host discarded by the clustering algorithm
(blank) : host is discarded due to high stratum and/or failed sanity checks

refid

Where the remote peer is itself synchronized to

st

stratum level of the remote host

t

A : manycast server
B : broadcast server
b : broadcast or multicast client
M : multicast server
l : local (reference clock)
s : symmetric (peer)
u : unicast or manycast client

when

when last polled :

n : seconds ago
nh : hours ago
nd : days ago

poll

polling interval to the remote host, defined with the minpoll value in ntp.conf

reach

indicates how successful attempts to reach the server are. This is an 8-bit shift register with the most recent probe in the 2⁰ position. Some values :

001 : the most recent probe was answered
357 : one probe was not answered
377 : all the recent probes have been answered

delay

(round trip time) indicates the time (in milliseconds) taken by the reply packet to return in response, to a query sent by the server

offset

time difference (in milliseconds) between the server's clock and the client's clock. When this number exceeds 128, the message synchronization lost appears in the log file

jitter

difference in the offset measurement between two samples. This is an error-bound estimate. The dispersion is a primary measure of the network service quality

Fix common errors and force Windows to check NTFS

Flag	Usage
-d --clear-dirty	Clear the volume dirty flag if the volume can be fixed and mounted. If the option is not present or the volume cannot be fixed, the dirty volume flag is set to request a volume checking at next mount.
-n --no-action	Do not write anything, just show what would have been done.

Follow a pathname until a terminal point is found.

This is exactly what I re-invented .

Flag	Usage
-l --long	Use the long listing format
-x --mountpoints	Show mountpoint directories with a D rather than a d

Typical usage:

namei -l /home/stuart/.bashrc

f: /home/stuart/.bashrc
drwxr-xr-x root  root  /
drwxr-xr-x root  root  home
drwxr-xr-x stuart users stuart
-rw------- stuart users .bashrc

Too lazy to type the full path ?

This assumes someFile is in the current directory :

namei -l $(readlink -f someFile)

change the current group ID during a login session (i.e. log in to a new group)

Flag	Usage
newgrp -	when the - is... present : the user's environment will be reinitialized as though the user had logged in absent : the current environment, including current working directory, remains unchanged
newgrp groupName	changes the current real group ID to groupName and (try to) add groupName to the user groupset (password may be prompted, group credentials required) if groupName is missing : changes the current real group ID to the default group listed in /etc/passwd

Send desktop notifications :

notify-send [options] message
notify-send [options] messageTitle messageBody

Flag	Usage
-t durationMs --expire-time=durationMs	Display the notification during durationMs milliseconds (if unspecified, defaults to ~10s)
-i /path/to/file --icon=/path/to/file	Display this icon with the message

notify-send -t 100 'only The Flash can read this !'
notify-send 'Notification Title :' 'Lorem ipsum dolor sit amet, consectetur adipiscing elit.\nVivamus varius tortor suscipit nisi tristique placerat.'

nsupdate is a utility allowing DNS clients to send updates to a DNS server, i.e. creating a dynamic DNS setup.

The implementation described below may _not_ be the most academic way of doing things, especially considering the fact that rules (on AD/DNS side) have been softened so that no authentication key is necessary.

My setup :

a group of GNU/Linux VMs have been registered into an Active Directory domain
the domain controller also acts as the DNS server
some docs suggest that, if IP addresses were dynamically affected (via DHCP by Active Directory), the DNS server records would have been automagically populated
we use static network configuration, so I have to find a means to populate those DNS server records

Update the forward records :

the -d (debug) flag helps a lot when things are not going as expected
DNS updates should not be performed anonymously. TSIG should be used (details)
the actual way of updating a record is deleting + re-creating it

cat << EOC | nsupdate -d
server ip.of.dns.server
zone acme.com
update delete myServer.acme.com
update add myServer.acme.com 3600 A 10.27.25.105
send
EOC

Sending update to ip.of.dns.server#53
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:	7985		NOERROR is its way of saying "it worked"
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 2, ADDITIONAL: 0
;; ZONE SECTION:
;acme.com.				IN	SOA

;; UPDATE SECTION:
myServer.acme.com. 0		ANY	ANY
myServer.acme.com. 3600	IN	A		10.27.25.105


Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:	7985		NOERROR is its way of saying "it worked"
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 2, ADDITIONAL: 0
;; ZONE SECTION:
;acme.com.				IN	SOA

;; UPDATE SECTION:
myServer.acme.com. 0		ANY	ANY
myServer.acme.com. 3600	IN	A		10.27.25.105

Update the reverse records :

cat << EOC | nsupdate -d
server ip.of.dns.server
zone 25.27.10.in-addr.arpa
update delete 105.25.27.10.in-addr.arpa PTR
update add 105.25.27.10.in-addr.arpa 3600 PTR myServer.acme.com.
send
EOC

Sending update to ip.of.dns.server#53
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:	1423
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 2, ADDITIONAL: 0
;; ZONE SECTION:
;25.27.10.in-addr.arpa.		IN	SOA

;; UPDATE SECTION:
105.25.27.10.in-addr.arpa. 0	ANY	PTR
105.25.27.10.in-addr.arpa. 3600 IN	PTR	myServer.acme.com.


Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:	1423
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 2, ADDITIONAL: 0
;; ZONE SECTION:
;25.27.10.in-addr.arpa.		IN	SOA

;; UPDATE SECTION:
105.25.27.10.in-addr.arpa. 0	ANY	PTR
105.25.27.10.in-addr.arpa. 3600 IN	PTR	myServer.acme.com.

Update both forward + reverse records at once :

It is possible to combine both commands, but this requires a little hack : a blank line needs to be introduced between the setting of the A record and the setting of the PTR record :

cat << EOC | nsupdate -d
server 10.27.25.129
zone acme.com
update delete myServer.acme.com
update add myServer.acme.com 3600 A 10.27.25.105
										here !
zone 25.27.10.in-addr.arpa
update delete 105.25.27.10.in-addr.arpa PTR
update add 105.25.27.10.in-addr.arpa 3600 PTR myServer.acme.com.
send
EOC

Without this, trying to alter the PTR record will fail saying :


Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOTZONE, id:	8212
;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 4, ADDITIONAL: 0
;; ZONE SECTION:
;25.27.10.in-addr.arpa.		IN	SOA

Forward DNS lookup (name into IP) :

Interactive mode :

nslookup hostname
nslookup hostname dnsServer
```
nslookup
server dnsServer
hostname
```

nslookup 
set type=a|any|cname|mx|ns
example.com

Non-interactive mode :

nslookup -type=txt hostname dnsServer

Reverse DNS lookup (IP to name) :

nslookup IP@
nslookup IP@ dnsServer
```
nslookup 
server dnsServer
IP@
```

Random notes :

I've just noticed the following behavior. Given this DNS zone :

web.example.com		A	12.34.56.78
*.example.com		CNAME	web.example.com
test.example.com	TXT	Hello world !

nslookup web.example.com : works
nslookup $RANDOM.example.com : works
nslookup test.example.com : fails

If a domain name exists as a TXT record only, it can not anymore be resolved against a wildcard definition. (Tested on OVH servers)

Start a process so that it will ignore the HUP signal. This signal is, by convention, the way a terminal warns dependent processes of logout.
Output that would normally go to the terminal goes to a file called nohup.out if it has not already been redirected.
This is somewhat similar to screen or tmux.

nohup anyCommand &

How to nohup an existing process ?

The idea behind this question is to let a running process ignore the HUP signal it may receive. The typical use case is to make a program launched via CLI survive the closing of the terminal window used to start it.

sad news : there is no such thing as "nohup an existing process"
good news : but disown will do it for you

Run a command with modified scheduling priority (i.e. altered nice value), print or modify the scheduling priority of a job. To change the priority of a running process, consider renice.

Flag	Usage
(none)	Print the current scheduling priority, which is inherited.
-n priority command	Run the command command with the priority priority

nice -n niceValue command argument1 argument2

net-tools

netstat -pan
netstat -lapute
netstat -laputen

This is easy to remember for french speakers as la pute is a french insult (and, you known, we really enjoy swearing )

Option	Function
(none)	Displays the list of open sockets. When available, IP@ and standard sockets numbers are translated into names
-a --all	Show both listening and non-listening sockets
-c --continuous	Redisplays the required information every second
-e --extend	Display additional information. Use this option twice for maximum detail
-i	Display a table of all network interfaces (name, MTU, metric, received/sent packets, errors, ...)
-l --listening	Show only listening sockets. (These are omitted by default.)
-n	Displays all fields in numerical form (=non-resolved). This includes addresses, ports, user ids, ...
-o --timer	Include information related to networking timers
-p --program	Show the PID and name of the program to which each socket belongs
--protocol=family	Specifies the address families (perhaps better described as low level protocols) for which connections are to be shown. family is a comma (`,`) separated list of address family keywords like: inet This includes the raw, TCP and UDP protocols. Apache is seen using the TCP6 protocol (details). unix ipx ax25 netrom ddp
-r --route	Displays the kernel routing tables
-s --statistics	Display summary statistics for each protocol
-t --tcp	Show only TCP connections
-u --udp	Show only UDP connections

Output fields (source : man -P '`less -p ^OUTPUT`' netstat) :


PID/Program name: (more about PID max value)

Apache and TCP6

In /etc/apache2/ports.conf, if the listening port is configured as :

Listen 80 : Apache listens by default on IPv6 addresses (hence the TCP6), but also replies on IPv4 addresses.
Listen 0.0.0.0:80 : Apache only listens on IPv4 addresses.

How to "do netstat" without /bin/netstat ?

Have a look at :

/proc/net/tcp
/proc/net/udp
...

Read + convert IP addresses :

cat /proc/net/tcp

  sl  local_address rem_address   st tx_queue rx_queue tr tm->when retrnsmt   uid  timeout inode
   0: 6538A8C0:008B 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 132977 1 000000007606394f 100 0 0 10 0
   1: 00000000:006F 00000000:0000 0A 00000000:00000000 00:00000000 00000000     0        0 14694 1 000000003f7e8f86 100 0 0 10 0

echo '6538A8C0' | awk 'BEGIN { FIELDWIDTHS="2 2 2 2" } { printf("%d.%d.%d.%d\n", strtonum("0x"$4), strtonum("0x"$3), strtonum("0x"$2), strtonum("0x"$1)) }'
```
192.168.56.101
```

Alternate solution to split strings without delimiter with Awk :

https://www.gnu.org/software/gawk/manual/html_node/String-Functions.html#index-patsplit_0028_0029-function-_0028gawk_0029
patsplit(string, array [, fieldpat [, seps ] ]) #

echo '12345678' | awk '{patsplit($0, myArray, ".."); printf("%d %d %d %d", myArray[4], myArray[3], myArray[2], myArray[1]); }'

Read + convert port numbers :

Based on the example above :

echo 'ibase=16; 008B' | bc

ntpdate

Usage

Flags

Example

For a one-shot date/time update, as root :

To automate the clock synchronization :

nl

Usage

ntpq

Usage

Flags

Example

ntpq -pn

ntfsfix

Usage

Flags

namei

Usage

Flags

Example

Typical usage:

Too lazy to type the full path ?

newgrp

Usage

Flags

notify-send

Usage

Flags

Example

nsupdate

My setup :

Example

Update the forward records :

Update the reverse records :

Update both forward + reverse records at once :

nslookup

Example

Forward DNS lookup (name into IP) :

Interactive mode :

Non-interactive mode :

Reverse DNS lookup (IP to name) :

Random notes :

nohup

Usage

Example

How to nohup an existing process ?

nice

Usage

Flags

Example

netstat

Installed with the Debian package

Usage

Flags

Output fields (source : man -P 'less -p ^OUTPUT' netstat) :

Example

Apache and TCP6

How to "do netstat" without /bin/netstat ?

Have a look at :

Read + convert IP addresses :

Read + convert port numbers :

Output fields (source : man -P '`less -p ^OUTPUT`' netstat) :