Create a directory named getty@tty1.service.d/ inside the systemd system unit files directory:
sudo mkdir -p /etc/systemd/system/getty@tty1.service.d/
Create a file in this folder called override.conf with the following content:
# /etc/systemd/system/getty@tty1.service.d/override.conf
[Service]
ExecStart=
ExecStart=-/usr/bin/agetty --autologin YOUR_USERNAME_HERE --noclear %I $TERM
]]>
Assuming the partition holding the luks volume is /dev/sda2
As you may have more than one slot active - locate the one for the passphrase
cryptsetup open --type=luks --test-passphrase -vv /dev/sda
No usable token is available.
Enter passphrase for /dev/sda2:
Key slot 1 unlocked.
Command successful.
In this case the slot is number 1 so add a new key
cryptsetup luksAddKey /dev/sda2
Then wipe the slot for the previous phrase (slot returned from the check) - enter the new passphrase when challenged
cryptsetup luksKillSlot /dev/sda2 1
]]>
]]>Based on hint from @user202173 and others I have been able to use the following to track down the process that owns a port even when it is listed as - in netstat.
Here was my starting situation. sudo netstat shows port with PID/Program of -. lsof -i shows nothing.
$ sudo netstat -ltpna | awk 'NR==2 || /:8785/' Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp6 0 0 :::8785 :::* LISTEN - tcp6 1 0 ::1:8785 ::1:45518 CLOSE_WAIT - $ sudo lsof -i :8785 $
Now let's go fishing. First let's get the inode by adding -e to our netstat call.
$ sudo netstat -ltpnae | awk 'NR==2 || /:8785/' Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp6 0 0 :::8785 :::* LISTEN 199179 212698803 - tcp6 1 0 ::1:8785 ::1:45518 CLOSE_WAIT 0 0 -
Next use lsof to get the process attached to that inode.
$ sudo lsof | awk 'NR==1 || /212698803/' COMMAND PID TID USER FD TYPE DEVICE SIZE/OFF NODE NAME envelope_ 145661 145766 drees 15u IPv6 212698803 0t0 TCP *:8785 (LISTEN)
Now we know the process id so we can look at the process. And unfortunately it's a defunct process. And its PPID is 1 so we can't kill its parent either (see How can I kill a process whose parent is init?). In theory init might eventually clean it up, but I got tired of waiting and rebooted.
$ ps -lf -p 145661 F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD 0 Z drees 145661 1 2 80 0 - 0 exit May01 ? 00:40:10 [envelope]
WARNING: keyslots area (998400 bytes) is very small, available LUKS2 keyslot count is very limited.
Check your partion - remove partition and increase the size.
Cannot wipe header on device /dev/disk/by-partlabel/cryptsystem.
The device may be readonly. Execute as root
blockdev --getro <device>
Return 1 if read-only - 0 when read-write
]]>See also file:///usr/share/ca-certificates/trust-source/README
To extract the certificate stored in a .pfx file to a PEM file (if the it fails - append the -legacy option)
openssl pkcs12 -in cert.pfx -clcerts -out cert.pem [-legacy]
To extract also the private key (again - if this fails - append -legacy option)
openssl pkcs12 -in cert.pfx -nodes -out cert.pem [-legacy]
A pfx file is usually password protected, so input the password when challenged.
Copy the extracted file to
sudo cp cert.pem /usr/share/ca-certificates/trust-source/anchors/
And update the trust
sudo update-ca-trust
]]>
nmcli connection modify myconnection ipv4.method shared
sudo systemctl restart NetworkManager
Computer B having no network
nmcli connection modify myconnection ipv4.method auto
sudo systemctl restart NetworkManager
Connect ethernet cable
Source Connect 2 PCs, one has internet via USB-tethering - Manjaro Linux Forum
]]>Posted at Manjaro Forum
With the grub update to v2.12 and it was thus advised to ensure all parts of grub on the system is populated with the new binary and updated configuration.
This has revealed that a lot users have doubts on how to correctly identify if their system needs special handling e.g. identifying whether to use EFI or BIOS commands.
This topic is aimed at being a primer to properly assess how to update grub on a system given the type of boot loader installation.
To deduct whether you system is booted in EFI or BIOS mode
List the content of the efi firmware folder
ls /sys/firmware/efi/efivars
If you get an error or an empty list - your system is booted in BIOS mode and you should skip to the bios-section
Verification - should return a similar output
$ lsblk -o path,pttype,parttypename | grep -e 'EFI'
/dev/nvme1n1p1 gpt EFI System
If your system is EFI it is simple as you do not have to bother pointing the installation to a specific device.
Reinstall grub on a default Manjaro Linux EFI system
sudo grub-install --target=x86_64-efi --efi-directory=/boot/efi --recheck --bootloader-id=Manjaro
sudo grub-mkconfig -o /boot/grub/grub.cfg
The most common BIOS type is using BIOS/MBR.
As a rule of thumb: the device containing your system root will likely be the primary boot device. This may not be true for all systems and if not then you know how to handle this anyway.
lsblk -o path,pttype,parttypename | grep -e 'dos' -e 'BIOS'
The output will show you devices and partitions which may be used to hold your grub bootloader.
NOTE: Keep in mind this is examples - your system will be different and you will have to adapt the following to your result.
With an output like this example grub is installed to the device Master Boot Record on the device never to the partition
/dev/sdy dos
/dev/sdy1 dos Linux
Reinstall grub on a Manjaro Linux BIOS/MBR system pointing to device MBR: (Don't forget to replace /dev/sdy with the correct block device name!)
grub-install --target=i386-pc --recheck /dev/sdy
sudo grub-mkconfig -o /boot/grub/grub.cfg
If you are getting a response like this you are using a BIOS/GPT system and grub is installed to an empty partition
/dev/sdy1 gpt BIOS boot
Reinstall grub on a Manjaro Linux BIOS/GPT system pointing to device BIOS boot partition
grub-install --target=i386-pc --recheck /dev/sdy1
sudo grub-mkconfig -o /boot/grub/grub.cfg
]]>
Use the script to backup important config.
Use case - transfer common configuration and package list to other systems
https://wiki.manjaro.org/index.php/Importanthidden.dot_files_in_your_home_partition
#! /bin/bash
#
# Script for backing up configuration and package lists
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the Affero GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
# @linux-aarhus - root.nix.dk
#
# ##########################################################
# Modify as necessary
# example filelist=('.bash_profile' '.bashrc' '.netrc' '.profile' '.zshrc')
filelist=('.bash_profile' '.bashrc' '.netrc' '.profile' '.zshrc')
# example folderlist=('.config' '.local' '.gnupg' '.mozilla' '.ssh' '.thunderbird')
folderlist=('.config' '.local')
# configuration file name
archive_file="dotconf.tar.gz"
# official repo package list
repo_pkg_file="repo-pkglist.txt"
# custom package list
cust_pkg_file="cust-pkglist.txt"
# Do not edit below this line - unless you know what you are doing.
# ##########################################################
SCRIPTNAME=$(basename "$0")
VERSION="0.2"
if [[ -z $1 ]]; then
echo ":: $SCRIPTNAME v$VERSION"
echo "==> missing argument: PATH"
echo "Usage:"
echo " $SCRIPTNAME /path/to/backup"
echo " Path to store output"
echo " e.g. $SCRIPTNAME /home/$USER/backup"
echo ""
exit
fi
set -e
if ! [[ -d $1 ]]; then
mkdir -p $1
fi
conf_archive="$1/$archive_file"
repo_pkg_list="$1/$repo_pkg_file"
cust_pkg_list="$1/$cust_pkg_file"
# create an archive of common hidden files and folders
if [[ -e "$conf_archive" ]]; then
# remove archive if exist
rm -f "$conf_archive"
fi
todo=""
for file in ${filelist[@]}; do
if [[ -f $file ]]; then
todo+="${file} "
fi
done
for folder in ${folderlist[@]}; do
if [[ -d ${folder} ]]; then
todo+="${folder} "
fi
done
tar -zcvf "$conf_archive" $todo
# list packages from official repo
pacman -Qqen > "$repo_pkg_list"
# list foreign packages (custom e.g. AUR)
pacman -Qqem > "$cust_pkg_list"
echo " ==> Packagelists created"
echo " --> $repo_pkg_list"
echo " --> $cust_pkg_list"
echo " ==> Config archive created"
echo " --> $conf_archive"
echo " ==> To install packages from lists"
echo " --> sudo pacman -Syu --needed - < $repo_pkg_file"
echo " ==> To restore the configuration files run"
echo " --> tar -xzf --overwrite -C $HOME $archive_file"
echo ""
ONLY user configuration is supported
Edit the script variable section at top - save an execute
On computer A The script creates three (3) files in the directory...
]]>Sometimes we might want to easily share terminal output.
While this can be accomplished directly in the forums or manually through websites like pastebin, there also exist a number of open services that allow you to paste and share directly from the command line by using tools you already have installed.
This is great for many situations, including troubleshooting from a non-graphical boot, or simply very large outputs. Here I will share a few examples and how to use them.
Services and Examples:
<command> | curl -F 'file=@-' https://0x0.st
<command> | curl -F 'file=@-' https://rustypaste.shuttleapp.rs
<command> | curl -s --data-binary @- 'https://paste.c-net.org/'
<command> | curl -F 'clbin=<-' https://clbin.com'
ix.io (is taking a break for the time being)
<command> | curl -F 'f:1=<-' ix.io'
<command> | curl -F 'sprunge=<-' http://sprunge.us'
Aliases and other tricks:
To quasi-install rustypaste pasting and sharing add the following to your bashrc (zshrc untested):
paster()
{
local url='https://rustypaste.shuttleapp.rs'
if (( $# )); then
local file
for file; do
curl -F "file=@""$file""" "$url"
done
else
curl -F 'file=@-' "$url"
fi
}
Then you can use paster
:
To share outpot
<command> | paster
To shar file(s)
paster <filepath> <filepath2>
To quasi-install paste.c-net.org pasting and sharing add the following to your bashrc (zshrc untested):
pastenet()
{
local url='https://paste.c-net.org/'
if (( $# )); then
local file
for file; do
curl -s \
--data-binary @"$file" \
--header "X-FileName: ${file##*/}" \
"$url"
done
else
curl -s --data-binary @- "$url"
fi
}
pasteget()
{
local url='https://paste.c-net.org/'
if (( $# )); then
local arg
for arg; do
curl -s "${url}${arg##*/}"
done
else
local arg
while read -r arg; do
curl -s "${url}${arg##*/}"
done
fi
}
Then you can use 'pastenet' and 'pasteget' a few ways: To share output
<command> | pastenet
To share file(s) with a 50M limit
pastenet <filepath> <filepath2>
To download paste.c-net shared content
pasteget https://paste.c-net.org/<exampleurl>
Notes and Warnings
When I wrote the [topic on verifying the ISO signature] I vaguely recalled a shell script in the repo manjaro-iso-downloader but it doesn't work - at least not for me.
So I decided to wrap up some python code.
The tool provides a convenient way of downloading and verifying an ISO as they are listed on manjaro.org/download.
Neither Sway nor ARM is supported, sway because the files is located elsewhere and ARM because there is no signature.
The script has options to fetch the latest stable release review ISO or unstable developer previews from Manjaro Github.
The source is FOSS, and you are encouraged to clone my repo at scm.nix.dk.
Besides the basic Python modules - the script relies on the Python requests 3 module and p7zip. You can check if you have p7zip installed using
which 7z
Manjaro
On Manjaro you don’t need to install the requests module - it is present as a dependency of pacman-mirrors.
You may need to install p7zip depending on the result of above check
sudo pacman -Syu p7zip
Other Linux
If you are using another Linux you can use requirements.txt to install the necessary dependency.
You will also need to fetch the public key for Manjaro Build Server
gpg --recv-keys 3B794DE6D4320FCE594F4171279E7CF5D8D56EC8
Use your systems package manager to install p7zip.
Create the folder ~/.local/bin
mkdir -p ~/.local/bin
Then create a new file in this bin folder - name the file get-iso - then use your favorite text editor to copy paste the code into the new file.
Make the file executable
chmod +x ~/.local/bin/get-iso
$ get-iso -h
usage: get-iso [-h] [-f] [-r | -p] {plasma,xfce,gnome,budgie,cinnamon,i3,mate}
This tool will download a named Manjaro ISO
positional arguments:
{plasma,xfce,gnome,budgie,cinnamon,i3,mate}
Edition e.g. plasma or xfce.
options:
-h, --help show this help message and exit
-f, --full Download full ISO
Previews:
-r, --review Get Latest Release Review ISO
-p, --preview Get Latest Developer Preview ISO
get-iso v. 0.8 - GPL v3 or later <https://www.gnu.org/licenses/gpl.html>
get-iso v. 0.6 - GPL v3 or later https://www.gnu.org/licenses/gpl.html The script defaults to pull the minimal ISO and downloaded files is placed your home folder.
Example downloading full mate edition
get-iso mate -f
Downloading: manjaro-mate-22.0-230104-linux61.iso
Downloading: manjaro-mate-22.0-230104-linux61.iso.sig
Wait for verification ...
gpg: assuming signed data in 'manjaro-mate-22.0-230104-linux61.iso'
gpg: Signature made ons 04 jan 2023 12:48:04 CET
gpg: using RSA key 3B794DE6D4320FCE594F4171279E7CF5D8D56EC8
gpg: Good signature from "Manjaro Build Server <build@manjaro.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3B79 4DE6 D432 0FCE 594F 4171 279E 7CF5 D8D5 6EC8
Another example downloading minimal plasma
get-iso plasma
$ get-iso plasma
Downloading: manjaro-kde-22.1.3-minimal-230529-linux61.iso
Downloading: manjaro-kde-22.1.3-minimal-230529-linux61.iso.sig
Wait for verification ...
gpg: assuming signed data in 'manjaro-kde-22.1.3-minimal-230529-linux61.iso'
gpg: Signature made man 29 maj 2023 11:46:55 CEST
gpg: using RSA key 3B794DE6D4320FCE594F4171279E7CF5D8D56EC8
gpg: Good signature from "Manjaro Build Server <build@manjaro.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:...
]]>