WELCOME

This Linux Magazine special edition promises you “101 Linux hacks,” and we’ll
certainly deliver – check the table of contents on the following page for a list
of all the gems we present inside. But what exactly is a “hack”?
In today’s world where Windows is the dominant desktop operating system,
the decision to use Linux is the first and most important hack. In addition
to that:
Q If I can use it to solve a problem or get some work done faster than
before, then it’s a hack.
Q If the way it works is unexpected, it’s very certainly a hack.
Q If it teaches me a new and interesting way to use my Linux machine,
it’s a hack.
Q When it makes me grin, because it’s so obvious that only a geeky
Unix person would ever think of doing things this way, I add it to my
list of anecdotes (and yes, it’s a hack).
The definition of a hack is a matter of taste, and so is our choice of hacks
for this collection: Many authors have contributed, and together we have
assembled a mix of new tools, new configuration options for old tools, and
new ways to use familiar software. We’ve organized our hacks into
10 categories so that you’ll find them quickly when you go
back to search for them.
We call the final category “Having Fun,” because we
hope that, in addition to profiting from these clever
new hacks, you’ll also enjoy yourself while you
browse this issue.

Hans-Georg Eßer
Editor-in-Chief

101 LINUX HACKS – 2020 EDITION 3

Desktop Modding Q 6 Getting Stuff Done Q 16
HACK 1 Cure the Caps Lock Disease 7 HACK 11 Find Your Files with DocFetcher 17
HACK 2 Latte Dock: The Best Dock for KDE 8 HACK 12 Organize Your Ideas with Zim, the Desktop Wiki 18
HACK 3 KDE Window Hacking 8 HACK 13 Track Time with Chrono 20
HACK 4 Global Menu for KDE Programs 9 HACK 14 Launch Programs Inside a VirtualBox VM 20
HACK 5 Save Storage with Advanced Image Formats 10 HACK 15 Create a Cheap Timer with sleep 22
HACK 6 Zoom Everything on Your Screen 11 HACK 16 Find and Install Online Fonts 23
HACK 7 Zoom into the Gnome Desktop 12 HACK 17 Sync Up Your Phone and Linux Desktop 23
HACK 8 Use Virtual Desktops, Memorize the Hotkeys 13 HACK 18 Self-Organization with GTG 24
HACK 9 Caffeine Helps Your Linux PC Stay Awake 14
HACK 10 What Would That Resolution Look Like? 14

Keep It Running Q
26
HACK 19 Clone It with Clonezilla 27 HACK 25 Repair the Debian Package Database 34
HACK 20 Write ISOs to USB Sticks 28 HACK 26 Learn the vi Editor Basics 36
HACK 21 Get a Quick Machine Configuration Overview 29 HACK 27 Follow File Updates 37
with inxi HACK 28 Monitor Your System in a Terminal 37
HACK 22 Repair Your Bootloader 30 HACK 29 Visualize ddrescue’s Progress 38
HACK 23 Clean House with Stacer 32 HACK 30 Run dmesg with the Right Options 38
HACK 24 Reset Your Debian-Based Distribution 33 HACK 31 Where Did You Mount That Disk? 39

Security & Privacy Q

40 Networking Q
48
HACK 32 Install and Run Tor Browser 41 HACK 42 Monitor Your Network with Nutty 49
HACK 33 Permanently Wipe Files from Your Hard Disk 41 HACK 43 DIY Network Configuration 49
HACK 34 Disable Webcam and Microphone 42 HACK 44 Share Files on the Local Network 50
HACK 35 Disable Password-Based SSH Logins 43 HACK 45 Dig a Tunnel with sshuttle 51
HACK 36 Encrypt Your Emails with GPG 43 HACK 46 Send Files Without Knowing the Target’s IP 51
HACK 37 Enhance Security with sudo Options 44 HACK 47 Check Your DNS Server with DNSDiag 52
HACK 38 Use Two-Factor Authentication 46 HACK 48 Run a Simple HTTP Server: weborf 53
with Authenticator HACK 49 Use screen in SSH Sessions 53
HACK 39 Start Your Training with Web Security Dojo 46 HACK 50 Access a Remote PC’s Shell Session 54
HACK 40 Lock Your Screen, Always 47 HACK 51 Slow sudo? Check Your Hostname 56
HACK 41 Use ccrypt for Quick 47 Configuration
Encryption HACK 52 Use Network Manager’s CLI 56

4 101 LINUX HACKS – 2020 EDITION

 101 LINUX HACKS

Shell Hacks Q
58
HACK 53 Configure Your Shell History 59 HACK 60 Command References at cheat.sh 64
HACK 54 Progress Bars for Standard Tools 60 HACK 61 Highlighting Instead of Grepping 65
HACK 55 Replace top with htop 60 HACK 62 Add File Type Icons to Your File Listing 66
HACK 56 Super-Fast Terminal Emulator 61 HACK 63 Upterm, a Terminal with 67
HACK 57 Universal Unpacker 61 Built-In Shell
HACK 58 List Files with Style 62 HACK 64 The fish Shell 67
HACK 59 ASCII Browsing with Browsh 63 HACK 65 Use a Sub-Shell 68
HACK 66 Start the Right App 68

Publish or Perish Q
70
HACK 67 Install the draw.io Diagram Editor Locally 71
HACK 68 Record Screencasts with Peek 72
HACK 69 Edit Your Videos with VidCutter 73
HACK 70 Create Long Documents with Styles 73 Deep Hacks Q
77
HACK 71 Edit HTML with Live Preview in Brackets 74
HACK 72 Free Wildcard X.509 Certificates for Your Domain 75 HACK 75 Safely Power Off Your Machine 78
HACK 73 Test Alternative CMSs with Docker 76 HACK 76 Make Files Immutable or Append-Only 79
HACK 74 How Fast Is Your Server? 76 HACK 77 Mount .tar.gz and .zip Archives 79
HACK 78 Recover Deleted Files with PhotoRec 80
and TestDisk
HACK 79 Change Root into Second Distro 81
HACK 80 Bind Mount a Directory with New Permissions 81
HACK 81 Run Binaries from a Different Linux Installation 82
HACK 82 Don’t Be So Case-Sensitive 83

Having Fun Q
92

Working with Code 84

HACK 94 Interesting Terminal Output for Your Visitors 93
Q
HACK 95 Scan the Network Like a Script Kiddie 94
HACK 96 Drive Your Moon Lander – in ASCII! 94
HACK 83 Run C Code from the Command Line 85
HACK 97 Run Your Own BBS 95
HACK 84 Edit Binary Files with hx 85
HACK 98 Explore, Expand, Exterminate: Play Star Ruler 2 95
HACK 85 Edit Your Text Files with Textosaurus 86
HACK 99 Edit Files Like It’s the 90s Again 96
HACK 86 Manage Your git Repository with GRV 86
HACK 100 Read Old Unix Books 96
HACK 87 Make git Interactive 87
HACK 101 Pick a Retro Screensaver 97
HACK 88 Replace hexdump with a Colorful Tool 87
HACK 89 Reverse Engineering with Cutter 88
HACK 90 Textadept Works in Graphics and 89 WELCOME 3
Text Mode
MASTHEAD / AUTHORS 98
HACK 91 Perform Dynamic Code Analysis with 89
SystemTap
HACK 92 Count Lines of Code in Your Project 90
HACK 93 Fix Disturbing Indentation and More 90

101 LINUX HACKS – 2020 EDITION 5

 Your desktop environment
HACK 1
is more than a window Curing the Caps Lock Disease 7
manager: When you pick the
HACK 2
right tools and know how to Latte Dock: The Best Dock for KDE 8
personalize and use them, HACK 3
you’ll be more productive and KDE Window Hacking 8
do things with your computer HACK 4
that others deem impossible. Global Menu for KDE Programs 9

For starters, get rid of Caps HACK 5

Save Storage with Advanced 10
Lock. Image Formats
HACK 6
Zoom Everything on Your Screen 11
HACK 7
Zoom into the Gnome Desktop 12
HACK 8
Use Virtual Desktops, Memorize the Hotkeys 13
HACK 9
Caffeine Helps Your Linux PC Stay Awake 14
HACK 10
What Would That Resolution Look Like? 14
Image © Lightwise, 123RF.com

6 101 LINUX HACKS – 2020 EDITION

 DESKTOP MODDING

Curing the
Caps Lock Disease
HACK 1 Figure 2

Are you old enough to say “the problems

with keyboards started when IBM moved the func-
tion keys from the left (Figure 1) to the top”? That hap-
pened in 1986 when the IBM PC AT replaced the PC XT
and the then-leading personal computer manufacturer
introduced the new keyboard layout, which has re-
mained the standard ever since. New functions in Micro-
soft Windows 95 made keyboard producers add three
new keys, and some modern keyboards have a Fn key in-
spired by such keys on restricted notebook keyboards.
But what’s the
Figure 1
worst problem with
keyboards both old
and new? In my
view, it is certainly The conservative treatment of the
the Caps Lock key. Its “Caps Lock disease” is to transform
purpose is to mess the key into a second Left Shift key.
up text you enter in That way, if you press Caps Lock in-
an Office document CC0 (public domain)
stead of Shift, you will still get a capi-
or on the command talized letter. You can use the xmodmap
line when you type without looking at the screen. command to change the key’s table entry:
Once activated, it will transform every lowercase let-
xmodmap -e "keycode 66 = Shift_L NoSymbol Shift_L"
ter into an uppercase one and vice versa. When you
detect the mistake, you need to get rid of all the en- If instead you want to completely disable the key, use
tered text and type it again (with Caps Lock off). Only the following shorter command:
network trolls who feel like typing whole paragraphs
setxkbmap -option caps:none
in all caps can appreciate that key. (If you rely on ac-
cessibility tools to help you type, Caps Lock is not After that change, pressing Caps Lock will have no ef-
helpful either, since it does not grant access to the fect whatsoever. Notice however that the change only
secondary bindings of non-letter keys. Instead, sticky affects the current X session. In order to make it perma-
Shift, Ctrl, and Alt keys do the job.) nent, you need to use your desktop environment’s au-
The xmodmap tool can inform you about the Caps Lock tostart mechanism. Adding the line to ~/.bashrc will not
key’s current behavior: work (properly): It will generate a lot of error messages,
because both commands expect a working X server
$ xmodmap -pke | grep -w 66
and a properly set DISPLAY variable; they fail when run
keycode 66 = Caps_Lock NoSymbol Caps_Lock
in text mode (see the “Killing Caps Lock in Text Mode”
The culprit is Caps_Lock. There are several ways that you box). Here’s how to make it permanent:
can get rid of it: Some of the desktop environment con- • Under KDE, create a file killcapslock.sh in your ~/bin/
figuration tools let you configure Caps Lock behavior folder and write the command into that file. Then,
(Figure 2 shows how to do it under Linux Mint’s Cinna- from the Start menu, search for “startup,” pick Auto-
mon), but I will focus on two quick solutions that re- start, then click Add Script, and enter the full path to
quire single shell commands. killcapslock.sh.
• Gnome users run the gnome-session-properties com-
Killing Caps Lock in Text Mode mand. Click on Add, then provide an informative title
in the Name field, and enter the command in the
If you happen to work in a text mode session (without X), the Command field.
xmodmap and setxkbmap commands will be useless – they cannot • Under Cinnamon, search for “startup,” pick Startup Ap-
influence the keyboard settings in console mode. Instead, what plications, then click the + button, and choose Custom
you need is loadkeys. Normally, this program is used to switch Command. Provide an informative title in the Name
between alternative local keyboard layouts, such as: field, and enter the command in the Command field.
sudo loadkeys us # US layout Now the future looks bright: Caps Lock won’t trouble
sudo loadkeys uk # UK layout you again.
sudo loadkeys de # German layout
By Hans-Georg Eßer
However, you can also use it to change a single key setting. Use
the following command to make Caps Lock behave like Shift:
echo -e "keymaps 0-127\nkeycode 58 = Shift" | sudo loadkeys -

101 LINUX HACKS – 2020 EDITION 7

 DESKTOP MODDING

H AC K
Latte Dock: The Best Dock for KDE 2
One of the best things about KDE – and there are Figure 3
many – is the functionality contained within the panel.
It works well horizontally stretched across the entire
display or as a small panel across half. It works well
vertically, as well as floating in the middle. You can
have more than one, and each one can be configured
to do as much or as little as you want. But the default
KDE panel can still feel a little utilitarian, partly be-
cause it’s nothing like the panel in macOS. This is why
there are perhaps so many panel replacements that
look more like Apple’s similar dock.
Latte Dock is the best alternative I’ve seen for KDE
(Figure 3). Unlike most panel replacements, it has got a
comprehensive set of configuration options that mimic
much of what KDE’s regular panel does. By default, it
will appear in the middle of your screen’s bottom bor-
der when your pointer gets close. The icons for running
applications appear and enlarge as you roll over these
in beautifully animated transitions. The same happens
when you open the configuration panel, which allows
you to change the location of the panel and its align-
ment. You can place it anywhere and get the icons to
center exactly as you wish. You can also control the
transitions and zoom levels, as well as enable or dis- To try it, install the package via sudo zypper in
able the panel background and running application latte-dock (openSUSE) or sudo apt install latte-dock
highlight modes. On a high DPI desktop, it looks abso- (Ubuntu, Mint, and Debian). Then run the latte-dock
lutely fantastic. The SVG icons scale perfectly, and re- command.
placing the old KDE panel with this is a serious tempta-
tion, despite it not fully supporting functional applets By Graham Morrison
https://store.kde.org/p/1169519/
like monitoring tools or desktop pagers.

KDE Window Hacking

KDE’s window manager lets you do lots of crazy
things to windows. Some of them are pretty useful.
Right-click on any window’s titlebar, and a menu will
pop up. Apart from the options to minimize, maxi-
mize, and close the windows, you’ll notice the More
Actions option. The Keep Above Others and Keep
Below Others options are self-explanatory, but you
can also make a window Fullscreen, and it will be
maximized; the application’s titlebar and any other
desktop elements (like panels) will disappear, giving
you maximum workspace. If the application doesn’t
offer you a way to exit full screen mode, press Alt+F3
and use the menu to deactivate it.
You can also “shade” the window, which means it
will roll up like a blind, leaving only the titlebar visible.
Another alternative is to remove the border and titlebar,
leaving a bare window with no decorations. To recover
borders and the titlebar, select the window and press
Alt+F3 again to open the win-
dow’s configuration menu.
HACK 3
Within Window Specific Settings (or Special
Window Settings) and Application Specific Settings
(also called Special Application Settings), you have all
manner of options to fix the application window’s po-
sition and size. You can make a window stick to a cer-
tain area of your screen and become unmovable. At
the same time, you can adjust its size to the pixel. You
can configure things so that, when you launch a cer-
tain application, it always opens in a certain place,
maximized, or shaded. You can make the application
so it won’t close, or you can choose actions from
dozens of other options.
By Paul Brown

8 101 LINUX HACKS – 2020 EDITION

 DESKTOP MODDING

Global Menu for KDE Programs

A default KDE Plasma desktop has a panel at the bot-
tom of the screen, a start button holding menus at the
bottom left, and a tray on the right – all quite conven-
tional, boring, and even Windows-y (see Figure 4). But
Plasma can be configured to look like anything, even
like Ubuntu’s defunct Unity, Gnome, macOS, or what-
ever else rocks your boat.
Figure 4
Both Unity and macOS use a global menu: It is the
menu that appears in a bar at the top of the screen and
shows a selected application’s options, instead of hav-
ing them in a bar along the top of the application.
To create global menus in Plasma, first right-click in
any free space on the Plasma
desktop and select + Add Figure 5
Panel | Empty Panel from the
pop-up menu. Usually, the
panel will appear at the top of
the screen, because the bot-
tom is already filled with the
default Plasma panel. If it has
popped up anywhere else,
click on the hamburger menu
(the button with three horizon-
tal lines at one end of the
panel) and then click and hold
the Screen Edge button and
drag the panel to the top.
Once you have placed the
panel, click on the hamburger
menu on the right of the panel
again and click on + Add Wid-
HACK 4
gets. A bar with all the available widgets will show up
on the screen’s left. You can narrow your search down
by typing “global” into the search box. When you see
the Global Menu widget, double-click on it, and it will
be added to the panel. (You may think that the action
was not successful – at least that’s what happened to
me. If a small circled “1” appears in a corner of the
widget’s icon, you were suc-
cessful even though the panel
still looks empty.)
Running applications con-
tinue to have their own me-
nubars. Close and reopen
them, and you’ll see how now
their menus have moved from
the application window to the
upper panel you just made.
With KDE Plasma versions be-
fore 5.13, this only works with
native KDE apps, but newer re-
leases support the feature for
other programs, too. This is es-
pecially relevant for GTK-based
applications.
To make the effect even more
striking, click the Start menu on
the bottom panel and pick Sys-
tem Settings or Settings | Con-
figure Desktop. Under Workspace Theme, choose
Breeze Dark and click Apply. You will end up with
something like Figure 5.
By Paul Brown

101 LINUX HACKS – 2020 EDITION 9

 DESKTOP MODDING
Save Storage with Advanced Image Formats
There are dozens of graphic file formats, but in real life most
photos are stored in JPEG, whereas screenshots and web
graphics look best in Portable Network Graphics (PNG). Let’s
skip other specialized file formats such as TIFF or numerous
RAW flavors from different camera vendors for the sake of
brevity. Historically JPEG compression was developed as an
optimal trade-off between higher quality and smaller file
size, which used to be a headache in the days of dial-up In-
ternet and small hard drives. JPEG is lossy, but it delivers
very natural-looking images even with aggressive compres-
sion ratios. On the other hand, PNGs have gracefully solved
the problem of transferring lossless bitmap graphics across
networks thanks to its built-in compression.
In modern times, the technology has advanced even fur-
ther, and now we have two projects on GitHub that outper-
form the above two formats in terms of compression effi-
ciency: Lepton and FLIF.
Replace PNG with FLIF …
FLIF is a new lossless image format based on Meta-Adap-
tive Near-zero Integer Arithmetic Coding (MANIAC) com-
pression, which outperforms PNG, FFV1, lossless WebP,
lossless BPG, and lossless JPEG2000 in terms of compres-
sion ratio. To see how to use it, download the code snap-
shot from the project’s website, and make sure that you
have the libpng-dev package (or similar) and then type
make. In a few seconds, you’ll get the compiled flif binary,
which acts as a FLIF image encoder and decoder. The syn-
tax is very simple:
$./flif input.png output.flf
and the traditional ./flif --help for the list of options, such
as interlacing, palette, quality, and more. Keep in mind that
FLIF currently can convert only PNG, PAM, and PNM file
formats, so it makes sense to compare FLIF outputs with
PNG as the most widespread format from the above list. In
our tests, lossless FLIF output was smaller than PNG with
the highest compression ratio and comparable with JPEG
in terms of file size (Figure 6). The only problem is that you
cannot view .flf files, so right now you can only use the
Figure 6
10
HACK 5
flif binary to archive images and recover them later using
the command:
$ ./flif -d input.flf output.png
However, it is possible to view the FLIF-encoded images
using a separate tool called UGUI:FLIF, which is based on
HTML and JSON.
… and JPEG with Lepton
Lepton is a compression and decompression algorithm that
was open sourced by the Dropbox company. The cloud-
based storage provider has proprietary code in its core, but
otherwise it is very friendly to the Linux community. Lepton
does with JPEG what FLIF does with PNG. Since the two
image formats are completely different, we cannot compare
their performance directly.
Lepton offers a lossless compression for JPEGs, which re-
sembles convenient archiving. But unlike putting a JPEG file
into a .zip or .tar.gz archive, which makes very little sense for
saving disk space, Lepton really makes the output file smaller.
Dropbox published a comprehensive article that describes
how the algorithm works, pointing out optimizations they im-
plemented in encoding 8x8 pixel blocks (which are used in
JPEG compression).
Some distributions provide Lepton packages (try sudo apt
install lepton on Ubuntu and Mint), but if yours doesn’t,
building Lepton from source is very straightforward.
Download the sources and run the following commands:
$ ./autogen.sh; ./configure; make; make check
$ sudo make install
Lepton has a very simple syntax, and while you can
enjoy many of its advanced features, you can start with
this template:
$ lepton input.jpg output.lep
If your JPEG file uses progressive encoding (Gimp does it
by default when exporting to JPEG), you’ll need the appro-
priate extra option:
$ lepton -allowprogressive input.jpg output.lep
To restore (decompress) your file, use the same command but
switch the .lep and .jpg order. Lepton is quite effective: It can
trim down your files by 15-20 percent without losing quality.
The reason why you might want to use FLIF, Lepton, or both
is precisely one. The volume of images that have to be stored
is growing faster and faster. Converting some thousands
JPEGs to the new Lepton format lets you free extra disk
space. Lepton files are about 20 percent smaller than their
source JPEGs, so the savings can be be very noticeable.
By Alexander Tolstoy
https://flif.info/
http://flif.info/UGUI_FLIF/
https://blogs.dropbox.com/tech/2016/07/
https://github.com/dropbox/lepton
101 LINUX HACKS – 2020 EDITION
 DESKTOP MODDING

H AC K
Zoom Everything on Your Screen
Many applications let you zoom the content they dis-
Fix KDE
KDE, like Gnome, needs some
6
play; for example, in Firefox and LibreOffice, you can extra work so you can zoom smoothly. You will need
press the Ctrl key and move the mouse wheel to in- the xbindkeys tool and also dbus-send or qdbus (which
crease or decrease the zoom level. should be preinstalled with KDE).
But sometimes you may need a different kind of Try the following commands:
zooming. Imagine for example that you show a Libre-
qdbus org.kde.kglobalaccel /component/kwin U
Office Impress presentation to your audience, and
invokeShortcut view_zoom_in
there’s a detail you want to draw attention to on your
dbus-send --type=method_call --dest=U
slide. You’ll have to leave presentation mode and
org.kde.kglobalaccel /component/kwin U
zoom into the slide in Impress’ editing mode, which is
org.kde.kglobalaccel.Component.invokeShortcut U
not really professional. Luckily, it is possible to zoom
string:view_zoom_in
the whole desktop. Depending on your desktop envi-
ronment, you may have to activate the feature. If one of them zooms a tiny bit into the desktop,
you’re ready for the next step – on my openSUSE test
Cinnamon Can Do It, Gnome Almost machine only the second command worked. If none
If you use Cinnamon, open Preferences | Accessibility of them works, try to enable the zoom effect as ex-
and click on Enable zoom. Then change the Mouse plained in the “KDE: Enable the Zoom” box.
tracking mode to Cursor pushes contents around: First of all, zoom out again: Just repeat the com-
That way mouse movements will not change what mand that worked, but replace view_zoom_in with view_
you see on the screen – until you reach the borders. zoom_out. Then create (or open) the file .xbindkeysrc in
The default key, called Super, is the Win key next to your home directory and add the following four lines:
Left Alt. So keep Win pressed and use the scroll wheel
to zoom into your desktop and out again. "<WORKING COMMAND ENDING IN view_zoom_in>"
Gnome has a preconfigured zoom feature; it is alt + b:4
one of the accessibility functions. Press Win+Alt+8 "<WORKING COMMAND ENDING IN view_zoom_out>"
to enable zooming, then Win+Alt+= to zoom in, alt + b:5
and Win+Alt+- to zoom out. However, you cannot
configure it to change the zoom in small steps, and The first line contains the command for zooming in,
you cannot use the mouse. If you want that to hap- placed between double quotation marks; the third line
pen, check the hack on the next page – it is more is the same but ends in view_zoom_out. Lines 2 and 4
advanced. hold the mouse/key combinations: alt is the Alt key (it
will work with both the left and
KDE: Enable the Zoom right Alt keys); b:4 and b:5 are
Scroll Up and Scroll Down on
the mouse wheel. (If you want a
If zooming does not work at all or if you the zoom is active and you try to move
want to fine-tune how much KDE the mouse out of the visible area, KDE more complicated combination,
zooms in/out with one wheel move, scrolls so that the mouse pointer stays try control + alt + b:4, for exam-
open KDE’s System Settings and go to visible. But try the other options, too: ple; the xbindkeysrc man page ex-
Workspace | Desktop Behavior. Then It’s a matter of taste. plains how to use the
click on Desktop Effects. Figure 7 other modifier keys.)
Make sure that Zoom Now start xbindkeys (if
(Magnify the entire desk-
you already use it, kill it
top) is activated and click
on the settings icon. first) and check whether
zooming with Alt and
In the new dialog win-
dow (Figure 7), change the mouse wheel works.
the Zoom Factor value If so, make things per-
to something between manent by adding
1.01 and 1.20. My sug- xbindkeys to your auto-
gestion for the Mouse start programs.
Tracking option is to set
it to Push: then, when By Hans-Georg Eßer

101 LINUX HACKS – 2020 EDITION 11

 DESKTOP MODDING
HACK 7 Zoom into the
Gnome Desktop
Gnome’s built-in zoom function, which you enable via
Win+Alt+8, lets you zoom in very large steps: from a 1.0
zoom factor to 2.0, than 3.0 and so on (Figure 8). While
you can make things large quickly, it lacks the smooth
transition helpful in a presentation.
Luckily, Gnome’s control tool for the command line,
gsettings, lets you query and set the zoom factor with
fine precision. For example,
gsettings set org.gnome.desktop.a11y.magnifier U
mag-factor 1.15
will set the zoom to 115 percent. If you want to query
the current value, replace set with get, and drop the
number. Now, adjusting the current value (say, in order
to add or subtract 0.01) is not so simple. I’ve created
two simple Bash scripts which do the job; they use the
terminal calculator bc to perform the floating-point ad-
ditions, subtractions, and comparisons – the shell can
only work with integers.
Put the code from Listings 1 and 2 into files ~/bin/
zoom-in and ~/bin/zoom-out, respectively, and make
them executable (chmod a+x ~/bin/zoom-*). (Depending
on your Linux distribution, you may have to create the
~/bin folder.) Then put the three configuration lines
Listing 1: zoom-in
#!/bin/bash
[ -r ~/.local/zoom-config ] && source ~/.local/zoom-config
ZOOM_MAX=${ZOOM_MAX:-1.10}
ZOOM_ADJUST=${ZOOM_ADJUST:-0.01}
SCHEMA=org.gnome.desktop.a11y.magnifier
zoom=$(gsettings get $SCHEMA mag-factor)
check=$(echo "$zoom < $ZOOM_MAX" | bc -l)
if [[ $check -eq 1 ]]; then
zoom=$(echo "scale=2; $zoom + $ZOOM_ADJUST" | bc -l)
gsettings set $SCHEMA mag-factor $zoom
zoom=$(gsettings get $SCHEMA mag-factor)
fi
Listing 2: zoom-out
#!/bin/bash
[ -r ~/.local/zoom-config ] && source ~/.local/zoom-config
ZOOM_MIN=${ZOOM_MIN:-1.00}
ZOOM_ADJUST=${ZOOM_ADJUST:-0.01}
SCHEMA=org.gnome.desktop.a11y.magnifier
zoom=$(gsettings get $SCHEMA mag-factor)
check=$(echo "$zoom > $ZOOM_MIN" | bc -l)
if [[ $check -eq 1 ]]; then
zoom=$(echo "scale=2; $zoom - $ZOOM_ADJUST" | bc -l)
gsettings set $SCHEMA mag-factor $zoom
zoom=$(gsettings get $SCHEMA mag-factor)
fi
12
ZOOM_MIN=1.00
ZOOM_MAX=2.00
ZOOM_ADJUST=0.05
into a new file ~/.local/zoom-config. This is where you’ll
be able to change the behavior of your new super
zoom: The ZOOM_ADJUST value will be added or subtracted
until you hit the maximum or minimum value.
Bring in the Mouse
You can already test the new feature by calling ~/bin/
zoom-in and ~/bin/zoom-out from the shell. If ~/bin is in
your PATH, the shell should find the scripts when you
call them as zoom-in and zoom-out.
But we want mouse support. If you’ve read in the pre-
vious hack how to react to mouse wheel movement,
you already know what’s coming: You need the xbind-
keys tool that you have to install with your package
manager. Then create an ~/.xbindkeysrc file with those
four lines:
"~/bin/zoom-in"
alt + b:4
"~/bin/zoom-out"
alt + b:5
Like in the KDE zooming hack, this assigns the zooming
commands to the mouse/key combinations, where b:4
and b:5 are Scroll Up and Scroll Down on the mouse
wheel. Check the xbindkeysrc man page for more com-
plex key combinations.
Now start or restart xbindkeys and check whether
zooming with Alt and the mouse wheel works. If so,
make things permanent by adding xbindkeys to your
autostart programs.
Negative Zoom
By the way, it’s also possible to use zoom factors below
1.00 (change ZOOM_MAX to 0.5 to try this out), but it
doesn’t make much sense – the desktop will shrink and
fill the upper left corner of the screen and the rest of the
monitor displays gets filled with gray.
By Hans-Georg Eßer
Figure 8
101 LINUX HACKS – 2020 EDITION

Use Virtual Desktops, Memorize the Hotkeys
Do you work with virtual desktops? If not, try them. As-
suming that you do more with your Linux machine than
run a browser, a mail client, and LibreOffice, it is likely
that your desktop becomes cluttered with windows.
Maybe you minimize some of them to get the chaos
under control. Connecting one or two extra monitors
would improve the situation, but that requires free
space on your desk (and money).
Instead of physical, go for virtual. Linux desktop envi-
ronments like KDE, Gnome, and most others have a
feature called virtual desktop. You can have two or
more independent areas where you can place your win-
dows. There’s no need to minimize them; just spread
them out on as many desktops as you need.
KDE
On KDE, press Ctrl+F2 to reach a second (empty) desk-
top; Ctrl+F1 brings you back to the original one. If that
doesn’t work, virtual desktops are disabled. Open the
start menu, type virtual, and select the Virtual Desktop
configuration entry. Then set the Number of desktops
to some value that makes sense: I like to have eight of
them (Figure 9). KDE automatically creates more hot-
keys (Ctrl+F3, Ctrl+F4, etc.).
Figure 9
If you prefer to move from the current desktop to a
“neighboring” desktop, you can assign hotkeys to
those actions. The configuration window, where you
can change the number of desktops, has a Switching
tab where you can add four key combinations for
switching left, right, up, or down – KDE organizes its
desktops in a matrix.
Cinnamon
If you run Cinnamon, press Ctrl+Alt+Right to move to
the next desktop. Cinnamon calls them “workspaces,”
but the concept is the same. Press Ctrl+Alt+Up to view
a summary of all desktop contents (Figure 10). This is
101 LINUX HACKS – 2020 EDITION
DESKTOP MODDING
H AC K
also the right place if you want to add
8
more desktops. Add the Workspace Switcher
applet to your panel so that you can switch the desktop
with a single click.
If you would prefer to use Ctrl+F1, Ctrl+F2, etc. on Cin-
namon, open Preferences | Keyboard from the menu,
switch to the Shortcuts tab, and pick the Workspaces |
Direct Navigation category: You can now define your
own hotkeys that will let you switch to a desktop directly.
Gnome
With a Gnome installation, Ctrl+Alt+Down (or
Win+PageDown) will bring you to a fresh, new desktop
– but only, after you’ve opened at least one window on
the current desktop. With Ctrl+Alt+Up (or Win+PageUp)
you can go back to the previous desktop.
By default, Gnome only has a hotkey for switching to
the first desktop (Win+Home), but when you open the
settings and go to Devices | Keyboard, you can add hot-
keys for further desktops. Ctrl+F1 is not available be-
cause some Gnome applications use it to show the
shortcuts available in that program.
In all desktop environments, each window’s menu
will let you move a window to a different workspace,
and there may even be hotkeys for doing that without
the mouse. The developers have come up with multiple
ways to configure your desktop’s behavior (e.g., some
program may always open on the second desktop).
It takes some time to get used to multiple desktops,
but once you know the most important hotkeys by
heart, you’ll do many things faster than before.
If you tend to switch between KDE, Gnome, and other
environments or window managers often, it might
make sense to change the settings so that working with
virtual desktops feels the same in every environment –
but if you’ve already chosen your favorite desktop, sim-
ply get to know its default hotkeys: They are likely to
stay the same for future releases.
By Hans-Georg Eßer
Figure 10
13
 DESKTOP MODDING
Caffeine
Helps Your
HACK 9 H AC K
Linux PC Stay
Awake
Sometimes you don’t want your computer to start
the screensaver (and possibly lock you out) or acti-
vate some energy-saving mode and suspend. For ex-
ample, I used to get very annoyed when I brought my
notebook to a classroom and stepped away to ex-
plain something on the blackboard – only to find a
few minutes later that the beamer no longer showed
my presentation slides. For me, that’s a problem of
the past, because I use Caffeine. There are several
tools with that name (including ones for macOS and
Windows); pick the right one for your desktop!
If you work with KDE or Cinnamon, you can install
the caffeine package (do not confuse this with Kaf-
feine, a KDE media player). Then run caffeine-indica-
tor (if you like it, add it to your auto-start applica-
tions). This will add a new coffee cup icon to your
panel. Clicking it opens a context menu from which
you can select Activate (or Deactivate). When Caf-
feine is active, you can see steam rising from the cup
(Figure 11).
As a Gnome user, visit the Gnome Shell Extensions
website, search for Caffeine, and enable the exten-
sion – this will work best if you have installed the
chrome-gnome-shell package and the Gnome Shell inte-
gration plugin for Firefox. Using this is even simpler:
Just click it to toggle on/off.
Figure 11
One last hint: Don’t try an online search for
“Cinnamon+Caffeine” – I did that, and it was com-
pletely useless: Google gave me coffee recipes and
health-related articles.
By Hans-Georg Eßer
https://launchpad.net/caffeine
https://extensions.gnome.org/
https://www.zhornsoftware.co.uk/caffeine/
http://lightheadsw.com/caffeine/
14
What Would That
Resolution Look Like?
There’s a command-line tool called
10
xrandr that can work magic in configuring your desk-
top. You may already be aware of its capability of
changing the resolution via a command similar to
xrandr --output DP-1 --mode 2560x1440
and even defining completely new resolutions using
a modeline (which you’ll have to create with a tool
like cvt or an online modeline generator).
But xrandr can do more. A not so well-known trick
is using a scaling factor to make the desktop bigger
(in pixels) than the maximum resolution offered by
your monitor. Try the following command:
xrandr --output DP-1 --scale 1.5x1.5
(replace DP-1 with your monitor’s ID). If you see no ef-
fect, use a number closer to 1.0. On my test machine, I
could not move beyond 1.7x1.7, but even with that
scaling factor, I saw an incredible 4352x2448 resolu-
tion. Of course, the monitor could not display so many
pixels, but internally the X server did render an image
of that size and then created a smaller version for the
monitor. I made a screenshot (Figure 12) to check:
$ file megares.png
megares.png: PNG image data, 4352 x 2448, U
8-bit/color RGB, non-interlaced
If you enable zooming, you can even work with the high
resolution and still make the window contents visible.
By Hans-Georg Eßer
https://wiki.archlinux.org/index.php/Xrandr
https://arachnoid.com/modelines/
Figure 12
101 LINUX HACKS – 2020 EDITION
 Find a document on your computer, search for a good font
online, organize your project, and track the time you spend
on individual tasks: Nothing in this list is spectacular, but if
it must be done, do it well. We suggest how.

Image © lightwise, 123RF.com

HACK 11
Find Your Files with DocFetcher 17
HACK 12
Organize Your Ideas with Zim, the Desktop Wiki 18
HACK 13
Track Time with Chrono 20
HACK 14
Launch Programs Inside a VirtualBox VM 20
HACK 15
Create a Cheap Timer with sleep 22
HACK 16
Finding and Installing Online Fonts 23
HACK 17
Sync Up Your Phone and Linux Desktop 23
HACK 18
Self-Organization with GTG 24

16 101 LINUX HACKS – 2020 EDITION

 GETTING STUFF DONE

H AC K
Find Your Files with DocFetcher 11
I like empty partitions: When I install a new Linux distri- the program, you need Figure 1
bution on a test machine and log in for the first time, I not care about complex
sometimes take a look at the empty Documents folder java command-line op-
and think: How beautiful! Let’s put two or three files in tions, just launch the
that folder and enjoy the clarity. DocFetcher-GTK3.sh script
On my real computers, things are different. The fol- to start the program.
lowing code was run on a notebook that holds only DocFetcher can index
some of my files: all sorts of files (Figure 1),
including PDF, LibreOf-
[esser@m2:~]$ for dir in Data Documents; do printf \ fice, and Microsoft Office
"%-9s: %5d files in %5d folders, " \ files (both classic and
"$dir" \ XML-based). It will also
$(find $dir -type f | wc -l) \ look at ID3 tags embed-
$(find $dir -type d | wc -l); \ ded in MP3 files, so you
du -sh $dir | cut -f1; done can later search for MP3
Data : 96477 files in 10818 folders, 58G songs by title or album
Documents: 1499 files in 335 folders, 14G name even if these meta-
data do not appear in the
(If you like what this command does, put it in a shell filenames. Normally,
script.) Creating or collecting thousands of files means DocFetcher uses the file
trouble when you need to find one of them. Linux gives extensions (like .odt,
you a few built-in options for searching, so you might .docx, etc.) to decide what
want to start with them. kind of file format it is looking at, but you can enable a
By cleverly combining shell commands such as Detect mime type option if you tend to store files with
• ls -lR (recursive listing) non-standard or without file extensions.
• grep (filter search terms) Once you’ve built the index, you can start your
• find (search for files with specific properties) searches. Results will show up in a table, and when you
• locate (use a pre-built database to search) select a particular result, DocFetcher gives you a preview
you can already do a lot. locate is especially helpful, be- (Figure 2). Depending on the file type, it is possible to
cause it gives you instant replies, whereas running find take a look at all search hits in a document: Imagine a
can take many minutes if you throw it at a large folder big PDF file that frequently contains your keyword.
hierarchy. It’s likely that you have to install locate first,
typically from the mlocate package, and you need to By Hans-Georg Eßer
regularly run a file database updater called updatedb. http://docfetcher.sourceforge.net/

More Comfort, More Features Figure 2

All the helpers mentioned so far search
for patterns in the filenames – they com-
pletely ignore the contents. But in order
to be truly helpful, a tool has to find files
that contain some of the searched key-
words. To do this live would mean ana-
lyzing the whole disk for every search,
and that would take much too long. The
solution is obvious: Build an index, like a
search engine does for web pages.
That’s precisely what you get with
DocFetcher. The Java program runs on
all operating systems and needs no clas-
sical installation; you can even put it on
a DVD together with an index that leads
to other files on the DVD. For running

101 LINUX HACKS – 2020 EDITION 17

 GETTING STUFF DONE

Organize Your Ideas with Zim, the Desktop Wiki

Install and use Zim, a handy tool that enshrines the
principle of the wiki on your Linux, macOS, or Windows
desktop. The word “wiki” comes from Hawaiian and
means “fast.” The term refers to a system in which
HTML documents on the Internet are both read and ed-
ited using a web browser. The most prominent exam-
ple of a wiki is the Wikipedia online encyclopedia.
Other wikis inhabit both large and small projects
within the open source universe. Many wikis are used
for documentation purposes. Debian, Ubuntu, and Arch
Linux are known for their comprehensive wikis. A wiki’s
main task is to organize content in a structured way.
Many of the popular wiki tools are designed for collabo-
ration over the network, but the wiki concept also pro-
vides benefits for a single user working at a single desk-
top. Zim is a handy desktop wiki that is useful for brain-
storming and knowledge gathering, as well as building
task lists and organizing documents and books.
To operate Zim, you do not need a web server or a
database. The Zim desktop wiki is available for Linux,
Mac OS X, and Windows; it uses the same data format
across all platforms. As a comparison, WikidPad, a tool
from the Windows world that also runs on Linux, is
conceptually similar, but Zim goes well beyond Wikid-
Pad’s capabilities. You can find Zim packages in most
Linux distributions’ repositories.
Markup and Versioning
Every page created in Zim is stored on disk as a text file
with a wiki markup (Figure 3). The program organizes
these files into notebooks, which can best be compared
with a traditional wiki’s database. To create a new page,
first create a link to the initially nonexistent page. You
can then add references to other sites to the page’s text.
Zim also supports plugins, including one for version-
ing that stores the editing history for a document in the
form of the Git, Bazaar, or Mercurial version control
systems (VCSs). You need to install the VCS locally on
the computer. As soon as you enable the plugin via the
settings, you can store a document’s current version
using File | Save version.
HACK 12
Although Zim is intended for local use and focused on
the single user, the versioning feature does provide an
option for collaboration.
Use Plugins to Extend Zim
You can extend the Zim desktop wiki using around 30
preinstalled plugins. In addition, you will find numer-
ous plugins by external developers on GitHub. They in-
clude support for formulas, charts, and music notation,
plus a source code view and a spell checker. Zim can
“print” to an HTML file and has a table editor, keyword
management tool, and calculator (Figure 4).
You can format text in various ways and supplement
it with pictures, lists, enumerations, and annexes. In the
Tools | Custom tools menu, Zim gives users the oppor-
tunity to create their own extensions. In addition, you
can launch your own web server in the Tools menu and
thus view your Zim wiki in the browser.
First Launch
When you launch Zim, it asks you where to store the
data. Zim then creates a first notebook at the defined lo-
cation, names it Home, and adds the .txt suffix. Home is
then opened as a notebook whenever you launch Zim.
In theory, you could now just start typing in Zim’s
WYSIWYG editor; however, it makes sense to define
Figure 4

Figure 3

18 101 LINUX HACKS – 2020 EDITION


the your wiki’s structure first. For each project (say, a
book project, a collection of links, or a to-do list), you
will first want to create a separate notebook to provide
an easy means for distinguishing the content.
A look at the Format menu clarifies the formatting
that you can apply to the currently selected text via the
toolbar or the usual keyboard shortcuts. If you do not
select a text passage explicitly, Zim formats the word
under the cursor. In addition to the usual markup fea-
tures (such as bold, italics, underline, and striketh-
rough), you will find five levels of headings, and you
can also highlight words or text passages in yellow.
Highlight source code by means of a fixed-width font
to set it apart from the remaining text. Charts, lists, and
enumerations complete the picture. If you use the right
plugin, you can also embed calculations in Zim and
represent formulas. The same applies to Gnuplot
graphics and images. You can also use an arbitrary
image editor while working within Zim; launch the
image editor via an image’s context menu and save the
results in Zim. The original image is not changed.
The Toggle notebook editable pen icon in the toolbar
lets you enable write protection for the entire notebook.
In the calendar, clicking on the icon labeled Today in the
active notebook generates the structure of a journal
with sub-items for the year, month, and day that you
can use as a diary.
While you are working, Zim continuously stores the
current state. Finished documents can then be exported
as HTML, LaTeX, or Markdown. The tab bar below the
toolbar, which grows to accommodate the increasing
number of projects, shows the state of editing and can-
not be deleted during the session.
Lists, Links, and Annexes
If you start a line with an asterisk (*) or square brack-
ets ([]), Zim automatically switches to a mode in
which it is very easy to create bullet lists or checklists
(Figure 5). To add a little more structure, indent the
Figure 5
101 LINUX HACKS – 2020 EDITION
GETTING STUFF DONE
lines using the Tab key. Zim continues these lists until
you insert a blank line.
If you enable the tasklist plugin, you can expand on
this function. Supplement the bullet by typing, say
[] Task 1 12-23-2019 !
to include a due date and a priority (each additional ex-
clamation mark decreases the priority), and then dis-
play all of the project’s tasks by pressing the Task List
button in the toolbar.
Internal links to other pages of the notebook you are
currently editing, or to another notebook, mean that Zim
also has a powerful organizational function. You can ei-
ther press Ctrl+L to create a reference to a nonexistent
page (Zim then creates the page automatically) or link to
an existing page. The link appears in blue in the text. Al-
ternatively, you can create links without dialogs or short-
cuts using CamelCase or WikiWord notation. For exam-
ple, entering LinuxMagazine automatically generates a
link of the same name and the appropriate page due to
the uppercase M. Since this feature can lead to un-
wanted links, you have the option of switching off Cam-
elCase linking through the configuration settings.
Zim automatically converts paths such as /etc/de-
fault into links; clicking on one of these links takes you
to the appropriate directory or opens the associated
file. Local files can be saved as file attachments using
Tools | Attach. Zim assigns the attachments to the arti-
cle and moves them to the new instance if you copy or
move the original. If you copy the wiki to a second com-
puter, the attachments remain in place.
The data is stored in text format with wiki markup,
thus opening up numerous possibilities. For example,
you can use a makefile to generate a website from the
wiki entries. Thanks to the text format with wiki
markup, you can use the stored information on all three
supported operating system platforms. The flexible
methods for linking let you build rich documents that
you either use as a preliminary stage for processing in
other applications or finalize in Zim.
Zim is easily accessible, revealing the power of its op-
tions only when needed. Once you have discovered the
versatility of Zim, you will not want to be without this
desktop wiki, which has been in development since
2005. Even Linux beginners who are familiar with Mi-
crosoft OneNote are likely to quickly find their way
around Zim.
Zim impresses as a complete package, and if you like
the organizational structure of wikis, you are bound to
feel right at home.
By Ferdinand Thommes
http://www.zim-wiki.org
https://en.wikipedia.org/wiki/WikidPad
https://github.com/jaap-karssenberg/zim-wiki/wiki/Plugins
https://en.wikipedia.org/wiki/Camel_case
19
 GETTING STUFF DONE
Track Time with Chrono
If you work from home, or work for yourself, a time
tracker is an essential tool that can not only help with
productivity, but help when it comes to invoicing cli-
ents, estimating the timing and velocity of a project,
and tracking your own efficiency. But to be effective, a
time tracker has to be as efficient and as transparent
as possible. In particular, it needs to be as simple as
possible. Too complicated, and the effort required to
maintain a log, or context switch between your work
and your time tracker, makes the tracking process it-
self inefficient. This is especially true if you’re working
on the command line and need to switch to a GUI.
This makes Chrono ideal.
Figure 6
Launch Programs Inside a VirtualBox VM
If the Guest Additions are installed in a VirtualBox
guest, you can start programs directly on the guest
with VBoxManage. The following command logs into
the virtual machine (VM) named “Fedora 29” as the
user tim and a password of 123456:
VBoxManage guestcontrol "Fedora 29" start --exe U
"/usr/bin/gedit" --username tim --password 123456 U
--putenv "DISPLAY=:0"
When it gets there, it launches the gedit text editor. The
--exe option is followed by the full path to the program
you wish to execute. In the case of a Windows VM, you
need to enter the backslashes in the path twice, such as
--exe "C:\\ Windows\\System32\\calc.exe". For a graphical
X11 application to launch on a Linux guest, you need to
set the DISPLAY environment variable using the --putenv
parameter. You can also add further parameters to the
program:
VBoxManage guestcontrol "Fedora 29" start --exe U
"/usr/bin/gedit" --username tim --password 123456 U
--putenv "DISPLAY=:0" -- gedit/arg0 /home/tim/brief.txt
20
HACK 13
Chrono is a command-line time tracker that offers a
comprehensive set of features while remaining simple
and quick enough to slot into even the busiest sched-
ules. With the tool installed, you start a project by typ-
ing chrono start <project name> followed by a + tag (Fig-
ure 6). You can now add comments just as you might
with a git commit while programming. You can then
review your comments, and when you’re ready to
move on to something else, simply type chrono stop.
After this, start working on a new project with the start
command. You can also add to a previously created
project by reusing its project name (typing chrono proj-
ects lists all the projects about which Chrono knows).
Each new chunk of work is called a
frame, and each has its own
unique identifier, regardless of the
project to which it belongs. This is
great for invoicing, and you can al-
ways go back and add or edit a
specific frame if you need to add
your own notes. The entire work
output can then be displayed by
typing chrono log.
By Graham Morrison
https://github.com/gochrono/chrono
H AC K
The parameters are always at
14
the end following the two minus signs. In the example,
gedit/arg0 indicates that the parameters for the gedit
program follow next. Here, this is just the complete
path to the text file that you want gedit to open.
The guestcontrol command gives an insight into the
state of the guest system if required:
VBoxManage guestcontrol "Windows 10" list all
Among other things, guestcontrol also lists the current
processes. If a process is hanging, you can kill it with
closeprocess:
VBoxManage guestcontrol "Fedora 29" closeprocess U
--session-id 4 2022
Via --session-id, you provide the ID of the session in
which the process is running. The number at the end
represents the troublemaker’s process ID.
By Tim Schürmann
101 LINUX HACKS – 2020 EDITION
 HACK
Create a Cheap Timer with sleep
15
You call someone on the phone, but they are
busy, so the two of you agree to call again in 10
minutes. But then you forget to call, because
you’ve been too involved with some other task.
Does that sound familiar?
Solve such simple problems with an equally
simple solution: Set a timer. Now, you’ll certainly
find sophisticated timer apps for your desktop
(or smartphone), but how about simply using
tools that are already installed? Just use the fol-
lowing command to get the pop-up window in
Figure 7 after two minutes:

sleep 2m; gdialog --msgbox "$(date +%H:%M) - U

call the doctor now!"

The two minutes are the waiting time that you

asked sleep to wait. Replace the 2m parameter
with something else – for example, 3h for three
hours. Without any suffix, sleep assumes you
mean seconds.
Putting the time in the message window with
$(date ...) has a simple purpose: You might not
be in front of your computer when the message
pops up. With this extra information, you’ll know
how much time has elapsed.
On KDE, try kdialog instead of gdialog. If you
have neither *dialog program on your machine,
there’s always a cheap replacement: Open an
xterm window and launch a shell that displays
your message via

xterm -e bash -c "echo $(date +%H:%M) - call U

the doctor now ; read"

The read command at the end waits for you to

press Return; the terminal window will then close.

By Hans-Georg Eßer

Figure 7

101 LINUX HACKS – 2020 EDITION


HACK
Finding and
16
Installing Online
Fonts
Fonts aren’t something most users spend too much
time contemplating. Most distributions include a
good selection, with even some, such as Ubuntu,
bundling their own fonts designed specifically for
clarity and design aesthetics. But if you spend a lot of
time with code or words, you’ll know that the right
font doesn’t simply look good; it also helps ease eye
strain and aid clarity. For those reasons, spending a
little time trying out a few more options than those
provided by your desktop makes sense.
KDE has a great font-browsing tool that will let
you preview fonts, as well as install them either lo-
cally or globally with a single click – and you can
even do this from Dolphin’s right-click menu when
more than one font is selected. But there isn’t al-
ways an easy way of browsing fonts you may poten-
tially want to install. Font Finder (Figure 8) could be
the solution; it acts as a kind of application store for
the free fonts hosted on Google’s font archive. It’s
also a lovely GTK3 application, with a sleek minimal
interface. There’s a category browser, so you can
easily search for monospace, for instance, and a
search field that lets you filter fonts according to
your criteria. Results are delivered in the main view,
but critically, the results are previews of the fonts
themselves, which is exactly what you need. You
can change the size of the fonts and even render
them onto a dark background. It’s a brilliant way for
looking through fonts you may wish to install. When
you decide to install one, simply click on Install.
By Graham Morrison
https://github.com/mmstick/fontfinder
Figure 8
101 LINUX HACKS – 2020 EDITION
GETTING STUFF DONE
Sync Up Your HACK 17
Phone and Linux
Desktop
KDE Connect is a utility I fell in love with at first sight.
You install an app on your Android device and an-
other on your Linux desktop, and your phone and
computer become part of the same computing envi-
ronment. Phone notifications appear on the desktop,
desktop notifications on your phone, your music
player stops playing when you get a call, and you can
browse your phone’s filesystem from the desktop file
manager (Figure 9).
There’s even a command-line interface and key-
board and touchpad emulation from your phone.
While these initially sound like gimmicks, they’ve ac-
tually saved me serious hassle when mouse batteries
have failed – on more than one occasion! The KDE
team have done a great job of implementing this in
such a way that actually works and is useful.
Since the early versions of KDE Connect, there has
been a constant stream of updates with new features,
and there’s now even a version that decouples itself
from the majority of KDE Plasma bindings that make
it work so well with KDE. The developers are working
on a version that uses Bluetooth rather than a com-
mon network connection for those times you need
KDE Connect synergy without wanting to connect to
a network.
You need not run a KDE desktop to use KDE Con-
nect: For example, there is also Nautilus support.
Gnome users can also try the alternative GSConnect
tool, which reimplements KDE Connect for Gnome.
By Graham Morrison
https://community.kde.org/KDEConnect
https://extensions.gnome.org/extension/1319/gsconnect/
Figure 9
23
 GETTING STUFF DONE
Self-Organization with GTG
Getting Things Gnome implements the Getting Things
Done (GTD) approach, which is so close to this catego-
ry’s name that we have to discuss it. GTD is a self-orga-
nization method developed by David Allen. It is based
on the theory that trying to maintain a complex task list
in your head takes a toll on concentration. The idea is to
move task tracking out of the mind and put it in the
hands of a trusted external system. The system tracks
the tasks, so the user can focus on solving and com-
pleting the problems.
GTD works both with physical objects (such as pen
and paper, an inbox that is a real box, and a physical fil-
ing system) and with digital objects. Various applica-
tions let you implement the GTD system. One handy
and free program that helps with GTD is Getting Things
Gnome (GTG). Even though development of the pro-
gram ceased in 2014 and the former website (gtgnome.
net) no longer works, it can easily be installed, and it
works well on modern systems. Figure 10
The first step is to collect all the
documents that represent your
various responsibilities: letters,
newspaper clippings, articles,
photographs, and handwritten
notes, as well as digital items
such as email messages or notes
in a digital notebook. You work
through the items that require ac-
tion and complete them according
to predefined criteria. The basic
rule is: Anything that you have
taken from the inbox must not be
put back, but must be assigned to
a suitable place in the system.
Select items one by one. The first question for each
item is: Throw it away, archive it, save it for later, or
complete it? You can archive a newspaper article that
you have read but want to keep. The archive can also
include things you might want to do later but don’t
have time for now. Some of the tasks that you won’t ar-
chive or throw away are easier to do immediately, with-
out cluttering up the system. As a rule of thumb: Do
things that take less than two minutes immediately; re-
serve the rest for later completion.
After separating out the things you will throw away,
archive, or do immediately, you get down to something
resembling a to-do list with items that require intermit-
tent or ongoing attention. GTG is a convenient, simple
tool for tracking tasks and maintaining that to-do list.
You can quickly record the task, the start date, the de-
sired completion date, and any sub-tasks that might be
required as part of the process. GTG also lets you tag
24
H AC K
18
tasks for easy searching by category and record notes
describing the state of the task.
Creating Tasks
GTG focuses on the tasks, which the program displays
in the main window. You can create a new task by click-
ing on the New Task button or using the keyboard short-
cut Ctrl+N. A new dialog appears. In this example, I want
to save a yoga class offer for a later date. In the first line
of the new dialog, the title of the task, Yoga Class, ap-
pears in a larger, underlined font followed by a task de-
scription, Penguin Yoga, [email protected].
To make it easier to find tasks, you can assign tags,
which consist of an @ sign, followed by the keyword. In
our example, you could assign the following tags:
@maybe/sometime @leisure @yoga. The tags are
highlighted with yellow background making them im-
mediately stand out in the text (Figure 10).
Finally, you will need to define
a start and a due date. For the
yoga course, you might not
have time until August, and the
offer is only good until October
31. There are two fields avail-
able at the bottom of the dialog:
You can enter the data or select
from a calendar. If there is no
specific due date, just choose
sometime. When you close the
dialog, the new task will appear
in the main window.
Using View | Tags sidebar or
the F9 key, you can now open a
sidebar in which all the tags you
have assigned are displayed. Right-clicking on a key-
word opens a dialog, in which you can change the color
the program uses to highlight a keyword for a task. Ad-
ditionally, you can assign an icon to the keyword; this
icon then appears in the main window next to the task
title. A search function is available in the sidebar.
Wait
You can also enter tasks delegated to others in GTG.
Tracking delegation helps you keep an overview of
what you assigned, for when, and to whom, and it can
also remind you that completion is overdue.
For instance, you could forward a letter from the IRS,
reminding you that you need to complete your income
tax return, to your tax consultant. At the same time,
you would use Ctrl+N to create a new task. Give the
task a new title, such as Income Tax Return: Reminder
from Internal Revenue Service forwarded to tax consul-
101 LINUX HACKS – 2020 EDITION
 GETTING STUFF DONE

tant February 1, 2019. Meaningful tags Figure 11

would be: @wait @income tax.
Your tax consultant promised to have
your income tax return ready by April 1,
so that sufficient time remains for you to
check the results from the consultant, sign
the forms, and file your return with the IRS
by April 18. You enter this data as the start
date and completion date of the new task.

Projects
Tasks that you want to complete yourself,
and that take more than two minutes, are
referred to as projects in GTD. Such proj-
ects are typically broken down into individual tasks.
First, create a new task for the overall project in the
usual way by pressing Ctrl+N. If you want to write an
article for a professional journal, the title could be Write
article. The following tags seem appropriate: @projects
@article. The completion date is the editorial deadline.
Enter the individual sub-tasks line by line with a leading
dash; for example: -1. Literature research, -2. Get litera-
ture, -3. Read literature, -4. Write draft, -5. Send draft to
editor, -6. Incorporate editorial changes, and -7. Send
finished article to editor.
GTG creates its own subentry for each part of the task
and also creates a corresponding link in the main en-
try’s window. In the main window, the entries are
shown indented under the main entry. To keep track, it
is useful to enumerate the tasks in the order in which
you want to complete them.
In the sub-tasks, you can save notes for each step, for
example, a list of the literature you want to read. As
usual, you also have the option of entering tags. After
sending a draft of your article to the editor, you can to
add the @wait tag to the corresponding sub-item.
You need to assign start dates and due dates for sub-
tasks. In this way, you can keep track of which sub-task
is pending; of course, the due date for a sub-task must
be no later than the due date for the project. After you
complete a sub-task, right click on it and select Mark as
Done from the menu.
so that you are sure to complete all your pending pur-
chases in a single visit. You can then highlight any com-
pleted tasks, and they will disappear from the list.
Simplification
Various plugins add functionality to GTG. To view and
enable any available plugins, select Edit | Plugins. You’ll
find plugins that let you automatically delete high-
lighted tasks, color-code tasks for easy recognition of
urgency, and more.
Use the Tomboy/Gnote plugin to sync tasks between
GTG and the Gnote or Tomboy note-taking tools (Fig-
ure 12). First enable the plugin, and then enable syn-
chronization using Edit | Synchronization Services. A
new menu appears bottom left; now click on Add.
Then select the program with which you want to sync
tasks and notes (for example, Tomboy) and confirm by
pressing OK. You just need to decide whether GTG
should synchronize all tasks and notes or just those
that contain a specific keyword, say @GTG-Tomboy.
Click on Enable Synchronization and Close to complete
the synchronization.
By Daniel Tibi
http://gettingthingsdone.com
https://wiki.gnome.org/Apps/GTG
Figure 12

Regular Processing
To see which tasks are currently pending, you need to
work through GTG regularly as part of your daily rou-
tine. In the main window, click the Work View button.
Pressing the button changes the view of the main win-
dow (Figure 11). GTG only displays those tasks that you
need to complete. They include tasks that either have
no start date or whose start date has already been
reached. If required, you can filter this list for keywords.
For example, if you are heading into town for shopping,
you can display all items with the keyword @shopping,

101 LINUX HACKS – 2020 EDITION 25

 Linux admins no longer say “Never change a running
system,” but they do say definitely keep it running!
We’ll show you hacks that help with everyday system
administration. Repair stuff that’s broken, keep an eye
on it so you notice when it breaks, and be prepared.

HACK 19
Clone It with Clonezilla 27
HACK 20
Write ISOs to USB Sticks 28
HACK 21
Get a Quick Machine Configuration 29
Overview with inxi
HACK 22
Repair Your Bootloader 30
HACK 23
Cleaning House with Stacer 32
HACK 24
Image © bowie15, 123RF.com Reset Your Debian-Based Distribution 33
HACK 25
Repair the Debian Package Database 34
HACK 26
Learn the vi Editor Basics 36
HACK 27
Follow File Updates 37
HACK 28
Monitor Your System in a Terminal 37
HACK 29
Visualize ddrescue’s Progress 38
HACK 30
Run dmesg with the Right Options 38
HACK 31
Where Did You Mount That Disk? 39

26 101 LINUX HACKS – 2020 EDITION


Clone It with Clonezilla
Experts agree that you should keep a copy
of your data, but restoring from incremental
backups takes time and sometimes doesn’t work as
expected. Alternatively, you can clone the partition.
HACK
Several tools help with that job; we suggest you use
Clonezilla even though its text-mode interface looks
outdated.
Cloning software differs greatly from backup soft-
ware. Partition copies cannot be supplemented and
accelerated by differential or incremental partial back-
ups. Admins can thus reconstruct the complete sys-
tem in a single pass in case of a crash. Unlike a backup
solution, a clone does not require importing several
backup layers.
The best known example of cloning software is the
free live system Clonezilla. Developed in Taiwan, it is
based on Debian Sid or alternatively on Ubuntu 18.04.1
LTS and has no graphical user interface (GUI). You con-
trol the complete system via ncurses menus.
Clonezilla is available in several variants. While the
alternative Ubuntu version exclusively serves 64-bit
systems, the Debian-based version also offers two
32-bit versions, one of which supports processors
with the Physical Address Extension (PAE). The ISO
images each are less than 300MB and fit easily on
CD-ROMs, allowing the tool to run on very old com-
puter systems. The software is available as a hybrid
image, which can therefore be launched from a USB-
based storage medium. The developers stipulate a
minimum of 196MB RAM for operation.
Clonezilla is also suitable for heterogeneous infra-
structures: In addition to the filesystems commonly used
under Linux, it also supports Windows, Apple’s HFS+,
and several BSD-derivative filesystems. Also, Clonezilla
can reinstall the current 2.x ver-
sion of the GRUB bootloader (or Figure 1
the legacy version if required)
and can cope with common
older and newer BIOS versions.
On booting the Clonezilla
disc, several startup options
await the user in the GRUB
boot manager. If there are
problems with the screen reso-
lution, Clonezilla also offers a
generic VGA driver along with
legacy SVGA and XGA resolu-
tions. It is also possible to load
the entire system into the com-
puter’s RAM, which noticeably
accelerates work on older sys-
tems in particular.
101 LINUX HACKS – 2020 EDITION
KEEP IT RUNNING
19 After booting and selecting the
language, Clonezilla prompts you
for the operating mode. This is
where you say whether you want to
clone a single partition or a complete
disk. The software either copies the source to an identi-
cal target or creates an image of the source disk or par-
tition. As a further alternative, there are also possibili-
ties for cloning on the network. The network option is
intended for large-scale software deployment, while
the local option is more suitable for individual cloning
operations or for creating snapshots for data backup.
In just a few steps, Clonezilla guides you to the fin-
ished image. It first queries the target for saving. You
can choose from a list, whether this is a local medium;
an SSH, Samba, or NFS server; or whether Clonezilla
should park the image in the Amazon cloud.
If you go for the local option, you can specify the tar-
get disk in the next step. For external options, you can
then connect to the source computer. The system auto-
matically detects a plugged-in USB data carrier. Next,
choose the source; Clonezilla lists the different parti-
tions on the local disk.
The following ncurses screen allows a filesystem
check to ensure the filesystem’s integrity. Clonezilla
also offers to check an image’s recoverability after it
has been created. In the last dialog, the user can also
select encryption according to the AES-256 standard.
After a final confirmation prompt, Clonezilla creates
the image. When the software is finished, you can shut
down the system, restart it, or create another image
(Figure 1).
If you use Clonezilla, you must make sure that the tar-
get partition is at least as big as the source partition
27
 KEEP IT RUNNING
when
cloning a
disk. In addi-
tion, the source
drive must be un-
mounted while the
cloning process is run-
ning or creating an image.
Cloning does not work with the
drive mounted.
Since version 2.5.2-31, the devel-
opers have also integrated a Clonezilla
Lite server into the live system. The server
is used to enable the rapid deployment of op-
erating systems in a network environment; it can
clone 40 plus computers simultaneously. The server
Write ISOs to USB Sticks
Many of us still resort to the humble dd command
when writing a distro image to USB storage, because
it’s simple and untainted by options or system interac-
tion. But it does have some profound problems. Worst
of all is that if you get a single character wrong when
declaring the device node, such as /dev/sda, dd will
start overwriting your internal storage without even
asking politely whether you’re certain, and you’ll soon
be diving for Ctrl+C.
A great alternative is bootiso, which doesn’t present
the same risk, adds loads of new features, and still runs
from the command line. At its simplest, you can run it
Figure 2
28
functions and the corresponding dialogs are included
in the previous routine’s ncurses menus, so you don’t
need any additional training.
If you want to restore an image, just reverse the
steps. After starting the live system, again set the lo-
cale. In Clonezilla, define the source medium where the
images you want to transfer are located. In the next
step, select the image repository in which the desired
image is stored. In the last dialog, Clonezilla uses the
restoredisk option to transfer the clone or image to the
target disk.
By Erik Bärwaldt
http://www.clonezilla.org/downloads.php
HACK 20
against an ISO file with the -p argument, and it will tell
you whether your ISO is hybrid and capable of being
written to USB storage and whether enough USB stor-
age has been found.
In the background, it’s also running lots of integrity
checks on the ISO, making sure it will boot and has the
correct MIME type, as well as that the potential desti-
nation is correct and not a single partition. This is use-
ful in itself, and it will even let you know which device
node your storage is hanging off in case you still want
to risk dd. But bootiso is even better when you want to
write the image, and that’s because it still uses dd.
Give it your ISO as the single
argument, for example, and it
will join up its detection rou-
tine with its encapsulation of
dd to write the image automati-
cally, carefully asking whether
you’re certain, after presenting
the details on what’s going to
happen (Figure 2). It will even
erase the storage first. While
there’s no progress indicator –
just like dd – by choosing the
optimal block size in the back-
ground, the transfer is often
quicker than trying your luck
with dd.
By Graham Morrison
https://github.com/jsamr/bootiso
101 LINUX HACKS – 2020 EDITION
 KEEP IT RUNNING

Get a Quick Machine Configuration Overview with inxi

H AC K
Every admin knows how to retrieve information about
the system on which they are working. How many
cores does the CPU have? cat /proc/cpuinfo! Is eth3 a
parameter shown in Figures 3
and 4 is responsible for the
color scheme. The default color
21
gigabit interface? ip l sh! But instead of many tools, scheme is not easily legible on ter-
you can just use one: inxi. It is available via many pack- minals with a light background, but thanks to the pleth-
age repositories (e.g., openSUSE, Debian, Ubuntu, and ora of options from -c1 to -c32, selectable sets are avail-
Linux Mint). able to suit your taste.
Suppose I need an overview of a machine with which I can even talk inxi into a spot of simple process
I don’t normally work. Then, I call inxi without any pa- monitoring. If I want to know which five (this is the de-
rameters and get some basic information about the fault value) processes are currently hogging the most
hardware (CPU, clock speed, RAM, and disk size) and RAM, inxi -t m will help me find out. If I want to see the
the system (kernel and shell processes). If I want to see top 10 processes, I enter -t m10. If I hear the CPU fan
a few details, the -F parameter provides information on humming, on the other hand, I just need to replace the
the video and audio hardware, partitioning, RAID, tem- m with a c to view the processor load. You can also com-
peratures, and fan speeds (Figure 3). bine the two: inxi -t cm 10 returns the top 10 RAM and
If I’m only interested in a particular component, I can CPU hogs.
target this with specific parameters, such as -C, -A, and At the end of this informative newscast on the com-
-G, which stand for information on the CPU, audio, and puter, I’ll take a quick look at the weather: inxi -w Ber-
graphics, respectively. Information on the RAM is re- lin, Germany tells me what the situation looks like out-
turned after a (lowercase!) -m, which takes some getting side the server room.
used to.
By Charly Kühnast
Memory Details https://github.com/smxi/inxi
Running with root
privileges, inxi Figure 3
tells me more
about the RAM:
Apparently four
2GB DDR modules
are plugged into
my test machine
and clocked at
1600MHz – yes,
this is a fairly an-
cient beast (see
Figure 4). The -c4

Figure 4

101 LINUX HACKS – 2020 EDITION 29

 KEEP IT RUNNING
Repair Your Bootloader
HACK
Sometimes things go wrong when you are installing an op-
erating system on a hard disk drive or SSD. A boot repair
disk gets your boot configuration back on its feet, quickly.
The boot process for computers has become massively
more complicated in recent years. Unified Extensible
Firmware Interface (UEFI) has largely replaced the tradi-
tional BIOS, while increasingly Figure 5
large storage devices require new
types of partitioning.
The configuration options of
bootloaders such as GRUB 2 have
thus been massively extended;
even minor changes to the sys-
tem can cause startup problems.
In the worst case, you will be left
sitting in front of a black screen
with a flashing cursor without the
operating system having booted.
In this situation, Boot Repair
Disk provides invaluable assis-
tance: The operating system, based on the lean Lubuntu
17.04 with the LXDE desktop takes care of damaged boot
configurations even in heterogeneous environments, re-
pairing them automatically at the push of a button.
Ready, Steady, Boot
Boot Repair Disk is available as an ISO image of approxi-
mately 642MB for 64-bit architectures, or as 627MB for the
32-bit variant. Thus, you can burn both versions of the op-
erating system on a CD, which you can use even on leg-
acy hardware without a DVD drive. Alternatively, you can
use UNetbootin to transfer the image to a USB stick for
use on computers without an optical drive. In our lab, we
were unable to write a bootable image to a stick with the
on-board tools.
After setting up the image, boot the computer from the
corresponding media, and choose the bottom entry in the
boot manager Boot Repair Disk session. Within a short
time, the system starts and immediately launches the
Boot Repair software on a very plain LXDE desktop before
proceeding with a system scan. Then the program’s con-
trol dialog appears.
Under normal circumstances, you will just want to press
the large button labeled Recommended repair to initiate
an automatic reconstruction of damaged system compo-
nents such as the Master Boot Record (MBR) and boot
manager. If you first need accurate data on the mass stor-
age media, but do not want to make any modifications for
the time being, then click instead on Create a BootInfo
summary. In addition, the window also offers advanced
configuration options, which you can access by clicking
on Advanced options.
The window then expands to include a configuration di-
alog for the GRUB bootloader (Figure 5), which groups
30
22 various options in tab groups and grays
any inaccessible tabs. In the first tab Main options, you
can only configure a few basic settings for GRUB 2; you
will see that the tool has already activated the option for
reinstalling the bootloader. In addition, you can trigger an
automated filesystem repair; Boot Repair gives you the
option of reanimating a damaged MBR if necessary.
As an important additional option, the dialog offers the
possibility to make a backup of the
partition table, boot sector, and all
logfiles so that you can reconstruct
the old data later in case of prob-
lems. If you enable the Restore
MBR option, Boot Repair grays the
following tabs GRUB location and
GRUB options and instead enables
the MBR options dialog. In the sec-
ond tab from the left, labeled GRUB
location, you can define where
GRUB 2 is installed. You can either
select all mass storage media or a
specific disk, which you choose in a
selection box. You can also specify which operating system
the bootloader should load as the default.
In the following tab, GRUB options, you can choose to
completely delete an existing GRUB 2 installation before set-
ting up GRUB again, or enable GRUB Legacy as the default
boot manager. You can also configure various parameters
that GRUB 2 needs to correctly start specific operating sys-
tems. If the configurations offered here do not meet your
needs, you can press Edit GRUB configuration file to tune
the configuration file manually to your liking.
In the Other options tab, you can define various options
for logging the individual tasks. If you also have a Win-
dows version on your computer, you can enable the Re-
pair Windows boot files option to repair a Microsoft sys-
tem that fails to launch. Then enable the respective op-
tions by clicking on the Apply button. If you want to repair
a mass storage device’s MBR, enable the Restore MBR op-
tion in the Main options tab. Boot Repair then grays the
settings dialogs for GRUB and instead enables the MBR
options tab. You can then select which tool to use to re-
construct the MBR. If there are multiple partitions on the
mass storage device, you can also define here which of
them to boot by default.
BootInfo
The Boot Repair Disk also comes with another program
dubbed BootInfo, which helps you with problems at system
startup time. It can be found in the System Tools menu of
the operating system and provides a clear-cut window
where you can define with a single mouse click whether the
tool should store the boot log online or locally.
After another click on Local report (text file), the tool scans
the computer and then opens the Leafpad text editor, which
opens up with the scan log. You will not only find detailed in-
101 LINUX HACKS – 2020 EDITION
 KEEP IT RUNNING

Figure 6 Desktop
formation on the system config-
uration here, but – at the end of Besides the tools for repairing the sys-
the log – also some hints on tem, you will only find a few prein-
how the repair tool will ap- stalled applications. Office applica-
proach the task. You can thus tions, games, multimedia, and educa-
determine what modifications tional applications are missing com-
the tool will make on the com- pletely. The Accessories menu con-
puter (Figure 6). tains entries for the LX terminal, the
The tool lists all the partition Leafpad text editor, and the PCManFM
data of all mass media (includ- file manager.
ing USB flash drives) connected You can launch Firefox from the In-
to the computer system, as well ternet menu, and the usual LXDE
as the GRUB configuration files. configuration dialogs are found
In addition to the repair pro- below the Preferences menu. As a
gram’s log, you will also find the special feature, the System Tools
complete output from the parted menu offers the Synaptic package
-l, parted -lm, mount, df -Th, and manager, which provides access to
fdisk -l commands in the text file. You are thus given a the Lubuntu repositories, if you need additional software.
good overview of the mass storage device configuration.
Hands-On
OS Uninstaller In our practical tests, the system was totally convincing. It
The third in-house developed tool included with Boot Re- not only successfully restored damaged boot sectors in
pair Disk is found in the System Tools menu: OS Unin- Linux-only installations, but also repaired a mixed system
staller. This helps you delete an operating system without with one Windows and two Linux partitions.
leaving any remains on your mass storage device and Also the OS Uninstaller enormously simplifies adminis-
without painstaking manual work. trative tasks: In our lab, it always reliably completed the
After launching, the desired tasks on multiple machines with a variety of
Figure 7
application first lists all shared storage devices, thus removing the need for time-
the existing operating consuming manual deletion and modification of the parti-
systems after a brief tion table, as well as the GRUB configuration files.
scan of the system (Fig- Boot Repair Disk is a very useful tool that every admin-
ure 7). Select the operat- istrator in a heterogeneous environment should include in
ing system that you want their toolbox. Even less experienced users will be able to
to delete from this list quickly control the intuitive tools without any problems.
and press Apply. After a The system itself is extremely stable, and the special tools
safety prompt, the unin- for revitalizing the MBR and the GRUB 2 boot manager
staller first deletes the operating system, then reconfig- were impressive. Also the deletion tool for unneeded op-
ures the boot manager, and finally displays the results. erating system installations saves a huge amount of man-
After a reboot, you will find the remaining operating sys- ual configuration work.
tems in the GRUB startup menu, where the OS Uninstaller By Erik Bärwaldt
adds entries for the Plop Boot Manager and Smart Boot https://sourceforge.net/projects/boot-repair-cd/files/
Manager. They do not have a function without additional https://unetbootin.github.io/
configuration, so you can safely remove them from the
Start menu. Figure 8

More Tools
In the event that hardware problems cause difficulties
when booting a computer, Boot Repair Disk comes with
two graphical diagnostic tools in the form of HardInfo and
GParted. HardInfo, which you will find under the System
Tools menu labeled System Profiler and Benchmark,
clearly visualizes the hardware in a two-pane window and
also performs benchmarks. GParted, on the other hand,
helps to manage the storage devices. This is where you
can, for example, identify problems arising from incorrect
formatting or damaged filesystems (Figure 8).

101 LINUX HACKS – 2020 EDITION 31

 KEEP IT RUNNING
Cleaning House with Stacer
Classic command-line utilities are considered the go-to
tools for system administration, Figure 9
but some powerful graphical
tools also are available for mon-
itoring and optimizing a Linux
system. One of those tools is
Stacer, which lives on GitHub.
SourceForge also offers sources
for compiling, as well as deb
packages for 32- and 64-bit
systems and an AppImage for
64-bit machines. In this hack, I’ll
discuss the AppImage version.
Stacer was designed for
Ubuntu but works with any distri-
bution; on systems with a KDE
Plasma desktop, however, you need to launch the program
as root because of a kdesu authorization error. Before the first
start, you need to make the AppImage executable, which
you can do as a user working in the directory where the
package is located; then, run Stacer from the same directory:
$ chmod a+x Stacer-x86_64.AppImage
$ ./Stacer-x86_64.AppImage
(Depending on what download link you follow the file
could be named Stacer-x64.AppImage.) A message tells you
that the setup routine is adding the application to the
menu and putting an icon on the desktop, which is the
only way in which the application changes your computer.
Alternatively, you can launch Stacer, like all AppImage ap-
plications, by double-clicking on the executable file.
Stacer welcomes you with a modern window featuring
six tabs reachable via icons on the left: Dashboard, Sys-
tem Cleaner, Startup Apps, Services, Processes, Unin-
staller, Resources, APT Repository Manager (when on
Debian-based machines), and Settings (see Figure 9). The
window is static, which means you can neither increase
nor decrease its size.
The program always starts with the Dashboard, which
only provides information and does not allow any interac-
tion. It gives you an animated view of CPU, memory, disk
space, and network interface utilization, as well as informa-
tion about the installed processor and operating system.
Figure 10
System Cleaner
The System Cleaner tab helps
you ditch the ballast: This is
where you can remove unnec-
essary log or cache files and
empty the trash can on your
system. In the initial state, Sta-
cer does not provide any data
for trash disposal; you first need
to enable the desired categories
and then launch a system scan.
32
Caution is advisable before HACK 23
deleting Application Caches: This could slow down appli-
cation launch, and you should proceed with caution when
it comes to the logs and keep at
least the current X.org log and
the apt and dpkg logfiles. Num-
bered logs are always older and
can typically be disposed of
without any worries.
Apps and Services
In the Startup Apps tab, you can
view the applications the sys-
tem launches at boot time and
set up new startup apps. This is
especially handy if you work
with different distributions: You
do not always need to think
about where you need to set up applications that run at
boot time on the respective systems, and you can also tell
Stacer to lock an application for the next start as a test,
without having to plumb the depths of the Control Panel.
Starting and stopping system services is just as easy in
the Services tab. A search function facilitates finding a
particular service. A word of caution: If you shut down the
wrong service here, you can look forward to a reboot.
The Uninstaller tab lets you remove packages. You will
find many of the applications installed on the system
here, and you can point and click to uninstall and remove.
This worked perfectly with Ubuntu and Arch, but not with
any other distribution tested in the lab.
Colorful Plots
The Resources tab displays the last 30 seconds of CPU,
RAM, and network activity (Figure 10). If you have four,
eight, or more cores, Stacer shows them individually in con-
trasting colors. To view each plot separately, press the Cpu
History button, for example.
All tasks handled by Stacer can be run at the command
line, with standard graphical tools, or even with the use
of competitor products such as BleachBit, but not with
the same graphical appeal. Delivery as an AppImage lets
you distribute Stacer to multiple distributions in a single
package; additionally, you save yourself the installation
overhead. However, the AppImage weighs in at more
than 50MB, and the executable file is around 75MB after
unpacking; the complete pack-
age tips the scales at 130MB.
Keep in mind when using Stacer
that you could shoot yourself in
the foot with poorly considered
actions.
By Ferdinand Thommes
https://github.com/oguzhaninan/
Stacer
https://appimage.github.io/Stacer/
101 LINUX HACKS – 2020 EDITION

Reset Your Debian-Based Distribution
If you have totally messed up your Debian, Ubuntu, Linux
Mint, elementary OS, or Deepin OS, you can simply reset
with Resetter. It is a Python script that supports resetting
to the default installation for some distributions, much
like the reset procedure for smartphones.
Resetter’s way of working is quite simple: Using the ap-
propriate manifest list, the tool determines which pack-
ages were originally copied to disk (and in which ver-
sions) when the operating system was installed. Resetter
will remove anything that does not match and reinstall
the default packages according to the manifest. Besides
two reset modes, the software offers another possibility
to search Personal Package Archives (PPAs) directly in
Launchpad and install them without any further manual
work (via the Easy Install button).
Resetter reads the flags in Ubuntu, Linux Mint, and
some other distributions to return to the state immedi-
ately after installation. The list of officially supported dis-
tributions gets updated with every new release.
If you want to use Resetter, simply install the resetter_*.deb
package with apt; users of non-Ubuntu-based Debian-ish
systems need a second pacakage (add-apt-key) – the proj-
ect website explains the details.
Before using the tool, make sure you back up, in case
something goes wrong. Additionally, depending on the
operating mode, Resetter may remove all user accounts
and the corresponding home directories without asking.
Those usually contain data that are still needed, such as
browser profiles, manually customized package configu-
rations, and the like.
Automatic or Controlled?
After starting Resetter, you will see a window with three
buttons: Easy Install, Automatic Reset, and Custom Reset
(Figure 11). I briefly described the function of the first but-
ton at the beginning; here, I am only interested in the
main function of the program: resetting an installation.
Figure 11
101 LINUX HACKS – 2020 EDITION
KEEP IT RUNNING
HACK 24
Resetter gives you the choice between an automatic and
a user-controlled mode.
Automatic Reset mercilessly removes all user accounts
and their home directories. If you select this, a warning
prompt appears,
Figure 12
reminding you
of what you are
doing (Figure 12).
If you approve,
Resetter first
shows a window
with all pack-
ages to be re-
moved. Here you can exclude packages. If you don’t, the
tool removes all applications installed by the users, in-
cluding packages in Snap format. Then, it creates a de-
fault account and adds any packages removed from the
default installation again.
Custom Reset gives you more control over the cleanup:
You decide which user accounts, packages, and dependen-
cies Resetter should keep. If you want to keep user ac-
counts and their home directories, use this mode. You can
enter a username and password for the automatically cre-
ated standard user. You can also instruct the tool to remove
old kernels.
Slightly Inconsistent
A system in our lab with the current Linux Mint 19.1 Cin-
namon had initial startup problems. At program launch
time, Resetter output two warnings that neither a mani-
fest nor a user list could be found. I was told that I would
have to select them; otherwise, the tool would not work.
After clicking on OK, the normal start window appeared.
If you see one or both of these warnings, you will find a
remedy in the File menu at the top of the application. Click-
ing on File reveals two menu items that refer to the error
messages. Select the appropriate entry for your distribution
from the two options, then click on one of the two reset vari-
ants, and the program starts. In a window, Resetter informs
you where it is in the reset process and the overall progress.
It can take several minutes to reset the system.
At the end, another window appears telling you that Re-
setter has created a new user with the name default and
reveals their password. The default username and pass-
word are always the same, no matter what distribution
you use. You will want to create a new username with
your own password immediately after a restart.
Resetter has the potential to save users of Debian,
Ubuntu, and their derivatives the trouble of reinstalling.
By Ferdinand Thommes
https://github.com/gaining/Resetter
https://github.com/gaining/Resetter/releases/tag/v2.1.0-stable
33
 KEEP IT RUNNING
Repair the Debian Package Database
Sometimes the package database on a Debian-based
Linux installation becomes inconsistent, and you can
no longer install or remove packages. There are ways
to fix the situation with apt, aptitude, and dpkg.
Maybe you installed the wrong package from the
Testing or Unstable repositories or gambled on Ex-
perimental. Maybe you installed a flawed third-party
package or mixed packages from different Debian de-
rivatives. Or maybe the maintainer made a mistake,
or a major technology change has happened, and
you are not to blame at all. But in all of these cases,
you either receive an error message (Figure 13) or a
ranked list of possible solutions, and suddenly you
are unable to install, remove, or update anything
until the problem completes its efforts and returns
you to a waiting command prompt.
If you are patient, a new version of the problem pack-
age will be released that fixes the problem. The only
trouble is, the new version might not be released for
weeks, depending on where Debian, or your Debian de-
rivative (like Linux Mint or Ubuntu), happens to be in its
development cycle. Even after filing a bug, it can some-
times take time to resolve the problem. Probably, then,
you want to take more active steps.
Fortunately, the tools you need are ones with which
you are likely already familiar: apt, the package manag-
er’s front end; aptitude, the popular command-line in-
terface; and dpkg, the basic package tool. All three have
the structure
COMMAND SUBCOMMAND PACKAGES
as well as many of the same features for installing and
removing packages.
apt and dpkg are installed by default on any Debian or
Debian derivative system. However, if you have risky
habits, like constantly taking the latest package ver-
sions from Unstable, you should make sure that apti-
tude is installed, as well as other useful tools such as
script, which can log your recovery efforts, or equivs,
Figure 13
34
H AC K
25
which builds packages that contain only dependency
information.
In all these tools, you should gather whatever infor-
mation you can about the state of the packages in-
volved. However, actually fixing the problem is likely to
take you far beyond the usual internal commands like
install and remove.
Making Repairs with apt
When apt announces that you have broken dependen-
cies and suggests solutions, very occasionally, remov-
ing problem packages with
apt remove PACKAGES
can solve the problem. On the principle of starting with
the simplest solution, try this command, but don’t be
surprised if it does not succeed.
Another relative long shot is editing package sources
to get newer versions of the problem package(s), using
apt update to make them available. In particular, search
for a mirror site with more recent packages than your
usual ones to add to the file /etc/apt/sources.list.
A more promising approach is running
apt dist-upgrade --no-upgrade
to upgrade all the packages installed on the system. Do
not use apt upgrade, since the last thing you want to do
is complicate the problem by adding more packages to
the mix.
Another possibility is to force completion of an install
with:
apt dist-upgrade -f
Sometimes, specifying some or all of the packages
mentioned in apt messages will work instead:
apt install -f PACKAGES
Alternatively, try
apt remove -f PACKAGES
but read the summary of
what will happen carefully
before continuing the com-
mand. For some obscure
reason, all these com-
mands may work the sec-
ond, third, or even the
101 LINUX HACKS – 2020 EDITION

fourth time you run them, so Figure 14
run them several times before
giving up on them. You can
also try specifying the reposi-
tory and full package name by
adding the -t option to any of
these commands.
However, if you try all these
solutions and have no luck, you
have exhausted the capabilities
of apt and need to try another
command.
Aptitude Dancing
When run without options, ap-
titude opens an ncurses inter-
face to the Debian package manager (Figure 14). How-
ever, what many users do not know is that aptitude
contains many of the same tools as apt, apt-get, and
dpkg for fixing broken packages, as well as several
extra of its own.
For example, you may be able to resolve problems by
using the markauto command to mark packages as being
automatically installed, or unmarkauto to mark them as
manual installations. Another useful command is -t RE-
LEASE, which specifies which release version to use, or its
counterpart forbid-version to specify a version not to use.
Another useful pair of tools is why and why-not. Both are
followed by a dependency. The why command shows why
a dependency would be required, whereas why-not shows
why a dependency produces a conflict. The results of
both can indicate how a subset of broken packages in-
volving conflicts with another package can be resolved.
However, the most popular feature of aptitude is the
Resolver menu. The menu lists the package manager’s
suggested solutions to dependency problems (see the
“Descent into Dependency Hell” box) and allows you
to approve and reject them. Often, this menu alone
solves problems that apt-get, dpkg, or other features of
aptitude cannot, although at the cost of hiding exactly
what it is doing.
Escalating to dpkg
Because dpkg is a lower-level package than apt, it in-
cludes many features that apt and aptitude do not. As
its man page shows, dpkg is especially useful for read-
ing detailed information about packages, including the
state it is in, and for filtering the information displayed.
You might be able to run dpkg with the option --forget-
old-unavailable, --clear-selections to remove problems,
or --audit (-C) to receive advice on what actions to try.
However, more often, dpkg options or commands, such
as dpkg-query, will be most useful in filtering or gather-
101 LINUX HACKS – 2020 EDITION
KEEP IT RUNNING
ing background information that can help you develop
a solution. The --yet-to-unpack option can be especially
useful when you have been looking for solutions for
some time and don’t care to scroll back in your history
for the names of the problem packages.
An especially powerful dpkg option is --purge (-P).
--purge is a more powerful version of remove, deleting
not only the package, but all records of it, including the
configuration files. In addition to removing the pack-
age, --purge also runs its postrm (post-removal script).
While you are troubleshooting, this thorough deletion
can simplify the problem’s background and sometimes
even solve the problem itself. The dpkg man page will
give you more information.
Another important option is:
dpkg install --ignore-depends=PACKAGE
Descent into Dependency Hell
Manually finding a solution when the package system no
longer works can be hard. Resolving broken dependen-
cies can take hours, and the complications are so numer-
ous that, when you do find a solution, it can feel like luck.
The real solution, though, is to work systematically
through the possibilities.
If you regularly find yourself in dependency hell – as bro-
ken dependencies were once called – then maybe you
should consider your computing habits. While everyone
is tempted by the latest possible release and can make
mistakes out of enthusiasm, by stepping outside the
safety of the package management system, you are strik-
ing out on your own.
An expert can do that, but to do so requires caution
every step of the way. Otherwise, you may be reduced to
desperate efforts such as editing a package’s scripts or
fiddling with /etc/apt/preferences in the faint hope of
changing results that have already failed.
35
 KEEP IT RUNNING

This option is misnamed, since it does check for depen-
dencies but only reports conflicts between packages.
Often, it can be the solution for which you are looking.
An equally powerful solution is:
dpkg --configure -a
which configures all partially installed packages. In my
experience, this command fixes more broken depen-
dencies than any other option mentioned in this article,
although it is not infallible.
If not, then take a detailed look at --force-things
THING, as well as --no-force-things and --refuse-things.
Just as --purge is an enhanced version of remove, so
--force-things is a fine-tuned version of the apt-get
--force option. You probably want to avoid completions
of these commands such as bad-version, remove, or over-
write unless you are absolutely confident of what you
are doing. However other completions, such as down-
grade, configure-any, and remove-reinstreq may provide
solutions. But --force-things can bring your system
down when used carelessly, so consult --force-help, as
well as the man pages, before using it.
In fact, dpkg as a whole can be so deadly that you
should use
--no-act [--dry-run, --simulate]
to do a dry run of any action, simply on the off-
chance of unexpected effects. The simulation will not
tell you in so many words that your system or desk-
top environment will crash, but studying the list of
affected files should warn you that you risk making
your situation worse.
The Debian package manager has other front ends,
notably Synaptic, a desktop interface. However, if apt,
dpkg, or aptitude cannot restore full functionality, then
the chances are high that neither Synaptic nor anything
else can do so.
By Bruce Byfield
https://wiki.debian.org/Synaptic
https://en.wikipedia.org/wiki/Dependency_hell

Learn the vi Editor Basics

Half of the Linux administrator’s life is entering com-
mands in the shell. The other half is editing files in the
that it teaches you something
conceptually new.
HACK 26
vi editor (or its improved version, Vim – which stands So have a look at vi if you’ve never done so
for vi improved). Rumor has it that there are alterna- before. Search the web for “learning” and “vi,” and
tives to vi, names like Emacs, MCEdit, Gedit, Kate, and you’ll find lots of introductory texts and videos. Or run
nano come to mind. the vimtutor command. Start with the GUI version gVim
Don’t worry, this hack won’t take part in the famous (Figure 15) if you prefer to see a menubar.
“Editor War.” If your preferred editor is not vi, then let By Hans-Georg Eßer
me only suggest that you learn the basics of this an- https://www.vim.org/
cient tool that – according to its Wikipedia page – has https://en.wikipedia.org/wiki/Editor_war
been around since 1976. Why should you do that? Here https://en.wikipedia.org/wiki/Vi
are my favorite reasons.
• vi is not only available for every operating system, it Figure 15
is also preinstalled on every Unix-like system. So if
you happen to find an ancient Unix workstation run-
ning SunOS, HP-UX, or AIX, you’ll be able to edit its
configuration files.
• vi is a text-mode program, so it doesn’t require an X
session. It also does not require a mouse or a full key-
board with cursor keys. So even in the unlikely event
that you’re remotely logged in to a strange Unix ma-
chine and the keyboard settings are broken, you can
still use vi.
• vi uses two modes, one for text input (the Insert
Mode) and one for executing commands (called
Normal Mode). It starts in Normal Mode, so you can-
not enter text when you’ve just launched the editor.
That is so different from almost every other editor

36 101 LINUX HACKS – 2020 EDITION

 KEEP IT RUNNING

HACK
27
Figure 16

Follow File Updates

Some Linux administration staff think that
the magic of a 27-inch display is that you
can open 25 xterm windows and use them
for various monitoring activities (Figure 16).
For example, if you need to keep an eye on
some critical infrastructure, it might make
sense to log in to those machines via SSH
and watch activities in logfiles. The stan-
dard command for doing that is:

tail -f <logfile>
But there is a tiny problem: Every now
and then a server will rotate some or all
of its logfiles. Rotating such a file means
renaming it, possibly compressing it, and
creating a new logfile with the old name.
When a helper program like logrotate has
finished the rotation of some daemon’s
logfile, it will then inform the daemon by
sending it a hang-up (HUP) signal (killall
-HUP daemon), and the daemon in turn will
close the (old) logfile and reopen it. If that
last step does not happen, the daemon
will continue to write to the old logfile
(even when that file completely disap-
pears after a compression step).
In the case of one daemon process that handles logging of some ser-
vice, telling it to switch to a new version of the logfile is easy. But there’s
no way to keep track of various other processes that read the logfile and
contact the processes in a meaningful way. Using a tool like lsof will
show all processes that have opened a specific file:
esser@xps13:~$ lsof /var/log/syslog
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
tail 16841 esser 3r REG 259,3 612458 12058755 /var/log/syslog
But how would you try to inform those processes of a change? The so-
lution must lie on the clients’s side. For tail, it is simple: Use the -F op-
tion instead of -f, and you’re set. It will also make tail wait indefinitely
for the watched file to reappear.
By Hans-Georg Eßer

Monitor Your System in a Terminal

There are many command-line system monitor tools,
but there’s always room for another monitor that at-
tempts to do something differently. Hegemon succeeds,
mostly, because it presents only the information you re-
ally care about in a way that’s useful. That information
is how much of your CPU capacity is being used (bro-
ken down into cores, if required), how hot your system
Figure 17
HACK 28
is running, and how well your fan or cooling is respond-
ing to this load. It presents this information as a scrolling
and colorful histogram that can be expanded or con-
tracted with a simple press of the space bar (Figure 17).
As system load increases, you can see exactly which
cores are carrying the burden, along with how it’s heat-
ing up your system. The fan speed will typically ramp up
to compensate, creating a scrolling chart of your system
load and on-going performance.
The folding and unfolding of each element is a quick
and easy way to limit the details you see, as well as to
get more information when you need it. To Hegemon,
each of these sources is a data stream, effectively mak-
ing the application modular, and further data streams
can potentially be plugged into the same system. The
excellent documentation covers the details and also
promises incoming network, disk I/O, and GPU usage
streams to augment the already busy display.

By Graham Morrison
https://github.com/p-e-w/hegemon

101 LINUX HACKS – 2020 EDITION 37

 KEEP IT RUNNING
Visualize ddrescue’s Progress
HACK 29
Many users use GNU ddrescue to save data from
a faulty disk. However, the resulting logs are dif-
ficult to read. ddrescueview graphically processes
logfiles. In order to use it, run ddrescue with a
third file name argument so that it creates a
“map file.” Then open that file in the viewer pro-
gram (File | Open mapfile).
First, the tool determines the disk size and dis-
plays an overview of all sectors in the main win-
dow (Figure 18). The different colors represent
how a section is doing and whether the tool was
able to save it (green), it is defective (red), not
trimmed (yellow), or not yet recognized (gray).
You can receive detailed information about a
sector via a mouse click: This will open the Block
inspector dialog, which reveals where the faulty
section starts, how big it is, and how much data
ddrescue could ultimately reconstruct.
The tool assumes a block size of 512 bytes by
default. You can define other dimensions in the
program settings, as well as set up a refresh in-
terval that keeps the display up to date while
ddrescue is running.
On Ubuntu and Linux Mint, you can simply apt
install the tool; for other distributions, you may
have to search for a repository that has a package.
By Uwe Vollbracht
http://www.gnu.org/software/ddrescue/
http://sourceforge.net/projects/ddrescueview
Figure 18
Image Copyright – Martin Bittermann
38
Run dmesg with the Right Options
HACK 30
The dmesg tool shows messages that appear in the “kernel
ring buffer,” and it can do so in many ways as the im-
pressive list of options in its man page shows. But most
of those options aren’t interesting, you just need a few.
Run dmesg -HTwx to see both user-level and kernel-level
messages with a human-readable, absolute time format
(-HT) as well as priority prefixes (-x) in continuous/follow
mode (-w). That leads to the situation shown in Figure 19.
The color highlighting appears automatically unless
you’re remotely logged in from a terminal with strange
settings; in that case, you can try to force colored output
with --color=always.
While this lets you look at the screen and wait for fu-
ture messages, you cannot scroll back. If you want to see
the past, lose the -w option: You will then see the ring buf-
fer’s entire contents (starting with the first lines), and you
can scroll down to later entries. Note that the ring buffer
is in fact a ring: Its size is finite, and it will lose the boot
messages after the machine has been up for a while. If
you want to restrict dmesg output to user-mode or kernel-
mode messages, add an -u or -k option.
Note also that some pieces of information never make
it into this message buffer: Check files in /var/log as
well; your syslog service might log some information
to messages, syslog, or other files in that folder.
By Hans-Georg Eßer
Figure 19
101 LINUX HACKS – 2020 EDITION
 KEEP IT RUNNING

Where Did You Mount That Disk?

If you like to extend your computer’s life by adding hard
disks (instead of replacing the old ones), you can
quickly lose track of what partition holds what kind of
data. Some elementary tools help you get an overview.
lsblk (“list block devices”) shows all block devices.
The default view in lsblk includes
only the devices or partitions cur- Figure 20
rently in use (Figure 20). In the
right-hand column, you will find
the mount point (i.e., the position
at which the device is mounted in
the directory tree).
The output of lsblk has six col-
umns. Table 1 gives an overview
of the information you get from
this list.
Using the -a switch helps lsblk
reveal more devices by including
devices that are not currently in
use. For example, it will show a
series of loop devices (virtual
block devices that do not map to
a physical device, but use a file
for underlying storage) from /
dev/loop0 to /dev/loop7.
Filesystems
The -a switch tells you which partitions exist and under
which mount points they are mounted in the filesystem.
Table 1: lsblk
NAME Device name
MAJ:MIN Main and extension numbers of the device
RM 0 for fixed and 1 for removable devices
(like CD/DVD drives)
SIZE Storage capacity of the device in human-
readable form
TYPE Type of device (see Table 2)
MOUNTPOINT Directory in which the device is mounted
So far, however, you do not know
HACK 31
which options were set when mounting the
partition. The mount command shows these kinds of
details. Its output is quite extensive and often includes nu-
merous virtual devices managed by the kernel and sys-
tem programs. In many cases,
however, only the physical mass
storage devices and their
mounted partitions are of interest.
Since Linux partitions mostly
use one of the “extended” file-
systems (today, typically ext4) or
Btrfs, you could filter the output
of mount with grep accordingly.
However, this detour is not actu-
ally necessary. Mount offers a -t
(short for --type) switch that out-
puts filesystems of a certain type
or several types only. So, type
mount -t ext4,btrfs to restrict the
list to ext4 and Btrfs filesystems.
If you search for NTFS filesys-
tems, remember that those are
typically mounted via FUSE and
show up as fuseblk, not ntfs. If
you have installed a commercial NTFS driver, the file-
system type will be ufsd (universal file system driver).
mount provides so much information that clarity can suf-
fer. The output of findmnt from the same software package
offers a better structure. When called without further op-
tions, findmnt shows a tree view from which you can see
how the individual filesystems are mounted. The findmnt
command also identifies the origin and type of the file-
system and the options with which it was mounted.
findmnt also supports the -t option, with which you can
filter for ext4 filesystems, for example (Figure 21). Unlike
mount, findmnt isn’t limited to a single filesystem parame-
ter but lets you enter several if required.
By Frank Hofmann

Table 2: lsblk Device Types Figure 21

disk Hard disk

loop Loop device
lvm Logic Volume Manager (LVM)
partition
part Partition on a storage medium
rom CD/DVD drive

101 LINUX HACKS – 2020 EDITION 39

 When you expose your machines to the Internet, a
little paranoia makes sense. Hide your tracks in the
WWW, encrypt your files and mails, disable your
webcam and mic, and make sudo secure. And if you
sell your disk on ebay, wipe it – wipe it for real.

Image © lightwise, 123RF.com

HACK 32 HACK 37
Install and Run Tor Browser 41 Enhancing Security with sudo Options 44
HACK 33 HACK 38
Permanently Wipe Files from Your Hard Disk 41 Use Two-Factor Authentication with Authenticator 46
HACK 34 HACK 39
Disable Webcam and Microphone 42 Start Your Training with Web Security Dojo 46
HACK 35 HACK 40
Disable Password-Based SSH Logins 43 Lock Your Screen, Always 47
HACK 36 HACK 41
Encrypt Your Emails with GPG 43 Use ccrypt for Quick Encryption 47

40 101 LINUX HACKS – 2020 EDITION


H AC K
Install and Run Tor
Browser
32
Do you like how searching for a new TV online will fill web
pages with ads for just that product over the next few
months? If not, you may want to stop Google and other ad
sellers from tracking you. That’s not so simple: You need to
switch to a fresh IP address for every new website you visit,
block cookies, and more. Tor and Tor Browser combine all the
tricks currently available for secure and private web brows-
ing. The actual browser is a Firefox version that’s been pre-
configured to use the Tor network.
Install the torbrowser-launcher package (via apt install on
Debian/Ubuntu/Mint, dnf install on Fedora, and zypper in on
openSUSE) and then run the torbrowser-launcher command
from inside a terminal. If used for the first time, the tool will
download the latest version of the Tor-enabled Firefox for
your platform and language, check its signature, and then
launch it. If you already have a current version, it’ll just start
immediately.
In the window that appears after a few seconds, click on
Connect; then Firefox – branded as Tor Browser (Figure 1) –
will launch. Use the browser as usual, click on the onion
icon, and select New Identity to receive a fresh IP address.
Figure 1 also shows proof in the server logs of a visited site:
three accesses to a non-existent page registered with three
IP addresses.
By Hans-Georg Eßer
https://www.torproject.org/
Figure 1
101 LINUX HACKS – 2020 EDITION
SECURITY & PRIVACY
HACK
Permanently Wipe
33
Files from Your Hard Disk
When you delete a file in the file manager, it
does not exactly disappear. In most cases, it
falls into the recycle bin, from which it can be
quickly restored. But even if you empty the
trash, the supposedly deleted data can still be
reconstructed.
Linux supports two console tools, shred and
wipe, both of which securely delete files, direc-
tories, or entire partitions. In practice, how-
ever, you will rarely want to launch a terminal
to wipe a file off your hard disk. File managers
can be equipped with similar functions. For
example, Gnome Files (formerly Nautilus) has
Nautilus Wipe, an extension that lets you se-
curely delete files with a single mouse click.
(For KDE, the Secure delete service menu
adds the same functionality to Dolphin.) After
installing the package, restart the file man-
ager by running the nautilus -q command.
Two new options are then available in the
context menus of files and folders. The first
one (Secure Delete) overwrites the objects se-
lected in the file manager with random data.
The application lets you choose the number
of deletion passes (Figure 2). Two passes are
typically sufficient.
After that you should also use the second
option, Wipe available disk space, which over-
writes the space marked as free on the parti-
tion and ensures that backup copies and
shadow files of the previously edited docu-
ments are securely overwritten and thus per-
manently deleted.
If you use an SSD instead of a classical hard
disk, things are more complicated and wiping
will not protect you against an attack by a pro-
fessional forensic expert.
By Christoph Langner
http://wipetools.tuxfamily.org/
Figure 2
41
 SECURITY & PRIVACY
Disable Webcam and Microphone
A computer’s webcam and microphone are often
abused for attacks and privacy violations. Thanks to
modern web technology, such as HTML5 with WebRTC,
a browser is all it takes to transfer the image and sound
from your living room to the web. For example, video
chats with AppRTC can be handled directly in the
browser (Figure 3); a web page could also tap the web-
cam for other purposes.
Figure 3
Although a browser requires the user to confirm that
the website is allowed to enable the webcam and micro-
phone, errors (on the part of developers, as well as
users) occur time and time again. And with a locally in-
stalled application – installed voluntarily or by a trojan –
you might not even be prompted to confirm. Apart
from a small light in the bezel, there is usually nothing
to indicate that the device is recording. With some de-
vices, the program can even turn off the webcam LED.
With a classic desktop PC, you can usually simply un-
plug the camera and microphone to stop the possibility
of video spying. This solution is not available for porta-
ble systems with integrated input devices. Users with
laptops and smartphones therefore often apply stickers
to the webcam and the internal microphones.
Alternatively, you can disable the webcam in the sys-
tem settings so that programs can no longer call it. On
Linux, you have to disable the uvcvideo kernel module,
which is normally loaded automatically at boot time. In
principle, you can do this manually via
sudo modprobe -r uvcvideo
but very often, some program will have claimed the
module so that modprobe fails with a “module in use”
error message that forces you to go for the heavy artil-
lery and try:
sudo rmmod -f uvcvideo
42
Applications such as
Cheese will then no longer find a
webcam on the system. If necessary,
HACK 34
you can reload the module later (with sudo mod-
probe uvcvideo). You will need administrative privileges
on the system for all of these commands.
To prevent the Linux system from loading the kernel
module responsible for the webcam, add a blacklist
entry to a configuration file in the /etc/modprobe.d/ di-
rectory. On some distributions, you will find a file called
blacklist.conf in that folder; others may prefix the
name with a number (for example, 50-blacklist.conf on
openSUSE). If no such file exists, simply create it. The-
oretically, you are free to choose any name, such as
disable-webcam.conf, as long as it ends with .conf. Add
the following lines to that file:
# Webcam Disabled
blacklist uvcvideo
After a restart, the webcam should not work, which
you can test with Cheese or Skype. If you do want to
use the cam, load the kernel module manually (sudo
modprobe).
Cams with Microphone
Things are a little different with a microphone built into the
device. Theoretically, as with a webcam, you need to dis-
able the necessary kernel module, which you can deter-
mine quite easily by looking at a file in the /proc hierarchy:
$ cat /proc/asound/modules
0 snd_hda_intel
1 snd_usb_audio
2 snd_usb_audio
3 snd_usb_audio
However, switching off snd_hda_intel not only takes
down the microphone, but also the entire internal
sound card. In this case, therefore, you need to com-
promise between sound and perfect privacy. If neces-
sary, you could still connect a USB headset (even with
an integrated microphone) – those devices use the snd_
usb_audio kernel module.
You can also scan the BIOS or UEFI settings for an
option to disable the integrated devices. Working at the
BIOS or UEFI level gives you even more security: Theo-
retically, a blacklist created through the operating sys-
tem can be reversed by software running with adminis-
trative privileges.
By Christoph Langner
https://webrtc.org
https://github.com/webrtc/apprtc
101 LINUX HACKS – 2020 EDITION

Disable Password-Based SSH Logins
Do you run an SSH server that is accessible from the In-
ternet? That is extremely likely if you rent a root or vir-
tual server from some hosting company or if you have
configured your home Internet router to forward some
port to a local machine’s SSH port. In order to be safe
from dictionary-based brute-force attacks against your
SSH server, you should enable public-key-based access
and then disable logins that are based on username
and password entry.
Before you start, note that if you do this and then
later lose the key required for login, you will not be able
to login at all. So you need some way to reset the prop-
erties, for example via a management console that
your web hoster provides. (With your personal home
server, there’s no problem, because you can log in lo-
cally to fix things.)
On a client computer, create an SSH key pair with
ssh-keygen -t rsa and protect it with a passphrase. (You
can work without a passphrase but should only do that
when the client computer cannot be lost or stolen.) This
will generate a public key (id_rsa.pub) and a private key
(id_rsa) in your ~/.ssh directory.
Log into the server and make sure that key-based log-
ins are allowed: In /etc/ssh/sshd_config, the line Pubkey-
Encrypt Your Emails with GPG
GNU PrivacyGuard (GPG or GnuPG) is a cryptography
tool that lets you send and receive encrypted mail. It
also comes preinstalled with every Linux system – but
not preconfigured for email.
Sadly, there is no out-of-the-box tool that you can in-
stall and automatically have all your communication
secured. Sender and receiver have to use the same en-
cryption protocol, and in the case of GPG, some further
preparation (key exchange) is needed before they can
open an encrypted mail channel be-
tween the two. Figure 4
Using a keyserver (such as keyserver.
ubuntu.com or pgp.mit.edu), you can
search for public keys (Figure 4) and
import them into your GPG client. GPG
users often put a fingerprint in their
mail signature so that it’s easier to find
their key. Once you’ve imported a per-
son’s public key, you can use it to en-
crypt a message and send it. Only that
person can then decrypt the message,
because it requires possession of the
private key.
101 LINUX HACKS – 2020 EDITION
SECURITY & PRIVACY
HACK 35
Authentication yes must be enabled. Don’t confuse this
config file with ssh_config, which is for clients. Restart
the SSH server (for example, with service ssh restart).
Copy the public key into the server user’s .ssh/au-
thorized_keys file by running the ssh-copy-id TARGET
command. This will ask for your password one last
time. Check that you can then log into the server
without being asked for your password. Repeat this
step on all client computers from which you want to
log into the server.
Finally disable password-based login: Back in the
sshd_config file, search for the line PasswordAuthentica-
tion yes and change the “yes” to “no.” If the whole line
is disabled via a “#” symbol, remove that symbol. Then
restart the SSH server again.
Now logging in should only be possible from the
computers whose keys you copied to the server; on
every other machine a login attempt should be de-
nied with the error message “Permission denied
(publickey).”
By Hans-Georg Eßer
HACK 36
As a starting point, read an older GPG article in Linux
Magazine (issue 90, May 2008) that describes how to
configure Enigmail, the GPG add-on for Thunderbird.
Other mail clients can work with GPG, too: KDE’s KMail
has built-in GPG support.
By Hans-Georg Eßer
https://www.gnupg.org/
http://www.linux-magazine.com/Issues/2008/90/Enigmail
43
 SECURITY & PRIVACY

Enhancing Security with sudo Options

The sudo command has been around since the 1980s, but
it has gained popularity in recent years as the default tool
Starting visudo opens a com-
HACK
mand-line text editor. Usually, this edi-
37
for running commands as root in Ubuntu. However, tor is Vim, but you can also set another editor.
there’s far more to sudo than Ubuntu’s policy. In fact, sudo‘s For instance, if you want visudo to open nano instead,
man page is over 2,400 lines long, covering a staggering you can change the environmental variable with the
number of situations – some of which, like many powerful command:
Linux commands, can get you in a lot of trouble if you are
careless. sudo also offers options that can greatly enhance export VISUAL=nano; visudo
security, especially if you take the time to be creative.
Why would you want to enhance your security? The The sudoers file itself is divided into three sections. The
answer is that, from a security viewpoint, Ubuntu’s use first section is the default behaviors. It lists one option
of sudo can be viewed as a problem (although opinions per line. For example, if you want to use the insults op-
do differ). As you may know, when sudo is configured tion – a genuine option, which insults users who make
the way it is in Ubuntu, you can use the password for mistakes trying to log in to sudo – the entry is:
your everyday account to log in to sudo and run root
commands. The trouble is that any password for an ev- Defaults insult
eryday account is exposed in a way that the root ac-
count is not, especially on the Internet. That means that Default settings can be overridden by specific users’ or
if the everyday account is compromised, the intruder groups’ settings. However, above the specific settings
gains root access, too, if sudo is set up on the system. is a section that defines aliases for hosts (hostnames, IP
The traditional separate root password is more secure, addresses, network numbers, or netgroups), for users
although less convenient. Fortunately, though, you can (account names, UIDs, groups, or netgroups), for users
manage both convenience and security by taking the to run as (account names, UIDs, groups, or netgroups),
time to learn the details of sudo. and for commands (usually with full path names). All
aliases consist of uppercase characters or underscores.
Editing sudoers These aliases exist to make defining specific settings
sudo has a unique configuration system. You can con- less cumbersome. For example, if you want user ac-
figure the behavior of the sudo command using the su- counts bab, plw, and vaf to all have the same privileges,
doers file in the /etc directory (Figure 5). sudoers lists you could create the alias
default behaviors and the privileges granted to individ-
ual users. As the top of the sudoers file warns, it should User_Alias ADMIN = bab,plw,vaf
only be edited using the visudo command. visudo is de-
signed to prevent you from editing sudoers in a way With this user alias defined, you can simply define privi-
that would cripple or disable sudo by doing all editing leges for ADMIN, instead of for bab, plw, and vaf separately.
in a temporary file and replacing the original file only In the same way, you create an alias for a list of network
when all editing is done.
Should you make an Figure 5
error while editing sudo-
ers, as you try to save,
visudo will give you the
option to reopen its tem-
porary copy of sudoers to
correct the errors (e) or
discard your edits (X) –
choices that you obvi-
ously should not ignore.
Depending on the distri-
bution, visudo may or
may not display these
choices, but they will be
available whether dis-
played or not.

44 101 LINUX HACKS – 2020 EDITION


terminals from which a sudo user can log in or a set of
commands that a group can or cannot use. Although
aliases can take time to set up, they make creating a new
set of privileges or editing an old set much easier.
In the third section, individual privileges are defined
one per line, using this structure:
[USER or ALIAS] [TERMINALS]=[USER RUN AS] U
[OPTIONS:] [PERMISSIONS]
Permissions are generally those that a user or alias can
use, but adding an exclamation mark (!) in front of
them turns the list into those that cannot be used.
For instance, the basic entry for the root user with all
privileges is:
root ALL=(ALL) ALL
Individual terminals or commands can be entered in-
stead of ALL. USER RUN AS and OPTIONS are optional, so that
the line
bab ALL= (ROOT) passwd, chown, chgrp, chmod
is enough to give user bab the ability to change pass-
words and permissions from all terminals on the sys-
tem, while running as root. More simply still, defining
an alias called ATTRIBUTES that included all four com-
mands would reduce the line to:
bb ALL=(ROOT) PERMISSIONS
Remember, though, that specific permissions override
those set as defaults.
Defaults, Privileges, and Options
Defaults and privileges are defined using the options
listed in the sudoers man page. The available options
range from requiring no login whatsoever to specific
settings for greater security.
Many security options affect how to log in to sudo. For
example, password_tries=NUMBER sets how many times a
user can try to log in before being denied. It is accom-
panied by passwd_timeout= MINUTES, which sets how long
sudo runs before logging out a user – an especially use-
ful feature when using root privileges, since basic secu-
rity decrees that the root account should be used for as
short a time as possible. With passwd_timeout, you no
long have to rely on your own memory to close root as
soon as possible. Less drastically, timestamp_
timeout=MINUTES sets the time before sudo prompts for
another login.
Other options set which password sudo requires from
you. The option runaspw requires the current account’s
101 LINUX HACKS – 2020 EDITION
SECURITY & PRIVACY
password,
just as in
Ubuntu. How-
ever, you can do
better than that simply by specifying
rootpw, which requires the root password.
Subtler still, targetpw USER can require another account’s
password, so that you set up a user with root privileges
that is used only with sudo. With targetpw, an intruder
will need to be able to read the list of users in order to
find the password for sudo.
Still another basic piece of security is noexec. noexec is
designed to limit the running of applications from
which other commands can be run. Without noexec, the
running of one application could easily give intruders
access to other applications in the system.
However, individual privileges are where ingenuity
reigns. With a little planning, you could set up separate
accounts with limited root privileges. For example, one
account could only be permitted to run tools for install-
ing package managers, such as Debian’s apt-get, apt,
and dpkg, while another would be limited to running
commands for changing file attributes. With such an
arrangement, Linux can be made to mimic other so-
phisticated Unix descendants. While each limited ac-
count can do specific functions, an intruder who gains
access to one account via sudo would not have com-
plete control over the system.
Getting More from sudo
sudo is a sophisticated command. However, as you can
see, it is also a seriously underused one. Even if you
have no interest in such options as setting the com-
mand prompt, there are still a number of options that
can make switching into sudo to temporarily gain root
privileges safer – and all without sacrificing any conve-
nience once everything is configured.
It is easy to think of sudo as a magical word that some
distributions require at the front of administrative com-
mands. And for many people, that may be enough. But
sudo can also be much more. You might even investi-
gate sudo plugins like Privilege Manager for Sudo,
which allows you to set policies for sudo graphically, or
sudo_pair, which requires an admin to approve any use
of sudo. But, one way or the other, if you are concerned
about security, you owe yourself the time to learn what
else sudo can do.
By Bruce Byfield
https://www.sudo.ws/
https://www.oneidentity.com/products/privilege-manager-
for-sudo/
https://github.com/square/sudo_pair/tree/master/sudo_pair
45
 SECURITY & PRIVACY
HACK
Use Two-Factor
Authentication 38
with Authenticator
Many of us now use two-factor authentication
(2FA) when connecting to vital online services
such as Google Mail and GitHub. 2FA adds a
second factor alongside your password, with
the most common second factor being a time-
limited, one-time pin generated by an app on
your smartphone.
But using a smartphone app isn’t always
ideal. This is where Authenticator helps. It is a
GTK3+ application that fits perfectly into a
Gnome or Cinnamon desktop (Figure 6). It has
both a light and a dark theme and looks lovely,
oriented in a portrait style much like the app. Its
best feature is that when you press the Add but-
ton to add a credential, almost every service
you can imagine that supports 2FA is listed,
rather than leaving you randomly entering en-
cryption keys in the hope it works. With that
done and with the necessary keys exchanged
with the online service, you can then use Au-
thenticator just like the app – selecting the pre-
configured service to get a time-limited code
and entering this into your login prompt.
Having this facility on the machine where
you’re likely to use the codes is very convenient.
However, it does add a security risk, as anyone
with access to your machine will be able to con-
nect to your services (if they know the other fac-
tor – the password), so be careful!
By Graham Morrison
https://github.com/bilelmoussaoui/Authenticator/
Figure 6
46
Start Your Training
with Web Security Dojo
HACK 39
Protecting your own websites from attack either costs a
lot of money or requires a lot of expertise. A specialized
Linux environment called Web Security Dojo offers an easy
way for everyday users and beginning professionals to
learn about web security. Dojo is designed to provide prac-
tical, hands-on exercises on web security and intrusion
techniques. On SourceForge, you can find a virtual ma-
chine (VM) image of around 2.7GB in OVA format that
works with both VirtualBox and VMware; it is based on
Ubuntu 16.04 LTS with an Xfce desktop.
When you launch a browser in the VM, you learn about
the software you’re going to attack: Damn Vulnerable Web
Application (DVWA). From a menu, you can pick various at-
tack technique options, such as Cross Site Scripting (XSS),
SQL Injection, CSRF, or Brute Force (Figure 7). For the vari-
ous scenarios, you will receive background information in
the form of links to related websites and wikis.
Web Security Dojo provides an excellent training oppor-
tunity for budding security professionals who want to be-
come familiar with the basic mechanisms for protecting
web applications. The OVA image is easy to install, and
the Xfce desktop is easy to configure. The developers
have carefully adapted the tools and test environments for
their intended use, so you can get started with the practi-
cal exercises right away.
By Erik Bärwaldt
https://www.mavensecurity.com/resources/web-security-dojo
https://sourceforge.net/projects/websecuritydojo/
Figure 7
101 LINUX HACKS – 2020 EDITION

Lock Your Screen, Always
There are obvious situations when you should lock
your screen, like when you work in an open-plan office,
you have opened four terminal windows with remote
root shells on various machines, and you’re just about
to leave for an extended lunch break – you don’t want
the computer to stay accessible.
During my time as a postgrad, it was a running joke
that co-workers would enter each other’s offices, search
Figure 8
Use ccrypt for Quick Encryption
There are many ways you could encrypt a file before
sending it as an email attachment or uploading it to
some cloud storage service, and most of them will
need some amount of preparation or contain needless
steps. For example, sending the attachment in a GPG-
encrypted email requires you and the recipient to have
GPG installed and configured, and you need the other
party’s public key. Putting the file in a password-pro-
tected ZIP archive is an option, but why create an ar-
chive when you have just one file to send?
Figure 9
101 LINUX HACKS – 2020 EDITION
SECURITY & PRIVACY
HACK 40
for unlocked computers, and open a website like lock-
yourscreen.com (Figure 8). Of course, that’s better than
quickly installing a backdoor SSH server.
But even in less dangerous situations, it makes sense
to lock the machine; if you’re at home and have a cat
who likes to walk across the keyboard, it may provide
just the right input for the vi editor to do bad things to
your configuration file. (However, it is unlikely that the
cat will enter :w and save her changes.)
Every desktop has some menu entry for locking the
screen, but it’s faster to just press some keys. In addi-
tion to Linux, I’ve also looked up the hotkeys for two
non-Linux operating systems, because this is important
on every computer:
• Gnome: Win+L
• KDE, Cinnamon, and Xfce: Ctrl+Alt+L
• macOS: Ctrl+Command+Q
• Windows: Win+L
Of course, the Linux desktops will let you change those
hotkeys to something else.
By Hans-Georg Eßer
https://lockyourscreen.com/
H AC K
The command-line tool ccrypt
provides a quick solution. It is avail-
41
able from most distributions’ repos, so apt install, zyp-
per in, or dnf install the package on your machine.
For encrypting a single file, type ccrypt filename. The
tool will ask for an encryption key twice (because it
does not echo the characters you type), and that’s it.
Look into the directory, and you find that filename is
gone and a new file filename.cpt has taken its place.
The program has actually overwritten the data blocks
of the original file.
If you’ve chosen a good password (something that
won’t easily be found in a dictionary attack), you can
now transfer the file over insecure channels. The re-
cipient runs the ccdecrypt command on the file and
enters the password – after that the original file is re-
stored (Figure 9). For even better security, drop the
.cpt extension before sending the file making it
harder to guess what kind of encryption algorithm
was used.
By Hans-Georg Eßer
http://ccrypt.sourceforge.net/
47
 Networking
Hopefully, your network is doing fine, both Ethernet and WLAN.
If not, look at our hacks that help with network configuration
and analysis. We also talk about clever tools like NitroShare
and Magic Wormhole that let you do hassle-free file transfers.

Image © lightwise, 123RF.com

HACK 42 HACK 48
Monitor Your Network with Nutty 49 Run a Simple HTTP Server: weborf 53
HACK 43 HACK 49
DIY Network Configuration 49 Use screen in SSH Sessions 53
HACK 44 HACK 50
Share Files on the Local Network 50 Access a Remote PC’s Shell Session 54
HACK 45 HACK 51
Dig a Tunnel with sshuttle 51 Slow sudo? Check Your Hostname 56
Configuration
HACK 46
Send Files Without Knowing the Target’s IP 51 HACK 52
Use Network Manager’s CLI 56
HACK 47
Check Your DNS Server with DNSDiag 52

48 101 LINUX HACKS – 2020 EDITION


H AC K
42 Monitor Your Network with Nutty
Network monitoring isn’t easy for everyday
users. If you’ve ever taken a look at the packets
captured by Wireshark, they’re incredibly complex and
difficult to understand. And so too are the associated
command-line tools. It’s easier for distros to keep users
at arm’s length, letting them worry about wireless net-
work strength and streaming quality rather than present-
ing users with a stream of data that’s difficult to inter-
pret. But much like with a task manager or memory
monitor, there are many good reasons for ordinary users
to be better informed about their network consumption.
We just need a decent application to turn that burden of
knowledge into something easy to use, yet powerful.
Figure 1
DIY Network
Configuration HACK 43
Just because you can have your IP address assigned
automatically doesn’t mean it’s required. Good old
static network configuration still works in 2019.
Linux provides several approaches to manual net-
work configuration. The traditional one is via ifconfig
and route, but modern distributions don’t automatically
install these tools anymore. Today’s alternative is using
the single ip tool, which is more versatile.
The roadmap is as follows. You bring the device on-
line, assign it an IP address, then add some routes (at
least, the default one), and configure DNS. Imagine you
want to configure the network on the eth0 device. Then
start with the following (as root):
# ip link set up dev eth0
This brings the device “up,” that is, to the active state.
Now, assign it an IPv4 address with:
# ip addr add 192.168.1.5/24 dev eth0
It is up to you to ensure that the IP address you’ve cho-
sen doesn’t conflict with anything else on your net-
work. You may also notice that I used a CIDR notation,
addr/mask: It allows you to assign both the IP address
and the netmask in a single command. mask is the num-
ber of bits set in the network mask, so /24 is equivalent
to 255.255.255.0 in ifconfig‘s parlance.
The next step is adding the default route:
101 LINUX HACKS – 2020 EDITION
NETWORKING
Nutty isn’t quite that application, but it gets close. It’s a
network monitoring tool that will attach itself to one of
your interfaces, such as your wireless connection, and
then perform a series of monitoring processes or tests.
The main view is a tabbed interface with the first pane
showing general details about your hardware, such as
your hostname, network driver, IP address, and firm-
ware. The second tab, Usage, attempts to detect which
processes are using your bandwidth. This can be very
revealing, especially if you’ve forgotten about that Next-
cloud daemon quietly syncing your files to the cloud in
the background. The third tab uses speedtest-cli to test
the speed of your connection, while the fourth lists all
your local ports being used on the network and the pro-
cesses attached to those ports (Figure 1). This is likely
the most useful if you want to see which processes are
accessing your network. The final tab will perform a net-
work scan, much like netstat -sP on the command line.
And that’s really what this great little tool is all about, en-
capsulating some of the most useful output from dispa-
rate and sometimes difficult to use command-line tools
to help you monitor your network.
By Graham Morrison
https://github.com/babluboy/nutty
# ip route add default via 192.168.1.1
You need to substitute 192.168.1.1 with your gateway ad-
dress, which needs to be on the same subnet as you are.
Your final step is to tell Linux the DNS server to use:
# echo 'nameserver 8.8.8.8' > /etc/resolv.conf
This will set up a Google DNS server. Replace that with
your true local DNS server if you know its address.
Things are trickier if your system uses resolvconf or a
similar management framework. In that case, refer to
the man pages.
If you don’t want to configure the network card but
only look up the current settings, use the show options
to get the output in Figure 2.
By Valentine Sinitsyn
https://en.wikipedia.org/wiki/Resolvconf
Figure 2
49
 NETWORKING
Share Files on the Local Network
There are many tools for exchanging data on heteroge-
neous local networks. NitroShare promises to make
this task as easy as possible. In addition to Linux, Nitro-
Share also supports macOS, Windows, and Android
(see the “Installation” box).
After installation and an initial start via its menu entry,
the program shows up in the system tray (Figure 3).
From there, it offers the exchange of files and directories
with computers on the LAN on which the software is
also installed. NitroShare automatically detects the cor-
responding devices and offers them as transfer targets.
The software is ready for use immediately after installa-
tion; no further configuration is required. In the Settings
menu, you have the option of configuring a number of
settings depending on your distribution and desktop (Fig-
ure 4). Checking Auto start after login causes the program
to launch when you log
Figure 3
in. Automatic detection of
other devices can take up
to five minutes the first
time. At the end of this
phase, the tool displays a
message with the results.
In the Settings dialog,
you can also specify a
name other than the
hostname for each de-
vice and a default folder
Installation
I tested the tool with a network of computers running
Debian Sid, Windows 10, Ubuntu, Ubuntu MATE, Fe-
dora, and the Android app. Users with Debian Sid,
Ubuntu, Fedora, Gentoo, and openSUSE will find the
software in their respective repositories; for Arch Linux
users, check out the AUR user archive. If necessary,
compile the program for other distributions from the
source code.
Packages for Nautilus (Gnome), Nemo (Cinnamon), and
Caja (MATE) are available for integration in file manag-
ers. Although NitroShare is based on the Qt5 frame-
work, not all distributions have appropriate extensions.
Packages for integration into Dolphin and Konqueror
were only available for openSUSE as dolphin-plu-
gin-nitroshare and for Fedora as nitroshare-kservice.
Fedora also offers a plugin for use in the terminal.
The installation on Debian and Fedora is quickly done
by installing the nitroshare package via APT or DNF.
Ubuntu and Mint users can add a special repository – in-
structions and the URL for the Personal Package Archive
(PPA) can be found on the project website.
The package itself is only 150KB with just one depen-
dency on a small 40KB Qt web server. If you do not want
to use the PPA in Ubuntu, use the same command as in
Debian. For Windows, executables for 32- and 64-bit
systems are available on the website, and a DMG pack-
age is available for macOS.
50
HACK
for downloads in the General tab. Under Advanced,
44
you can change the port, buffer, time out, and interval,
if necessary.
Encryption Is Possible
Although not normally necessary on your own net-
work, the software also offers the possibility to encrypt
transfers via Transport Layer Security (TLS) in the Secu-
rity tab. A description of the required configuration can
be found on the NitroShare wiki.
The menu also offers the Send Files and Send Direc-
tory options, which allow you to select files or directories
and then specify the desired transfer destination. During
data transfer, the software displays its history. You can
close this dialog without affecting the transfer. After the
transfer has completed, you see a message to this effect.
NitroShare does not limit the size of the data sent and
can thus theoretically achieve high speeds on networks
designed for this purpose. Behind the scenes, the pro-
gram uses IPv4 broadcasts to send User Datagram Pro-
tocol (UDP) packets to other devices on the LAN. These
contain information that allows other devices to initiate
transmissions without having to worry about broadcast
addresses and the like.
Conclusions
Despite a few problems that occurred on some of our test
machines, NitroShare does what it promises: After the in-
stall, you can get started immediately without having to
configure any settings. Transfers take place quickly.
Android devices are limited to the sender role; the
software does not offer mobile devices as targets on
other clients. To do this, some Android apps offer the
option of sending files directly via NitroShare. During
the test, I found corresponding entries in Google Docs,
Gallery, and Photos, but there may be more of them.
Nevertheless, as far as Android is concerned, KDE Con-
nect – which is even available on GTK desktops – seems
to be the more mature solution.
By Ferdinand Thommes
https://nitroshare.net
https://github.com/nitroshare/nitroshare-desktop/wiki/TLS
https://community.kde.org/KDEConnect
Figure 4
101 LINUX HACKS – 2020 EDITION
 Dig a Tunnel with sshuttle
HACK 45
In untrustworthy networks, I let OpenVPN tunnel my lap-
top. There are certainly alternatives, and I would like to
present a particularly simple one: sshuttle. As the name
suggests, the tool relies on SSH. The tunnel’s endpoint is
a leased root server, just like with OpenVPN. Sshuttle is
very frugal. It only needs SSH access with user privileges
on the server; root privileges are not necessary. Addition-
ally, Python must be installed on the server – that’s it.
This is because sshuttle loads and executes the re-
quired Python code on the server after the SSH connec-
tion is established. It also avoids version conflicts be-
tween server and client software. The following com-
mand is all it takes to set up the tunnel:
sudo sshuttle -r <User>@<Server>:<Port> 0/0
You can leave out the port number if it is the SSH stan-
dard port 22. The 0/0 means that Linux should direct all
connections into the tunnel. However, this means that I
cannot reach other devices in the local network. To
Figure 5
Send Files Without Knowing the Target’s IP
Magic Wormhole really is one of those tools that, once
you’ve used it, you’ll wonder how on earth you man-
aged to get by without it. This is because Magic Worm-
hole solves one of those ancient problems that have
been around on Linux since we first started to connect
computers together with null modem connectors and a
couple of lengths of wire. Back in those olden days, you
might have used ZMODEM to transfer a file across the
serial connection. If you then upgraded to a connection
capable of TCP/IP, you could use FTP to transfer files
and then came HTTP. In the modern age, scp is often the
best choice if you’re accessing an SSH server and want
to securely transfer files, or rsync if you want to copy
folders or perform incremental backups. But all of these
solutions suffered and suffer from the same problem:
The remote machine needs to be running a server of
some kind, and you need to know the remote address
of the machine you want to access.
This is why Magic Wormhole is so brilliant. If you want
to send a file, simply type wormhole send followed by the
file name (Figure 6). In the output, you’ll see a secret
phrase that you’ll need to share with whomever you want
to receive the file. The phrase is constructed from a few
words, so it’s easy to say or copy without mistakes. Your
101 LINUX HACKS – 2020 EDITION
NETWORKING
keep the local LAN still visible, I define it as an excep-
tion using the -x parameter:
sudo sshuttle -r --dns <User>@<Server> 0/0 -x 192.168.2.0/24
--dns is included here. This means that DNS queries also
run through the tunnel, which does not happen auto-
matically. This is sshuttle’s Achilles heel: It only trans-
ports TCP; ICMP and UDP do not pass through the tun-
nel, apart from DNS.
Congestion Alert
Whereas other VPN technologies work at packet level
and rely on TUN/TAP devices, sshuttle works at session
level. It assembles the TCP stream locally, multiplexes
it over the SSH connection, while keeping the status,
and splits it into packets again on the destination side.
This avoids the TCP-over-TCP problem that plagues
other tools such as OpenVPN: TCP has an overload
control (congestion control). The protocol defines a
performance limit on the basis of dropped packets. If
you tunnel TCP over TCP, you lose congestion control
for the inner connection, which can lead to bizarre error
patterns. Sshuttle is immune to the problem.
Verbose parameters can help if you do need to trouble-
shoot. Figure 5 shows a connection setup with -v. With the
verbose option, sshuttle is very long-winded, so I recom-
mend redirecting the output to a file that can be evaluated
in peace. My conclusions: Sshuttle is an excellent and sim-
ple VPN for people who can do without UDP and ICMP.
By Charly Kühnast
https://github.com/apenwarr/sshuttle
H AC K
recipient then simply types wormhole
46
receive followed by the same phrase, and
the transfer will start immediately downloading the file
from one machine to the other, no server required. It’s
perfect for transferring between virtual machines or
people sitting next to each other, when every other solu-
tion requires more than a set of Python scripts.
By Graham Morrison
https://github.com/warner/magic-wormhole
Figure 6
51
 NETWORKING
Check Your DNS Server with DNSDiag
If some transactions take an inexplicably long time, you
don’t have to blame yourself for the delayed transmis-
sion of user data – name resolution issues might be to
blame. Three tools help in studying the DNS server:
dnsping, dnstraceroute, and dnseval.
The tool collection for name resolution is entitled
DNSDiag. You need Python 3 and pip3 to install and run
the trio and sudo to let it create ICMP sockets.
dnsping lives up to its name, repeatedly querying a
DNS server and displaying the response times. The host-
name to be resolved is a mandatory parameter. dnsping
prompts you for the system’s default name server, which
can be changed using -s <nameserver>. After typing
sudo dnsping.py -v -s 8.8.8.8 linux-magazine.com
I queried a public DNS server from Google. Its re-
sponses took 20 milliseconds to reach me, four times
more than my provider’s DNS.
dnseval queries several servers in parallel. As a com-
petition judge, it presents the results so that you can
immediately see which server responds fastest or
slowest. I redirected the list of servers to be checked
into a text file, with one server in each line. Lists of
public DNS servers are easy to find; I took the first five
servers from the list in an article on lifewire.com. The
call looks like this:
sudo dnseval.py -f ./liste.txt -c 5 linux-magazine.com
Figure 7
Figure 8
52
HACK 47
The result from running it shows a remarkable dis-
crepancy between minimum and maximum response
times (Figure 7).
Highwayman?
dnstraceroute determines the path my DNS query takes
to reach the target. By comparing this with a classic
ICMP traceroute, I can identify an attacker trying to kid-
nap my DNS queries. My test call is:
sudo dnstraceroute.py --expert --asn -C -s 8.8.4.4 U
linux-magazine.com
The result is shown in Figure 8. The --expert parameter
provides tips if something seems to be suspicious in
the output – for example, if the target server is only a
hop away from a private IP address (RFC 1918). False
alarms also occur if you are not working on a cloud
server, but locally, and a DNS cache such as Dnsmasq
is running on the router.
For each hop, the --asn parameter shows you the au-
tonomous system providing the network for the ad-
dress. I can thus quickly see where the process crosses
my provider’s boundaries.
By Charly Kühnast
https://dnsdiag.org
https://www.lifewire.com/free-and-public-dns-servers-2626062
http://www.thekelleys.org.uk/dnsmasq/doc.html
101 LINUX HACKS – 2020 EDITION
 NETWORKING

HACK 48
Run a Simple HTTP Server: weborf mously, even adding the ability to do NAT traversal to
share files outside of the local network and sending di-
The wormhole tool mentioned in hack 46 is perfect for rectories as .tar.gz files.
one-off transfers, but it’s not all that great if you want to
share more than a single file or leave the tunnel open By Graham Morrison
so that you don’t have to keep renegotiating keywords. https://github.com/ltworf/weborf
There are of course lots of ways this can be done, but
weborf attempts the task while remaining almost as sim- Figure 9
ple to use as wormhole.
weborf (Figure 9) sets up a simple HTTP server, just
like running Apache in the olden days to share the con-
tents of /home. This makes it supremely flexible, not just
from a web browser, but from almost anything with ac-
cess to the network using WebDAV, with caching, even
from virtual hosts or running CGI scripts. You simply
run the server command with an argument for the port
to use and a folder to share, and all the client has to do
is access your IP address with the correct port. It can be
run in the background as a daemon, use certificates,
handle authentication with your own tools, and listen
only for connections from specific IP addresses. If the
command line offers too many options, a convenient
Qt-based GUI can be run to handle all this semiautono-

H AC K Use screen in SSH Sessions

49 Imagine that you work on a remote machine via
SSH and launch a command that will take some
Maybe you’re not sure whether there is already a screen
session: The tool offers a -ls option for that situation:
time to complete (such as a build process). If the computer
esser@hp-z420:~$ screen -ls
you’re working on goes to sleep or temporarily loses its
There is a screen on:
network connection, the SSH connection will die. The re-
16712.pts-6.hp-z420 (05/06/2019 11:24:49 AM) (Detached)
mote machine will notice and terminate all processes
1 Socket in /run/screen/S-esser.
started in that login session, so your build process is gone.
There are several things you can do to avoid such a You can even automate the procedure of logging into
scenario. An old trick is to prepare for network outages the remote machine and checking for screen sessions.
and connection loss by explicitly running processes in Create a file ~/.bash_login (if you don’t have one al-
the background and using the nohup command so that ready), and add the following line to it:
they will ignore the hangup signals that are sent after
screen -ls > /dev/null && screen -ls
connection loss. For the build process, that might be
That way, when you log in and there is a detached
nohup make &
screen session, you will be notified about it (Figure 10).
instead of a simple make command. A side effect is that (Bash only executes ~/.bash_login in login shells.)
all output will be written to a nohup.out file in the current If you want do manually detach from a running ses-
directory. sion, press Ctrl+A, D. There are many more interesting
My preferred solution does not require nohup or simi- things you can do with screen – check the man page and
lar tricks. Instead, I use screen in remote sessions. (If try a few of them.
your machines don’t have it installed, the package is By Hans-Georg Eßer
typically called screen, too.)
Figure 10
When screen starts, it displays a longish message about
copyrights and licenses; press Return to get rid of it. You
can then continue to use the shell as usual. If you lose the
connection, simply reconnect to the remote machine and
run screen -r to reattach to the existing session.

101 LINUX HACKS – 2020 EDITION 53

 NETWORKING
Access a Remote PC’s Shell Session
Your parents or friends have replaced an unmanage-
able Windows installation with an easy-to-use Linux
variant, and they have designated you as their remote
admin. To access the system from afar, you resort to a
GUI-based tool such as TeamViewer or AnyDesk. All is
well until the GUI for the computer you need to access
breaks. Suddenly, your GUI-based remote access tool
won’t work anymore, because you don’t have access to
an X server.
Tmate, which stands for “team mate,” offers a con-
venient solution for remote access in situations when
you can’t depend on the graphical tools. This fork of
the popular tmux terminal multiplexer has signifi-
cantly more functions than the original. Tmux is func-
tionally similar to screen (see hack 49) in some ways.
You can use tmate to create and manage remote vir-
tual sessions within a terminal.
Self Hosted
Tmate is not only suitable for external help, but also
lets developers collaborate on software. Technically,
the tool uses SSH to establish a secure connection to
the tmate.io server, which is under the control of the
tmate developers.
Alternatively, you can run tmate on your own server.
The resource requirements are kept within such narrow
limits that a recent Raspberry Pi or a similarly equipped
single-board computer is sufficient. The machine only
generates an SSH ID and some URLs for different types
of sessions – SSH or web sessions in read-only mode
or with full access.
Installing tmate is easy, because the program is avail-
able from the package sources of all common distribu-
tions. For Arch Linux, use the AUR user archive; for
Debian, Fedora, and their derivatives including Ubuntu,
just install the tmate package with APT or DNF.
Figure 11
54
HACK 50
Creating Keys
After the installation, which occupies only a few kilo-
bytes on your disk, you need to create a key pair for SSH
(if it does not already exist). As shown in Figure 11, this
is done by typing:
ssh-keygen -t rsa -b 4096
Answer the individual prompts by pressing the Return
key. You can assign a password for the key, but in our
example this is not necessary for home use.
Tmate uses the RSA cryptographic procedure with
a secure key length of 4096 bits. By default, the keys
are located in the hidden .ssh/ directory in your
home directory; tmate will find them automatically
when you use the tool. You need to generate these
keys on each computer involved if a key pair does
not already exist there.
When you open a connection, the program creates a
150-bit session token. It then launches a tmux server in
a sandbox without a filesystem and user rights, but
with its own namespace to isolate the server from
other processes. To make this possible, the software
opens all the files it needs for running the tmux server
before they end up in the sandbox.
SSH ID or URL
After starting tmate as a user for the first time, a bar at
the bottom of the terminal window shows a random
SSH ID for establishing an SSH session in read/write
mode (Figure 12). It is best to copy this line to the clip-
board, because it disappears after a short time.
If you did not react fast enough, you can get the data
including the other IDs or URLs back on the screen with
the tmate show-messages command. This command is
also used for logging during a session (Figure 13).
Figure 12
101 LINUX HACKS – 2020 EDITION

Figure 13
While the SSH ID displayed at the start of tmate
creates a read-write session in a terminal, tmate
show-messages also shows an ID for a terminal session
that supports read-only access. In addition, the pro-
gram provides two URLs that support the same pro-
cedure in the browser.
Sending Keys
Now you only have to send the SSH ID or URL to the
other participants of the session. The best way to do
this is to use chat and mail or share via a service such
as Nextcloud. The final option you could consider is an
error-prone transmission by telephone.
The participants you invited and entrusted with an
ID or URL do not need to install tmate or tmux. You
don’t need to use the same distribution or even use
Linux: Any operating system is fine as long as it has
an SSH client (Figure 14). And even the SSH client re-
quirement can be lifted, because tmate also supports
web-based connections: Just create a URL https://
tmate.io/t/SESSION where SESSION is replaced with
the username part.
Figure 14
101 LINUX HACKS – 2020 EDITION
NETWORKING
The tmate software itself is only required on the ma-
chine where you want to start sharing a session – that
can run Linux, macOS, or one of the BSDs.
When the other party now enters the transmitted
SSH ID/URL, the terminal shows what the person
seeking help is seeing in the terminal themselves.
Commands and their results run back and forth be-
tween the computers in fractions of a second. In the
session with read and write access, all parties can
enter data themselves. In the restricted session, only
the host can write; the participants remain restricted
to reading.
If you no longer need the split terminal, it is advisable
to end the session by entering exit. If you just close the
terminal, the other side will still have access to the
computer – a potential security risk.
By Ferdinand Thommes
https://tmate.io
https://github.com/tmux/tmux/wiki
https://www.gnu.org/software/screen/
55
 NETWORKING
H AC K
51 Slow sudo? Check Your Hostname Configuration
While playing with a virtual machine, I
came across a strange problem: Each time I ran a
command via sudo, there was an artificial delay of
about two or three seconds. After some Internet
searches and a confirming look at the source code, I
found out that the sudo tool queries the hostname of
Figure 15
HACK 52 Use Network
Manager’s CLI
Network Manager, the configuration tool used by most
current distributions, comes with a command line pro-
gram called nmcli (which is short for the obvious: Net-
work Manager command line interface). It lets you
query some interesting data, including available WLAN
access points (Figure 16).
When you’re in a new place like a hotel and you’ve
received a paper slip with an SSID and password, you
can use nmcli to connect without going through a
graphical dialog. Just type
Figure 16
56
the machine on which it is running, and that operation
may cause a delay when you have mismatching infor-
mation in your network configuration files.
When you notice inexplicable delays, check the con-
tents of some of your configuration files – even if you
don’t think the problem is network-related:
• /etc/hosts should have an entry for your hostname –
either pointing to 127.0.0.1 (in that case it will be
placed on the same line as the localhost name) or on
a separate line with some other 127.* address.
• /etc/hostname should contain the hostname.
• Running the hostname command should also return
the hostname.
Figure 15 shows a situation (taken from a Linux Mint
18.3 desktop) in which settings are as expected: All
three use mint183cin. If you get different results (which
may happen after you have manually changed the
hostname instead of using your distribution’s “official”
configuration tool), fix the situation so that the new
hostname replaces the old one everywhere.
By Hans-Georg Eßer
nmcli dev wifi connect SSID password PASS
(with SSID and PASS replaced, of course). You need not
add sudo, because the tool connects to a daemon that has
the necessary privileges. Actually anyone who is logged
in to the machine can use nmcli or any other program that
talks to Network Manager – for some tasks it will explicitly
request root privileges or fail when run as a regular user.
There is a long list of sub-commands (such as dev and
connection) that you can use with nmcli. Check its man
page or the separate nmcli-examples(5) man page for
further useful examples.
By Hans-Georg Eßer
https://wiki.gnome.org/Projects/NetworkManager
101 LINUX HACKS – 2020 EDITION
 This is Linux, so you’ve expected us to talk
about the shell, haven’t you? There are so
many interesting things that you can do in a
terminal window that we
could have filled a whole HACK 53
issue. Replace some of the Configure Your Shell History 59
classic commands with HACK 54
enormously improved Progress Bars for Standard Tools 60
versions. HACK 55
Replace top with htop 60
HACK 56
Super-Fast Terminal Emulator 61
HACK 57
Universal Unpacker 61
HACK 58
Listing Files with Style 62
HACK 59
ASCII Browsing with Browsh 63
HACK 60
Command References at cheat.sh 64
HACK 61
Highlighting Instead of Grepping 65
HACK 62
Add File Type Icons to Your File Listing 66
HACK 63
Upterm, a Terminal with Built-In Shell 67
HACK 64
The fish Shell 67
HACK 65
Using a Sub-Shell 68
HACK 66
Start the Right App 68

Image © lightwise, 123RF.com

58 101 LINUX HACKS – 2020 EDITION


Configure Your Shell History
Most tasks are repetitive: You enter the same directory,
open the same file in your favorite editor, and query
your dynamic IP address once again. Typing the re-
quired commands again and again would be annoying,
but often you won’t have to do that: The shell remem-
bers your commands and stores them in its history –
both in memory and (when you exit the shell) in a file in
your home directory.
Accessing the history is as simple as pressing the up
arrow key: Each keystroke will travel back further in time
and show the last command, the second to last one, and
so on. When you have found the right command, either
press Return to run it again or edit it (like you would edit a
freshly entered command with a typo).
Walking through the history with the up arrow key
might take too long if the command you want is rather
old. You can skip the manual search if you know some
part of the command or its argument(s): Just press Ctrl+R
and type the letters you remember from your command.
If you cannot make your search expression longer and the
current match is not what you’re searching for, press
Ctrl+R again to let the shell find an older match – repeat
until you’ve found the right command.
Another way to search for and reuse an old command
is running the history command: This Bash built-in
shows the whole history and prefixes every entry with a
number (Figure 1). You can rerun a command from the
list by typing ! and the number, and you can add text be-
fore and after the !-number expression that lets you
modify the command. In the example in Figure 1, I’ve
built a pipeline out of history entry 73 (modinfo uio) and a
fresh head -2.
The Bash shell also provides a shortcut (!!) for the
last command – why would you need that when the up
arrow key will bring back the last command? One ex-
ample use is combining the last command with sudo so
that it runs with root privileges. In the following lines,
you can see a failed attempt to read the system logfile
and then a successful one via sudo !!.
Figure 1
101 LINUX HACKS – 2020 EDITION
SHELL HACKS
$ tail -1 /var/log/messages
HACK 53
tail: cannot open '/var/log/messages' for reading: U
Permission denied
$ sudo !!
sudo tail -1 /var/log/messages
2019-04-26T17:39:16.973359+02:00 suse151b sudo: U
pam_unix(sudo:session): U
session opened for user root by esser(uid=0)
How old can a command be and still show up in the his-
tory? That depends on how often you use the shell – and
on the HISTSIZE variable that is typically set to 1000:
$ echo $HISTSIZE
1000
By default, a shell process will remember the last 1,000
command lines. If you want to improve the shell’s
memory, just add an
export HISTSIZE=20000
line in your ~/.bashrc file (and replace 20000 with the
value you want).
When you increase HISTSIZE, you should also change
a second variable: HISTFILESIZE controls how many lines
the shell writes to the ~/.bash_history file when it termi-
nates – that is where the shell stores the history so that
it can read it back when you start the next shell session.
There are more variables that influence the shell his-
tory: For a full list, search for “hist” in the bash(1) man
page. One last variable that I’d like to mention is HISTTIME-
FORMAT, which normally is undeclared. If you set it to %F %T
(plus a trailing blank), history entries gain a timestamp:
$ HISTTIMEFORMAT="%F %T "; history | tail -5
974 2019-04-26 17:50:48 ps
975 2019-04-26 18:24:42 echo $HISTCMD
976 2019-04-26 18:26:00 history
977 2019-04-26 18:26:39 echo $HISTTIMEFORMAT
978 2019-04-26 18:32:09 HISTTIMEFORMAT="%F %T "; U
history | tail -10
The shell will also store those timestamps in the history
file (see Figure 2).
By Hans-Georg Eßer
Figure 2
59
 SHELL HACKS
Progress Bars for
Standard Tools
HACK
54
Almost since the beginning of Unix time, Unix com-
mand-line tools have done very little to show their
output. The bearded wisdom is that if you can’t see
any output from a command, then nothing has gone
wrong, and you can assume whatever task you
started has completed successfully. If you need error
and success states, look for exit values and act ac-
cordingly. This principle actually works very well,
and it would be lovely if it was adopted by modern
technology, such as REST websites and convergent
mobile apps. But it does leave you with some ambi-
guity over whether something is still running, and if
it is, how long until you can go to bed and turn off
your PC.
This is where progress can help. It works with
many of the GNU core utilities that most of us take
for granted. These core utilities include cp, mv, dd, tar,
gzip/gunzip, cat, and many more. You simply run
them alongside the progress command, either after
the watch command to present a general overview of
core utility commands or forked after the execution
of one specific command.
For example, you can monitor the progress of com-
pressing a tar archive with
gzip /root/usr.tar & progress -mp $!
and let progress display the gzip percentages as the
compressor completes its task (Figure 3). This is use-
ful if you’re working with slow USB storage devices
on the command line. The tool simply monitors /
proc/PID/fd and /proc/PID/fdinfo folders for processes
it watches: fdinfo shows the current read/write posi-
tion. It’s a simple solution, but it works well and can
be used in a huge variety of tasks, from monitoring a
file or web server to the download status of some-
thing you’ve clicked in Firefox.
By Graham Morrison
https://github.com/Xfennec/progress
Figure 3
60
Replace top with htop
There are few tools more effective
than the venerable top command for
HACK
process monitoring and control. This is because it
55
can be run from almost anywhere that has a Linux
command line and gives you an immediate and real-
time overview of what processes are running; how
much memory, swap, and CPU they’re consuming;
and the ability to kill a process by simply selecting it
and issuing a command. Except that top is perhaps a
little too venerable at times, with its minimalist and
austere user interface written for 1984-era Unix rather
than the cloud droplets of the 21st century. htop is a
drop-in replacement for this fabulous command.
htop adds lots of features lacking in the original,
and its developers occasionally release new versions
to make it adapt to new features of the various ker-
nels it supports: Besides Linux, htop runs on macOS,
FreeBSD, OpenBSD, and Solaris.
Launched just like top, and with shortcuts and argu-
ments that offer the same kind of functions, most
new users can simply continue with this new tool just
as they would with the old one. They’ll get a much
more reactive curses-based interface and overview of
what’s running (Figure 4). Unlike top, there’s a func-
tion key-driven menu system that can be used to
change the sort mode, kill processes, and get help.
There are lots of other shortcuts, too – such as press-
ing C to see threaded processes or S for integrated
strace. It’s quick, powerful, and takes very few re-
sources. If you haven’t already switched from top to
htop, now is the perfect time to do so.
By Graham Morrison
http://hisham.hm/htop
Figure 4
101 LINUX HACKS – 2020 EDITION

HACK 56
Super-Fast Terminal Emulator
We don’t often consider the speed of terminal emulators
like Konsole or xterm. The commands we run in them
are nearly always the culprits when it comes to clogging
up the system, but that doesn’t stop developers from try-
ing to create the fastest terminal in the land. This is what
Alacritty is – a terminal emulator that promises “blazing
fast” speed. It’s even brave enough to claim to be the
fastest terminal emulator available, and I certainly found
it faster than anything I had installed. But the clever part
Figure 5
Universal Unpacker
Linux users often have to deal with file archives in ZIP,
RAR, or compressed tarball (tar.gz, tar.bz2, tar.xz) for-
mat. The commands for unpacking these archives are
as different as the formats: unzip, unrar e, and tar xf.
Figure 6
101 LINUX HACKS – 2020 EDITION
SHELL HACKS
is that this speed comes from a part of your system
you’re unlikely to be fully utilizing while typing on the
command line, and that’s your GPU. Alacritty uses
OpenGL directly to harness the power of your graphics
hardware and is capable of rendering around 500 frames
per second with a high-resolution screen full of text, ac-
cording to the developer (Figure 5).
The motivation behind developing Alacritty is to give
terminal-intensive applications, like Vim or tmux, a much
needed performance boost, especially when running on
high-resolution, high-pixel density displays. It draws a
new frame whenever anything changes within the termi-
nal (and not when the terminal is sitting idle), and you no-
tice this whenever you deal with screenfuls of scrolling
text. What’s even more remarkable is that Alacritty is writ-
ten in Rust, a project under the auspices of Mozilla Re-
search. That a new and modern language can perform as
well as traditionally speedy but dangerous languages like
C or C++ is a sure sign of the future in terms of both code
security and validity. It also helps that the terminal looks
so good, thanks to the sub-pixel anti-aliasing, which is
presumably coming for free with OpenGL. If you use a
terminal all the time, as many of us are now doing, it’s
only when you use a super-fast terminal like Alacritty that
you realize you were using an old one.
By Graham Morrison
http://blog.jwilm.io/announcing-alacritty/
The tar command, in particular,
H AC K
regularly challenges users with its
cryptic syntax. Especially annoying
is an archive full of files that are not
57
stored in a separate subdirectory when unpacked but
instead clutter the current folder. Such shortcomings
are addressed by the dtrx unpacker – the abbreviation
stands for “do the right extraction.”
All the popular distributions have dtrx in their pack-
age sources; under Ubuntu, the installation includes a
number of tools for unpacking. On the other hand, with
Arch, you have to install the necessary tools yourself.
As a wrapper, dtrx is not able to unpack archives itself,
but it composes the required syntax for you. You only
have to remember dtrx file_name to unpack an archive.
Figure 6 shows dtrx in action: The badly built
bad-tarball.tar.xz tarball does not contain a base sub-
directory, so all the data will end up in the current
folder when unpacking with tar xf. Additionally, tar
adopts the file permissions without changes – in the
example, you are not allowed to edit the files without
first modifying the permissions using chmod or a file
manager. dtrx corrects all of this in one command.
By Christoph Langner
https://directory.fsf.org/wiki/Dtrx
61
 SHELL HACKS

Listing Files with Style Figure 7

HACK 58
The ls command, which lists the content of a directory,
is one of the most common Bash commands. If you’re
looking for more information, try extending the simple
ls command with ls -alh. The -alh options turn the
simple list into a complete overview, including file per-
missions, ownership, file size, and more. The com-
mand also outputs hidden files and directories.
The ls command also supports colors, but usually
only color highlighting for directories and links. The al-
ternative exa, which is written in Rust, offers signifi-
cantly more convenience. Only a few distributions
offer exa in their package sources: openSUSE does,
and you will also find exa in the Arch User Repository
(AUR). If your distro doesn’t provide a package, check
out the project homepage, where the developer pro-
vides a zipped binary for 64-bit systems, which you Figure 8
can simply copy as exa to /usr/local/bin/ or ~/bin/.
The output of the exa command roughly corresponds to
the output of ls, except that exa adds more colors to the
overview (see Figure 7). For example, it highlights ar-
chives in red, images in light purple, videos in dark pur-
ple, backup copies in gray, and directories in light blue.
exa gets even more interesting when you enable further
options (see Table 1). For example, with exa -bghHlS, exa
displays the file permissions, including file sizes, affilia-
tions, and the last modification data, in a neatly sorted list.
Other colors help you keep track of things such as
file permissions. If you decide on a version of the com-
mand you like best, create an alias for it with

alias ll='exa -bghHlS'

and place the alias in the ~/.bashrc file. The above alias exa‘s ability to display entire folder structures recursively
would let you call the command by simply typing ll. in a tree view is also practical. To display a tree, supple-
ment the call with exa --tree or exa -T.
Table 1: Important exa Options You can limit the tree depth with the
Switch Long Form Comment --level=<n> option, where <n> is the
Display Options number of levels you want to display.
-1 --oneline Shows each file and folder in a new line Alternatively, switch off the tree view
-l --long Displays metadata, such as file permissions
and let exa list just the subfolders with
and size the -R or --recurse switch. Again, you
-R --recurse Lists the contents of subdirectories recursively can restrict the depth with the --level
(depth option: --level=<level_number>) option (Figure 8).
-T --tree Displays a tree structure (depth option: The shortcuts for sorting the output
--level=<level_number>) also make everyday life in the shell
--color <when> Color output is never, always, or automatic easier. For example, to find the largest
--color-scale Highlights the display of the file size in color files in a folder quickly, call exa like this:
for large files
Filtering and Sorting Options exa -lr --sort=size
-a --all Shows hidden files and folders
The -r switch reverses the order of
-d --list-dirs Treats directories like files
the output so that the largest files
-r --reverse Reverses the sort order
are at the beginning of the list.
-s <option> --sort=<option> Sorts by name, size, created, newest, or oldest,
By Christoph Langner
among other options
--group-directories-first Lists directories before files
https://the.exa.website

62 101 LINUX HACKS – 2020 EDITION

 SHELL HACKS

ASCII Browsing with Browsh HACK

Despite the World Wide Web demanding more and with Firefox – a huge advan-
more of our systems, many of us just want a simple tage! The rendering is obvi-
browsing experience that neither detracts from the in- ously blocky and pixelated, but it’s also clear enough
formation we want nor diverts system resources. For to be navigable (Figure 9). Vitally, the text is still raw
this reason, a web browser running in a terminal win- text, which means that reading a page of content on
dow is very attractive. Ideally, it would focus on the text the terminal is often clearer than reading the same
and ignore both the images and wider site design, let- content on a design-heavy site.
ting you read and download only the parts that matter.
This would be brilliant if you’re also on a low-band- By Graham Morrison
width connection or connecting via SSH to a headless https://www.brow.sh
low-powered server such as a Raspberry
Pi. But the absolute minimalism of console Figure 9
browsers like Links, Lynx, ELinks, and
w3m is often too much for a modern site,
both in the way their limited rendering
makes a complex site difficult to navigate,
and in their compatibility with modern
web technologies like HTML5, CSS3, Ja-
vaScript, video, and even WebGL.
It’s these problems that Browsh at-
tempts to solve, albeit in an unconven-
tional way. The unconventional way is
that while it does run from the command
line, it still requires you to have Firefox
57 or later installed. This is because
Browsh uses Firefox to render the pages
you request before rendering them as
ASCII for use within your terminal. It
may sound like a cheat, but it works per-
fectly and means that Browsh is compat-
ible with every site that’s compatible
 SHELL HACKS

Command References at cheat.sh

I love using the command line. It’s where I spend
most of my time, and I’ll go out of my way to find a
command-line solution, even when there’s a poten-
tially easier-to-use desktop application that does
the same thing. But my memory is rubbish, and un-
less I use something every day, I soon forget com-
mands and shortcuts for doing things in the utili-
ties and languages I don’t use that often. What I
need is universal access to a cheat sheet system
that enables me to quickly see the most commonly
used command shortcuts and arguments for the
tools I want to use.
cheat.sh is that tool (Figure 10), developed to hit
seven noble targets:
1 It’s concise, only containing the details you want.
It’s fast, delivering results on the command line
2 almost instantly.
It’s comprehensive, with access to plenty of tools
3 and information.
It’s universal, avail- Figure 10
4 able everywhere.
It’s unobtrusive when
5 you’re working.
scriptions. You can even list the cheat
HACK
sheets that may be available for your favor-
60
ite programming language: Typing
curl cht.sh/cpp/:list
for instance, lists 30 documents on C++, from arrays
to logical and bitwise operators. If you don’t like this
remote curl approach, you can easily download a
local command-line client, cht.sh. You can then run
that client locally to access the same information,
and you can even integrate the search and results
into editors like Vim and Emacs, which is perfect for
people like me who can never even remember a sim-
ple for loop’s syntax or even have the Vim com-
mands from within Vim itself!
By Graham Morrison
https://github.com/chubin/cheat.sh

6 It helps you learn.

7 It is inconspicuous.
cheat.sh is a GitHub repos-
itory that delivers on all of
these promises by allow-
ing you to grab pre-pre-
pared text documents that
help you to work with the
tools you commonly use.
Type

curl https://cheat.sh/ssh

for example, and you’ll

see quick examples of the
SSH command complete
with single-sentence de-

64 101 LINUX HACKS – 2020 EDITION


Highlighting Instead of Grepping
HACK
61
The grep command can highlight the parts of output
lines that match your search expression. To make that
happen, you only need to provide the --color option. In
fact, some Linux distributions set up an alias
alias grep='grep --color=auto'
(and further ones to upgrade egrep and fgrep to colored
output, too). Seeing the search term emphasized in the
output is so useful that it started to bother me that the sim-
ple cat tool cannot highlight expressions. So I searched for
a tool that combines cat and grep --color: It should output
all lines but highlight a given keyword. Figure 11 shows a
terminal running dmesg -w continuously – and highlighting
all occurrences of usb or eth?, ignoring case.
Figure 11
Performing this task boils down to inspecting every
single line, attempting to grep the search term in it
(with coloring) – and, in case of failure, echoing it. Put
the following code lines in a Bash script:
#!/bin/bash
while read -r; do
line="$REPLY"
( echo "$line" | grep --color $@ ) || echo "$line"
done
Figure 12
101 LINUX HACKS – 2020 EDITION
SHELL HACKS
Save it as /usr/local/bin/hl and make it executable
(chmod a+x /usr/local/bin/hl). For both actions, you will
need root privileges.
You can only use the new tool as a filter, unlike grep,
which also accepts filename arguments. So replacing
sometool | grep keyword
with
sometool | hl keyword
is fine, but if you want to output a file and highlight a
keyword, either create a “useless use of cat” expres-
sion, such as
cat filename | hl keyword
or redirect standard input via the < oper-
ator (hl keyword < filename).
Since hl simply forwards all options to
grep, you can use advanced features such
as searching for regular expressions or
asking the tool to ignore case. Highlight-
ing USB and network events took a simple
dmesg -w | hl -iwE "usb|eth."
where -i asks grep (and thus hl) to ignore
lower/uppercase differences, -w restricts
matches to full words (so that eth0 will
match, but ethernet will not), -E enables extended regular
expressions, and the "usb|eth." defines that we’re looking
for either usb or eth? (with exactly one character after eth).
If you want to build a (very) simple syntax highlighter
for a programming language, just provide hl with a list
of all reserved keywords. In Figure 12, you can see parts
of the output of:
hl -wE "for|do|done|exit|case|esac|while|if|fi|elseU
|elif|echo|export|alias|function|test|unset" < /etc/U
bash.bashrc
Actually it doesn’t take a script like hl at
all, if you can live with the restriction that
every search term must be a regular ex-
pression. In that case, grep can already
do the job on its own. Just add ^| before
your search patterns, for example:
dmesg -w | grep --color -iwE "^|usb|eth."
Every line is matched by ^, so grep discards
nothing, but coloring only happens to
lines with “proper” search results.
By Hans-Georg Eßer
65
 SHELL HACKS
H AC K

Add File Type Icons to Your File Listing

The first time in our lives we got to a black-and-white
Linux or Unix shell, most of us probably typed ls first. A
new implementation of this standard tool adds icons to
the output. colorls is written in Ruby. If you don’t have
this language on your system yet, install it quickly. For
example, Ubuntu and Mint users would type
sudo apt install ruby ruby-dev ruby-colorize
or, for openSUSE:
sudo zypper in -t pattern devel_C_C++ devel_basis
sudo zypper in ruby ruby-devel
Then you download a TrueType font that you like from
Nerd Fonts – say, Roboto Mono Nerd Font Regular. After
unpacking the ZIP file, I moved the .ttf files to the /usr/
share/fonts/truetype/roboto/ directory on my Ubuntu
desktop; users of other distributions may need to
change this path.
Why do I even get this font when there are a few
dozen others preinstalled? Because Nerd Font’s char-
acter sets are more extensive, containing more sym-
bols, special characters, glyphs, and emojis than
usual (Figure 13). Now I select the new font in my ter-
Figure 13
62
optimized for dark terminals by specifying --dark. Fig-
ure 15 shows what a tree view (with --tree) looks like.
No Blind Faith in Color
Speaking of the downside: colorls is a new implementa-
tion of ls, which does not support all options identically
and others not at all. My big favorites -l and --sort=size
fortunately work. If you type -f, colorls only displays
files; -d only displays directories. If I want to see both, I
have the choice between --sd (directories first – note the
two dashes!) and --sf (files first).
If you would like a brightly colored ls, but have prob-
lems with colorls because of missing parameters,
schedule a test run with exa (see Hack 58).
By Charly Kühnast
https://github.com/athityakumar/colorls
https://nerdfonts.com/#downloads
https://nerdfonts.com/#cheat-sheet
Figure 14

minal’s preferences. This fulfills the preconditions, Figure 15

and I can proceed to install colorls by typing:

sudo gem install colorls

Ubuntu and Mint users can at once use colorls. If you

run openSUSE, the tool’s file name is colorls.ruby2.5.
The developers know that nobody types colorls 50
times a day. I recommend that you create an lc alias in
your ~/.bashrc:

alias lc='colorls' # or colorls.ruby2.5

If you use a light terminal background, you should al-

ways specify --light or, preferably, make it permanent
by appending it to the .bashrc alias. The output then re-
sembles that in Figure 14 – note the cute icons and
bright colors. Light-shy workers can choose a variant

66 101 LINUX HACKS – 2020 EDITION


Upterm, a Terminal with
HACK
63
Built-In Shell
The next level up from debating which is the best Linux
desktop is debating which is the best shell. Bash is
often the default. For most of us, there’s seldom a rea-
son to try anything else. It’s perfect for all kinds of
tasks, from editing text to manipulating files. But there
are many other shells that can be more helpful when
you have more specific or technical requirements.
Figure 16
The fish Shell HACK 64
After presenting Upterm in the previous hack, let’s
Figure 17
look at yet another alternative to Bash: The fish shell
uses your regular terminal program, so it’s also avail-
able in pure text mode and via remote connections.
fish offers some very helpful command-line com-
pletion features. For example, when you start typing
a command, you get suggestions for old commands
from your history – the shell shows how the letters
you typed so far could be completed to form your
old command, with the missing bits in light gray, so
you know what’s already there and what’s a sugges-
tion. Press the Up arrow key to go back to older his-
tory entries.
Or press Tab to see what binaries in your $PATH start
with the letters you entered so far. If there are many
possible completions, fish will only display a few of
them – to get the full list, press Tab again. If you think
that Bash does that, too, that’s only half correct, be-
cause fish will add information from the programs’
man pages (Figure 17) so that you can quickly check
whether you really want one of the commands from the
list. Autocompletion will also suggest options when
you press Tab after entering one or two minus signs.
Ask the fish shell for information about an internal
command via help command, and it will open the docu-
101 LINUX HACKS – 2020 EDITION
SHELL HACKS
Zsh is a very popular option, for example, because it
expands on Bash’s capabilities and can use a very help-
ful plugin system, often used by developers to stream-
line their workflow. Upterm (Figure 16) is another and
newer alternative, but one that’s on the cutting edge of
features whilst possibly being of most use to command-
line beginners. Running atop Electron from the Node.js
package manager, Upterm is never going to replace the
standard Linux default running on your freshly booted
server’s framebuffer, but it may help if you spend a lot of
time on the command line from the desktop.
Upterm describes itself as both a terminal emulator
and an interactive shell. The interactive part is the first
thing you notice. As you type cd to change directory, all
the possibilities magically appear like a Google autosug-
gestion. This is really useful and potentially more user-
friendly than having to press the Tab key to get the same
list, but it also lists command arguments, and, most im-
pressively, the single sentence includes text hints for
most arguments. This means that Upterm helps with
both navigation and how you use the tools you want to
type, which is ideal for beginners or for those of us who
forget the command-line nuances of git or Vim.
By Graham Morrison
https://github.com/railsware/upterm
mentation in a browser. Looking at the list of internal
commands reveals interesting additions; for exam-
ple, the cdh (cd history) command shows all folders
you’ve cd‘ed to in the past and lets you pick one with
the cursor keys.
There’s a lot more to discover, and if you like to write
shell scripts, Fish has its own scripting language. Many
distributions have fish packages in their repositories –
for example, try sudo apt install fish for Ubuntu and
Mint or sudo zypper in fish for openSUSE.
By Hans-Georg Eßer
https://fishshell.com/
67
 SHELL HACKS

Using a Sub-Shell
HACK 65 or modify variables that might influence the shell’s be-
havior. For example, deleting the PATH variable (via unset
When you’re working in the shell and you type bash, PATH) renders the shell almost useless since it cannot
nothing happens – apparently. The shell prompt returns find binaries (unless you specify the full path).
at once, and you can continue to enter commands. But You may also start a sub-shell if you want to “hide”
when you try to run a command from the history, you commands: The shell writes the command history from
will notice that it is somehow outdated (and especially memory to disk when it terminates. The commands saved
the bash command that you’ve just typed will not appear by the sub-shell will be lost when the parent shell exits.
in the history). Another reason for a sub-shell is staying in a directory
That’s because you’re no longer working in the shell with a long path that you don’t want to memorize: Just
that was active when you typed the bash command: start a sub-shell, cd out of the current directory to do
You have started a sub-shell in a child process, and the some other work, and when you want to return, simply
original shell has been suspended until you leave the exit the sub-shell with Ctrl+D. Of course, there’s also the
new shell with exit. Running ps --forest will reveal the directory stack that was invented for exactly this pur-
parent-child pose – so if you know the pushd, popd, and dirs com-
Figure 18
relationship of mands, it is better to use those. If you don’t, a sub-shell
the two shells does the job, too.
(Figure 18). You can even temporarily suspend a sub-shell (using
But what is the suspend command) so that you can use the parent
that good for? shell; entering fg brings you back to the sub-shell.
Working in a When you use a desktop environment, you’re more
sub-shell is a likely to simply open more terminals instead of starting
good idea sub-shells. But if you often log into remote machines via
when you SSH, knowledge of sub-shells can come in handy.
want to test
shell options By Hans-Georg Eßer

Start the Right App

When I’m navigating through my folder hierarchy, I
HACK 66
Gnome users type gio open filename. On older
tend to find files that I cannot remember creating – and Gnome versions and on Linux Mint’s Cinnamon desk-
the file name does not help either. I want to look at the top, you can try gvfs-open. Xfce has its own tool, too:
contents (and possibly decide to delete the file or move It is called exo-open. There’s also a generic tool called
it elsewhere). xdg-open. You may have several *open tools installed;
If this sounds familiar, then how do you open such Figure 19 shows what happens when you run gio
files from the command line? You could launch the open and kde-open on the same text document. Nor-
right application from the desktop’s program menu, mally, it’s best to stick with the tool tailored to your
use a command like echo $PWD/filename to find the full favorite desktop.
path of the file, and paste that into the opening dialog.
Or, if you happen to know the file name for the program By Hans-Georg Eßer
binary (like soffice for LibreOffice), you Figure 19
can type soffice filename.
In most cases, your desktop knows
which applications could open your files:
Double-clicking them in the file manager
will normally start some program. You
can use that knowledge in the terminal,
too. For example, as a KDE user you can
run the kde-open filename command to
have KDE’s MIME type configuration sort
it out for you. Depending on your distri-
bution and KDE version, the tool may be
called kde-open5.

68 101 LINUX HACKS – 2020 EDITION

 You run a website or you produce content for it:
The best hacks mean knowing the right tools. For
example, you don’t need to do a regular install of
a CMS for testing: Just run a Docker container and
get rid of it when you’re done.

HACK 67
Install the draw.io Diagram Editor Locally 71
HACK 68
Record Screencasts with Peek 72
HACK 69
Edit Your Videos with VidCutter 73
HACK 70
Creating Long Documents with Styles 73
HACK 71
Editing HTML with Live Preview in Brackets 74
HACK 72
Free Wildcard X.509 Certificates for
Your Domain 75
HACK 73
Test Alternative CMSs with Docker 76
HACK 74
How Fast Is Your Server? 76

Image © lightwise, 123RF.com

70 101 LINUX HACKS – 2020 EDITION

 PUBLISH OR PERISH

Install the draw.io Diagram Editor Locally

HACK 67
Draw.io has been around for years as a website. If you generate diagrams of this quality so quickly, and
ever need to draw a diagram or flow chart, or even a none with the same powerful design and symbol library
circuit, it’s indispensable. Many users now rely on it for that can output in so many different formats.
their last-minute presentations, their documentation Diagrams aren’t necessarily the most exciting thing
projects, and project planning, because draw.io’s great to spend your time creating, which is precisely why
strength is that it offers many different symbols in draw.io is so good. It handles the tedious parts, so you
many different categories, making it capable of draw- can spend less time drawing and more time moving on
ing many different kinds of charts. You don’t have to to the implementation (or at least arguing over the im-
create your own icons, steal images from the Internet, plementation shown in your awesome diagrams).
or rely on Inkscape for your arrowheads. Instead, you Figure 1 shows what draw.io offers:
simply drag and drop symbols, join them together, and Symbol library: Drag and drop from a huge variety
then use draw.io’s wonderful styling, arrangement, and 1 of diagram icons.
node options to create a final file that you can save on- Connections: Components can be dragged, and
line or locally. The only downside is that the website 2 their connections remain intact.
version requires running it online. Edit: Scale, drag, rotate, and group elements on
But draw.io is an open source project, and there’s now a 3 your canvas.
desktop version you can run on your local computer, Style: Use a color palette for fill styles, plus control
which is perfect for last-minute cramming on that train 4 fonts and labels separately.
with abysmal connectivity. There’s an executable AppIm- Properties: If the mouse isn’t good enough, type in
age, as well as DEB, RPM, and even Chrome OS files. 5 exact values.
With the application installed, you can create diagrams Transparency: Make and mix your colors with opac-
without the online tether. There’s a huge number of sym- 6 ity values.
bols to choose from, with additional custom symbols em- Shape categories: Symbols cover a huge range of
bedded within many of the template New projects you 7 diagram types.
can open. The Google Cloud Platform (GCP) templates, Custom libraries: Include your own symbols, such
for example, include many GCP-centric symbols and lay- 8 as GCP or AWS shapes, to accompany your own
ers for use within your charts. Further examples include diagrams.
Venn diagrams, mind maps, Unified Modeling Language
(UML) diagrams, flow charts, and isometric network dia- By Graham Morrison
grams – with 3D symbols for Amazon Web Services https://github.com/jgraph/drawio
(AWS) infrastructure.
Although not as powerful Figure 1
as Inkscape for drawing, text,
or arrangement options, you
have more than enough tools
here to create the perfect dia-
gram, as well as group, layer,
and align, for instance. If you
need more control, you can
save as an SVG file and edit
within Inkscape. I tested this,
and it worked perfectly.
There’s even beta support for
VSDX output if you need to
import your file into Micro-
soft’s Visio. The UI still feels
web-based, and native desk-
top widgets would be prefer-
able, but this is an important
application with few desktop
rivals – I can’t think of any
Linux tools that are able to

101 LINUX HACKS – 2020 EDITION 71

 PUBLISH OR PERISH

H AC K Record Screencasts with Peek

68 A screencast shows what happens

on the desktop. Peek lets you create
screencasts in the blink of an eye and
export them to popular formats. Com-
pared with other screencast tools, Peek has a very
small feature set, but the program is not trying to com-
pete with the more established applications. Originally,
it simply recorded the desktop as a GIF, thus producing
videos that were easy to embed into web pages. How-
ever, Peek now also supports more traditional video
formats such as WebM and MP4.
In terms of the interface, Peek is deliberately oriented
on the LICEcap screencast tool for Windows. The pro-
gram shows a scalable transparent window that is al-
ways in the foreground on top of all your other applica-
tions. Everything inside the window frame is grabbed
as a video by the software when you click Record. After
pressing Stop, Peek immediately saves the results on
the hard disk.
To set the output format, click on the Peek icon in the
upper left corner and choose Preferences. Adjust addi-
tional parameters, if necessary, such as the Delay in
seconds before the recording starts and the Framerate,
or influence the size of the recording with Resolution
downsampling.
For the GIF format, especially, you should keep in
mind that it was not designed for recording: Capturing
the entire desktop in Full HD at 30fps will result in huge
files. Therefore, choose only the snippet that you actu-
ally want to view later. When scaling the window, the
size display can help you align the
frame precisely (Figure 2). Addi- Figure 2
tionally, you can reduce the fram-
erate to about 10fps, and, if neces-
sary, use the Resolution down-
sampling option to scale the re-
cording by an integer factor.
What is currently causing Peek difficulties is the
change to the new display server, Wayland. For secu-
rity reasons, Wayland isolates individual applications
on the desktop from each other. Software is not al-
lowed to read the content of another program’s win-
dow. Thus, screenshots of the entire desktop are no
longer easily achievable. But that’s a problem for
many other tools, too.
Unless you launch Gnome under the classic X server
via the display manager using Gnome on Xorg, Peek
therefore needs to revert to the XWayland compatibility
layer, which happens automatically when you start
Wayland; however, if needed, you can call the applica-
tion directly under XWayland with:
GDK_BACKEND=x11 peek
After fulfilling this condition, working with the program
is very easy: Launch, align the frame, and record the
screencast.
By Christoph Langner
https://github.com/phw/peek
http://www.cockos.com/licecap
Listing 1: Add Ubuntu PPA
sudo apt-add-repository ppa:peek-developers/stable
sudo apt update
sudo apt install peek

Installation
For Ubuntu and Linux Mint,
there’s a Personal Package Ar-
chive (PPA) repository (Listing 1).
On Arch Linux, you can simply
install the application from the
Arch User Repository (AUR), and
if you use openSUSE, you can
find a package on software.open-
suse.org. For other distributions,
such as Fedora, Debian, or
Solus, the developer provides in-
structions for installation on the
project page.

72 101 LINUX HACKS – 2020 EDITION


HACK 69
Edit Your Videos with VidCutter
If you create lots of videos, such as screencasts of
your desktop (see hack 68 featuring Peek), you often
need to cut bits out of them. That’s an essential part
of both the recording and editing process. Editing is
obviously the central process in all video editors, but
often, all you want is the video equivalent of selecting
a piece of text and pressing delete.
VidCutter aims to do just that: Make practical edits
quick and easy. The UI is refreshingly simple. Most
videos load without conversion, thanks to the libmpv
back end, and you can immediately start playing with
the edits. The basic process mimics that of fully
fledged editors while restricting options to a mini-
mum. You go through a file creating clips by selecting
the start point and end point of each clip. The mouse
wheel or left/right cursor keys can be used to step a
single frame forward or backward, which is excellent,
while up and down keys will skip five seconds. The
Return key can be used to quickly create a start or
end marker for a clip, and a thumbnail of each clip ap-
pears on the right after being defined.
You can reorder the clips by dragging and dropping
them within the panel, and when you’ve finished
making clips and dragging them into a sequence for
your final video, clicking Save will output the final
version to a new file (Figure 3).
By Graham Morrison
https://github.com/ozmartian/vidcutter
Figure 3
101 LINUX HACKS – 2020 EDITION
PUBLISH OR PERISH
HACK 70
Creating Long Documents
with Styles
Some documents that I create in LibreOffice Writer
are “throw-away” documents: I type a few lines, add
some quick formatting, print the document, and then
save the file or just close the program and discard it
all. That’s the one case where it doesn’t make sense
to work with styles.
But most documents are different: You create them
one day, and weeks, months, or years later you edit
them again or create a copy to which you add new
text. The longer those documents become and the
more they are structured (into chapters, sections,
etc.), the more it becomes vital to format them with
proper styles. For example, automatic generation of
a table of contents is only possible when you’ve as-
signed a headline style to every headline.
Using styles also guarantees that you can keep a
uniform look throughout the whole document:
Headlines on page two will look the same as those
on page 102 – same font, same size, same color (if
that’s something you do to your headlines). Also,
exporting the document into a format that can be
used for web publishing is much easier when you
stick to using styles.
Figure 4 shows two headlines in a document – but
only the second one is a real headline. When you
modify the headline style settings, only the real one
will show the changes, while the faulty first headline
will remain unchanged.
By Hans-Georg Eßer
Figure 4
73
 PUBLISH OR PERISH

Editing HTML with Live Preview in Brackets

HACK 71
Brackets is an open source text editor targeted at web Brackets is available under an MIT license, and you
design. There’s obviously a Linux version, but the part can find Linux, Windows, and macOS versions in the
that makes Brackets unusual is that it’s developed by project’s GitHub repository.
Adobe, and it has been in development since 2014. This Figure 5 highlights some important features of
may lead you to think the project is some kind of failed Brackets:
trial by Adobe, but Brackets is far from being a failure. Live preview: Changes made to the raw text
In fact, it’s rather brilliant. The first thing you notice 1 source of a site update the preview.
when you launch the application is that it looks nothing Multiple files: Tab between open files or create
like a typical Adobe application. It actually looks good, 2 both vertical and horizontal splits.
and its user interface doesn’t impinge on usability, with Code highlighting: Text looks crisp and easy on
a large text pane holding the editor itself, complete 3 the eye, and HTML colors are previewed in small
with beautifully rendered text using whatever font you swatches.
prefer. Start typing into an HTML document, and the Distraction free: A simple mode can be enabled to
autocomplete helps you start and finish elements, fixes 4 remove all the window furniture so you can focus
indentation, and subtly highlights the tags from the on the code.
text. This helpful functionality extends to colors, where Extensions: Augment your editing environment with
you add the hex value for a specific hue and the editor 5 dozens of easily installed plugins and extensions.
will show you the color you’ve selected. Code completion: Use the drop-down menu to
But its smartest feature is the live preview. Select- 6 help with element memory.
ing this will open a simple web browser window con- Multiple languages: Designed for the web, but you
taining the rendered output of the HTML and CSS 7 can use Brackets with many different languages.
files you are editing. The clever part is that as you edit Refactor and linting: Change names easily, and
the source text files, the live preview updates in- 8 check and even fix common errors automatically.
stantly to reflect those changes. It feels like the devel-
oper modes you find in popular web browsers, where By Graham Morrison
you can temporarily change how a page is rendered, http://brackets.io/
but the difference here is that your changes are saved https://github.com/adobe/brackets/releases
to the files used to build your eventual site. Thanks to
its age and provenance,
there are also dozens of add- Figure 5
ons that can be installed, al-
lowing you to add themes,
watch videos, make notes,
and even turn the editor into
a fully fledged IDE. While the
emphasis is obviously on
CSS and HTML, Brackets
also supports a huge variety
of formats and programming
languages, from Bash to
YAML, where you can take
advantage of its excellent
font rendering, refactoring,
and split panes. It’s a clean
and effective editor. Al-
though it’s never going to re-
place something like Dream-
weaver when it comes to de-
signing a website without
touching the source, it’s per-
fectly suited to the modern
role of web developer.

74 101 LINUX HACKS – 2020 EDITION

 PUBLISH OR PERISH

H AC K Free Wildcard X.509 Certificates for Your Domain

72 The pleasure of owning a nice domain

like sensorenresidenz.de is clouded by
the requirement of an X.509 certificate
for every subdomain that the admin wants
or has. The Let’s Encrypt project can help: Their certifi-
cates are free and popular – supposedly half of all digi-
tal certificates used on the web originate there.
However, anyone running web servers with many
subdomains has had the displeasure of having to man-
age a bag full of certificates. A single wildcard certifi-
cate from one of the usual certification bodies solves
the problem in principle, but it is expensive. The situa-
tion changed in March 2018: All those who have access
to their domain name’s DNS server can now also obtain
wildcard certificates from Let’s Encrypt.
If you have not yet installed the Let’s Encrypt client,
you can load it as follows:
Please deploy a DNS TXT record under the name U
_acme-challenge.sensorenresidenz.de with the U
following value:
ST8ehm-bKS6wRAxZk5vYDzUO9-OEr3NeIpClFyaq-kA
Before continuing, verify the record is deployed.
After I have created the entry and checked that it is
available, I press Enter. Let’s Encrypt retrieves my re-
quest and verifies it. Then it creates a certificate (full-
chain.pem ) and key (privkey.pem) and stores both under
/etc/letsencrypt/live/Name – applause (Listing 1).
Integrating the certificate with the web server follows
the usual steps. The browser is happy with the certifi-
cate that my servers now deliver (Figure 6).
Wildcard certificates from Let’s Encrypt expire after
90 days like all other certificates from that issuer. To
renew them, you simply call letsencrypt-auto renew.

git clone https://github.com/letsencrypt/letsencrypt By Charly Kühnast

https://letsencrypt.org
After that, web admins usually have to add some Py-
thon packages. That’s easily taken care of with Figure 6

letsencrypt/letsencrypt-auto --help

which will ask you for your sudo password when

launched. Let’s Encrypt uses a DNS-based challenge-re-
sponse method for authentication.

Let’s Dance
The following command lets me request a certificate
for the namespace *.sensorenresidenz.de (just don’t ask
why I registered the domain):

sudo /usr/local/letsencrypt/letsencrypt-auto certonly U

--manual --preferred-challenges dns --server https://U
acme-v02.api.letsencrypt.org/directory --email charly@U
kuehnast.com --domains *.sensorenresidenz.de

After a second of recollection, the Let’s Encrypt client

answers. It wants me to create a TXT record named
_acme-challenge.sensorenresidenz.de in the DNS with a
given random string as content:

Listing 1: I did it!

Congratulations! Your certificate and chain have been saved at:

/etc/letsencrypt/live/sensorenresidenz.de/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/sensorenresidenz.de/privkey.pem
Your cert will expire on 2018-08-07. To obtain a new or tweaked version of this certificate in the future, simply run
letsencrypt-auto again. To non-interactively renew *all* of your certificates, run "letsencrypt-auto renew".

101 LINUX HACKS – 2020 EDITION 75

 PUBLISH OR PERISH
HACK 73 Test Alternative
CMSs with Docker
Docker is the tool for what experts call container vir-
tualization. While the technical details are interest-
ing, what’s more important is that you can download
and run working instances of complex software pack-
ages in seconds.
This makes Docker interesting for all sorts of appli-
cations, and it is especially helpful for website owners
who think about switching to a different content man-
agement system (CMS). If that’s you, you’re likely to
read about the alternatives, but nothing helps you
more with the decision than actually running the sys-
tems. Now setting up a CMS plus all the database ta-
bles, new virtual host, and more takes time. Once you
decide to remove it again, it is likely that bits and
pieces will remain and waste space on your server.
Instead, use Docker to install a test system on your
computer at home: Just visit the Docker Hub and
search for “content management”; the first hits give
you official Docker images of WordPress, Drupal,
Joomla, Plone, and Nuxeo. For example, when you
write 20 lines into a docker-compose file stack.yml as de-
scribed on Docker’s WordPress page and run
How Fast Is Your Server?
httpstat is a special stopwatch you can use to discover
how long web servers take to serve a page: Visible per-
formance lags indicate optimization potential. The Py-
thon script wraps itself around curl. Apart from Python
2 or 3 and curl, it has no other dependencies. You can
retrieve it from the GitHub repository and call it using
python httpstat.py <URL>. If the Python installer pip is
present on your system, you can use that to install
httpstat and call it directly by its name. While you can
leave http:// out of the URL, you must specify https://
Figure 8
76
docker-compose -f stack.yml up
you get two images (one with Apache and WordPress,
the other with a MySQL database) and a working sys-
tem – just login via http://localhost:8080, choose a user-
name/password combination, and you’re ready to use
the fresh WordPress (Figure 7).
By Hans-Georg Eßer
https://www.docker.com/
https://hub.docker.com/_/wordpress
Figure 7
for web pages secured
with TLS.
HACK 74
Figure 8 shows httpstat measuring an
unencrypted call. Four milliseconds for a DNS reply
is a really good value, but I cheated: The name is in my
local cache. As soon as my computer has to turn to my
provider’s DNS, the value rises to 80-200ms. The TCP
handshake is 22ms, which is about par for the course.
The time the server needs to create the page (Server
Processing) shows whether it has some tuning poten-
tial that I have not tapped. My example is not represen-
tative, because instead of HTML the server simply out-
puts 301 Moved Permanently, which means I should
have called the page using HTTPS.
When requesting the same page using HTTPS, the
lookup and TCP values remain the same, but the
TLS Handshake takes forever for this static page.
The value can go up to several seconds for a big site
with a large volume of dynamic content and adver-
tising banners.
By Charly Kühnast
https://github.com/reorx/httpstat
101 LINUX HACKS – 2020 EDITION
 Here, we get technical. Reboot a non-responding system,
loop-mount zip and tar.gz archives, make files append-only
or fully immutable, and copy program binaries from one
distribution to another – but don’t forget to bring their
libraries, too.

HACK 75
Safely Powering Off Your Machine 78
HACK 76
Make Files Immutable or Append-Only 79
HACK 77
Mount tar.gz and zip Archives 79
HACK 78
Recover Deleted Files with PhotoRec 80
and TestDisk
HACK 79
Change Root into Second Distro 81
HACK 80
Bind Mount a Directory with New Permissions 81
HACK 81
Run Binaries from a Different Linux Installation 82
HACK 82
Don’t Be So Case-Sensitive 83

Image © lightwise, 123RF.com

101 LINUX HACKS – 2020 EDITION 77

 DEEP HACKS

HACK
75 Safely Powering Off Your Machine
Turning off your Linux com-
puter by cutting off the power is a bad idea: The system
wants to shut down properly so that it terminates all
running processes and unmounts the filesystems. If
you simply pull the plug, you risk losing data or cor-
rupting the filesystem. Thanks to journaling, the repair
procedure is quick, but you still should avoid a hard
shut down.
However, sometimes a regular shutdown procedure
takes too long. If you need to leave a room very sud-
denly and take your machine with you, waiting that one
minute until shutdown -h now completes may not be an
option. Maybe you have already heard of the magic
SysRq key – it can help you.
If enabled, Linux responds to key combinations
that begin with pressing Alt+SysRq. (The SysRq key
might be called PrintScreen on your keyboard or
have both names. On a keyboard with a standard lay-
out, you will find it next to F12, see Figure 1.) Keep
Alt (or both keys) pressed, and then press a com-
mand key to make the kernel perform some action.
How should you use it? Just remember the following
sequence:
• Sync (S) – write buffered data to open files
• Unmount (U) – remount filesystems in read-only
mode
• Boot (B) – force reboot
Thus, press Alt+SysRq+S, Alt+SysRq+U, and
Alt+SysRq+B for fast and safe rebooting.
magic-sysrq.conf file explain what each number means;
for this hack, we only show three lines:
• 16 – enable sync command
• 32 – enable remount read-only
• 128 – allow reboot/poweroff
To check whether these values are set you can either
manually perform bitwise AND operations or use the shell.
For example, the following commands check whether 32
is part of the sum – the result is either 0 or 32:
$ a=$(cat /proc/sys/kernel/sysrq)
$ echo $((a&32))
32
Ubuntu sets the value to 176 which is 16+32+128 and
precisely what you need to safely reboot the system. If
you need to change the value, either echo it into /proc/
sys/kernel/sysrq or use the sysctl tool (Figure 2). In both
cases you will need root privileges.
There are more magic SysRq features besides pre-
paring and performing the reboot, but most of them are
rarely needed. Check the official kernel documentation
(see link below) for a full description.
By Hans-Georg Eßer
https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html
Figure 2

Will It Work?
Check the contents of /proc/sys/kernel/sysrq – if it’s 0,
then the magic key combinations are turned off com-
pletely, and pressing Alt+SysRq will have no effect at
all. If the answer is 1, all hotkeys are enabled.
It is more likely that specific functions are enabled
and others are not: In that case, the result will be a sum
of some powers of 2 (namely, 2, 4, 8, 16, 32, 64, 128,
and 256). Comments in Ubuntu’s /etc/sysctl.d/10-

Figure 1

78 101 LINUX HACKS – 2020 EDITION


Make Files Immutable
HACK 76
or Append-Only
If you have some files that you want to stay on the
disk, no matter what erroneous commands you
might issue, make them immutable: All it takes is the
chattr tool, which changes file attributes.
The normal way to protect a file is to make it read-
only (i.e., remove its “writeable” bits for all users). In
the terminal, chmod a-w file does this job. But some
programs override the read-only flag. For example,
the Vim editor will perform the following steps when
you use the w! command with a read-only file:
1 Rename file to file~.
Create an empty new file and write the memory
2
contents to it.
3 Set access rights to 0444 (read-only).
4 Close it.
5 Delete the renamed read-only file.
Renaming and deleting do not require changing the
access rights, which are still set to read-only! To
make a long story short, sometimes Linux (tools)
will delete files even though you think you’ve pro-
tected them.
Please Don’t Delete Me
There is a solution, namely, the “immutable” attri-
bute. Set it via:
sudo chattr +i file
The command requires root privileges even when
you make this change to your own file. From now on,
whatever you try to do to the file will fail; you cannot
even move it to a different folder (Figure 3). You can
later get rid of the attribute via sudo chattr -i file.
If the file you want to protect is a logfile, there’s an
even better change you can make. Set the “append-
only” attribute via:
sudo chattr +a file
Then programs with otherwise sufficient write access
can still append new log entries to the file, but it can-
not be modified in the middle, shortened, or deleted.
To find out whether a file has some of the attributes
that you can set with chattr, use the lsattr command.
By Hans-Georg Eßer
Figure 3
101 LINUX HACKS – 2020 EDITION
DEEP HACKS
H AC K
Mount tar.gz and
zip Archives
77
I often find that a file I search for has been tucked
away in some .zip, .tar.gz, or similar archive file. Con-
sequently, a typical sequence before accessing the
needed file would be the following:
• tar tzf file.tar.gz (to check whether unpacking
will dump everything in the current folder or – as is
proper – in a sub-directory)
• mkdir tmp; cd tmp (to avoid the dump action)
• tar xzf ../file.tar.gz (to actually unpack the archive)
• Access the file
• cd out of the temporary folder and remove it
However, this is not the best way. A tool called ar-
chivemount improves the situation by allowing you to
loop-mount archive files (like you would loop-mount
an ISO image). Mounting does not require root privi-
leges. As archivemount is not a standard tool, you’ll
have to install it. For openSUSE or Ubuntu/Mint, the
zypper in archivemount or apt install archivemount
commands will do that.
Now mounting an archive is as simple as
archivemount file.tar.gz mnt/
where mnt/ is some path that must exist. Figure 4
shows how this simplifies access; for the screenshot I
chose a .zip archive.
For unmounting, use fusermount -u mnt/. The man
page suggests using the regular umount command in-
stead. While that is not wrong, it is not helpful, either, as
umount requires root privileges and fusermount does not.
While the tool is helpful, here’s a warning: In my
test with version 0.8.7 (which is what you get on
openSUSE), changes in the mount folder of a .zip file
led to creation of a new version of the .zip file – but
in .tar format!
By Hans-Georg Eßer
https://www.cybernoia.de/software/archivemount.html
Figure 4
79
 DEEP HACKS
Recover Deleted Files with PhotoRec and TestDisk
Undeleting files – that is, undoing a remove (rm) or un-
link command – is a very filesystem-specific task. Its
chances of success depend on the structure and fea-
tures of the filesystem. We’ll look at one of the most
simple filesystems first – FAT32 – which stores filesys-
tem information in a simple table. The earliest FAT file-
systems were only able to handle file names with eight
uppercase letters, and an additional three-letter exten-
sion. This scheme is still used in the modern FAT, but it
also supports long filenames with fewer limitations.
An example disk contains just three files, with file-
names lecture{1,2,3}.pdf. After deleting lecture2.pdf
(with rm -f lecture2.pdf) and releasing the filesystem
with umount, thus writing back all changes, the raw view
of the directory entries looks like Figure 5.
The most obvious change is the replacement of the
filename’s first letter, L, by character hex 0xE5. This is
how FAT first “hides” deleted files, before they are
eventually overwritten by newly created files. In this
stage, recovering the file is easily done by replacing
the 0xE5 character with a letter (for example, back to
the original L). After doing this, the deleted file is
back when the filesystem is mounted again. Recov-
ery programs for DOS or Windows do exactly that. A
good recovery tool for Linux is TestDisk: It knows
about the specifics of file deletion and recovery for
many filesystems.
Although recovering files in a FAT filesystem is
comparably easy, the file’s data and metadata will
only stay intact as long as no new file claims the
same directory entry or overwrites the file’s data
blocks. If this happens, the file and its contents are
really gone for good.
Native Linux filesystems, such as ext4 or Btrfs, use
more complex data structures than FAT; they support
more file attributes and mechanisms like journaling
(which allows for quick repair of the filesystem in the
case of unfinished file operations or a crash before
the filesystem is unmounted properly) or “copy on
write.” The advantages of modern journaling filesys-
tems are a trade-off against the “undoing” of valid
transactions. A deleted file is unlinked from the data
Figure 5
80
metastructure quickly, so it is
HACK
quite difficult to find old entries once
78
the filesystem tree is automatically opti-
mized. Only very recent changes, which are kept in
the journal, can be replayed or reversed with special,
filesystem-specific software. Unfortunately, any ref-
erences to file names and file metadata – like time
stamps – disappear very quickly in modern filesys-
tems after the file has been deleted, so you might
still be able to recover the file data, but you won’t get
back its name.
If you care more about the data of a single file than
about retrieving the complete filesystem and directory
structure, you can try PhotoRec instead of TestDisk to
get your data back. PhotoRec scans raw data and finds
file contents based on header signatures (Figure 6). In
some cases, the file content also reveals the original
file name, even if the file no longer appears in the file-
system organizational structure, so you can get back
the file with its (almost) original name. However, in
most cases, such as pictures or videos, the file name is
no longer associated with the data after file removal, so
you have to search or guess from the recovered files’
sizes and block positions on disk, which are used by
PhotoRec to assign new names to files recovered and
saved to a new partition or medium.
PhotoRec scans files regardless of which filesystem is
used on the source partition, but it honors filesystem-
specific data links and file fragments if the filesystem is
known or specified in the initial configuration options.
By Klaus Knopper
https://www.cgsecurity.org/wiki/TestDisk
https://www.cgsecurity.org/wiki/PhotoRec
Figure 6
101 LINUX HACKS – 2020 EDITION
 DEEP HACKS

Change Root into Second Distro HACK 79

On my test machines, I tend to have several Linux dis-
tributions installed on the same disk, with a GRUB
menu that lets me decide which one I want to boot.
However, I regularly find that the “wrong” distribution
is running – not the one that I need just then.
Instead of rebooting, it is often enough to chroot
(change root) into the other distribution, which works
as follows:
• Mount the other distribution’s root partition (e.g.,
under /mnt/dist)
lsb_release first responding with Linux Mint 19.1 and
then, after chroot, with openSUSE Leap 42.3. In the win-
dow below, you can also see the root directory property
of the “chrooted” shell and a normal shell.
By Hans-Georg Eßer
Figure 7

cd /mnt/dist
mount -o bind /proc proc
mount -o bind /sys sys
mount -o bind /dev dev
mount -t devpts pts dev/pts

And if you need networking, also copy /etc/resolv.

conf to /mnt/dist/etc/
• Finally run chroot /mnt/dist bash -l to start a login
shell in the other distribution
The chroot tool starts the Bash shell with its root direc-
tory property set to /mnt/dist (whereas normal pro-
cesses have / as their root directory). Figure 7 shows

Bind Mount a Directory with New Permissions H AC K

You may know the mount option --bind (or -o bind) that
lets you mount some directory to a second place in the
filesystem hierarchy. We’ve also used it in the previous
hack (which used chroot to jump into a different distri-
bution). While classical bind mounts are often useful,
the feature is not very flexible and also requires root
privileges. bindfs which is a FUSE-based filesystem
driver, lets you perform bind mounts in much more
flexible ways.
You can grab and unpack the source code and then
run make to build the binary, or – if you’re lucky – install
a package from the repositories. In my tests, this
Figure 8
worked on Ubuntu, Linux Mint,
and openSUSE.
As a first example, the following
80
will give you an alternative folder to access your docu-
ments – but all set to read-only:
cd ~
mkdir ro_Documents
bindfs -r -p a-w --no-allow-other Documents ro_Documents
The second example is even more useful: When you
mount a /home partition from an old Linux installation,
user IDs likely don’t match your current settings, so you
cannot access the files without becoming root. bindfs
lets you switch UIDs:

sudo bindfs --map=500/1000 /mnt/olddisk /mnt/bindfs

This will create a new view in /mnt/olddisk where UID

500 is globally replaced with UID 1000 (Figure 8). This
assumes that 500 was your UID on the old system and
1000 is your current UID.

By Hans-Georg Eßer
https://bindfs.org/
https://github.com/libfuse/libfuse

101 LINUX HACKS – 2020 EDITION 81

 DEEP HACKS
H AC K
Run Binaries from a
Different Linux Installation
81
Software installation has become so simple with the ad-
vent of repositories and management tools like APT, Zyp-
per, Yum/DNF, and so on: Just pick a package you want
and let the package manager figure out what other pack-
ages (dependencies) it needs and install all of it in one go.
Sadly, not every application appears in every Linux
distribution’s repositories. For example, the image
viewer xv is one of my favorite tools, because it is incred-
ibly fast. But it’s also very old and has not seen any up-
dates since 1994. Its source code is available, but it has a
habit of not compiling. Some distributors (for example
openSUSE) have managed to get it running and provide
packages in their repositories. Other, like Ubuntu, do not.
So how about just copying the binary file from a open-
SUSE system to an Ubuntu installation?
Well, that is likely to cause problems; in most cases,
attempting to run the binary will produce an error mes-
sage that complains about missing libraries. In that
case, don’t start searching for them on the target sys-
tem. They are either missing, or they have been in-
stalled with the wrong version numbers.
Instead, go back to the source system, and search for
the library files there. You can use ldd to get a list by
typing ldd /usr/bin/xv (for the xv example; Figure 9).
Now quickly build a ZIP archive by supplying the whole
output of ldd as argument list for zip:
zip xv.zip $(ldd /usr/bin/xv)
This will generate many error messages, because there’s
more than file names in the output, but it does not matter:
zip will happily put everything it recognizes as a file into
the new ZIP file. Copy that one over to the target machine.
On the target machine, create a new folder for your
program, move the program binary itself into that
folder, and unzip the file with
unzip -j xv.zip
The -j option makes unzip lose the path information, so
it simply drops all files in the current directory.
Now you’re almost there: Start an incremental pro-
cess in which you add library files to the LD_PRELOAD vari-
Figure 9
82
able. Try to launch the program copy in the cur-
rent directory and check the error message. In the
example, xv was missing the file libpng.so.16. But it’s
right here: You copied it from the source system. So
add that (with its absolute path) to LD_PRELOAD by typing
LD_PRELOAD="$PWD/libpng.so.16" ./xv
This might lead to another (new) error message com-
plaining about some other file. For the xv example, the
next command was
LD_PRELOAD="$PWD/libpng.so.16 $PWD/libz.so.1" ./xv
and that finally started the tool (Figure 10). Note how the
file names have to be separated by a blank character, and
the whole argument is put inside double quotation marks.
For other programs, constructing the command line
might take longer, and there are going to be problems
if you want to use this method to make a 32-bit binary
run on a 64-bit system. At least, those can normally be
solved by installing the 32-bit compatibility layer. The
other way (moving a 64-bit binary to a 32-bit machine)
is technically impossible.
Or Use LD_LIBRARY_PATH?
If you’re aware of the LD_LIBRARY_PATH variable in which
you can add directories with libraries that the program
loader will search before the default folders, you might be
tempted to simply set it to the local directory that has all
the needed libraries in them: I tried that, too. Turns out, it
did not work with the example files, because the GNU C
Library was incompatible with the running kernel. But
you can start with that approach, too: Run the command
LD_LIBRARY_PATH=$PWD ./xv
and then, step by step, delete all libraries that the
loader complains about until those error messages
stop and your program starts. Read the ld.so man page
if you want to find out more about how loading a pro-
gram works on Linux.
By Hans-Georg Eßer
http://www.trilon.com/xv/
Figure 10
101 LINUX HACKS – 2020 EDITION

HACK 82 Don’t Be So
Case-Sensitive
We all know the eternal Unix rule: File names are case-
sensitive. That means, Makefile is not makefile. While it
would be bad practice to have both in the same folder,
you could do it, and it has been done.
When you leave the Linux world, the situation be-
comes complicated: Windows stores file names the
way you typed them at file creation, and that’s the way
you will see them in the file manager or in the shell –
but the system does not care what spelling you use for
accessing them. This means that you can not have
Makefile and makefile in the same directory on an NTFS
or FAT partition. Then again, Windows is not a Unix-like
system. But turn to macOS, which is partly based on
BSD, yet also ignores upper/lowercase differences in
file names – the old Unix rule is not valid for macOS.
This is relevant to Linux users who use Wine to run
Windows applications on their Linux machine. Some
Windows apps have problems with the Linux way of
expecting the precise spelling of a file name and may
break. If you’ve encountered this problem, then there
is a solution: ciopfs (which stands for case insensitive
on purpose file system), a FUSE filesystem driver. It al-
lows you to perform an action similar to a bind-mount
(see hack 80), but with an important difference: when
you try to access files under the new mount point,
case doesn’t matter.
Of course, you’re not restricted to using ciopfs with a
Wine installation. If you’re also a macOS user and often
switch between the two Unix-like environments, you
may want to unify the experience and make Linux be-
have like macOS.
Installation
If you’re running Ubuntu or Linux Mint, you can just
type sudo apt install ciopfs. I could not find any RPM
packages, and I tested source code compilation on an
openSUSE Leap 15 machine. If you have an openSUSE
system, get the source archive from the project web-
site, unzip it, and run the following commands (which
assume that you’re still in the directory that holds the
ZIP archive):
sudo zypper in gcc fuse-devel glib2-devel libattr-devel
cd ciopfs-0.4; make && sudo U
make install Figure 11
Type ciopfs --version to check
whether you’ve been successful.
Using the new tool is ex-
tremely simple: Just type ciopfs
folder1 folder2 where folder1 is
the original directory that holds
files, and folder2 is an empty
directory that’s used as the
mount point.
101 LINUX HACKS – 2020 EDITION
DEEP HACKS
Now the ciopfs driver follows these rules:
• Files that already exist in folder1 and whose file
names are all lowercase appear in folder2 with the
same spelling – other files are left out completely.
• Files that you create in folder2 – with whatever mix of
upper/lowercase letters – will show up in folder1 in all
lowercase (Figure 11).
Adjusting a Folder
So how can you convert a folder’s file names to all
lowercase? If you don’t, files with upper-case letters
will not show up under the ciopfs mount point. Sev-
eral solutions have been discussed on Stack Overflow
– the overall idea is to let find run a breadth-first
search over the directory tree with
find . -depth -exec mksmall {} \;
where mksmall is a shell script that will update the file
name. Listing 1 shows an example implementation; it
uses a collection of classic command-line tools:
• dirname extracts the directory part from a file’s path
• basename extracts the file name
• tr exchanges one set of letters with another one, in
this case uppercase (A-Z) with lowercase letters (a-z)
• test compares two strings
Ciopfs, like archivemount and bindfs, is one of many
FUSE-based filesystems. The FUSE project page lists
several more – maybe you’ll find some other interest-
ing drivers (e.g., ClamFS, which integrates antivirus
scanning).
By Hans-Georg Eßer
http://www.brain-dump.org/projects/ciopfs/
https://wiki.winehq.org/Case_Insensitive_Filenames
https://stackoverflow.com/questions/152514/
https://github.com/libfuse/libfuse/wiki/Filesystems
Listing 1: mksmall
#!/bin/bash
FILE="$@"
DIR=$(dirname "$FILE")
BASE=$(basename "$FILE")
NEWBASE=$(echo "$BASE" | tr A-Z a-z)
if test "$BASE" != "$NEWBASE"; then
mv "$DIR/$BASE" "$DIR/$NEWBASE"
fi
83
 What’s your favorite language? We can’t help you there, but
we can suggest some editors to try. If your code eventually
compiles to a binary, you might want to attack it with a hex
editor, a disassembler, or perhaps a line count tool.

HACK 83 HACK 89
Run C Code from the Command Line 85 Reverse Engineering with Cutter 88
HACK 84 HACK 90
Edit Binary Files with hx 85 Textadept Works in Graphics 89
and Text Mode
HACK 85
Edit Your Text Files with Textosaurus 86 HACK 91
Perform Dynamic Code Analysis with 89
HACK 86
SystemTap
Manage Your git Repository with GRV 86
HACK 92
HACK 87
Count Lines of Code in Your Project 90
Make git Interactive 87
HACK 93
HACK 88
Fix Disturbing Indentation and More 90
Replace hexdump with a Colorful Tool 87

Image © lightwise, 123RF.com

84 101 LINUX HACKS – 2020 EDITION


Run C Code from the Command Line
Sometimes you want to use functionality that is famil-
iar from C programming, but you cannot find a corre-
sponding tool that you could call from a shell script. For
example, the getsid() and getpgid() functions (which
return the running task’s session and process group
IDs) have no shell programming equivalent.
Of course, you could write a small C program that
calls the function of interest for you, but then you’d
have to include parameter evaluation. A better way is
to use a simple wrapper script that takes a string of C
code, puts it into a C source code file, and then com-
piles and runs it. The following five lines do just that:
#!/bin/bash
msg="$@"
fname=/tmp/_run_
printf "int main () { %s ; };" "$msg" > ${fname}.c
gcc -o ${fname} ${fname}.c 2> /dev/null && ${fname}
rm -f ${fname} ${fname}.c
Figure 1
HACK 84 Edit Binary Files with hx
Even if you’re not a developer or a
“hacker,” sooner or later you’ll need to use a hex editor.
This is primarily because a hex editor is a bridge between
the worlds of code, binary, and content, allowing you to
open and view a file regardless of its format or whether
the file is corrupt or complete or not. The file could be an
executable binary, or it could be a LibreOffice document
corrupted while saving. Either way, a hex editor will
Figure 2
101 LINUX HACKS – 2020 EDITION
WORKING WITH CODE
H AC K Save this file as ~/bin/runc and
83 make it executable. (Use a dif-
ferent filename if you use the
opencontainers.org runc tool for
starting containers.) Also check that the C compiler
gcc is installed.
You can now run C commands via runc. For example,
in order to identify the session ID of process 1292, type:
runc 'printf("%d\n",getsid(1292))'
Figure 1 shows this (and a getpgid() call) in action for the
mc process with PID 26815. Of course, I could have asked
ps to show the information via ps -h -o sess -p 26815 (-h
equals no header, -o sess equals only the session ID col-
umn, and -p equals only the process with this PID) and
via ps -h -o pgid -p 26815, but I knew neither the -h op-
tion nor the session ID column code by heart.
More Examples
You can use more complex code blocks including
loops, so for example
runc 'for(int i=0;i<1000;i++)printf("%d ",i);printf("\n")'
will print a sequence of numbers (just like seq -s " " 0 999
does). It is also possible to use code that stretches across
several lines: When you start the C string with the ' charac-
ter (like in the examples), you can press Return as often as
you like – until you end the string with another ' symbol.
As a fun example, in order to generate a segmenta-
tion fault, just try an assembler instruction that would
disable interrupts: runc 'asm("cli")' cannot be run suc-
cessfully, because cli is a privileged instruction that
can only run in kernel mode.
By Hans-Georg Eßer
gladly ignore the context of a file and happily display its
contents. Because the context has been lost, that display
usually defaults to hexadecimal values, or base 16, repre-
senting the raw binary contents of a file. Thanks to your
computers’ binary logic, this single hex value is a “nib-
ble” of data, usually grouped into pairs to form a “byte.”
Bytes are also turned into ASCII text, so you can read raw
data if necessary, and those bytes in turn are grouped into
columns containing 64 bits per column. This makes find-
ing a specific location or offset much easier, whether
that’s in your computer’s raw memory or within a file.
You can download, unpack, and compile the source
with make – that should work on any system with basic de-
velopment packages installed. The editor is Vim-like, so
you can switch between insert and command modes.
Navigation and search keys are also the same as in Vim,
and you should be able to start editing without referring
to the excellent man page if you’re already familiar with
Vim. This means you can search, update, edit, insert, and
replace right from the command line, working with binary
files just as you can with text. Figure 2 shows the success-
ful detection of a hidden password in a binary file.
By Graham Morrison
https://github.com/krpors/hx
85
 WORKING WITH CODE

Edit Your Text Files with Textosaurus

Yes, there are many, many text editors for Linux. But there
HACK 85
cursor editing. The editor is available as an AppImage, so
isn’t a Linux equivalent to the venerable Notepad++ on you can take it for a test ride without installing a pack-
Windows. Textosaurus attempts to fill the void. Thanks to age. Just download the textosaurus-*-linux64.AppImage
being built on both Qt and the Scintilla text editing frame- file, make it executable, and run it.
work, it’s completely cross-platform, so it can replace By Graham Morrison
Notepad++ on Windows as well as it does on Linux. It https://notepad-plus-plus.org/
even features a very similar layout and design.
https://github.com/martinrotter/textosaurus
To help with its cross-platform credentials, it uses
UTF-8 internally, so your text should remain legible Figure 3
whatever platform or locale you’re using, and many
input encodings are supported. It also features menu
options to convert end-of-line characters into some-
thing that works, which is often still a problem when
working with text files generated in Windows. The syn-
tax highlighting looks fantastic and will even print,
while the UI remains very easy to use. (On our test ma-
chine, syntax highlighting did not work until we
changed the editor color theme; Figure 3 shows the So-
larized Dark theme.) You can move parts of the UI
around, as you can with many KDE apps, but Qt and the
bundled Scintilla are the only dependencies.
There are lots of small utility functions too, such as a
menu full of MIME tools, JSON beautifying, and Mark-
down preview. You’ll also find advanced features, such as
being able to record and play back macros and multiple

H AC K
Manage Your git
Repository with GRV 86 the repository are captured by monitoring the filesys-
tem and updating the UI automatically. This means it
works well in a separate tmux panel, for example, cap-
So many of us now use git on the command line that it’s turing changes as you make them, or as they’re pulled
difficult to contemplate using a GUI tool to make access- from upstream. git is complicated; while GRV is never
ing git repositories easier. The context shift from com- going to make the learning curve any easier, it’s a fan-
mand line to desktop is often enough to break your train tastic tool for confirming what you think is happening is
of thought or concentration, but here is a helpful tool actually happening, as well as helping you to visualize
that’s worth using: Git Repository Viewer (GRV) effec- how your projects are developing.
tively builds an entire GUI on the command line around By Graham Morrison
your local git repositories. The main view, called the His- https://github.com/rgburke/grv
tory View, consists of three panels (Figure 4). On the left is
a pane for branches, tags, and remote references, and in Figure 4
the middle is a list of commits for your chosen branch.
The pane on the right side lists the changes, as a diff, for
that specific commit. The other view is Status View, which
gives an overview of what’s changed in your local branch
since the last push. If you’re already familiar with git, this
makes complete sense. It’s wonderful to see your work
presented in such a clear way, just as you likely imagine
the whole repository hanging somewhere.
GRV is also deep. It defaults to using Vim key bind-
ings and makes a wonderful partner to programming in
the editor. There’s even theme support and the ability
to filter through the data using a query language rather
than simple searches. In the background, changes to

86 101 LINUX HACKS – 2020 EDITION


HACK
87
Make git Interactive
Tools for navigating git repositories, their history, and
their branches are becoming almost as common as
CPU monitors. And like CPU monitors, they also hap-
pen to be very useful. Having more options to choose
from means you’re more likely to find a tool to fit your
exact requirements. One fully fledged option is GRV
(see previous hack), which runs from the command
line and features several different view modes.
At the other end of the feature spectrum, gitin is
another great option. Unlike GRV, gitin isn’t an appli-
cation in which you spend time; instead, it works best
as a form of wrapper around the git commands you
might use anyway. Its principle functions allow you
to work with branches, check the status of a reposi-
tory, and view the logs, which are all you need in a
tool, since you don’t want to duplicate what git al-
ready does so well.
Type gitin log within a repository, for instance, and
you see a list of the most recent commits. Using the
cursor keys to scroll through them updates details on
each commit, and pressing return dives into which
files have changed. Select a file, and you get the tradi-
tional diff view of what’s changed within that file
(Figure 5). It’s minimal and effective and, most impor-
tantly, doesn’t detract from the work you’re likely try-
ing to do in the same terminal. It just lets you see the
same details git can provide in a more convenient and
interactive way that’s also quicker than trying to work
out the commands using git alone. The use of color is
also very effective and helps especially in the diff view
where the red of a remove line and the green of a new
line is far easier to see than the - and +.
By Graham Morrison
https://github.com/isacikgoz/gitin
Figure 5
101 LINUX HACKS – 2020 EDITION
WORKING WITH CODE
Replace
hexdump with
a Colorful Tool
HACK 88
When viewing binary files in hexadecimal,
you’re able to decode more than the literal value for
any one location; you’re actually able to see pat-
terns and even raw data emerge, because the view
can represent the way data is physically passing
through memory. This is why a hexadecimal viewer
is an essential utility to have at hand, especially if
you’re interested in how files are stored or how an
executable may work.
One such tool, hexyl, couldn’t be any simpler (Fig-
ure 6). It’s driven from the command line and takes a
filename as an argument. The only other potential ar-
gument is a value to adjust the number of bytes read
from the input. This is useful if you’re trying to view
something large, such as a swap file or even a virtual
device such as memory. But the best thing about
hexyl is how clean the output is. There’s no superflu-
ous detail, with the same three columns you tradi-
tionally see in hexadecimal viewers and editors – the
starting location for a row, the hexadecimal value for
each location for the input shown on the left, and an
ASCII rendering of those locations on the right. Loca-
tions are colored according to their type: NULL bytes,
printable ASCII characters, ASCII white-space charac-
ters, other ASCII characters, and non-ASCII. This
makes it very easy to correlate the ASCII output with
that data’s location within the main view.
By Graham Morrison
https://github.com/sharkdp/hexyl
Figure 6
87
 WORKING WITH CODE

HACK 89
Reverse Engineering with Cutter
The reverse engineering tool radare2 takes your Linux ence, Cutter still helps you get some usable knowledge
binaries and turns them into a stream of assembler, let- out of almost any binary, even if it’s just a greater un-
ting you work out exactly what happens when a pro- derstanding of how many subsystems there are in
gram is executed. You need to understand assembler, Linux and how many CPU cycles are potentially wasted
your hardware, and the various subsystems a binary drawing drop shadows.
takes to produce output, but
that’s where radare2 will try and Figure 7
help, splitting the assembler
into functions, libraries, and
symbols to help you make bet-
ter sense of what’s happening.
The only problem with
radare2 is that it’s pretty com-
plex. Fortunately, there’s a
shiny GUI called Cutter that
makes its functions better ac-
cessible. After launch, you sim-
ply select a binary and you’re
done. Something locally com-
piled will reveal the most use-
ful information, but you can try
anything. Cutter will then
spend a little time analyzing
the binary, the results of which
are shown in a “sections” pie
chart that brilliantly shows the
components detected within
the binary. A similar graphical
representation of the binary is
also shown as a horizontal bar
chart at the top of the window,
with each slice showing the use of sequential memory. Figure 7 shows the following areas of the Cutter pro-
But the main part of the Qt-configurable window is gram window:
the disassembler itself, showing the assembly mne- Functions: Cutter can detect when a chunk of code
monics, usually helpfully annotated to show loops 1 is independent and therefore a function.
and jumps, the names of registers, and function Binary map: See where things are in the binary file
names. This is where you can follow the track of exe- 2 you’re viewing.
cution through your binary. Cutter helps with this, Search: Look through the binary for both flags and
too, as you can click on jump or branch instructions to 3 a specific address.
see where the code runs next. Overview: See the details for where you are and
The disassembler is augmented with various other 4 where you’re going next.
tabs to help you make sense of the code. There’s a hex Pie chart: Analysis breaks up the executable into
viewer, for instance, so you can see the raw binary con-
tents of the file. There’s also an excellent pseudocode
5 parts; this chart shows how each part is propor-
tionately used.
generator that will turn the assembler in a function into Details info: Create pseudocode, see a visual repre-
something where loops and structures are demarcated 6 sentation of the current function, and view the hex.
by curly brackets – it feels a lot like C, where the key-
words have been replaced with assembler. Strings, 7 Sections: The annotated version of the pie chart.
entry points, and imports can be investigated in the
same way, and you can search directly for either a flag 8 Disassembly: The code being run by your binary.

name or an address. It’s still complicated, of course, but By Graham Morrison

even if you have no prior reverse engineering experi- https://github.com/radareorg/cutter

88 101 LINUX HACKS – 2020 EDITION


Textadept Works in Graphics and Text Mode
Not many other software categories offer such breadth
of choice as text editors. Textadept is another one,
promising speed and distraction-free design without
sacrificing essential features. It is available for Linux,
macOS, BSD, and Windows.
Textadept is certainly mature. It’s now over 10 years
old, with a release every two months for more than
eight years. It can be run either as a curses binary
Figure 8
Perform Dynamic Code Analysis with SystemTap
In multithreaded programs, the order of statements in
the sources is different from the order of execution. So,
merely looking at the code doesn’t reveal the sequence
of the program’s operations. You want some tools for
live introspection, also called
dynamic code analysis.
SystemTap is one
such tool, and stap is
its main executable.
SystemTap lets you
write small scripts
called probes and attach them
to various events happening
in user space and in the ker-
nel. It was designed to be safe
for use on production sys-
tems, so you can study non-
trivial situations such as dead-
locks in the wild.
101 LINUX HACKS – 2020 EDITION
WORKING WITH CODE
HACK 90
within the command line or as an application within its
own window. The executable is around 5MB and can be
run off a USB stick, with a promise to consume a mere
15MB of RAM. Into this tiny space, it’s not only capable
of cramming in lightning fast syntax highlighting (for
around 100 languages) but, more importantly, code
completion, too. For those of us without photographic
memories, this feature is essential. Autocompletion
works with symbols within the
files you’re editing, as well as
symbols for the language you’re
working with, complete with
links to the API documentation.
The editor is also almost en-
tirely keyboard driven, com-
pletely themable, and well docu-
mented. An interesting feature
that you don’t find in most edi-
tors is changing the font size in-
dividually for each open file
(Figure 8). When you use a ma-
chine remotely, you can also run
a terminal version of Textadept
called textadept-curses.
By Graham Morrison
https://foicica.com/textadept/
H AC K
One of the things that SystemTap
91
can do is help determine “contended
locks.” SystemTap comes with many examples found in
/usr/share/doc/systemtap/examples. One of these is the
process/futexes.stp script. It traces the futex system call
and dumps how many times the thread had to sleep
waiting for the lock and for how long:
$ sudo stap -c ./sampleprog futex.stp
...
sample[3006] lock 0x7ffcc7301fe0 contended 79 times,
26 avg us
Lower values are generally better. Make sure you
have the kernel debug info installed.
By Valentine Sinitsyn
http://sourceware.org/systemtap/
89
 WORKING WITH CODE

Count Lines of Code in Your Project

Are you interested in statistics about your coding pro- the result in an SQL database; the
HACK 92
jects? You could process your source files with wc -l to tool generates the necessary INSERT and
get a line count, but that simple tool does not know the DDL statements.
difference between comments and real code. We sug- By Uwe Vollbracht
gest that you use something better. http://github.com/AlDanial/cloc
cloc – which stands for Count Lines of Code – gives
you an overview of your projects. The practical helper Figure 9
counts blank lines and comments, as well as real lines of
code (Figure 9). It writes the statistical analysis to the
standard output. cloc requires Perl 5.6 or later and un-
derstands more than 200 different programming lan-
guages; you can obtain a full list using cloc --show-lang.
You specify individual files or entire directories to be
counted. CLOC also understands compressed TAR or ZIP
archives; the tool can receive optional help when un-
packing via --extract-with. The Perl program also tracks
changes between two files, directories, or archives. Its
man page lists various diff parameters with examples.
You can save the results from cloc‘s evaluation in
CSV, XML, or YAML format. Entering --sql processes

H AC K
Fix Disturbing Indentation and More 93
A classic developer tool is the “indenter”: a program Once it’s installed, grab a suitable source file and run:
that takes a source code file and creates a new version
uncrustify -c linux.cfg testfile.c
where indentation and brace placement follow some
fixed rules. To see an old example program from this This will create a new file testfile.c.uncrustify. I tried it
category, look at indent. The Unix original is from the on auto-generated (and poorly formatted) code with
late 70s, and on Linux you can install GNU indent, some success, as you can see in Figure 10.
which was last updated in 2008.
By Hans-Georg Eßer
For a more flexible approach have a look at the
uncrustify tool: It can do a bit more than indent, and https://en.wikipedia.org/wiki/Indent_(Unix)
you can configure it by writing a complex config file. http://uncrustify.sourceforge.net/
The program supports the C, C++, C#, Objective C, D, http://uncrustify.sourceforge.net/linux.cfg.txt
Java, Pawn, and Vala languages. To get you
Figure 10
started, there’s a sample file (search for linux.
cfg.txt in the package contents or on the pro-
ject web page).
I found packages for Ubuntu/Mint and open-
SUSE in the regular repositories. If it isn’t avail-
able for your distribution, compile it from the
sources; you can check out the current version via

git clone git://github.com/uncrustify/uncrustify.git

In my test, I was able to build the project with

mkdir build; cd build

cmake .. && make && sudo make install

run in the uncrustify folder.

90 101 LINUX HACKS – 2020 EDITION

 Is it a hack to bring back the old DOS editor EDIT for
editing your config files? Or to run an old BBS like they
did in the 80s? Yes, those are hacks. Also, did you like
the old “3D Pipes” screensaver? Read on…

HACK 94
Interesting Terminal Output for Your Visitors 93
HACK 95
Scan the Network Like a Script Kiddie 94
HACK 96
Image © lightwise, 123RF.com
Drive Your Moon Lander – in ASCII! 94
HACK 97
Run Your Own BBS 95
HACK 98
Explore, Expand, Exterminate: Play Star Ruler 2 95
HACK 99
Edit Files Like It’s the 90s Again 96
HACK 100
Read Old Unix Books 96
HACK 101
Pick a Retro Screensaver 97

92 101 LINUX HACKS – 2020 EDITION


H AC K
94 Interesting Terminal Output for Your Visitors
Are your friends or colleagues coming over
and you want to impress them with interesting
and mysterious stuff happening on your computer
screens when they take a tour of the house? Then you
have lots of options.
Glitch in the Matrix
Let me introduce to you the od program. The name is
short for “octal dump,” and the tool works like hexdump
but uses octal numbers (0-7) instead of hexadecimal
ones. Let it output /dev/urandom to get a (very cheap)
text mode version of the scrolling symbols from The
Matrix movies. If you want to get rid of the space signs,
remove them with tr:
od /dev/urandom | tr "\n" " " | tr -d " "
Run the od output through lolcat to get the colorful
version shown in Figure 1. Some distributions carry a
lolcat package; if yours does not, you can install it
manually.
Figure 1
Figure 2
101 LINUX HACKS – 2020 EDITION
HAVING FUN
Other than producing interesting output and (when
programming) seeing stuff in octal, knowing od is help-
ful when you prepare for the LPI tests: It’s listed in the
curriculum, and that is why I know it.
Create Slowly Scrolling Output
You know those movies where hackers sit in a dark
room behind a big screen, and occasionally you get a
glimpse of what’s happening on the screen. In some
window, there’s always some scrolling output. That
could be C compiler messages, dmesg lines, or just some
random JavaScript and HTML from a webpage – it
doesn’t really matter (to the film directors) as long as it
looks geeky.
Now you want to have this on your screen, but sim-
ply running dmesg or cat source.c in a terminal window
lets the text scroll far too fast. The following code re-
places cat as a filter and introduces a short sleep after
every line:
while read -r; do echo "$REPLY$"; sleep .02; done
Combine it with something that produces colors for
an even nicer effect, my favorite is a colored dmesg
(Figure 2):
dmesg -L=always | while read -r; do echo "$REPLY$"; U
sleep .02; done
(Even if your dmesg is colored by default, you will
need the -L option, because dmesg notices that output
is not going to a terminal but into a pipe, which will
turn colors off.)
If that’s not enough, install the aalib or libaa-bin
package, which contains a library for rendering graph-
ics (and videos) as ASCII output. There’s an example
program called aafire that turns your terminal window
into a fireplace.
By Hans-Georg Eßer
https://github.com/busyloop/lolcat
93
 HAVING FUN
HACK
95 Scan the Network Like a Script Kiddie
The nmap (network mapper) tool searches for open
ports in a computer network or on some specific ma-
chine, and it can even find out what operating system
and version is running on a remote computer. That
makes it an important tool for IT professionals with a
Figure 3
Drive Your Moon Lander – in ASCII!
When you think of games made with ASCII characters,
you typically start with Snake and end with NetHack,
both of which are brilliant in their own way. You don’t
typically think of something with refined arcade quality
playability and design. And yet that exactly describes
Ascii Patrol, an interpretation of the arcade classic,
Moon Patrol, recreated in text characters to run on a
console. Outside of 80s-era home computer arcade
conversions, it’s one of the few modern recreations of
an old game built atop an even more limited graphics
Figure 4
94
security focus – as well as hackers gone bad who at-
tack machines for evil purposes. The second group in-
cludes script kiddies.
True script kiddies like to see their texts in leetspeak
(or l3375p34k). Since they are likely to (mis-)use the
nmap tool, it provides a leetspeak option to
make them comfortable. You can feel like
a script kiddie, too: Just run the mapper
with the option -oS to change the output
format to “Script kiddie” – the result will
look like Figure 3.
The -o option has further, more legiti-
mate parameters as well: -oX switches to
XML output, and -oG to a format that can
easily be filtered with grep. But where’s the
fun in that?
By Hans-Georg Eßer
https://nmap.org/
https://en.wikipedia.org/wiki/Leet
HACK 96
engine than the original. However, in this case, it makes
the graphics utterly enchanting. You’ll be hooked from
the moment you launch the game and the moon buggy
scrolls smoothly from one side of the screen to the
other (Figure 4).
Pressing any key from the title screen takes you to an
overview screen, which includes a player profile and
editable avatar, a campaign overview complete with a
map, and an online leaderboard, plus there’s a handy
controls overview. It’s like an AAA game on Xbox Live.
Press the spacebar, and you’re playing the game. As
with the original, the action comes from a side-scrolling
obstacle course where you accelerate and decelerate
your buggy, jump, and shoot at things while avoiding
rocks and crevasses. Your score is based on how far
you get. It’s deceptively tricky and very addictive, and
you soon forget the entire game is being rendered
using only ASCII characters. It plays brilliantly, and it’s
just as addictive and as playable as the original, with
the new/old graphics being part of the charm, rather
than a compromise.
By Graham Morrison
http://ascii-patrol.com/
101 LINUX HACKS – 2020 EDITION
 HAVING FUN

HACK 98 Explore, Expand, Exterminate:

Play Star Ruler 2
While it’s sad when a company gives up on gam-
ing, if they choose to do the right thing with the

HACK 97
Run Your Own BBS
code, it benefits a much wider audience. Star Ruler 2
is a great example (Figure 6). This is a popular real-
time strategy (RTS) game from 2015, and it’s still
available on Steam, but the studio behind it, Blind
Mind Studios, has been inactive for a few years.
Those of a certain age will remember a time before Rather than drop off the radar completely and alien-
the Internet: If you wanted your computer to commu- ate its players, the studio decided to open source
nicate with other computers, you did it on a 1:1 basis both its game and the expansion pack.
across a telephone line. You dialed a number, and an- You can install the game with just a single com-
other computer answered before proceeding to ne- mand, sudo snap install starruler2, if your system
gotiate a stream of ASCII going back and forth down supports snaps. You get a major multiplayer RTS title
the line. There were many popular “online” services on Linux for free, and that’s never a bad thing.
that you could pay to access, but perhaps the best
Figure 6
use of this technology was the humble bulletin board
system (BBS). These were portals for files, messages,
and games that were usually run from a home com-
puter with nothing more than one or two phone lines
that became available in the middle of the night.
The Internet killed the BBS scene, but it’s now hav-
ing a slight renaissance, partly for nostalgia, but also
because the web has become hugely distracting.
These new BBSs, and even the old ones restored
from backups, are accessible over a simple Telnet
connection (and sometimes SSH); you can even be-
come the sysop of your domain. MBSE BBS is a mod-
ern BBS (Figure 5) you can install that’s still being up-
dated, although it takes some setting up. If you try it,
your users will be able to create accounts and log in,
leave messages, download and upload curated files,
and chat with each other. You can even allow as
many concurrent users as you need. Set in space, the game itself is known as a “4x”
RTS game, meaning your role as the ruler of the gal-
By Graham Morrison axy is to explore, expand, exploit, and exterminate.
https://sourceforge.net/projects/mbsebbs/ There are seven different races with different attri-
butes, or you can create your own. With that done,
Figure 5 you’re dumped into space where you need to man-
age your finances and local resources to build an em-
pire. You map resources between systems by drag-
ging lines between them, creating networks for im-
ports and exports. You use your fleet of ships to ex-
plore and colonize just as you do with other RTS
games. As you play, you acquire influence points that
can be used in diplomacy, and you can even design
your own ships. The game is a lot of fun, and it’s pol-
ished, just as you’d expect with a commercial game.

By Graham Morrison
http://starruler2.com

101 LINUX HACKS – 2020 EDITION 95

 HAVING FUN
Edit Files Like It’s the 90s Again
Look at Figure 7, which shows good old EDIT from DOS
editing a file. If you want to replace all other editors
with this classic tool, there’s a way. To prepare, first in-
stall DOSBox (the dosbox package) and create a dos
folder in your home directory. Then grab an image of
some MS-DOS clone, for example FreeDOS 1.2. Mount
the CD-ROM image (FD12CD.iso) and unpack the BASE/
Figure 7
H AC K
Read Old Unix Books
Reading a good book is always worth-
100
while, but computing literature tends to age in
a way that makes most practical descriptions obsolete
within a decade. In the case of Linux, that doesn’t hap-
Figure 8
96
HACK
EDIT.ZIP file into /tmp. You will find a new BIN
99
subfolder that contains EDIT.EXE and EDIT.HLP – copy
those to ~/dos.
Also copy some text file you want to edit to ~/dos/
file.txt. Now you can boot DOS and let it execute EDIT.
EXE by typing
dosbox -c "mount c ~/dos" -c "c:" -c "edit file.txt" -c exit
which brings back the glorious old look and edits your
file. You can access the menu entries by pressing Alt
and then using the cursor keys, or via Alt+F (File), Alt+E
(Edit), etc., or even using the mouse. (If your mouse
gets stuck inside DOSBox, press Ctrl+F10 to release it.)
When you’re done, press Alt+X to exit both the editor
and the DOS emulator.
It’s only a little more work to create a script that will
copy a text file to the ~/dos folder, launch the emulation,
and then copy it back.
By Hans-Georg Eßer
https://www.dosbox.com/
https://www.freedos.org/
pen to all documentation. While a KDE book
from the late 90s has lost all usefulness (except
as a picture album to see what desktops looked
like in the old days), you can always grab a good intro-
duction to the shell – for example the article “The UNIX
Shell” from Stephen R. Bourne, who developed the
Bourne shell (sh), an ancestor of the Bash
shell. After all, Bash is an acronym, meaning
“Bourne-again shell.”
The article was published in 1978. Grab a
copy from archive.org and read the introduc-
tion to using the shell, working with variables,
writing shell scripts with for and while loops,
pipelines, and much more (Figure 8). Travel-
ing back in time 40 years does not change
shell usage a lot. Of course, a modern Bash
has more features and offers more comfort,
but the basics have remained the same.
By Hans-Georg Eßer
https://archive.org/details/bstj57-6-1971
101 LINUX HACKS – 2020 EDITION

Pick a Retro Screensaver HACK
There are two things you might miss from working with
Windows, especially the older versions: the 3D Pipes
screensaver and the occasional display of the famous
Blue Screen of Death (BSoD). Sadly, modern Windows
versions do not suffer from the same stability issues. If
you remember Windows 95 and 98, you know what I’m
talking about.
Everything you need to celebrate your nostalgia is
available in XScreenSaver and add-on packages. You
only need to install and configure them. The names of
the required packages differ from distro to distro, so,
for example, on Ubuntu or Mint, type
sudo apt install xscreensaver xscreensaver-gl U
xscreensaver-screensaver-bsod
to get the packages. OpenSUSE users run the command
sudo zypper in xscreensaver xscreensaver-data U
xscreensaver-data-extra
and Fedora wants you to type:
sudo dnf install xscreensaver
Once the files are on the disk, you can decide whether
you just want to play with the screensavers or really in-
stall one (so that it will start up after a few minutes of
inactivity).
Just Playing
If you just want to have a look at the screensavers, run
the xscreensaver-demo program. You’ll get a warning dia-
log from which you can launch the XScreenSaver dae-
mon – for testing purposes, click Cancel.
From the list on the left side (Figure 9), select a
screensaver and see what it looks like on the right side.
The BSOD entry holds more than just a blue screen
from Windows: There are all kinds of operating system
crashes from various architectures, some of them ani-
mated. The Windows 10 bluescreen even displays a QR
code (Figure 9); if you encounter it, quickly start the QR
code viewer app on your phone: I don’t want to ruin the
experience for you by telling what you’ll get.
Figure 9
101 LINUX HACKS – 2020 EDITION
HAVING FUN
101Click on Pipes to start a good approximation of the 3D
Pipes from Windows (Figure 10). You can configure this
screensaver via the Settings button; there are a few in-
teresting options. Figure 10
If you want to
see a screen-
saver in full-
screen mode,
you’ll have to
start the previ-
ously mentioned
daemon. Click on
Preview, and the
warning dialog
will reappear –
this time, start the daemon. In my tests, I had to click on
Preview again.
When you’ve found your favorite, check the process
list (or tree, with pstree) to find its program name: You
can find individual screensaver binaries in various fold-
ers, depending on your distribution, for example:
• /usr/libexec/xscreensaver/ (Fedora)
• /usr/lib64/xscreensaver/ (openSUSE)
• /usr/lib/xscreensaver/ (Linux Mint)
Make It Permanent
To install a screensaver from this collection as your regu-
lar screensaver (instead of the desktop’s standard tool),
make sure that the desktop’s screensaver and/or locking
mechanism is off, that XScreenSaver starts automati-
cally when you log in, and that it’s properly configured.
On KDE, disable the built-in Screen Locking in the
KDE system settings. Then make sure that the
XScreenSaver daemon starts when you login: open
KDE’s Autostart settings, click Add Program, type
xscreensaver in the input field, and click OK. Check that
it works by logging out and in again, and then search
the process table for xscreensaver.
When using Gnome, uninstall the gnome-screensaver
package (if installed). Make xscreensaver an autostart
program (open Startup Applications, click Add, enter
xscreensaver in both the Name and Command fields,
and click Add). Then log out and in again; you should
see a splash screen.
For Mint’s Cinnamon desktop, disable the Cinnamon
screensaver and then create a hard link like this:
sudo ln -sf /usr/bin/xscreensaver-command U
/usr/bin/cinnamon-screensaver-command
When you want to both auto-activate the screensaver and
make it lock the screen, use XScreenSaver’s settings dia-
log (that you start with xscreensaver-demo) and set two
timeouts in the Blank After and Lock Screen After fields.
By Hans-Georg Eßer
https://www.jwz.org/xscreensaver/
97
 MASTHEAD / AUTHORS

We are always looking for good articles on Linux and the
tools of the Linux environment. Although we will consider
any topic, the following themes are of special interest:
• System administration
• Useful tips and tools
• Security, both news and techniques
• Product reviews, especially from real-world experience
• Community news and projects
If you have an idea, send a proposal
with an outline, an estimate of the
length, a description of your back-
ground, and contact information to
[email protected].
The technical level of the article should be consistent
with what you normally read in Linux Magazine. Re-
member that Linux Magazine is read in many countries,
so it is best to avoid using slang and idioms that might
not be understood by all readers.
Be careful when referring to dates or events in the future.
Many weeks could pass between your manuscript sub-
mission and the final copy reaching the reader’s hands.
When submitting proposals or manuscripts, please use a
subject line in your email message that helps us identify
your message as an article proposal. Screenshots and
other supporting materials are always welcome.
Additional information is available at:
http://www.linux-magazine.com/contact/write_for_us.

Contact Info

Editor-in-Chief While every care has been taken in the content of the
Hans-Georg Eßer magazine, the publishers cannot be held responsible for
Senior Editor the accuracy of the information contained within it or any
Joe Casad consequences arising from the use of it. The use of the
Managing Editor DVD provided with the magazine or any material provided
Lori White on it is at your own risk.
Localization & Translation
Ian Travis Copyright and Trademarks © 2020 Linux New Media
Authors USA, LLC
Copy Editors
Amy Pettle, Megan Phelps No material may be reproduced in any form whatso-
Erik Bärwaldt Layout ever in whole or in part without the written permis-
Dena Friesen, Lori White sion of the publishers. It is assumed that all corre-
Paul Brown
Cover Design spondence sent, for example, letters, email, faxes,
Bruce Byfield Dena Friesen, Illustration based on graphics photographs, articles, drawings, are supplied for
by bowie15,123RF.com publication or license to third parties on a non-exclu-
Hans-Georg Eßer
Advertising sive worldwide basis by Linux New Media unless
Frank Hofmann Brian Osborn, [email protected] otherwise stated in writing.
phone +49 89 3090 5128
Klaus Knopper
Marketing Communications Linux Magazine Special (ISSN 1757-6369) is published
Charly Kühnast Gwen Clark, [email protected] by Linux New Media USA, LLC, 2721 W 6th St, Ste D,
Christoph Langner Publisher Lawrence, KS, 66049, USA.
Brian Osborn
Graham Morrison All brand or product names are trademarks of their re-
Customer Service / Subscription spective owners. Contact us if we haven’t credited your
Tim Schürmann For USA and Canada:
Email: [email protected] copyright; we will always correct any oversight.
Valentine Sinitsyn Phone: 1-866-247-2802
(toll-free from the US and Canada) Printed in Germany on FSC and PEFC certified paper.
Ferdinand Thommes
For all other countries: Distributed by Seymour Distribution Ltd, United
Daniel Tibi Email: [email protected] Kingdom
Alexander Tolstoy Linux New Media USA, LLC
2721 W 6th St, Ste D, Lawrence, KS, 66049 USA Published in Europe by: Sparkhaus Media GmbH,
Uwe Vollbracht www.linux-magazine.com Zieblandstr. 1, 80799 Munich, Germany

98 101 LINUX HACKS – 2020 EDITION