Posts in category “Linux”

Note: recover from accidentally changed the ownership of `sudo` command

Cause:

This morning, I change to the /backup directory and found I cannot write in it. So I rapidly typed sudo chown -R david:david .. then press Enter. You know what happened! All the files in / directory were changing the owner to me! I realized this by seeing an error message like "You cannot change the owner of xxx file to david".

Damn, how silly I was! Unfortunately, that was not the end of my bad luck. When I try to revert it by typing sudo chown -R root:root /, I got another error message: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set. Then I tried su - root but it seems that I haven't set a root password.

How can I recover my pop! OS?

  1. reboot it into single-user mode, edit the boot menu, add systemd.unit=rescue.target at the end of the boot line.
  2. In the boot console, chown -R root:root /usr; chmod 4755 /usr/bin/{sudo,dpkg,pkexec,crontab}; reboot

Rather easy, right? It did cost me over 10mins! PS. I met many issues later after recovering from the accident. One of them is that the crontab command did not work as usual. I have to run the instruction below to fix it.

sudo apt reinstall cron

Linux is also fragile, please don't be such silly thing next time. I told myself. PS: This time I also set a root password as well, so next time I could run su - root directly instead of going to the single user mode.

Fix the ‘Too Many Open Files’ Error in a systemd service in Linux

In short:

Change the service file, and add two lines after [Service] line,

[Service]
LimitNOFILE=65535
LimitNOFILESoft=65535

If you want to know more, read the Reference

SELinux sucks?! Safety always means inconvenient, right!

Just record what I made Nginx working with a project located in someone's HOME directory on a Linux machine with SELinux on.

  1. Nginx seems working normally, but it actually Didn't listen to a non-80 port at all. If it reports ValueError: Port tcp/8081 already defined, replace -a with -m.

    semanage port -a -t http_port_t -p tcp 8081

Reference1 Reference2

  1. telnet localhost 8081 works, but telnet 192.168.168.168 8081 from another machine not working!

    firewall-cmd --permanent --add-port=8081/tcp
    firewall-cmd --reload

  2. Everything seems working good, but when you visit your site, Nginx just gives you a 403! You should ensure Nginx can access your project directory, everyone knows that, but is not enough when SELinux is on.

    setsebool -P httpd_enable_homedirs 1
    setenforce 0
    systemctl restart nginx
    systemctl daemon-reload

Reference

Seafile server configuration on CentOS 8

I am using the docker-compose version. The first problem I met was none of Seafile's concerns, it is actually a bug of docker. All of the containers cannot reach the internet (cannot resolve any DNS). The solution is at here.

After fixed the issue above, the Seafile server runs well on centos. However, there are still two issues that need to be addressed.

The first one is about the head icon of a user. It simply cannot display. You can easily found that the host part of the head icon is wrong. You need to edit "shared/seafile/conf/ccnet.conf" and change the SERVICE_URL to your real hostname in the [General] section.

The second one is similar, if you don't fix it, you cannot download any of the file you uploaded. This time, you need to edit "shared/seafile/conf/seahub_settings.py" and change the last line to "https://your.domain.name/seafhttp".

tmux super simple guide

echo 'set -g mouse on' >> ~/.tmux.conf
tmux new -s tmux3
^b %
^b "
^b d
tmux attach -t tmux3