Posts in category “Linux”

fameshot: a better screenshot tool with editing support for ubuntu


How to install certbot on CentOS8

The biggest problem you faced is actually the following one

and the article above answers the question very well.

certbot certos

Note: recover from accidentally changed the ownership of `sudo` command


This morning, I change to the /backup directory and found I cannot write in it. So I rapidly typed sudo chown -R david:david .. then press Enter. You know what happened! All the files in / directory were changing the owner to me! I realized this by seeing an error message like "You cannot change the owner of xxx file to david".

Damn, how silly I was! Unfortunately, that was not the end of my bad luck. When I try to revert it by typing sudo chown -R root:root /, I got another error message: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set. Then I tried su - root but it seems that I haven't set a root password.

How can I recover my pop! OS?

  1. reboot it into single-user mode, edit the boot menu, add at the end of the boot line.
  2. In the boot console, chown -R root:root /usr; chmod 4755 /usr/bin/{sudo,dpkg,pkexec,crontab}; reboot

Rather easy, right? It did cost me over 10mins! PS. I met many issues later after recovering from the accident. One of them is that the crontab command did not work as usual. I have to run the instruction below to fix it.

sudo apt reinstall cron

Linux is also fragile, please don't be such silly thing next time. I told myself. PS: This time I also set a root password as well, so next time I could run su - root directly instead of going to the single user mode.

Fix the ‘Too Many Open Files’ Error in a systemd service in Linux

In short:

Change the service file, and add two lines after [Service] line,


If you want to know more, read the Reference

SELinux sucks?! Safety always means inconvenient, right!

Just record what I made Nginx working with a project located in someone's HOME directory on a Linux machine with SELinux on.

  1. Nginx seems working normally, but it actually Didn't listen to a non-80 port at all. If it reports ValueError: Port tcp/8081 already defined, replace -a with -m.

    semanage port -a -t http_port_t -p tcp 8081

Reference1 Reference2

  1. telnet localhost 8081 works, but telnet 8081 from another machine not working!

    firewall-cmd --permanent --add-port=8081/tcp
    firewall-cmd --reload

  2. Everything seems working good, but when you visit your site, Nginx just gives you a 403! You should ensure Nginx can access your project directory, everyone knows that, but is not enough when SELinux is on.

    setsebool -P httpd_enable_homedirs 1
    setenforce 0
    systemctl restart nginx
    systemctl daemon-reload