linux – Debian – How to create an image file .img of your current system as a backup

I am new to Linux Embedded, and I am now trying to make sure I back up my system before making changes. I intend to use dd if=/dev/sdX of=/destinationPath/backup.img to create the image file and save it to my 16GB sd card, so if something goes wrong, I can just reboot my device using the backup.img file.

My question is how to determine which partition should I use as the input sdX in the command line dd dd if=/dev/sdX of=/destinationPath/backup.img. Specifically, this is my system:

root@fun-shrimp:~# lsblk
NAME         MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
mmcblk0      179:0    0  7.3G  0 disk
├─mmcblk0p1  179:1    0  128M  0 part /boot
├─mmcblk0p2  179:2    0    1M  0 part
├─mmcblk0p3  179:3    0    2G  0 part /home
└─mmcblk0p4  179:4    0  5.1G  0 part /
mmcblk0boot0 179:32   0    4M  1 disk
mmcblk0boot1 179:64   0    4M  1 disk
mmcblk0rpmb  179:96   0    4M  0 disk
mmcblk1      179:128  0 14.9G  0 disk  <------ My 16GB SD card
└─mmcblk1p1  179:129  0 14.9G  0 part
root@fun-shrimp:~#

Also, is there anything I should be aware of when doing this?

ssh connection refused on Debian 7

I cannot ssh to my Debian 7 server anymore. It happened after I tried to upgrade some packages on this old distro (including libc6…). Uptime is almost 2200 days! I do not even want to risk restarting it.

ssh -V returns OpenSSH_6.0p1 Debian-4+deb7u7, OpenSSL 1.0.1t 3 May 2016

I somehow still have an active ssh connection on Putty as a root so I can still run commands. Hopefully I will not lose it before I fix this massive issue!

nothing outputs when I run /etc/init.d/ssh restart, it just prompts a new line for new commands.

ps -f -p $(pgrep sshd) shows a pid and uid root

/usr/sbin/sshd does not exist

cat /etc/ssh/sshd_config shows nothing any different than it has always been. I run it on port 22000. No issues since 6 years until now. I now explicitly opened the port 22000 on iptables just to make sure but nothing changed.

sftp -oPort=22000 -vvv root@redacted_for_privacy shows

OpenSSH_6.0p1 Debian-4+deb7u7, OpenSSL 1.0.1t  3 May 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to redacted_for_privacy (123.456.redacted_for_privacy.123) port 22000.
debug1: connect to address 123.456.redacted_for_privacy.123 port 22000: Connection refused
ssh: connect to host redacted_for_privacy port 22000: Connection refused
Couldn't read packet: Connection reset by peer

command netstat -tulpn | grep 22000 returns nothing, however it does return udp6 for 22

command ps aux | grep sshd returns :

root     12247  0.0  0.0  29920  1252 pts/0    T    Nov21   0:00 vim /etc/ssh/sshd_config
root     12248  0.0  0.0  29924  1308 pts/0    T    Nov21   0:00 vim /etc/ssh/sshd_config
root     25974  0.0  0.0   6312   788 pts/0    S+   01:09   0:00 grep sshd
root     31003  0.0  0.0  81232  3932 ?        Ss   Nov21   0:14 sshd: root@pts/0

vim is because i set PermitRootLogin yes (it had always been set at without-password). 31003 is sshd pid

I also tried to reinstall:
apt-get install openssh-server but it returned
openssh-server : Depends: openssh-client (= 1:6.0p1-4+deb7u4) but 1:6.0p1-4+deb7u7 is to be installed
and E: Unable to correct problems, you have held broken packages. which is probably very true considering the ugly tinkerings I tried in order to upgrade libc6!

tail -f /var/log/auth.log when I try to ssh via WinSCP does not show any new line appending. either trying on port 22 or custom 22000.

netstat -ntlp returns

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN      12431/proftpd: (acc
tcp        0      0 0.0.0.0:3129            0.0.0.0:*               LISTEN      4374/(squid)
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      4917/nginx
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      7231/mysqld
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      10330/perl
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      4917/nginx

I tried behind a different ip, I’m sure I did not jail myself.

The 4 websites hosted on it currently keep working as if nothing ever happened.

I am out of ideas and desperate. What else should I check/try? I believe it is not running sshd but I have not idea how to restart it. I do not have systemctl, neihter service sshd restart, and nothing in /etc/init.d/

debian – Different Route on danted

i have a debian server with danted, and a proxy.

I use Chaining like that :

route {
from: 0.0.0.0/0 to: 0.0.0.0/0 via: x.x.x.1 port = xxxx
proxyprotocol: socks_v5
protocol: tcp
}

All is okay, but i would like to put another proxy, and every request danted passing the request in route1 and route2 …

I try to put another route but is not working ..

Infact i would like to create a rotating proxy per request..

debian – Nextcloud internal server error after server upgrade

I upgraded my server today from Debian 9 to Debian 10 and installed PHP 7.3 with all modules needed for NC but when I try to open the website I get “internal server error. More details can be found in the server log” but there is nothing helpful (for me).

So please tell me where I can find information what problem my Nextcloud has. Other PHP based sites on same server are working fine.
Here some details and log entrys from the server:

  • PHP 7.3.24
  • OS Debian 10.6
  • Apache 2.4.38
  • Nextcloud 16.0.11

nextcloud error log (debug level):

(Sat Nov 14 12:39:40.862690 2020) (proxy:debug) (pid 30052:tid 140451933021952) proxy_util.c(2406): (client 87.172.229.216:64468) AH02545: fcgi: has determined UDS as /run/php/php7.3-fpm.sock, referer: https://myDomain.de/
(Sat Nov 14 12:39:40.862857 2020) (proxy:debug) (pid 30052:tid 140451933021952) proxy_util.c(2578): (client 87.172.229.216:64468) AH00947: connected /var/www/html/nextcloud/index.php to httpd-UDS:0, referer: https://myDomain.de/
(Sat Nov 14 12:39:40.862916 2020) (proxy:debug) (pid 30052:tid 140451933021952) proxy_util.c(2949): AH02823: FCGI: connection established with Unix domain socket /run/php/php7.3-fpm.sock (*)
(Sat Nov 14 12:39:40.874073 2020) (proxy:debug) (pid 30052:tid 140451933021952) proxy_util.c(2331): AH00943: FCGI: has released connection for (*)
(Sat Nov 14 12:39:40.874123 2020) (http2:debug) (pid 30052:tid 140451933021952) h2_task.c(87): (client 87.172.229.216:64468) AH03348: h2_task(64-15): open output to GET myDomain.de /index.php
(Sat Nov 14 12:39:40.874262 2020) (http2:debug) (pid 30052:tid 140451916187392) h2_session.c(1387): (client 87.172.229.216:64468) AH03073: h2_stream(64-15,HALF_CLOSED_REMOTE): submit response 500, REMOTE_WINDOW_SIZE=12582912
(Sat Nov 14 12:39:40.874298 2020) (http2:debug) (pid 30052:tid 140451916187392) h2_session.c(1541): (client 87.172.229.216:64468) AH02936: h2_stream(64-15,HALF_CLOSED_REMOTE): resumed
(Sat Nov 14 12:39:40.874326 2020) (http2:debug) (pid 30052:tid 140451916187392) h2_session.c(593): (client 87.172.229.216:64468) AH03068: h2_session(64,BUSY,1): sent FRAME(HEADERS(length=67, hend=1, stream=15, eos=0)), frames=10/4 (r/s)
(Sat Nov 14 12:39:40.874369 2020) (http2:debug) (pid 30052:tid 140451916187392) h2_session.c(593): (client 87.172.229.216:64468) AH03068: h2_session(64,BUSY,1): sent FRAME(DATA(length=289, flags=1, stream=15, padlen=0)), frames=10/5 (r/s)
(Sat Nov 14 12:39:40.874484 2020) (http2:debug) (pid 30052:tid 140451916187392) h2_bucket_beam.c(1279): (client 87.172.229.216:64468) beam(64-15,output,closed=1,aborted=1,empty=1,buf=0): AH03385: h2_task_destroy, reuse secondary
(Sat Nov 14 12:39:40.874545 2020) (http2:debug) (pid 30052:tid 140451916187392) h2_session.c(1698): (client 87.172.229.216:64468) AH03078: h2_session(64,IDLE,0): transit (BUSY) -- no io (keepalive) --> (IDLE)
(Sat Nov 14 12:39:40.879559 2020) (http2:debug) (pid 30052:tid 140451899385600) h2_session.c(341): (client 87.172.229.216:64468) AH03066: h2_session(64,IDLE,0): recv FRAME(SETTINGS(ack=1, stream=0)), frames=10/5 (r/s)
(Sat Nov 14 12:39:45.879604 2020) (http2:debug) (pid 30052:tid 140451907786496) h2_session.c(593): (client 87.172.229.216:64468) AH03068: h2_session(64,IDLE,0): sent FRAME(GOAWAY(error=0, reason='timeout', last_stream=15)), frames=11/6 (r/s)
(Sat Nov 14 12:39:45.879797 2020) (http2:debug) (pid 30052:tid 140451907786496) h2_session.c(753): (client 87.172.229.216:64468) AH03069: h2_session(64,IDLE,0): sent GOAWAY, err=0, msg=timeout
(Sat Nov 14 12:39:45.879838 2020) (http2:debug) (pid 30052:tid 140451907786496) h2_session.c(1698): (client 87.172.229.216:64468) AH03078: h2_session(64,DONE,0): transit (IDLE) -- local goaway --> (DONE)
(Sat Nov 14 12:39:45.879849 2020) (http2:debug) (pid 30052:tid 140451907786496) h2_session.c(1698): (client 87.172.229.216:64468) AH03078: h2_session(64,CLEANUP,0): transit (DONE) -- pre_close --> (CLEANUP)
(Sat Nov 14 12:39:45.880031 2020) (ssl:debug) (pid 30052:tid 140451907786496) ssl_engine_io.c(1106): (client 87.172.229.216:64468) AH02001: Connection closed to child 65 with standard shutdown (server myDomain.de:443)

Nextcloud access log

(14/Nov/2020:12:35:09 +0100) "GET /status.php HTTP/1.1" 500 -
(14/Nov/2020:12:35:09 +0100) "GET /status.php HTTP/1.1" 500 -
(14/Nov/2020:12:35:41 +0100) "GET /status.php HTTP/1.1" 500 -
(14/Nov/2020:12:35:41 +0100) "GET /status.php HTTP/1.1" 500 -

boot – Trying to fix Windows 10 startup crash after Debian install

I’ve had this same Windows installation for numerous years running on a Samsung SSD. I decided to go out and buy an NVMe drive to install Debian on. Installation went well with no issues and I’ve been running and setting up Debian for a couple days. Today I tried going back to Windows and encountered a boot loop.

My first thought was perhaps I messed up the partion-table for Debian, selecting UEFI instead of Legacy MBR (which my Windows is running as). After confirmation they’re both msdos I moved on.

  • Windows Startup repair is unable to resolve the error and fails
  • Windows System Restore failed
  • Windows Live CD Startup repair failed with an error
  • Tried disabling Fast Boot in BIOS
  • Disabled UEFI in BIOS entirely
  • Tried different menu-entries for Grub
  • Tried boot repair (both recommended and manual)
  • Tried bootrec /fixmbr
  • Tried bootrec /fixboot (access denied)
  • Tried Lilo to rebuild MBR

Despite everything I have tried, I’m still unable to get Windows to boot. Any advice?

debian – Bind9 DNS configuration for a private sub-domain from a public domain name

We currently have a private DNS service that we wish to migrate to Bind9. So I have to migrate the current configuration to Bind9, but I’m having trouble setting it up.

Here is the context.

I have a public domain name “acme.com” managed by a registrar. At this registrar I manage public domain names, such as :

acme.com        IN  A  < Public IP server 1 >
www.acme.com    IN  A  < Public IP server 1 >
*.acme.com      IN  A  < Public IP server 1 >
other.acme.com  IN  A  < Public IP server 2 >

On the company’s internal DNS server, we have sub-domain names for “acme.com” such as “application-1.acme.com“.

The configuration of Bind9 that I made allows me for the moment to resolve public domain names like “google.com” and also private domain names like “application-1.acme.com“.

However, if I try to resolve domain names managed by our registrar, such as “acme.com” or “www.acme.com“, the DIG application gives me this answer :

dig @10.0.0.254 acme.com
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> @10.0.0.254 acme.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25017
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: a231205f94a3ec92010000005fa95de884db288162c0f9b9 (good)
;; QUESTION SECTION:
;acme.com.                      IN      A
;; AUTHORITY SECTION:
acme.com.               600     IN      SOA     ns1.acme.inc. admin. acme.inc. 2020110501 3600 600 86400 600
;; Query time: 2 msec
;; SERVER: 192.168.0.245 #53(10.0.0.254)
;; WHEN: Mon Nov 09 16:19:03 CET 2020
;; MSG SIZE  rcvd: 124

Here is my named.conf file:

acl "trusted" {
        // some ip range
};
options {
        directory "/var/cache/bind";
        listen-on { any; };
        listen-on-v6 { any; };
        allow-query { any; };
        allow-transfer { none; };
        pid-file "/var/run/named/named.pid";
        allow-recursion { trusted; };
        recursion yes;
        forward only;
        forwarders { 8.8.8.8;  8.8.4.4; };
        dnssec-validation auto;
        auth-nxdomain no;
};
view "trusted" {
    match-clients { trusted; };
    recursion yes;
    zone "acme.com" IN {
      type master;
      file "/etc/bind/zones/acme.com.zone";
    };
};

And here the acme.com.zone file:

$TTL    3600;
@       IN      SOA     ns1.acme. admin.acme. (
                     2020110501;
                           3600;
                            600;
                          86400;
                            600 );
        IN      NS     ns1.acme.

ns1.acme.      IN     A            10.0.0.254

application-1  IN     A            10.0.1.1
application-2  IN     A            10.0.1.2
application-3  IN     A            10.0.1.3

I do not understand what’s wrong with my settings.

ubuntu – IS this error an Ancient “su – hostile” vulnerability in Debian 8 & 9 ? $ bash: cannot set terminal process group (-1): Inappropriate ioctl for device

Just received this error >>

bash: cannot set terminal process group (-1): Inappropriate ioctl for device

then the disk partition went into READ-Only mode ; also noticed gnome-software was communicating both upload and download over the internet.

Here is a description of this 2012 Security Issue (below) ** ; so I expect, but don’t know how to confirm True/False, that 2020 Security patches MAY have “Fixed This” by Bombing Out and Setting Disk Read-ONLY as I just Witnessed. 2012 Security Issue Description ** Ancient “su – hostile” vulnerability in Debian 8 and 9 ? Here >> https://www.halfdog.net/Security/2012/TtyPushbackPrivilegeEscalation/ and Here >> https://news.ycombinator.com/item?id=17311808

Steps Taken so far: (Simply) Reinstalled existing software as per : gnome-software (version 3.20.5-0ubuntu0.16.04.13) will be re-installed gnome-software-common (version 3.20.5-0ubuntu0.16.04.13) will be re-installed

Any suggestions to confirm the hack failed, or to prevent the hack from setting partition to Read-Only from happening again appreciated.

linux – Nautilus does ‘t open in Debian 10

The command nautilus does’t show any window and does’t return.
There is no error message.

I tried apt purge nautilus && apt install nautilus and reboot without any success.

I am using Debian GNU/Linux 10 (buster) and Gnome 3.30.2.

My more general question is how to track this kind of issue? Is there any log file where gnome prints warnings and errors?

debian – loginctl : connection timed out

I have a Debian 10 (buster) computer on which most of unix commands took about 30 seconds to complete.

I have the following logs on Debian daemon.log :

sshd(1232): pam_systemd(sshd:session): Failed to create session: Connection timed out
su(1293): pam_systemd(su:session): Failed to create session: Connection timed out

When I do a simple loginctl, it also took about 30 seconds to complete, and return a timeout. Same for an SSH connection, the connection succeeded but after a 30 seconds delay..

root@computer:~# loginctl
Failed to list sessions: Connection timed out

I have checked internet connexion and dns, and it works :

$ wget google.fr
... OK ...

I haven’t setup the machine myself. But I can see that NIS and SAMBA seems to be used to connect to some Active Directory I guess

I have checked every debian logs in /var/log, but I have nothing except the recurrent message Connection time out..

The problem is that I don’t know which kind of connection such errors messages refers to (a NIS connection ? a SAMBA connection ?), because the errors are not explicit at all..

Have you some tips to help me debugging such issue ?

Thanks!

debian – SSH changing port issue

I’m running Debian 10. I’ve read like 10 instructions on how to change default SSH port from 22 to any desired but none of it seem to work.

I changed #Port 22 to Port 1111 in /etc/ssh/sshd_config. Restarted the service with service ssh restart and even rebooted the server.

And then I tried to connect: ssh -p 1111 user@hostname to no avail. It looks like the port is not open but I have no firewall whatsoever.

Seconly I tried to connect the usual way: ssh user@hostname which gives me ssh: connect to host hostname port 22: Connection refused.

service ssh status gives me

Nov 04 05:32:04 localhost systemd(1): Starting OpenBSD Secure Shell server...
Nov 04 05:32:04 localhost sshd(904): Server listening on 0.0.0.0 port 1111.
Nov 04 05:32:04 localhost sshd(904): Server listening on :: port 1111.
Nov 04 05:32:04 localhost systemd(1): Started OpenBSD Secure Shell server.

~# ss -tulpn | grep 1111
tcp   LISTEN 0      128                              0.0.0.0:1111       0.0.0.0:*                                                                                users:(("sshd",pid=904,fd=3))                                                  
tcp   LISTEN 0      128                                 (::):1111          (::):*                                                                                users:(("sshd",pid=904,fd=4))                                                 

Am I doing something wrong?