debian stable bootstrap

apk add debootstrap arch-install-scripts

prepare partition

doas mkfs.ext4 -O ^has_journal /dev/nvme0n1p3

doas mount /dev/nvme0n1p3 /mnt

bootstrap using debootstrap

--print-debs for listing pkg to be installed

debian

available releases are stable,testing,unstable

debootstrap --variant=minbase  stable /mnt http://deb.debian.org/debian/

debootstrap --include=apt,bash,dpkg stable  /mnt http://deb.debian.org/debian/

ubuntu

sudo debootstrap --arch amd64 jammy http://np.archive.ubuntu.com/ubuntu/

--extractor =ar if you are using old apt without zstd support to install new image

devuan

http://deb.devuan.org/merged/dists/

https://git.devuan.org/devuan/debootstrap/src/branch/suites/unstable/scripts/chimaera

doas debootstrap --arch amd64 chimaera /mnt http://deb.devuan.org/merged

/usr/share/debootstrap/scripts/Chimaera

security updates

nano /etc/apt/sources.list

deb http://deb.devuan.org/merged chimaera main contrib non-free

deb http://deb.devuan.org/merged chimaera-security main

deb http://deb.devuan.org/merged chimaera-updates main

`mirrorlist generator`

https://debgen.simplylinux.ch/

add security updates to apt

cat   /mnt/etc/apt/sources.list                                      
deb http://np.archive.ubuntu.com/ubuntu jammy main universe restricted
deb http://np.archive.ubuntu.com/ubuntu jammy-security main universe restricted
deb http://np.archive.ubuntu.com/ubuntu jammy-updates  main universe restricted


  apt install initramfs-tools efibootmgr iwd resolvconf ubuntu-drivers-common  linux-oem-22.04 
 
 
oem dirver is hardware specific . find your own.

debconf configure needs dialog based frontend  : whiptail,dialog,xdialog,

cat  /usr/share/perl5/Debconf/FrontEnd/Dialog.pm  to see  how frontends are called

 1. Dialog    3. Gnome  5. Editor
  2. Readline  4. Kde    6. Noninteractive

dpkg-reconfigure --frontend dialog debconf


 dpkg-reconfigure debconf

dpkg-reconfigure tzdata
dpkg-reconfigure locales
dpkg-reconfigure keyboard-configuration

  dpkg-reconfigure console-setup

sudo update-alternatives --config editor
 
/etc/default/keyboard 
/etc/default/console-setup

## setting hostname

echo "hostname" > /etc/hostname
echo "127.0.1.1 hostname" >> /etc/hosts

install from alpine linux

doas apk add debootstrap

doas debootstrap kali-rolling ~/kali/ http://http.kali.org/kali

maybe --variant=minbase

without systemd cant use sway,gtk3 or any adveance wm /de on debian/kali

CHROOT into /mnt

doas arch-chroot /mnt

export TERM=linux

source /etc/profile

custom chroot script if no arch-install-scripts

nano arch-chroot

  mount --rbind /dev /mnt/dev && mount --make-rslave /mnt/dev
 mount --rbind /dev/pts /mnt/dev/pts && mount --make-rslave /mnt/dev/pts
 mount --rbind /proc /mnt/proc && mount --make-rslave /mnt/proc
 mount --rbind /sys /mnt/sys && mount --make-rslave /mnt/sys

 cp --dereference  /etc/resolv.conf /mnt/etc

chroot  /mnt /bin/bash

 sudo bash arch-chroot

Repo config and add security,update repo

source list generator

https://debgen.simplylinux.ch/

apt install neofetch --no-install-recommends

 apt install nano --no-install-recommends

 nano /etc/apt/sources.list

deb http://deb.debian.org/debian/ stable main

deb http://deb.debian.org/debian/ stable-updates main

deb http://security.debian.org/debian-security stable-security main

cat /etc/sources.list.d/debian.sources

Types: deb
# http://snapshot.debian.org/archive/debian/20230919T000000Z
URIs: http://deb.debian.org/debian
Suites: sid   
Components: main
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

https://www.debian.org/security/#keeping-secure

multimedia repo

read first https://www.deb-multimedia.org/  mat have problem in upding  due to pkg  conflicts

 apt install curl wget apt-transport-https dirmngr


###### 3rd Party Binary Repos
###Debian Multimedia
deb [arch=amd64,i386] https://www.deb-multimedia.org buster main non-free

remove some files from dpkg

cat /etc/dpkg/dpkg.cfg.d/excludes
# Drop locales except English
path-exclude=/usr/share/locale/*
path-include=/usr/share/locale/en/*
path-include=/usr/share/locale/en@quot/*
path-include=/usr/share/locale/en@boldquot/*
path-include=/usr/share/locale/en@shaw/*
path-include=/usr/share/locale/en_US/*
path-include=/usr/share/locale/locale.alias

# Drop translated manual pages except english
path-exclude=/usr/share/man/*
path-include=/usr/share/man/man[1-9]/*
path-include=/usr/share/man/en*/*

apt install nnn -no-install-recommends

run nnn as root and remove residue dir in /usr/share/locale,man

nnn /usr/share/locale

space on folder to  keep and shift a to reverse selection  and x  and  s and y to delete

nnn /usr/share/man

clean locale

/var/lib/locales/supported.d/

/etc/default/locale

 update-locale LANG=en_US.UTF-8

/usr/share/i18n/SUPPORTED

cat /etc/locale.gen

sudo locale-gen

sudo locale-gen --purge en_US.UTF-8

locale -a
localedef --list-archive
localectl list-locales

sudo locale-a

sudo dpkg-reconfigure locales

apt/apt-get clean → cleans the packages and install script in /var/cache/apt/archives/
apt/apt-get autoclean → cleans obsolete deb-packages, less than clean
apt/apt-get autoremove → removes orphaned packages which are not longer needed from the system, but not purges them, use the --purge option together with the command for that.

apt disable recommend package

list  file downloaded are from

http://deb.debian.org/debian/dists/stable/main/binary-amd64/

gz=12M,12M,

xz=8.5M,9.8M

saved in /var/lib/apt/lists/ as extracted or comressed format( if specified to )  main , contrib, non-free, non-free-firmware

sudo nano /etc/apt/apt.conf.d/90recommend

APT::Install-Recommends "0";

APT::Install-Suggests "0";

Apt::AutoRemove::SuggestsImportant "0";

APT::AutoRemove::RecommendsImportant "0";

disable downloading translated package name index

/etc/apt/apt.conf.d/99translations

Acquire::Languages "none";

# Disable source package cache which most users will never use

Dir::Cache::srcpkgcache "";

##dont etxtract package list, some operation like apt show pkgname becomes slow (anything that reads package list)

Acquire::GzipIndexes "true";

Acquire::IndexTargets::deb::Packages::KeepCompressedAs "xz"; Acquire::IndexTargets::deb::Translations::KeepCompressedAs "xz"; Acquire::IndexTargets::deb-src::Sources::KeepCompressedAs "xz";

#default lz4 is kept

another style /etc/apt.conf.d/all

-------------------------------------------------------

APT { Install-Recommends "0"; Install-Suggests "0"; Autoremove { SuggestsImportant "0"; RecommendsImportant "0"; }; }; Acquire { Languages "none"; GzipIndexes "1"; }; Dir::Cache::srcpkgcache "";

-------------------------------------------------------

expalination:

Option: APT::AutoRemove::RecommendsImportant

Default: true

Description: If this option is true, the aptitude will not consider packages to be unused (and thus will not automatically remove them) as long as any installed package recommends them, even if APT::Install-Recommends is false. For more information, see the section called “Managing automatically installed packages”.

Option: APT::AutoRemove::SuggestsImportant

Default: true

Description: If this option is true, then aptitude will not consider packages to be unused (and thus will not automatically remove them) as long as any installed package suggests them. For more information, see the section called “Managing automatically installed packages”.

Option: APT::Install-Recommends

Default: true

Description: If this option is true and Aptitude::Auto-Install is true, then whenever you mark a package for installation, aptitude will also mark the packages it recommends for installation. Furthermore, if this option is true, aptitude will not consider packages to be unused (and thus will not automatically remove them) as long as any installed package reommends them. For more information, see the section called “Managing automatically installed packages” and the section called “Immediate dependency resolution”.

GzipIndexes
           When downloading gzip compressed indexes (Packages, Sources, or
           Translations), keep them gzip compressed locally instead of
           unpacking them. This saves quite a lot of disk space at the expense
           of more CPU requirements when building the local package caches.
           False by default.

CompressionTypes
           List of compression types which are understood by the acquire
           methods. Files like Packages can be available in various
           compression formats. By default the acquire methods can decompress
           and recompress many common formats like xz and gzip; with this
           scope the supported formats can be queried, modified as well as
           support for more formats added (see also APT::Compressor). The
           syntax for this is:

               Acquire::CompressionTypes::FileExtension "Methodname";

           Also, the Order subgroup can be used to define in which order the
           acquire system will try to download the compressed files. The
           acquire system will try the first and proceed with the next
           compression type in this list on error, so to prefer one over the
           other type simply add the preferred type first - types not already
           added will be implicitly appended to the end of the list, so e.g.

               Acquire::CompressionTypes::Order:: "gz";

           can be used to prefer gzip compressed files over all other
           compression formats. If xz should be preferred over gzip and bzip2
           the configure setting should look like this:

               Acquire::CompressionTypes::Order { "xz"; "gz"; };

           It is not needed to add bz2 to the list explicitly as it will be
           added automatically.

Note that the Dir::Bin::Methodname will be checked at run time. If
           this option has been set and support for this format isn't directly
           built into apt, the method will only be used if this file exists;
           e.g. for the bzip2 method (the inbuilt) setting is:

               Dir::Bin::bzip2 "/bin/bzip2";

           Note also that list entries specified on the command line will be
           added at the end of the list specified in the configuration files,
           but before the default entries. To prefer a type in this case over
           the ones specified in the configuration files you can set the
           option direct - not in list style. This will not override the
           defined list; it will only prefix the list with this type.

           The special type uncompressed can be used to give uncompressed
           files a preference, but note that most archives don't provide
           uncompressed files so this is mostly only usable for local mirrors.


       PDiffs
           Try to download deltas called PDiffs for indexes (like Packages
           files) instead of downloading whole ones. True by default.
           Preferably, this can be set for specific sources.list(5) entries or
           index files by using the PDiffs option there.

           Two sub-options to limit the use of PDiffs are also available:
           FileLimit can be used to specify a maximum number of PDiff files
           should be downloaded to update a file.  SizeLimit on the other hand
           is the maximum percentage of the size of all patches compared to
           the size of the targeted file. If one of these limits is exceeded
           the complete file is downloaded instead of the patches.

ignore/ban some package

cat /etc/apt/preferences.d/ignored-packages
Package: grub-common grub2-common grub-pc grub-pc-bin grub-gfxpayload-lists
Pin: release *
Pin-Priority: -1

ubuntu blocklist


Package: snapd cloud-init landscape-common popularity-contest ubuntu-advantage-tools
Pin: release *
Pin-Priority: -1

testing using systemd as block

remove residual config files ( dpkg -l shows ^rc)

dpkg --list |grep "^rc" | cut -d " " -f 3 | xargs sudo dpkg --purge

install some package

apt install bash-completion

. /etc/bash_completion

apt install xserver-xorg-core

apt install xserver-xorg-input-libinput

for runit

runit still use sysv at 0 and 1 stage

apt install runit-init

readlink -f /sbin/init

/usr/lib/runit/runit-init

for sysv

sudo apt install initscripts sysv-rc-conf sysvinit-core sysvinit-utils

pstree -Ap

id:runlevels:action:process

nano /etc/inittab

Default runlevel

# The default runlevel.
 id:2:initdefault:

`boot loader: sysvinit`

debian still maintains sysvinit init system for base packages only. systemd is only official supported 

 # Boot-time system configuration/initialization script.
  # This is run first except when booting in emergency (-b) mode.
  si::sysinit:/etc/init.d/rcS

cat  /etc/init.d/rcS

#!/bin/sh
 # Call all S??* scripts in /etc/rcS.d/ in numerical/alphabetical order
  exec /etc/init.d/rc S

`Runlevels`

# /etc/init.d executes the S and K scripts upon change
# of runlevel.
#
# Runlevel 0 is halt.
# Runlevel 1 S  is single-user.
# Runlevels 2-5 are multi-user.
# Runlevel 6 is reboot.

l0:0:wait:/etc/init.d/rc 0
l1:1:wait:/etc/init.d/rc 1
l2:2:wait:/etc/init.d/rc 2
l3:3:wait:/etc/init.d/rc 3
l4:4:wait:/etc/init.d/rc 4
l5:5:wait:/etc/init.d/rc 5
l6:6:wait:/etc/init.d/rc 6

`Getty and logins`

# /sbin/getty invocations for the runlevels.
#
# The "id" field MUST be the same as the last
# characters of the device (after "tty").
#
# Format:
#  <id>:<runlevels>:<action>:<process>
#
# Note that on most Debian systems tty7 is used by the X Window System,
# so if you want to add more getty's go ahead but skip tty7 if you run X.
#
1:2345:respawn:/sbin/getty --noclear 38400 tty1
2:23:respawn:/sbin/getty 38400 tty2
#3:23:respawn:/sbin/getty 38400 tty3
#4:23:respawn:/sbin/getty 38400 tty4
#5:23:respawn:/sbin/getty 38400 tty5
#6:23:respawn:/sbin/getty 38400 tty6

Single-user boot

 # What to do in single-user mode.
~~:S:wait:/sbin/sulogin --force

# Normally not reached, but fallthrough in case of emergency.
z6:6:respawn:/sbin/sulogin --force

Ctrl+Alt+Del

# What to do when CTRL-ALT-DEL is pressed.
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now

Power-sensing scripts

Init can communicate with your UPS device and execute processes based on the status of the UPS. Here are some examples:

# What to do when the power fails/returns.
pf::powerwait:/etc/init.d/powerfail start
pn::powerfailnow:/etc/init.d/powerfail now
po::powerokwait:/etc/init.d/powerfail stop

switching runlevel

passing n to kernel parameter

/sbin/telinit n

telinit q causes init to re-examine inittab but not switch runlevel.

Warning: Always test a modified /etc/inittab with telinit q before you reboot,

or a small syntax error can prevent your system from booting.

man 5 inittab

man 8 init

Disable an init script

/sbin/update-rc.d <script name> remove

 https://web.archive.org/web/20181019155813/http://www.linux-tutorial.info/modules.php?name=MContent&pageid=65

 https://rs1.es/tutorials/2022/03/06/sysvinit.html#openrc

enable an init script

Create a symbolic link to /etc/rc<runlevel>.d/

update-rc.d test-init defaults

remove extra tty

rm /etc/runit/runsvdir/current/getty-tty[3-6]

boot loader : systemd-boot

#using systemd-boot

#sudo apt install systemd-boot

sudo apt install tiny-initramfs

sudo apt install linux-image-amd64

blkid to get uuid of root

cat /etc/fstab

UUID=9dc57367-b107-4c9f-9a76-150dc47ae249 / btrfs rw,noatime,compress=zstd:3,ssd,space_cache=v2,subvolid=5,subvol=/ 0 0

UUID=e0eeee06-09f6-41cc-a7ac-b0ff3f48fc9e /home ext4 rw,noatime 0 0

tips: you dont need fstab entry for root if you pass root parameter in kernel.

with arch-install-scripts run as root user

genfstab -U /mnt >> /mnt/etc/fstab

cat /mnt/loader/entries/debian.conf
title Kali
linux /vmlinuz-kali
initrd /initramfs-kali

cat /mnt/loader/entries/kali.conf
title Kali
linux /vmlinuz-kali
initrd /initramfs-kali
options rd.driver.pre=btrfs rootfstype=btrfs root=UUID=9dc57367-b107-4c9f-9a76-150dc47ae249 rootflags=rw,noatime,compress quiet

options rootfstype=btrfs root=UUID=9dc57367-b107-4c9f-9a76-150dc47ae249 rootflags=rw,noatime,subvolid=5,subvol=/ quiet

even without subvol and compress parameter it mounts fine.

options rootfstype=ext4 root=UUID=9dc57367-b107-4c9f-9a76-150dc47ae249 rootflags=rw,noatime quiet loglevel=3 systemd.show_status=auto rd.udev.log_level=3

##with this as kernel parameter you can remove fstab root entry to avoid wasting time remounting rootfs

noauto,x-systemd.automount for /home partition to fsck and mount on first access at fstab

https://wiki.archlinux.org/title/Improving_performance/Boot_process

cat /etc/tmpfiles.d/home.conf

`silent boot`

touch ~/.hushlogin

rootflag in kernel

quiet loglevel=3 systemd.show_status=auto rd.udev.log_level=3

Note that if you often receive Core temperature above threshold, cpu clock throttled messages in the kernel log, you need to use log level 2 to silence these at boot time.

/etc/sysctl.d/20-quiet-printk.conf

kernel.printk = 3 3 3 3

agetty

/etc/systemd/system/[email protected]/skip-prompt.conf
[Service]
ExecStart=
ExecStart=-/usr/bin/agetty --skip-login --nonewline --noissue --autologin username --noclear %I $TERM

https://wiki.archlinux.org/title/Silent_boot

https://github.com/RobertCsordas/arch-efiboot

apt install firmware-realtek sudo neofetch debsecan wpasupplicant linux-image-amd64

apt search linux-image

Timezone

dpkg-reconfigure tzdata

Localization

apt install locales
dpkg-reconfigure locales

locale -a

 cat /etc/default/locale

LANG=en_US.UTF-8

https://wiki.debian.org/Locale

apt install dialog

dpkg-reconfigure locale

keyboard

apt install console-setup
dpkg-reconfigure keyboard-configuration

Hostname

/etc/hostname

name

/etc/hosts

127.0.0.1 localhost
::1 localhost
127.0.1.1 name

Network

apt install iwd openresolv dbus

User accounts

passwd

adduser kai

passwd kai

adduser username wheel

apt install sudo

cat /etc/doas.d/doas.conf
doas (kai@(none)) password:
permit persist kai
permit nopass kai as root cmd brightnessctl
permit nopass kai as root cmd ntfs-3g
permit nopass kai as root cmd umount

#for non systemd or no polkit reboot

#permit nopass kai as root cmd reboot
#permit nopass kai as root cmd poweroff

for wifi

sudo apt install iwd systemd-resolved

cat /etc/iwd/main.conf
[General]
EnableNetworkConfiguration=true
#AddressRandomization=network
#RoamThreshold=-70
#RoamThreshold5G=-76
[Network]
#EnableIPv6=true

systemctl enable iwd

systemctl enable systemd-resolved

ls -la /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Feb 27 14:30 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf

if its file/static fix it

ln -rsf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

apt install systemd-sysv apt install sway foot wofi alsa-utils apulse dbus-glib-1-2 libxtst6

apt install htop

xorg only setup

for iwctl without root

cat /usr/share/dbus-1/system.d/iwd-dbus.conf
<policy group="kai">
<allow send_destination="net.connman.iwd"/>
</policy>

download firefox

mkdir ~/opt cd ~/opt https://download-installer.cdn.mozilla.net/pub/firefox/releases/110.0/linux-x86_64/en-US/firefox-110.0.tar.bz2 extract to ~/opt apt install lbzip2 tar xf firefox-110.0.tar.bz2cat .bashrc export PATH=$HOME/.bin:$PATH
export NNN_OPENER=$HOME/.bin/nuke cat .bin/firefox
apulse $HOME/opt/firefox/firefox $@

firmwares manual install

blutooth fw

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/qca/rampatch_usb_00000302.bin

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/qca/nvm_usb_00000302.bin

put in /lib/firmware/qca

wifi fw

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/ath10k/QCA9377/hw1.0

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/ath10k/QCA9377/hw1.0/board-2.bin

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/ath10k/QCA9377/hw1.0/board.bin

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/ath10k/QCA9377/hw1.0/firmware-5.bin

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/ath10k/QCA9377/hw1.0/firmware-6.bin

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/ath10k/QCA9377/hw1.0/firmware-sdio-5.bin

download and

cd hw1.0

mkdir -p /lib/firmware/ath10k/QCA9377/hw1.0

mv * /lib/firmware/ath10k/QCA9377/hw1.0

intel graphics fw

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/i915

icl firmware put in /lib/firmware/i915

sudo apt remove firmware-linux-free

intel tuning

https://gist.github.com/Brainiarc7/aa43570f512906e882ad6cdd835efe57?permalink_comment_id=3036915

https://wiki.archlinux.org/title/intel_graphics#Enable_early_KMS

https://wiki.archlinux.org/title/Intel_graphics#Fastboot

cat /etc/modprobe.d/i915.conf
options i915 fastboot=1 enable_fbc=1 enable_guc=3

list obsolete package

apt list ?obsolete

apt list ?essential

apt base-files base-passwd bash bsdutils coreutils dash debianutils diffutils dpkg findutils grep gzip hostname init-system-helpers libc-bin login ncurses-base ncurses-bin perl-base sed sysvinit-utils tar util-linux

apt list --installed | awk -F/ '/\[installed,local\]/{print $1}'

nnn mimetype instead of file

sudo apt install libfile-mimeinfo-perl

mimetype -b build_kernel.sh

application/x-shellscript

nano .bashrc

export NNN_OPENER=nuke

nano nuke

MIMETYPE="$( mimetype -b "${FPATH}" )"

Sensors

get temp

cat /sys/class/thermal/thermal_zone*/type
INT3400 Thermal
TSKN
TMEM
B0D4
x86_pkg_temp

sed 's/000$/°C/' /sys/class/thermal/thermal_zone*/temp
20°C
43050
45050
61050
61°C

hwmon devices

readlink -f /sys/class/hwmon/hwmon*

/sys/devices/pci0000:00/0000:00:1d.4/0000:02:00.0/nvme/nvme0/hwmon0
/sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0003:00/power_supply/AC/hwmon1
/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0A:00/power_supply/BAT0/hwmon2
/sys/devices/platform/dell_smm_hwmon/hwmon/hwmon3
/sys/devices/platform/coretemp.0/hwmon/hwmon4

cat /sys/class/hwmon/hwmon*/name
nvme
AC
BAT0
dell_smm
coretemp

for fan speed

here hwmon3 has dell_smm so it has fan speed

cat /sys/class/hwmon/hwmon3/fan1_input

=============================== ======= ======================================= Name Perm Description =============================== ======= ======================================= fan[1-3]_input RO Fan speed in RPM. fan[1-3]_label RO Fan label. fan[1-3]_min RO Minimal Fan speed in RPM fan[1-3]_max RO Maximal Fan speed in RPM fan[1-3]_target RO Expected Fan speed in RPM pwm[1-3] RW Control the fan PWM duty-cycle. pwm1_enable WO Enable or disable automatic BIOS fan control (not supported on all laptops, see below for details). temp[1-10]_input RO Temperature reading in milli-degrees Celsius. temp[1-10]_label RO Temperature sensor label. =============================== ======= =======================================

legacy /depreciated i8k

cat /proc/i8k 1.0 A17 2J59L02 52 2 1 8040 6420 1 2 1 2 3 4 5 6 7 8 9 10 1.0 1.1 -1 59 -22 0 -22 0 -1 -22
The fields read from ``/proc/i8k`` are:: 1.0 A17 2J59L02 52 2 1 8040 6420 1 2 | | | | | | | | | | | | | | | | | | | +------- 10. buttons status | | | | | | | | +--------- 9. AC status | | | | | | | +-------------- 8. fan0 RPM | | | | | | +------------------- 7. fan1 RPM | | | | | +--------------------- 6. fan0 status | | | | +----------------------- 5. fan1 status | | | +-------------------------- 4. temp0 reading (Celsius) | | +---------------------------------- 3. Dell service tag (later known as 'serial number') | +-------------------------------------- 2. BIOS version +------------------------------------------ 1. /proc/i8k format version

A negative value, for example -22, indicates that the BIOS doesn't return the corresponding information. This is normal on some models/BIOSes.

https://www.kernel.org/doc/Documentation/hwmon/dell-smm-hwmon.rst

pretty format

https://www.kernel.org/doc/html/next/hwmon/dell-smm-hwmon.html

bios version

cat /sys/class/dmi/id/bios_version

serial no

sudo cat /sys/class/dmi/id/board_serial

kernel patches to debian

https://gitlab.com/kalilinux/packages/linux/-/blob/kali/master/debian/patches/series

intel graphics tuning

https://gist.github.com/Brainiarc7/aa43570f512906e882ad6cdd835efe57?permalink_comment_id=3036915

https://wiki.archlinux.org/title/intel_graphics#Enable_early_KMS

cat /etc/modprobe.d/i915.conf
options i915 fastboot=1 enable_fbc=1 enable_guc=3

replace base-files with debian ( for switching distro i.e devian to devuan,kali etc)

https://packages.debian.org/sid/amd64/base-files/download

download from any mirror

dpkg -i base-fiels*.deb

list obsolete package

apt list ?obsolete

 apt list --installed | awk -F/ '/\[installed,local\]/{print $1}'

tricks

ctrl+d = ^D  ## exit terminal

sudo chvt n   ## ctrl+alt+f2 alternative ,switch vt

su -l doesnt preseve env vars, su preserves

after cat binary-file if terminal is crazy reset cmd

adduser name , deluser --remove-home name

home dir of root is /root

basename -a, --multiple -s, --suffix=SUFFIX (suffix to delete) -z, --zero (separator NUL)

Print NAME with any leading directory components removed.

avoid { } ( ) [ ] ' ` " \ / > < | ; ! # & ^ * % @ $ in filename , and space if possible

Each file, directory, named pipe (a way two programs can share data), or physical device has a data structure called an inode which describes its associated attributes such as the user who owns it (owner), the group that it belongs to, the time last accessed, etc.

permission

u=user who owns the file

g=Other users in the group which the file belongs to

o=All other users, world/everyone

For the file/folder, each corresponding permission allows following actions.

r = read = allows owner to examine contents of the file / list contents of the directory.

w = write = allows owner to modify the file / add or remove files in the directory

x = execute = allows owner to run the file as a command / access files in the directory,viewing their attributes, such as the size and the modification time.

ls -l

Type of file (first character)
Access permission of the file (nine characters, consisting of three characters each for user, group, and other in this order)
Number of hard links to the file
Name of the user who owns the file
Name of the group which the file belongs to
Size of the file in characters (bytes)
Date and time of the file (mtime)
Name of the file

first character meaning

character	meaning
`-`	normal file
`d`	directory
`l`	symlink
`c`	character device node
`b`	block device node
`p`	named pipe
`s`	socket

chown is used from the root account to change the owner of the file.

chgrp is used from the file's owner or root account to change the group of the file.

chmod is used from the file's owner or root account to change file and directory access permissions.

note : users may only run chown if they have the target user and group privileges

special permission bits.

The set user ID bit (s or S instead of user's x)
The set group ID bit (s or S instead of group's x)
The sticky bit (t or T instead of other's x)

Setting set group ID on a directory enables the BSD-like file creation scheme where all files created in the directory belong to the group of the directory.

Setting the sticky bit on a directory prevents a file in the directory from being removed by a user who is not the owner of the file. In order to secure contents of a file in world-writable directories such as "/tmp" or in group-writable directories, one must not only reset the write permission for the file but also set the sticky bit on the directory. Otherwise, the file can be removed and a new file can be created with the same name by any user who has write access to the directory.

numeric permission

first digit = sum of suid(4)+sgid(2)+sticky(1)

2nd = read(4),write(2),execute for user

3rd= same for group

4th= same for others

pertinent commands such as test(1), stat(1) and readlink(1). The shell builtin such as "[" or "test"

Umask

Default creation of files/directories is typically 777 or 666

What permissions are applied to a newly created file or directory is restricted by the umask shell builtin command. See dash(1), bash(1), and builtins(7).

 (file permissions) = (requested file permissions) & ~(umask value)

Permissions for groups of users

system-provided groups for file access

group	description for accessible files and devices
`dialout`	full and direct access to serial ports ("`/dev/ttyS[0-3]`")
`dip`	limited access to serial ports for Dialup IP connection to trusted peers
`cdrom`	CD-ROM, DVD+/-RW drives
`audio`	audio device
`video`	video device
`scanner`	scanner(s)
`adm`	system monitoring logs
`staff`	some directories for junior administrative work: "`/usr/local`", "`/home`"

List of types of timestamps

type	meaning (historic Unix definition)
mtime	the file modification time (`ls -l`)
ctime	the file status change time (`ls -lc`)
atime	the last file access time (`ls -lu`)

Overwriting a file changes all of the mtime, ctime, and atime attributes of the file.
Changing ownership or permission of a file changes the ctime and atime attributes of the file.
Reading a file changes the atime attribute of the file on the historic Unix system.
Reading a file changes the atime attribute of the file on the GNU/Linux system if its filesystem is mounted with "strictatime".
Reading a file for the first time or after one day changes the atime attribute of the file on the GNU/Linux system if its filesystem is mounted with "relatime". (default behavior since Linux 2.6.30)
Reading a file doesn't change the atime attribute of the file on the GNU/Linux system if its filesystem is mounted with "noatime".

hardlink=Duplicate name for an existing file

Symbolic link or symlink = Special file that points to another file by name

The hardlink can be made within the same filesystem and shares the same inode number which the "-i" option with ls(1) reveals.

The symlink always has nominal file access permissions of "rwxrwxrwx", with the effective access permissions dictated by permissions of the file that it points to.

named pipe(fifo)

If you write to a named pipe, the process which is writing to the pipe doesn't terminate until the information being written is read from the pipe. If you read from a named pipe, the reading process waits until there is nothing to read before terminating. The size of the pipe is always zero --- it does not store data, it just links two processes like the functionality offered by the shell "|" syntax. However, since this pipe has a name, the two processes don't have to be on the same command line or even be run by the same user.

sockets

device file

here are 2 types of device files.

Character device
- Accessed one character at a time
- 1 character = 1 byte
- E.g. keyboard device, serial port, …
Block device
- accessed in larger units called blocks
- 1 block > 1 byte
- E.g. hard disk,

Table 1.10. List of special device files

device file	action	description of response
`/dev/null`	read	return "end-of-file (EOF) character"
`/dev/null`	write	return nothing (a bottomless data dump pit)
`/dev/zero`	read	return "the `\0` (NUL) character" (not the same as the number zero ASCII)
`/dev/random`	read	return random characters from a true random number generator, delivering real entropy (slow)
`/dev/urandom`	read	return random characters from a cryptographically secure pseudorandom number generator
`/dev/full`	write	return the disk-full (ENOSPC) error

Table 1.14. List of key bindings for bash

key	description of key binding
`Ctrl-U`	erase line before cursor
`Ctrl-H`	erase a character before cursor
`Ctrl-D`	terminate input (exit shell if you are using shell)
`Ctrl-C`	terminate a running program
`Ctrl-Z`	temporarily stop program by moving it to the background job
`Ctrl-S`	halt output to screen
`Ctrl-Q`	reactivate output to screen
`Ctrl-Alt-Del`	reboot/halt the system, see `inittab`(5)
`Left-Alt-key` (optionally, `Windows-key`)	meta-key for Emacs and the similar UI
`Up-arrow`	start command history search under `bash`
`Ctrl-R`	start incremental command history search under `bash`
`Tab`	complete input of the filename to the command line under `bash`
`Ctrl-V` `Tab`	input `Tab` without expansion to the command line under `bash`

The terminal feature of Ctrl-S can be disabled using stty(1).

List of basic Vim key strokes

mode	key strokes	action
`NORMAL`	`:help\|only`	display the help file
`NORMAL`	`:e filename.ext`	open new buffer to edit `filename.ext`
`NORMAL`	`:w`	overwrite current buffer to the original file
`NORMAL`	`:w filename.ext`	write current buffer to `filename.ext`
`NORMAL`	`:q`	quit `vim`
`NORMAL`	`:q!`	force to quit `vim`
`NORMAL`	`:only`	close all other split open windows
`NORMAL`	`:set nocompatible?`	check if `vim` is in the sane `nocompatible` mode
`NORMAL`	`:set nocompatible`	set `vim` to the sane `nocompatible` mode
`NORMAL`	`i`	enter the `INSERT` mode
`NORMAL`	`R`	enter the `REPLACE` mode
`NORMAL`	`v`	enter the `VISUAL` mode
`NORMAL`	`V`	enter the linewise `VISUAL` mode
`NORMAL`	Ctrl-`V`	enter the blockwise `VISUAL` mode
except `TERMINAL-JOB`	`ESC`-key	enter the `NORMAL` mode
`NORMAL`	`:term`	enter the `TERMINAL-JOB` mode
`TERMINAL-NORMAL`	`i`	enter the `TERMINAL-JOB` mode
`TERMINAL-JOB`	Ctrl-`W` `N` (or Ctrl-`\` Ctrl-`N`)	enter the `TERMINAL-NORMAL` mode
`TERMINAL-JOB`	Ctrl-`W` `:`	enter the `Ex`-mode in `TERMINAL-NORMAL` mode

Recording the shell activities

script

some commands....

ctrl+d

basic Unix commands

command	description
`pwd`	display name of current/working directory
`whoami`	display current user name
`id`	display current user identity (name, uid, gid, and associated groups)
`file foo`	display a type of file for the file "`foo`"
`type -p commandname`	display a file location of command "`commandname`"
`which commandname`	, ,
`type commandname`	display information on command "`commandname`"
`apropos key-word`	find commands related to "`key-word`"
`man -k key-word`	, ,
`whatis commandname`	display one line explanation on command "`commandname`"
`man -a commandname`	display explanation on command "`commandname`" (Unix style)
`info commandname`	display rather long explanation on command "`commandname`" (GNU style)
`ls`	list contents of directory (non-dot files and directories)
`ls -a`	list contents of directory (all files and directories)
`ls -A`	list contents of directory (almost all files and directories, i.e., skip "`..`" and "`.`")
`ls -la`	list all contents of directory with detail information
`ls -lai`	list all contents of directory with inode number and detail information
`ls -d`	list all directories under the current directory
`tree`	display file tree contents
`lsof foo`	list open status of file "`foo`"
`lsof -p pid`	list files opened by the process ID: "`pid`"
`mkdir foo`	make a new directory "`foo`" in the current directory
`rmdir foo`	remove a directory "`foo`" in the current directory
`cd foo`	change directory to the directory "`foo`" in the current directory or in the directory listed in the variable "`$CDPATH`"
`cd /`	change directory to the root directory
`cd`	change directory to the current user's home directory
`cd /foo`	change directory to the absolute path directory "`/foo`"
`cd ..`	change directory to the parent directory
`cd ~foo`	change directory to the home directory of the user "`foo`"
`cd -`	change directory to the previous directory
`</etc/motd pager`	display contents of "`/etc/motd`" using the default pager
`touch junkfile`	create a empty file "`junkfile`"
`cp foo bar`	copy a existing file "`foo`" to a new file "`bar`"
`rm junkfile`	remove a file "`junkfile`"
`mv foo bar`	rename an existing file "`foo`" to a new name "`bar`" ("`bar`" must not exist)
`mv foo bar`	move an existing file "`foo`" to a new location "`bar/foo`" (the directory "`bar`" must exist)
`mv foo bar/baz`	move an existing file "`foo`" to a new location with a new name "`bar/baz`" (the directory "`bar`" must exist but the directory "`bar/baz`" must not exist)
`chmod 600 foo`	make an existing file "`foo`" to be non-readable and non-writable by the other people (non-executable for all)
`chmod 644 foo`	make an existing file "`foo`" to be readable but non-writable by the other people (non-executable for all)
`chmod 755 foo`	make an existing file "`foo`" to be readable but non-writable by the other people (executable for all)
`find . -name pattern`	find matching filenames using shell "`pattern`" (slower)
`locate -d . pattern`	find matching filenames using shell "`pattern`" (quicker using regularly generated database)
`grep -e "pattern" *.html`	find a "`pattern`" in all files ending with "`.html`" in current directory and display them all
`top`	display process information using full screen, type "`q`" to quit
`ps aux \| pager`	display information on all the running processes using BSD style output
`ps -ef \| pager`	display information on all the running processes using Unix system-V style output
`ps aux \| grep -e "[e]xim4*"`	display all processes running "`exim`" and "`exim4`"
`ps axf \| pager`	display information on all the running processes with ASCII art output
`kill 1234`	kill a process identified by the process ID: "1234"
`gzip foo`	compress "`foo`" to create "`foo.gz`" using the Lempel-Ziv coding (LZ77)
`gunzip foo.gz`	decompress "`foo.gz`" to create "`foo`"
`bzip2 foo`	compress "`foo`" to create "`foo.bz2`" using the Burrows-Wheeler block sorting text compression algorithm, and Huffman coding (better compression than `gzip`)
`bunzip2 foo.bz2`	decompress "`foo.bz2`" to create "`foo`"
`xz foo`	compress "`foo`" to create "`foo.xz`" using the Lempel–Ziv–Markov chain algorithm (better compression than `bzip2`)
`unxz foo.xz`	decompress "`foo.xz`" to create "`foo`"
`tar -xvf foo.tar`	extract files from "`foo.tar`" archive
`tar -xvzf foo.tar.gz`	extract files from gzipped "`foo.tar.gz`" archive
`tar -xvjf foo.tar.bz2`	extract files from "`foo.tar.bz2`" archive
`tar -xvJf foo.tar.xz`	extract files from "`foo.tar.xz`" archive
`tar -cvf foo.tar bar/`	archive contents of folder "`bar/`" in "`foo.tar`" archive
`tar -cvzf foo.tar.gz bar/`	archive contents of folder "`bar/`" in compressed "`foo.tar.gz`" archive
`tar -cvjf foo.tar.bz2 bar/`	archive contents of folder "`bar/`" in "`foo.tar.bz2`" archive
`tar -cvJf foo.tar.xz bar/`	archive contents of folder "`bar/`" in "`foo.tar.xz`" archive
`zcat README.gz \| pager`	display contents of compressed "`README.gz`" using the default pager
`zcat README.gz > foo`	create a file "`foo`" with the decompressed content of "`README.gz`"
`zcat README.gz >> foo`	append the decompressed content of "`README.gz`" to the end of the file "`foo`" (if it does not exist, create it first)

Default values of environment variables are initially set by the PAM system and then some of them may be reset by some application programs.

The PAM system such as pam_env may set environment variables by /etc/pam.conf", "/etc/environment" and "/etc/default/locale".
The display manager such as gdm3 may reset environment variables for GUI session by "~/.profile".
The user specific program initialization may reset environment variables by "~/.profile", "~/.bash_profile" and "~/.bashrc".

`$LANG` `xx_YY.ZZZZ`

parts of locale value

locale value	meaning
`xx`	ISO 639 language codes (lower case) such as "en"
`YY`	ISO 3166 country codes (upper case) such as "US"
`ZZZZ`	codeset, always set to "UTF-8"

Shell glob patterns

shell glob pattern description of match rule

`` filename (segment) not started with "`.`"

`.` filename (segment) started with "`.`"

`?` exactly one character

`[…]` exactly one character with any character enclosed in brackets

`[a-z]` exactly one character with any character between "`a`" and "`z`"

`[^…]` exactly one character other than any character enclosed in brackets (excluding "`^`")

shell glob pattern	description of match rule
`*`	filename (segment) not started with "`.`"
`.*`	filename (segment) started with "`.`"
`?`	exactly one character
`[…]`	exactly one character with any character enclosed in brackets
`[a-z]`	exactly one character with any character between "`a`" and "`z`"
`[^…]`	exactly one character other than any character enclosed in brackets (excluding "`^`")

BASH can be tweaked to change its glob behavior with its shopt builtin options such as "dotglob", "noglob", "nocaseglob", "nullglob", "extglob", etc. See bash(1)

$? gives return value of command

Command exit codes

command exit status	numeric return value	logical return value
success	zero, 0	TRUE
error	non-zero, -1	FALSE

hell command idioms

command idiom	description
`command &`	background execution of `command` in the subshell
`command1 \| command2`	pipe the standard output of `command1` to the standard input of `command2` (concurrent execution)
`command1 2>&1 \| command2`	pipe both standard output and standard error of `command1` to the standard input of `command2` (concurrent execution)
`command1 ; command2`	execute `command1` and `command2` sequentially
`command1 && command2`	execute `command1`; if successful, execute `command2` sequentially (return success if both `command1` and `command2` are successful)
`command1 \|\| command2`	execute `command1`; if not successful, execute `command2` sequentially (return success if `command1` or `command2` are successful)
`command > foo`	redirect standard output of `command` to a file `foo` (overwrite)
`command 2> foo`	redirect standard error of `command` to a file `foo` (overwrite)
`command >> foo`	redirect standard output of `command` to a file `foo` (append)
`command 2>> foo`	redirect standard error of `command` to a file `foo` (append)
`command > foo 2>&1`	redirect both standard output and standard error of `command` to a file `foo`
`command < foo`	redirect standard input of `command` to a file `foo`
`command << delimiter`	redirect standard input of `command` to the following lines until "`delimiter`" is met (here document)
`command <<- delimiter`	redirect standard input of `command` to the following lines until "`delimiter`" is met (here document, the leading tab characters are stripped from input lines)

$ </etc/motd pager

$ pager </etc/motd

$ pager /etc/motd

$ cat /etc/motd | pager

 echo Hello >foo
$ exec 3foo 4bar  # open files
$ cat <&3 >&4       # redirect stdin to 3, stdout to 4
$ exec 3<&- 4>&-    # close files
$ cat bar
Hello

Predefined file descriptors

device	description	file descriptor
`stdin`	standard input	0
`stdout`	standard output	1
`stderr`	standard error	2

type ls
ls is hashed (/bin/ls)

type la
la is aliased to ls -la
 
text tools 
 


No regular expression is used:

    cat(1) concatenates files and outputs the whole content.

    tac(1) concatenates files and outputs in reverse.

    cut(1) selects parts of lines and outputs.

    head(1) outputs the first part of files.

    tail(1) outputs the last part of files.

    sort(1) sorts lines of text files.

    uniq(1) removes duplicate lines from a sorted file.

    tr(1) translates or deletes characters.

    diff(1) compares files line by line.



Basic regular expression (BRE) is used as default:

    ed(1) is a primitive line editor.

    sed(1) is a stream editor.

    grep(1) matches text with patterns.

    vim(1) is a screen editor.

    emacs(1) is a screen editor. (somewhat extended BRE)

Extended regular expression (ERE) is used:

    awk(1) does simple text processing.

    egrep(1) matches text with patterns.

    tcl(3tcl) can do every conceivable text processing: See re_syntax(3). Often used with tk(3tk).

    perl(1) can do every conceivable text processing. See perlre(1).

 
 
Metacharacters for BRE and ERE
              
                
                  
                  
                  
                
                
                  
                     BRE 
                     ERE 
                     description of the regular expression 
                  
                
                
                  
                     \ .  [ ] ^ $ * 
                     \ .  [ ] ^ $ * 
                     common metacharacters 
                  
                  
                     \+ \? \( \) \{ \} \| 
                       
                     BRE only "\" escaped metacharacters 
                  
                  
                       
                     + ? ( ) { } | 
                     ERE only non-"\" escaped metacharacters 
                  
                  
                     c 
                     c 
                     match non-metacharacter "c" 
                  
                  
                     \c 
                     \c 
                     match a literal character "c" even if "c" is metacharacter by itself 
                  
                  
                     . 
                     . 
                     match any character including newline 
                  
                  
                     ^ 
                     ^ 
                     position at the beginning of a string 
                  
                  
                     $ 
                     $ 
                     position at the end of a string 
                  
                  
                     \< 
                     \< 
                     position at the beginning of a word 
                  
                  
                     \> 
                     \> 
                     position at the end of a word 
                  
                  
                     [abc…] 
                     [abc…] 
                     match any characters in "abc…" 
                  
                  
                     [^abc…] 
                     [^abc…] 
                     match any characters except in "abc…" 
                  
                  
                     r* 
                     r* 
                     match zero or more regular expressions identified by "r" 
                  
                  
                     r\+ 
                     r+ 
                     match one or more regular expressions identified by "r" 
                  
                  
                     r\? 
                     r? 
                     match zero or one regular expressions identified by "r" 
                  
                  
                     r1\|r2 
                     r1|r2 
                     match one of the regular expressions identified by "r1" or "r2" 
                  
                  
                     \(r1\|r2\) 
                     (r1|r2) 
                     match one of the regular expressions identified by "r1" or "r2" and treat it as a bracketed regular expression 
                  
                
              
            
 
The sed(1) command can replace all instances of "FROM_REGEX" with "TO_TEXT" in "file".     
$ sed -i -e 's/FROM_REGEX/TO_TEXT/g' file

BRE	ERE	description of the regular expression
`\ . [ ] ^ $ *`	`\ . [ ] ^ $ *`	common metacharacters
`\+ \? \( \) \{ \} \\|`		BRE only "`\`" escaped metacharacters
	`+ ? ( ) { } \|`	ERE only non-"`\`" escaped metacharacters
`c`	`c`	match non-metacharacter "`c`"
`\c`	`\c`	match a literal character "`c`" even if "`c`" is metacharacter by itself
`.`	`.`	match any character including newline
`^`	`^`	position at the beginning of a string
`$`	`$`	position at the end of a string
`\<`	`\<`	position at the beginning of a word
`\>`	`\>`	position at the end of a word
`[abc…]`	`[abc…]`	match any characters in "`abc…`"
`[^abc…]`	`[^abc…]`	match any characters except in "`abc…`"
`r*`	`r*`	match zero or more regular expressions identified by "`r`"
`r\+`	`r+`	match one or more regular expressions identified by "`r`"
`r\?`	`r?`	match zero or one regular expressions identified by "`r`"
`r1\\|r2`	`r1\|r2`	match one of the regular expressions identified by "`r1`" or "`r2`"
`\(r1\\|r2\)`	`(r1\|r2)`	match one of the regular expressions identified by "`r1`" or "`r2`" and treat it as a bracketed regular expression

Extracting data from text file table

 DPL
Ian     Murdock   August  1993
Bruce   Perens    April   1996
 
awk '{ print $3 }' <DPL 
  
 while read first last month year; do
    echo $month
  done <DPL

script snippets for piping commands

script snippet (type in one line)	effect of command
`find /usr -print`	find all files under "`/usr`"
`seq 1 100`	print 1 to 100
`\| xargs -n 1 command`	run command repeatedly with each item from pipe as its argument
`\| xargs -n 1 echo`	split white-space-separated items from pipe into lines
`\| xargs echo`	merge all lines from pipe into a line
`\| grep -e regex_pattern`	extract lines from pipe containing regex_pattern
`\| grep -v -e regex_pattern`	extract lines from pipe not containing regex_pattern
`\| cut -d: -f3 -`	extract third field from pipe separated by "`:`" (passwd file etc.)
`\| awk '{ print $3 }'`	extract third field from pipe separated by whitespaces
`\| awk -F'\t' '{ print $3 }'`	extract third field from pipe separated by tab
`\| col -bx`	remove backspace and expand tabs to spaces
`\| expand -`	expand tabs
`\| sort\| uniq`	sort and remove duplicates
`\| tr 'A-Z' 'a-z'`	convert uppercase to lowercase
`\| tr -d '\n'`	concatenate lines into one line
`\| tr -d '\r'`	remove CR
`\| sed 's/^/# /'`	add "`#`" to the start of each line
`\| sed 's/\.ext//g'`	remove "`.ext`"
`\| sed -n -e 2p`	print the second line
`\| head -n 2 -`	print the first 2 lines
`\| tail -n 2 -`	print the last 2 lines

 List of Debian package management tools
                             
            
              
                
                  
                  
                  
                  
                
                
                  
                     package 
                     popcon 
                     size 
                     description 
                  
                
                
                  
                    
                       dpkg 
                    
                    
                      V:908, I:999
                    
                    
                      6400
                    
                     low level package management system for Debian (file based) 
                  
                  
                    
                       apt 
                    
                    
                      V:864, I:999
                    
                    
                      4302
                    
                     APT front-end to manage packages with CLI: apt/apt-get/apt-cache 
                  
                  
                    
                       aptitude 
                    
                    
                      V:51, I:278
                    
                    
                      4268
                    
                     APT front-end to interactively manage packages with full screen console: aptitude(8) 
                  
                  
                    
                       tasksel 
                    
                    
                      V:35, I:980
                    
                    
                      347
                    
                     APT front-end to install selected tasks: tasksel(8) 
                  
                  
                    
                       unattended-upgrades 
                    
                    
                      V:217, I:336
                    
                    
                      301
                    
                     enhancement package for APT to enable automatic installation of security upgrades 
                  
                  
                    
                       gnome-software 
                    
                    
                      V:141, I:252
                    
                    
                      2995
                    
                     Software Center for GNOME (GUI APT front-end) 
                  
                  
                    
                       synaptic 
                    
                    
                      V:44, I:367
                    
                    
                      7627
                    
                     graphical package manager (GTK APT front-end) 
                  
                  
                    
                       apt-utils 
                    
                    
                      V:356, I:998
                    
                    
                      1061
                    
                     APT utility programs: apt-extracttemplates(1), apt-ftparchive(1), and apt-sortpkgs(1) 
                  
                  
                    
                       apt-listchanges 
                    
                    
                      V:333, I:866
                    
                    
                      396
                    
                     package change history notification tool 
                  
                  
                    
                       apt-listbugs 
                    
                    
                      V:6, I:9
                    
                    
                      475
                    
                     lists critical bugs before each APT installation 
                  
                  
                    
                       apt-file 
                    
                    
                      V:17, I:71
                    
                    
                      89
                    
                     APT package searching utility — command-line interface 
                  
                  
                    
                       apt-rdepends 
                    
                    
                      V:0, I:5
                    
                    
                      39
                    
                     recursively lists package dependencies

package	popcon	size	description
`dpkg`	V:908, I:999	6400	low level package management system for Debian (file based)
`apt`	V:864, I:999	4302	APT front-end to manage packages with CLI: `apt`/`apt-get`/`apt-cache`
`aptitude`	V:51, I:278	4268	APT front-end to interactively manage packages with full screen console: `aptitude`(8)
`tasksel`	V:35, I:980	347	APT front-end to install selected tasks: `tasksel`(8)
`unattended-upgrades`	V:217, I:336	301	enhancement package for APT to enable automatic installation of security upgrades
`gnome-software`	V:141, I:252	2995	Software Center for GNOME (GUI APT front-end)
`synaptic`	V:44, I:367	7627	graphical package manager (GTK APT front-end)
`apt-utils`	V:356, I:998	1061	APT utility programs: `apt-extracttemplates`(1), `apt-ftparchive`(1), and `apt-sortpkgs`(1)
`apt-listchanges`	V:333, I:866	396	package change history notification tool
`apt-listbugs`	V:6, I:9	475	lists critical bugs before each APT installation
`apt-file`	V:17, I:71	89	APT package searching utility — command-line interface
`apt-rdepends`	V:0, I:5	39	recursively lists package dependencies

# dpkg --root /target -i /path/to/foo_old_version_arch.deb

 dpkg's "--ignore-depends", "--force-depends"

 APT::Acquire::http::Dl-Limit "800";'
 
/etc/cron.daily/apt
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::Unattended-Upgrade "1";
 
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::Unattended-Upgrade "0";
 
key file is in the "/etc/apt/trusted.gpg.d/"

/etc/apt/preferences

notable Pin-Priority values for apt-pinning technique.

Pin-Priority	apt-pinning effects to the package
1001	install the package even if this constitutes a downgrade of the package
990	used as the default for the target release archive
500	used as the default for the normal archive
100	used as the default for the NotAutomatic and ButAutomaticUpgrades archive
100	used for the installed package
1	used as the default for the NotAutomatic archive
-1	never install the package even if recommended

apt-get install -t testing some-packag

apt-cache policy package

block pkg

Package: package-1
Pin: version *
Pin-Priority: -1

Package: package-2
Pin: version *
Pin-Priority: -1

Package: package-1
Pin: release a=unstable
Pin-Priority: 700

Package: package-2
Pin: release a=unstable
Pin-Priority: 700
 
equivs 
 Circumventing Debian package dependencies
 This package provides a tool to create trivial Debian packages.
 Typically these packages contain only dependency information, but they
 can also include normal installed files like other packages do.
 .
 One use for this is to create a metapackage: a package whose sole
 purpose is to declare dependencies and conflicts on other packages so
 that these will be automatically installed, upgraded, or removed.
 .
 Another use is to circumvent dependency checking: by letting dpkg
 think a particular package name and version is installed when it
 isn't, you can work around bugs in other packages' dependencies.

boot utilities for the Debian system

package	popcon	size	description
`systemd`	V:853, I:960	10217	event-based `init`(8) daemon for concurrency (alternative to `sysvinit`)
`systemd-sysv`	V:825, I:958	75	the manual pages and links needed for `systemd` to replace `sysvinit`
`init-system-helpers`	V:682, I:969	140	helper tools for switching between `sysvinit` and `systemd`
`initscripts`	V:40, I:161	178	scripts for initializing and shutting down the system
`sysvinit-core`	V:5, I:6	369	System-V-like `init`(8) utilities
`sysv-rc`	V:80, I:171	86	System-V-like runlevel change mechanism
`sysvinit-utils`	V:898, I:999	101	System-V-like utilities (`startpar`(8), `bootlogd`(8), …)
`lsb-base`	V:768, I:809	12	Linux Standard Base 3.2 init script functionality
`insserv`	V:98, I:170	153	tool to organize boot sequence using LSB init.d script dependencies
`kexec-tools`	V:1, I:6	286	kexec tool for `kexec`(8) reboots (warm reboot)
`systemd-bootchart`	V:0, I:0	132	boot process performance analyser
`mingetty`	V:0, I:2	38	console-only `getty`(8)
`mgetty`	V:0, I:0	315	smart modem `getty`(8) replacement

 
ps --pid 1 -f
  
 
init-system-helpers [essential]
/usr/bin/deb-systemd-helper
/usr/bin/deb-systemd-invoke
/usr/sbin/invoke-rc.d
/usr/sbin/service
/usr/sbin/update-rc.d
/usr/share/bug/init-system-helpers/control

systemd units

"/lib/systemd/system": OS default configuration files
"/etc/systemd/system": system administrator configuration files which override the OS default configuration files
"/run/systemd/system": run-time generated configuration files which override the installed configuration files

Their inter-dependencies are specified by the directives "Wants=", "Requires=", "Before=", "After=",

The suffix of the unit configuration file encodes their types as:

*.service describes the process controlled and supervised by systemd. See systemd.service(5).
*.device describes the device exposed in the sysfs(5) as udev(7) device tree. See systemd.device(5).
*.mount describes the file system mount point controlled and supervised by systemd. See systemd.mount(5).
*.automount describes the file system auto mount point controlled and supervised by systemd. See systemd.automount(5).
*.swap describes the swap device or file controlled and supervised by systemd. See systemd.swap(5).
*.path describes the path monitored by systemd for path-based activation. See systemd.path(5).
*.socket describes the socket controlled and supervised by systemd for socket-based activation. See systemd.socket(5).
*.timer describes the timer controlled and supervised by systemd for timer-based activation. See systemd.timer(5).
*.slice manages resources with the cgroups(7). See systemd.slice(5).
*.scope is created programmatically using the bus interfaces of systemd to manages a set of system processes. See systemd.scope(5).
*.target groups other unit configuration files to create the synchronization point during start-up. See systemd.target(5).

Upon system start up (i.e., init), the systemd process tries to start the "/lib/systemd/system/default.target (normally symlinked to "graphical.target"). First, some special target units (see systemd.special(7)) such as "local-fs.target", "swap.target" and "cryptsetup.target" are pulled in to mount the filesystems. Then, other target units are also pulled in by the target unit dependencies. For details, read bootup(7).

systemd offers backward compatibility features. SysV-style boot scripts in "/etc/init.d/rc[0123456S].d/[KS]name" are still parsed and telinit(8) is translated into systemd unit activation requests.

Emulated runlevel 2 to 4 are all symlinked to the same "multi-user.target".

The kernel maintains the system hostname. The system unit started by systemd-hostnamed.service sets the system hostname at boot time to the name stored in "/etc/hostname". This file should contain only the system hostname, not a fully qualified domain name.

After mounting all the filesystems, temporary files in "/tmp", "/var/lock", and "/var/run" are cleaned for each boot up.

Network interfaces are typically initialized in "networking.service" for the lo interface and "NetworkManager.service" for other interfaces on modern Debian desktop system under systemd.

dmesg -n3

Table 3.4. List of kernel error levels

error level value	error level name	meaning
0	KERN_EMERG	system is unusable
1	KERN_ALERT	action must be taken immediately
2	KERN_CRIT	critical conditions
3	KERN_ERR	error conditions
4	KERN_WARNING	warning conditions
5	KERN_NOTICE	normal but significant condition
6	KERN_INFO	informational
7	KERN_DEBUG	debug-level messages

Under systemd, both kernel and system messages are logged by the journal service systemd-journald.service (a.k.a journald) either into a persistent binary data below "/var/log/journal" or into a volatile binary data below "/run/log/journal/". These binary log data are accessed by the journalctl(1) command

journalctl -b #boot log

journalctl command snippets

Operation	Command snippets
View log for system services and kernel from the last boot	"`journalctl -b --system`"
View log for services of the current user from the last boot	"`journalctl -b --user`"
View job log of "`$unit`" from the last boot	"`journalctl -b -u $unit`"
View job log of "`$unit`" ("`tail -f`" style) from the last boot	"`journalctl -b -u $unit -f`"

typical systemctl command snippets

Operation	Command snippets
List all target unit configuration	"`systemctl list-units --type=target`"
List all service unit configuration	"`systemctl list-units --type=service`"
List all unit configuration types	"`systemctl list-units --type=help`"
List all socket units in memory	"`systemctl list-sockets`"
List all timer units in memory	"`systemctl list-timers`"
Start "`$unit`"	"`systemctl start $unit`"
Stop "`$unit`"	"`systemctl stop $unit`"
Reload service-specific configuration	"`systemctl reload $unit`"
Stop and start all "`$unit`"	"`systemctl restart $unit`"
Start "`$unit`" and stop all others	"`systemctl isolate $unit`"
Switch to "`graphical`" (GUI system)	"`systemctl isolate graphical`"
Switch to "`multi-user`" (CLI system)	"`systemctl isolate multi-user`"
Switch to "`rescue`" (single user CLI system)	"`systemctl isolate rescue`"
Send kill signal to "`$unit`"	"`systemctl kill $unit`"
Check if "`$unit`" service is active	"`systemctl is-active $unit`"
Check if "`$unit`" service is failed	"`systemctl is-failed $unit`"
Check status of "`$unit\|$PID\|device`"	"`systemctl status $unit\|$PID\|$device`"
Show properties of "`$unit\|$job`"	"`systemctl show $unit\|$job`"
Reset failed "`$unit`"	"`systemctl reset-failed $unit"`
List dependency of all unit services	"`systemctl list-dependencies --all`"
List unit files installed on the system	"`systemctl list-unit-files`"
Enable "`$unit`" (add symlink)	"`systemctl enable $unit`"
Disable "`$unit`" (remove symlink)	"`systemctl disable $unit`"
Unmask "`$unit`" (remove symlink to "`/dev/null`")	"`systemctl unmask $unit`"
Mask "`$unit`" (add symlink to "`/dev/null`")	"`systemctl mask $unit`"
Get default-target setting	"`systemctl get-default`"
Set default-target to "`graphical`" (GUI system)	"`systemctl set-default graphical`"
Set default-target to "`multi-user`" (CLI system)	"`systemctl set-default multi-user`"
Show job environment	"`systemctl show-environment`"
Set job environment "`variable`" to "`value`"	"`systemctl set-environment variable=value`"
Unset job environment "`variable`"	"`systemctl unset-environment variable`"
Reload all unit files and daemons	"`systemctl daemon-reload`"
Shut down the system	"`systemctl poweroff`"
Shut down and reboot the system	"`systemctl reboot`"
Suspend the system	"`systemctl suspend`"
Hibernate the system	"`systemctl hibernate`"

$unit" in the above examples may be a single unit name (suffix such as .service and .target are optional) or, in many cases, multiple unit specifications (shell-style globs "*", "?", "[]" using fnmatch(3) which will be matched against the primary names of all units currently in memory).

System state changing commands in the above examples are typically preceded by the "sudo" to attain the required administrative privilege.

The output of the "systemctl status $unit|$PID|$device" uses color of the dot ("●") to summarize the unit state at a glance.

White "●" indicates an "inactive" or "deactivating" state.
Red "●" indicates a "failed" or "error" state.
Green "●" indicates an "active", "reloading" or "activating" state.

monitoring command snippets under `systemd`

Operation Command snippets

Show time spent for each initialization steps "`systemd-analyze time`"

List of all units by the time to initialize "`systemd-analyze blame`"

Load and detect errors in "`$unit`" file "`systemd-analyze verify $unit`"

Show terse runtime status information of the user of the caller's session "`loginctl user-status`"

Show terse runtime status information of the caller's session "`loginctl session-status`"

Track boot process by the cgroups "`systemd-cgls`"

Track boot process by the cgroups "`ps xawf -eo pid,user,cgroup,args`"

Track boot process by the cgroups Read sysfs under "`/sys/fs/cgroup/systemd/`"

Operation	Command snippets
Show time spent for each initialization steps	"`systemd-analyze time`"
List of all units by the time to initialize	"`systemd-analyze blame`"
Load and detect errors in "`$unit`" file	"`systemd-analyze verify $unit`"
Show terse runtime status information of the user of the caller's session	"`loginctl user-status`"
Show terse runtime status information of the caller's session	"`loginctl session-status`"
Track boot process by the cgroups	"`systemd-cgls`"
Track boot process by the cgroups	"`ps xawf -eo pid,user,cgroup,args`"
Track boot process by the cgroups	Read sysfs under "`/sys/fs/cgroup/systemd/`"

disable service

 $ sudo systemctl stop sshd.service
 $ sudo systemctl mask sshd.service

sshd.socket for specifying a socket to listen on

[Unit]
Description=SSH Socket for Per-Connection Servers

[Socket]
ListenStream=22
Accept=yes

[Install]
WantedBy=sockets.target

[email protected] as the matching service file of sshd.socket

[Unit]
Description=SSH Per-Connection Server

[Service]
ExecStart=-/usr/sbin/sshd -i
StandardInput=socket

sudo systemctl daemon-reload

udev

The udev system provides mechanism for the automatic hardware discovery and initialization

udev system starts a user process which uses information from the sysfs filesystem (see Section 1.2.12, “procfs and sysfs”), loads required kernel modules supporting it using the modprobe

If "/lib/modules/kernel-version/modules.dep" was not generated properly by depmod(8) for some reason, modules may not be loaded as expected by the udev system. Execute "depmod -a" to fix it.

For mounting rules in "/etc/fstab", device nodes do not need to be static ones. You can use UUID to mount devices instead of device names such as "/dev/sda".

/etc/modules #modules to load

etc/modprobes.d/blacklist #config module

The "/lib/modules/version/modules.dep" file generated by the depmod(8) program describes module dependencies used by the modprobe(8) program.

The modinfo(8) program shows information about a Linux kernel module.

The lsmod(8) program nicely formats the contents of the "/proc/modules", showing what kernel modules are currently loaded.

Authentication using pam

Normal Unix authentication is provided by the pam_unix(8) module under the PAM (Pluggable Authentication Modules). Its 3 important configuration files, with ":" separated entries, are the following.

configuration files for pam_unix(8)

file	permission	user	group	description
`/etc/passwd`	`-rw-r--r--`	`root`	`root`	(sanitized) user account information
`/etc/shadow`	`-rw-r-----`	`root`	`shadow`	secure user account information
`/etc/group`	`-rw-r--r--`	`root`	`root`	group information

/etc/passwd" contains the following.

 ...
user1:x:1000:1000:User1 Name,,,:/home/user1:/bin/bash
user2:x:1001:1001:User2 Name,,,:/home/user2:/bin/bash

As explained in passwd(5), each ":" separated entry of this file means the following.

Login name
Password specification entry
Numerical user ID
Numerical group ID
User name or comment field
User home directory
Optional user command interpreter

The second entry of "/etc/passwd" was used for the encrypted password entry. After the introduction of "/etc/shadow", this entry is used for the password specification entry.

second entry content of "/etc/passwd"

content	meaning
(empty)	passwordless account
x	the encrypted password is in "`/etc/shadow`"

/etc/shadow" contains the following.

 ...
user1:$1$Xop0FYH9$IfxyQwBe9b8tiyIkt2P4F/:13262:0:99999:7:::
user2:$1$vXGZLVbS$ElyErNf/agUDsm1DehJMS/:13261:0:99999:7:::
 ...

As explained in `shadow`(5), each "`:`" separated entry of this file means the following.

Login name

Encrypted password (The initial " $1$ " indicates use of the MD5 encryption. The "*" indicates no login.)

Date of the last password change, expressed as the number of days since Jan 1, 1970

Number of days the user will have to wait before she will be allowed to change her password again

Number of days after which the user will have to change her password

Number of days before a password is going to expire during which the user should be warned

Number of days after a password has expired during which the password should still be accepted

Date of expiration of the account, expressed as the number of days since Jan 1, 1970

…

"/etc/group" contains the following.

group1:x:20:user1,user2

As explained in group(5), each ":" separated entry of this file means the following.

Group name
Encrypted password (not really used)
Numerical group ID

"/etc/gshadow" provides the similar function as "/etc/shadow" for "/etc/group" but is not really used.
 The actual group membership of a user may be dynamically added if "auth optional pam_group.so"
 line is added to "/etc/pam.d/common-auth" and set it in "/etc/security/group.conf". 
 See pam_group(8).


The base-passwd package contains an authoritative list of the user and the group: "/usr/share/doc/base-passwd/users-and-groups.html".

commands to manage account information

command	function
`getent passwd user_name`	browse account information of "`user_name`"
`getent shadow user_name`	browse shadowed account information of "`user_name`"
`getent group group_name`	browse group information of "`group_name`"
`passwd`	manage password for the account
`passwd -e`	set one-time password for the account activation
`chage`	manage password aging information

 List of tools to generate password

            
              
                
                
                
                
                
              
              
                
                   package 
                   popcon 
                   size 
                   command 
                   function 
                
              
              
                
                  
                     whois 
                  
                  
                    V:26, I:271
                  
                  
                    386
                  
                   mkpasswd 
                   over-featured front end to the crypt(3) library 
                
                
                  
                     openssl 
                  
                  
                    V:832, I:995
                  
                  
                    2290
                  
                   openssl passwd 
                   compute password hashes (OpenSSL). passwd(1ssl)

package	popcon	size	command	function
`whois`	V:26, I:271	386	`mkpasswd`	over-featured front end to the `crypt`(3) library
`openssl`	V:832, I:995	2290	`openssl passwd`	compute password hashes (OpenSSL). `passwd`(1ssl)

Modern Unix-like systems such as the Debian system provide PAM (Pluggable Authentication Modules) and NSS (Name Service Switch) mechanism to the local system administrator to configure his system. The role of these can be summarizes as the following.

PAM offers a flexible authentication mechanism used by the application software thus involves password data exchange.
NSS offers a flexible name service mechanism which is frequently used by the C standard library to obtain the user and group name for programs such as ls(1) and id(1).

 List of notable PAM and NSS systems
          
          
            
              
                
                
                
                
              
              
                
                   package 
                   popcon 
                   size 
                   description 
                
              
              
                
                  
                     libpam-modules 
                  
                  
                    V:878, I:999
                  
                  
                    1006
                  
                   Pluggable Authentication Modules (basic service) 
                
                
                  
                     libpam-ldap 
                  
                  
                    V:1, I:7
                  
                  
                    249
                  
                   Pluggable Authentication Module allowing LDAP interfaces 
                
                
                  
                     libpam-cracklib 
                  
                  
                    V:1, I:9
                  
                  
                    117
                  
                   Pluggable Authentication Module to enable cracklib support 
                
                
                  
                     libpam-systemd 
                  
                  
                    V:517, I:925
                  
                  
                    570
                  
                   Pluggable Authentication Module to register user sessions for logind 
                
                
                  
                     libpam-doc 
                  
                  
                    I:0
                  
                  
                    963
                  
                   Pluggable Authentication Modules (documentation in html and text) 
                
                
                  
                     libc6 
                  
                  
                    V:918, I:999
                  
                  
                    12988
                  
                   GNU C Library: Shared libraries which also provides "Name Service Switch" service 
                
                
                  
                     glibc-doc 
                  
                  
                    I:8
                  
                  
                    3501
                  
                   GNU C Library: Manpages 
                
                
                  
                     glibc-doc-reference 
                  
                  
                    I:4
                  
                  
                    13188
                  
                   GNU C Library: Reference manual in info, pdf and html format (non-free) 
                
                
                  
                     libnss-mdns 
                  
                  
                    I:506
                  
                  
                    141
                  
                   NSS module for Multicast DNS name resolution 
                
                
                  
                     libnss-ldap 
                  
                  
                    V:0, I:6
                  
                  
                    265
                  
                   NSS module for using LDAP as a naming service 
                
                
                  
                     libnss-ldapd 
                  
                  
                    V:1, I:13
                  
                  
                    129
                  
                   NSS module for using LDAP as a naming service (new fork of libnss-ldap)

package	popcon	size	description
`libpam-modules`	V:878, I:999	1006	Pluggable Authentication Modules (basic service)
`libpam-ldap`	V:1, I:7	249	Pluggable Authentication Module allowing LDAP interfaces
`libpam-cracklib`	V:1, I:9	117	Pluggable Authentication Module to enable cracklib support
`libpam-systemd`	V:517, I:925	570	Pluggable Authentication Module to register user sessions for `logind`
`libpam-doc`	I:0	963	Pluggable Authentication Modules (documentation in html and text)
`libc6`	V:918, I:999	12988	GNU C Library: Shared libraries which also provides "Name Service Switch" service
`glibc-doc`	I:8	3501	GNU C Library: Manpages
`glibc-doc-reference`	I:4	13188	GNU C Library: Reference manual in info, pdf and html format (non-free)
`libnss-mdns`	I:506	141	NSS module for Multicast DNS name resolution
`libnss-ldap`	V:0, I:6	265	NSS module for using LDAP as a naming service
`libnss-ldapd`	V:1, I:13	129	NSS module for using LDAP as a naming service (new fork of `libnss-ldap`)

Under systemd, libpam-systemd package is installed to manage user logins by registering user sessions in the systemd control group hierarchy for logind. See systemd-logind(8), logind.conf(5), and pam_systemd(8).

List of configuration files accessed by PAM and NSS

configuration file	function
`/etc/pam.d/program_name`	set up PAM configuration for the "`program_name`" program; see `pam`(7) and `pam.d`(5)
`/etc/nsswitch.conf`	set up NSS configuration with the entry for each service. See `nsswitch.conf`(5)
`/etc/nologin`	limit the user login by the `pam_nologin`(8) module
`/etc/securetty`	limit the tty for the root access by the `pam_securetty`(8) module
`/etc/security/access.conf`	set access limit by the `pam_access`(8) module
`/etc/security/group.conf`	set group based restraint by the `pam_group`(8) module
`/etc/security/pam_env.conf`	set environment variables by the `pam_env`(8) module
`/etc/environment`	set additional environment variables by the `pam_env`(8) module with the "`readenv=1`" argument
`/etc/default/locale`	set locale by `pam_env`(8) module with the "`readenv=1 envfile=/etc/default/locale`" argument (Debian)
`/etc/security/limits.conf`	set resource restraint (ulimit, core, …) by the `pam_linits`(8) module
`/etc/security/time.conf`	set time restraint by the `pam_time`(8) module
`/etc/systemd/logind.conf`	set `systemd` login manager configuration (see `logind.conf`(5) and `systemd-logind.service`(8))

debian uses PAM, so that one can restrict the ability to use su to the root group by enabling the

line with  "pam_wheel.so" in "/etc/pam.d/su".

Installing the libpam-cracklib package enables you to force stricter password rule.
  GNOME   automatically installs libpam-gnome-keyring, "/etc/pam.d/common-password"

List of insecure and secure services and ports

insecure service name	port	secure service name	port
www (http)	80	https	443
smtp (mail)	25	ssmtp (smtps)	465
ftp-data	20	ftps-data	989
ftp	21	ftps	990
telnet	23	telnets	992
imap2	143	imaps	993
pop3	110	pop3s	995
ldap	389	ldaps	636

The encryption costs CPU time. 
 As a CPU friendly alternative, you can keep communication in plain text
 while securing just the password with the secure authentication 
protocol such as "Authenticated Post Office Protocol" (APOP) for POP and
 "Challenge-Response Authentication Mechanism MD5" (CRAM-MD5) for SMTP 
and IMAP.

The Secure Shell (SSH) program provides secure encrypted communications between two untrusted hosts over an insecure network with the secure authentication. It consists of the OpenSSH client, ssh(1), and the OpenSSH daemon, sshd(8). This SSH can be used to tunnel an insecure protocol communication such as POP and X securely over the Internet with the port forwarding feature.

The client tries to authenticate itself using host-based authentication,
 public key authentication, challenge-response authentication, or 
password authentication.  The use of public key authentication enables 
the remote password-less login

tools to provide extra security measures

package	popcon	size	description
`knockd`	V:0, I:2	110	small port-knock daemon `knockd`(1) and client `knock`(1)
`fail2ban`	V:103, I:116	2129	ban IPs that cause multiple authentication errors
`libpam-shield`	V:0, I:0	115	lock out remote attackers trying password guessing

The Linux Security Module (LSM) framework provides a mechanism for various security checks to be hooked by new kernel extensions. For example:

Linux namespaces wrap a global system resource in an abstraction that makes it appear to the processes within the namespace that they have their own isolated instance of the global resource. Changes to the global resource are visible to other processes that are members of the namespace, but are invisible to other processes. Since kernel version 5.6, there are 8 kinds of namespaces (see namespaces(7), unshare(1), nsenter(1)).

network configuration tools

packages	popcon	size	type	description
`network-manager`	V:377, I:449	15376	config::NM	NetworkManager (daemon): manage the network automatically
`network-manager-gnome`	V:120, I:365	5574	config::NM	NetworkManager (GNOME frontend)
`ifupdown`	V:590, I:982	199	config::ifupdown	standardized tool to bring up and down the network (Debian specific)
`isc-dhcp-client`	V:214, I:982	2857	config::low-level	DHCP client
`pppoeconf`	V:0, I:6	186	config::helper	configuration helper for PPPoE connection
`wpasupplicant`	V:333, I:505	3846	, ,	client support for WPA and WPA2 (IEEE 802.11i)
`wpagui`	V:0, I:2	770	, ,	Qt GUI client for wpa_supplicant
`wireless-tools`	V:171, I:238	292	, ,	tools for manipulating Linux Wireless Extensions
`iw`	V:33, I:470	302	, ,	tool for configuring Linux wireless devices
`iproute2`	V:713, I:967	3599	config::iproute2	iproute2, IPv6 and other advanced network configuration: `ip`(8), `tc`(8), etc
`iptables`	V:310, I:769	2408	config::Netfilter	administration tools for packet filtering and NAT (Netfilter)
`iputils-ping`	V:198, I:997	120	test	test network reachability of a remote host by hostname or IP address (iproute2)
`iputils-arping`	V:3, I:44	49	test	test network reachability of a remote host specified by the ARP address
`iputils-tracepath`	V:2, I:33	45	test	trace the network path to a remote host
`ethtool`	V:93, I:267	699	test	display or change Ethernet device settings
`mtr-tiny`	V:5, I:48	161	test::low-level	trace the network path to a remote host (curses)
`mtr`	V:4, I:42	214	, ,	trace the network path to a remote host (curses and GTK)
`gnome-nettool`	V:0, I:20	2492	, ,	tools for common network information operations (GNOME)
`nmap`	V:24, I:205	4450	, ,	network mapper / port scanner (Nmap, console)
`tcpdump`	V:16, I:180	1340	, ,	network traffic analyzer (Tcpdump, console)
`wireshark`	I:44	36	, ,	network traffic analyzer (Wireshark, GTK)
`tshark`	V:2, I:26	402	, ,	network traffic analyzer (console)
`tcptrace`	V:0, I:2	401	, ,	produce a summarization of the connections from `tcpdump` output
`snort`	V:0, I:0	2203	, ,	flexible network intrusion detection system (Snort)
`ntopng`	V:0, I:1	15904	, ,	display network usage in web browser
`dnsutils`	V:20, I:312	263	, ,	network clients provided with BIND: `nslookup`(8), `nsupdate`(8), `dig`(8)
`dlint`	V:0, I:4	53	, ,	check DNS zone information using nameserver lookups
`dnstracer`	V:0, I:1	61	, ,	trace a chain of DNS servers to the source

The hostname resolution is currently supported by the NSS (Name Service Switch) mechanism too. The flow of this resolution is the following.

The "/etc/nsswitch.conf" file with stanza like "hosts: files dns" dictates the hostname resolution order. (This replaces the old functionality of the "order" stanza in "/etc/host.conf".)
The files method is invoked first. If the hostname is found in the "/etc/hosts" file, it returns all valid addresses for it and exits. (The "/etc/host.conf" file contains "multi on".)
The dns method is invoked. If the hostname is found by the query to the Internet Domain Name System (DNS) identified by the "/etc/resolv.conf" file, it returns all valid addresses for it and exits.

The resolvconf package makes this "/etc/resolv.conf" into a symbolic link and manages its contents by the hook scripts automatically.

For the PC workstation on the typical adhoc LAN environment, the hostname can be resolved via Multicast DNS (mDNS, Zeroconf) in addition to the basic files and dns methods.

Avahi provides a framework for Multicast DNS Service Discovery on Debian.
It is equivalent of Apple Bonjour / Apple Rendezvous.
The libnss-mdns plugin package provides host name resolution via mDNS for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc).
The "/etc/nsswitch.conf" file should have stanza like "hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4".
Host names ending with the ".local" pseudo-top-level domain (TLD) are resolved.
The mDNS IPv4 link-local multicast address "224.0.0.251" or its IPv6 equivalent "FF02::FB" are used to make DNS query for a name ending with ".local".

The systemd uses "Predictable Network Interface Names" such as "enp0s25".

Names incorporating Firmware/BIOS provided index numbers for on-board devices (example: eno1)
Names incorporating Firmware/BIOS provided PCI Express hotplug slot index numbers (example: ens1)
Names incorporating physical/geographical location of the connector of the hardware (example: enp2s0)
Names incorporating the interfaces's MAC address (example: enx78e7d1ea46da)
Classic, unpredictable kernel-native ethX naming (example: eth0)

to disable it ln -s /dev/null /etc/systemd/network/99-default.link

List of network address ranges

Class	network addresses	net mask	net mask /bits	number of subnets
A	10.x.x.x	255.0.0.0	/8	1
B	172.16.x.x — 172.31.x.x	255.255.0.0	/16	16
C	192.168.0.x — 192.168.255.x	255.255.255.0	/24	256

systemd-networkd

/etc/systemd/network/dhcp.network

[Match]
Name=en*

[Network]
DHCP=yes

/etc/systemd/network/static.network

[Match]
Name=en*

[Network]
Address=192.168.0.15/24
Gateway=192.168.0.1

translation table from obsolete net-tools commands to new iproute2 commands

obsolete net-tools	new iproute2 etc.	manipulation
`ifconfig`(8)	`ip addr`	protocol (IP or IPv6) address on a device
`route`(8)	`ip route`	routing table entry
`arp`(8)	`ip neigh`	ARP or NDISC cache entry
`ipmaddr`	`ip maddr`	multicast address
`iptunnel`	`ip tunnel`	tunnel over IP
`nameif`(8)	`ifrename`(8)	name network interfaces based on MAC addresses
`mii-tool`(8)	`ethtool`(8)	Ethernet device settings

List of low level network commands

command	description
`ip addr show`	display the link and address status of active interfaces
`route -n`	display all the routing table in numerical addresses
`ip route show`	display all the routing table in numerical addresses
`arp`	display the current content of the ARP cache tables
`ip neigh`	display the current content of the ARP cache tables
`plog`	display ppp daemon log
`ping yahoo.com`	check the Internet connection to "`yahoo.com`"
`whois yahoo.com`	check who registered "`yahoo.com`" in the domains database
`traceroute yahoo.com`	trace the Internet connection to "`yahoo.com`"
`tracepath yahoo.com`	trace the Internet connection to "`yahoo.com`"
`mtr yahoo.com`	trace the Internet connection to "`yahoo.com`" (repeatedly)
`dig [@dns-server.com] example.com [{a\|mx\|any}]`	check DNS records of "`example.com`" by "`dns-server.com`" for a "`a`", "`mx`", or "`any`" record
`iptables -L -n`	check packet filter
`netstat -a`	find all open ports
`netstat -l --inet`	find listening ports
`netstat -ln --tcp`	find listening TCP ports (numeric)
`dlint example.com`	check DNS zone information of "`example.com`"

finding mtu

 ping -4 -c 1 -s $((1500-28)) -M do www.debian.org

ping -4 -c 1 -s $((1460-28)) -M do www.debian.org

  ping -6 -c 1 -s $((1500-48)) -M do www.debian.org

MTU= Maximum Transmission Unit (MTU)

optimal MTU value

network environment	MTU	rationale
Dial-up link (IP: PPP)	576	standard
Ethernet link (IP: DHCP or fixed)	1500	standard and default

MSS=maximum segment size

MSS = MTU - 40 for IPv4
MSS = MTU - 60 for IPv6

List of firewall tools

packages	popcon	size	description
`iptables`	V:310, I:769	2408	administration tools for netfilter (`iptables`(8) for IPv4, `ip6tables`(8) for IPv6)
`arptables`	V:0, I:1	100	administration tools for netfilter (`arptables`(8) for ARP)
`ebtables`	V:14, I:29	264	administration tools for netfilter (`ebtables`(8) for Ethernet bridging)
`iptstate`	V:0, I:2	119	continuously monitor netfilter state (similar to `top`(1))
`shorewall-init`	V:0, I:0	85	Shoreline Firewall initialization
`shorewall`	V:3, I:9	3090	Shoreline Firewall, netfilter configuration file generator
`shorewall-lite`	V:0, I:0	71	Shoreline Firewall, netfilter configuration file generator (light version)
`shorewall6`	V:0, I:1	1334	Shoreline Firewall, netfilter configuration file generator (IPv6 version)
`shorewall6-lite`	V:0, I:0	71	Shoreline Firewall, netfilter configuration file generator (IPv6, light version)

Modern mail service are under some limitations in order to minimize exposure to the spam (unwanted and unsolicited email) problems.

It is not realistic to run SMTP server on the consumer grade network to send mail directly to the remote host reliably.
A mail may be rejected by any host en route to the destination quietly unless it appears as authentic as possible.
It is not realistic to expect a single smarthost to send mails of unrelated source mail addresses to the remote host reliably.

This is because:

The SMTP port (25) connections from hosts serviced by the consumer grade network to the Internet are blocked.

The SMTP port (25) connections to hosts serviced by the consumer grade network from the Internet are blocked.

The outgoing messages from hosts serviced by the consumer grade network to the Internet can only be sent via the message submission port (587).

Anti-spam techniques such as DomainKeys Identified Mail (DKIM), Sender_Policy_Framework (SPF), and Domain-based Message Authentication, Reporting and Conformance (DMARC) are widely used for the email filtering.
The DomainKeys Identified Mail service may be provided for your mail sent through the smarthost.
The smarthost may rewrite the source mail address in the message header to your mail account on the smarthost to prevent email address spoofing.

basic mail transport agent related packages

package	popcon	size	description
`exim4-daemon-light`	V:233, I:244	1504	Exim4 mail transport agent (MTA: Debian default)
`exim4-daemon-heavy`	V:6, I:7	1662	Exim4 mail transport agent (MTA: flexible alternative)
`exim4-base`	V:240, I:252	1672	Exim4 documentation (text) and common files
`exim4-doc-html`	I:1	3748	Exim4 documentation (html)
`exim4-doc-info`	I:0	639	Exim4 documentation (info)
`postfix`	V:129, I:138	4024	Postfix mail transport agent (MTA: secure alternative)
`postfix-doc`	I:7	4634	Postfix documentation (html+text)
`sasl2-bin`	V:5, I:15	401	Cyrus SASL API implementation (supplement postfix for SMTP AUTH)
`cyrus-sasl2-doc`	I:1	2175	Cyrus SASL - documentation
`msmtp`	V:6, I:11	616	Light weight MTA
`msmtp-mta`	V:5, I:6	124	Light weight MTA (sendmail compatibility extension to `msmtp`)
`esmtp`	V:0, I:0	129	Light weight MTA
`esmtp-run`	V:0, I:0	32	Light weight MTA (sendmail compatibility extension to `esmtp`)
`nullmailer`	V:8, I:9	476	Strip down MTA, no local mail
`ssmtp`	V:5, I:8	2	Strip down MTA, no local mail
`sendmail-bin`	V:14, I:14	1877	Full featured MTA (only if you are already familiar)
`courier-mta`	V:0, I:0	2390	Full featured MTA (web interface etc.)

List of remote access server and utilities

package	popcon	size	tool	description
`openssh-client`	V:854, I:997	5814	`ssh`(1)	Secure shell client
`openssh-server`	V:723, I:818	1948	`sshd`(8)	Secure shell server
`ssh-askpass`	I:23	102	`ssh-askpass`(1)	asks user for a pass phrase for ssh-add (plain X)
`ssh-askpass-gnome`	V:0, I:4	209	`ssh-askpass-gnome`(1)	asks user for a pass phrase for ssh-add (GNOME)
`ssh-askpass-fullscreen`	V:0, I:0	48	`ssh-askpass-fullscreen`(1)	asks user for a pass phrase for ssh-add (GNOME) with extra eye candy
`shellinabox`	V:0, I:1	507	`shellinaboxd`(1)	web server for browser accessible VT100 terminal emulator

List of SSH configuration files

configuration file	description of configuration file
`/etc/ssh/ssh_config`	SSH client defaults, see `ssh_config`(5)
`/etc/ssh/sshd_config`	SSH server defaults, see `sshd_config`(5)
`~/.ssh/authorized_keys`	default public SSH keys that clients use to connect to this account on this SSH server
`~/.ssh/id_rsa`	secret SSH-2 RSA key of the user
`~/.ssh/id_key-type-name`	secret SSH-2 key-type-name key such as `ecdsa`, `ed25519`, ... of the user

List of print servers and utilities

package	popcon	size	port	description
`lpr`	V:2, I:3	367	printer (515)	BSD lpr/lpd (Line printer daemon)
`lprng`	V:0, I:1	3060	, ,	, , (Enhanced)
`cups`	V:102, I:431	1061	IPP (631)	Internet Printing CUPS server
`cups-client`	V:119, I:454	425	, ,	System V printer commands for CUPS: `lp`(1), `lpstat`(1), `lpoptions`(1), `cancel`(1), `lpmove`(8), `lpinfo`(8), `lpadmin`(8), …
`cups-bsd`	V:30, I:230	131	, ,	BSD printer commands for CUPS: `lpr`(1), `lpq`(1), `lprm`(1), `lpc`(8)
`printer-driver-gutenprint`	V:25, I:138	1219	Not applicable	printer drivers for CUPS

other network application servers

package	popcon	size	protocol	description
`telnetd`	V:0, I:2	53	TELNET	TELNET server
`telnetd-ssl`	V:0, I:0	159	, ,	, , (SSL support)
`nfs-kernel-server`	V:48, I:66	677	NFS	Unix file sharing
`samba`	V:107, I:135	4038	SMB	Windows file and printer sharing
`netatalk`	V:1, I:2	2010	ATP	Apple/Mac file and printer sharing (AppleTalk)
`proftpd-basic`	V:10, I:18	452	FTP	General file download
`apache2`	V:220, I:273	563	HTTP	General web server
`squid`	V:10, I:11	9053	, ,	General web proxy server
`bind9`	V:46, I:51	1131	DNS	IP address for other hosts
`isc-dhcp-server`	V:19, I:39	6061	DHCP	IP address of client itself

List of desktop environment

task package	popcon	size	description
`task-gnome-desktop`	I:191	9	GNOME desktop environment
`task-xfce-desktop`	I:97	9	Xfce desktop environment
`task-kde-desktop`	I:78	6	KDE Plasma desktop environment
`task-mate-desktop`	I:44	9	MATE desktop environment
`task-cinnamon-desktop`	I:41	9	Cinnamon desktop environment
`task-lxde-desktop`	I:30	9	LXDE desktop environment
`task-lxqt-desktop`	I:19	9	LXQt desktop environment
`task-gnome-flashback-desktop`	I:13	6	GNOME Flashback desktop environment

List of notable GUI infrastructure packages on gnome

package	popcon	package size	description
`mutter`	V:1, I:74	185	GNOME's mutter window manager [auto]
`xwayland`	V:215, I:295	2363	An X server running on top of wayland [auto]
`gnome-remote-desktop`	V:43, I:196	1063	Remote desktop daemon for GNOME using PipeWire [auto]
`gnome-tweaks`	V:19, I:219	1200	Advanced configuration settings for GNOME
`gnome-shell-extension-prefs`	V:13, I:195	59	Tool to enable / disable GNOME Shell extensions

locale

Internationalization (I18N): To make a software potentially handle multiple locales.
Localization (L10N): To make a software handle an specific locale.

There are 17, 18, or 10 letters between "m" and "n", "i" and "n", or "l" and "n" in multilingualization, internationalization, and localization which correspond to M17N, I18N, and L10N

Actual support of locale dependent features by the libc library requires to install locales or locales-all packages. The locales package requires to be initialized properly.

If neither locales or locales-all package are installed, support of locale features are lost and system uses US English messages and handles data as ASCII. This behavior is the same way as "$LANG" is set by "LANG=", "LANG=C", or "LANG=POSIX".

The simplest representation of the text data is ASCII which is sufficient for English and uses less than 127 characters (representable with 7 bits).

Even plain English text may contain non-ASCII characters, e.g. slightly curly left and right quotation marks are not available in ASCII.

Unicode character set can represent practically all characters known to human with 21 bit code point range (i.e., 0 to 10FFFF in hexadecimal notation).

Text encoding system UTF-8 fits Unicode code points into a sensible 8 bit data stream mostly compatible with the ASCII data processing system. This makes UTF-8 the modern preferred choice. UTF stands for Unicode Transformation Format. When ASCII plain text data is converted to UTF-8 one, it has exactly the same content and size as the original ASCII one. So you loose nothing by deploying UTF-8 locale.

LANG=fr_FR.UTF-8

dpkg-reconfigure locales

Select all required locale data to be compiled into the binary form. (Please make sure to include at least one UTF-8 locale)

Set the system wide default locale value by creating "/etc/default/locale" for use by PAM (see Section 4.5, “PAM and NSS”).

Actual traditional encoding system can be identified by "/usr/share/i18n/SUPPORTED".  Thus,

 the "LANG=en_US" is "LANG=en_US.ISO-8859-1".

The locales-all package comes with pre-compiled locale data for all locale data. Since it doesn't create "/etc/default/locale", you may still need to install the locales package, too.

mount(8) for vfat filesystem assumes CP437 if used without option. You need to provide explicit mount option to use UTF-8 or CP932 for filenames

/usr/share/man/it/

LANG=it_IT.UTF-8 man programname

IBus and its engine packages

package	popcon	size	supported locale
ibus	V:179, I:229	1710	input method framework using dbus
ibus-mozc	V:1, I:3	935	Japanese
ibus-anthy	V:0, I:1	8856	, ,
ibus-skk	V:0, I:0	242	, ,
ibus-kkc	V:0, I:0	210	, ,
ibus-libpinyin	V:1, I:3	2719	Chinese (for zh_CN)
ibus-chewing	V:0, I:0	422	, , (for zh_TW)
ibus-libzhuyin	V:0, I:0	40987	, , (for zh_TW)
ibus-rime	V:0, I:0	77	, , (for zh_CN/zh_TW)
ibus-cangjie	V:0, I:0	119	, , (for zh_HK)
ibus-hangul	V:0, I:2	264	Korean
ibus-libthai	I:0	90	Thai
ibus-table-thai	I:0	58	Thai
ibus-unikey	V:0, I:0	318	Vietnamese
ibus-keyman	V:0, I:0	137	Multilingual: Keyman engine for over 2000 languages
ibus-table	V:0, I:1	2137	table engine for IBus
ibus-m17n	V:0, I:1	377	Multilingual: Indic, Arabic and others
plasma-widgets-addons	V:44, I:95	1984	additional widgets for Plasma 5 containing Keyboard Indicator

For Chinese, "fcitx5" may be an alternative input method framework

East Asian Ambiguous Character Width Characters

export NCURSES_NO_UTF8_ACS=0.

bsdutils

/usr/bin/logger
/usr/bin/renice
/usr/bin/script
/usr/bin/scriptlive
/usr/bin/scriptreplay
/usr/bin/wall

debianutils needed for bash/dash

/bin/run-parts
/bin/tempfile
/sbin/installkernel
/usr/bin/ischroot
/usr/bin/savelog
/usr/bin/which.debianutils
/usr/sbin/add-shell
/usr/sbin/remove-shell
/usr/sbin/update-shells
/usr/share/debianutils/shells

f programs to support console activities

package	popcon	size	description
`mc`	V:48, I:213	1490	See Section 1.3, “Midnight Commander (MC)”
`bsdutils`	V:560, I:999	356	`script`(1) command to make a record of terminal session
`screen`	V:77, I:240	997	terminal multiplexer with VT100/ANSI terminal emulation
`tmux`	V:39, I:143	1110	terminal multiplexer alternative (Use "Control-B" instead)
`fzf`	V:4, I:14	3409	fuzzy text finder
`fzy`	V:0, I:0	54	fuzzy text finder
`rlwrap`	V:1, I:14	330	readline feature command line wrapper
`ledit`	V:0, I:10	315	readline feature command line wrapper
`rlfe`	V:0, I:0	42	readline feature command line wrapper
`ripgrep`	V:4, I:16	4517	fast recursive string search in the source code tree with automatic filtering

. List of key bindings for screen

key binding	meaning
`^A ?`	show a help screen (display key bindings)
`^A c`	create a new window and switch to it
`^A n`	go to next window
`^A p`	go to previous window
`^A 0`	go to window number 0
`^A 1`	go to window number 1
`^A w`	show a list of windows
`^A a`	send a Ctrl-A to current window as keyboard input
`^A h`	write a hardcopy of current window to file
`^A H`	begin/end logging current window to file
`^A ^X`	lock the terminal (password protected)
`^A d`	detach screen session from the terminal
`^A DD`	detach screen session and log out

fzf completions

FZF_KEYBINDINGS_PATH=/usr/share/doc/fzf/examples/key-bindings.bash
if [ -f $FZF_KEYBINDINGS_PATH ]; then
  . $FZF_KEYBINDINGS_PATH
fi
FZF_COMPLETION_PATH=/usr/share/doc/fzf/examples/completion.bash
if [ -f $FZF_COMPLETION_PATH ]; then
  . $FZF_COMPLETION_PATH
fi

rlwrap dash -i

rg = ripgrep

Display examples of time and date for the "ls -l" command with the time style value

time style value	locale	display of time and date
`iso`	any	`01-19 00:15`
`long-iso`	any	`2009-01-19 00:15`
`full-iso`	any	`2009-01-19 00:15:16.000000000 +0900`
`locale`	`C`	`Jan 19 00:15`
`locale`	`en_US.UTF-8`	`Jan 19 00:15`
`locale`	`es_ES.UTF-8`	`ene 19 00:15`
`+%d.%m.%y %H:%M`	any	`19.01.09 00:15`
`+%d.%b.%y %H:%M`	`C` or `en_US.UTF-8`	`19.Jan.09 00:15`
`+%d.%b.%y %H:%M`	`es_ES.UTF-8`	`19.ene.09 00:15`

$ RED=$(printf "\x1b[31m")
$ NORMAL=$(printf "\x1b[0m")
$ REVERSE=$(printf "\x1b[7m")
$ echo "${RED}RED-TEXT${NORMAL} ${REVERSE}REVERSE-TEXT${NORMAL}"

clolr cmd

if [ "$TERM" != "dumb" ]; then
    eval "`dircolors -b`"
    alias ls='ls --color=always'
    alias ll='ls --color=always -l'
    alias la='ls --color=always -A'
    alias less='less -R'
    alias ls='ls --color=always'
    alias grep='grep --color=always'
    alias egrep='egrep --color=always'
    alias fgrep='fgrep --color=always'
    alias zgrep='zgrep --color=always'
else
    alias ll='ls -l'
    alias la='ls -A'
fi

. List of packages which can record configuration history

package	popcon	size	description
`etckeeper`	V:25, I:29	164	store configuration files and their metadata with Git (default), Mercurial, or Bazaar (new)
`timeshift`	V:5, I:9	3421	system restore utility using rsync or BTRFS snapshots
`snapper`	V:4, I:5	2351	Linux filesystem snapshot management tool

List of tools for monitoring and controlling program activities

package	popcon	size	description
`coreutils`	V:876, I:999	18062	`nice`(1): run a program with modified scheduling priority
`bsdutils`	V:560, I:999	356	`renice`(1): modify the scheduling priority of a running process
`procps`	V:750, I:999	2163	"`/proc`" filesystem utilities: `ps`(1), `top`(1), `kill`(1), `watch`(1), …
`psmisc`	V:404, I:785	909	"`/proc`" filesystem utilities: `killall`(1), `fuser`(1), `peekfd`(1), `pstree`(1)
`time`	V:8, I:149	129	`time`(1): run a program to report system resource usages with respect to time
`sysstat`	V:153, I:175	1785	`sar`(1), `iostat`(1), `mpstat`(1), …: system performance tools for Linux
`isag`	V:0, I:3	106	Interactive System Activity Grapher for sysstat
`lsof`	V:401, I:943	482	`lsof`(8): list files opened by a running process using "`-p`" option
`strace`	V:12, I:124	2875	`strace`(1): trace system calls and signals
`ltrace`	V:0, I:15	330	`ltrace`(1): trace library calls
`xtrace`	V:0, I:0	353	`xtrace`(1): trace communication between X11 client and server
`powertop`	V:17, I:211	669	`powertop`(1): information about system power use
`cron`	V:856, I:996	227	run processes according to a schedule in background from `cron`(8) daemon
`anacron`	V:383, I:472	92	cron-like command scheduler for systems that don't run 24 hours a day
`at`	V:109, I:171	158	`at`(1) or `batch`(1): run a job at a specified time or below certain load level

Display time used by the process invoked by the command.

time some_command >/dev/null

real    0m0.035s       # time on wall clock (elapsed real time)
user    0m0.000s       # time in user mode
sys     0m0.020s       # time in kernel mode

List of nice values for the scheduling priority

nice value	scheduling priority
19	lowest priority process (nice)
0	very high priority process for user
-20	very high priority process for root (not-nice)

nice  -19 top                                      # very nice
nice --20 wodim -v -eject speed=2 dev=0,0 disk.img # very fast

Sometimes an extreme nice value does more harm than good to the system

List of ps command styles

style	typical command	feature
BSD	`ps aux`	display %CPU %MEM
System V	`ps -efH`	display PPID

sudo lsof -p 1

You can trace system calls of the ls command as the following.

 sudo strace ls

Use strace-graph script found in /usr/share/doc/strace/examples/ to make a nice tree view

You can also identify processes using files by fuser

sudo fuser -v /var/log/mail.log

You can also identify processes using sockets by fuser

sudo fuser -v smtp/tcp

watch w

This displays who is logged on to the system updated every 2 seconds.

looping

for x in *.ext; do if [ -f "$x"]; then command "$x" ; fi; done

find(1) and xargs(1) combination:

find . -type f -maxdepth 1 -name '*.ext' -print0 | xargs -0 -n 1 command

find(1) with "-exec" option with a command:

find . -type f -maxdepth 1 -name '*.ext' -exec command '{}' \;

find(1) with "-exec" option with a short shell script:

find . -type f -maxdepth 1 -name '*.ext' -exec sh -c "command '{}' && echo 'successful'" \;

update-alternatives(1) system for programs such as "editor", "view", "x-www-browser", "gnome-www-browser", and "www-browser"

The debianutils package provides sensible-browser(1), sensible-editor(1), and sensible-pager(1) which make sensible decisions on which editor, pager, and web browser to call, respectively.

Use kill(1) to kill (or send a signal to) a process by the process ID.

Use killall(1) or pkill(1) to do the same by the process command name and other attributes.

  signals for kill command
signal value    signal name    action    note
0    ---    no signal is sent (see kill(2))    check if process is running
1    SIGHUP    terminate the process    disconnected terminal (signal hang up)
2    SIGINT    terminate the process    interrupt from keyboard (CTRL-C)
3    SIGQUIT    terminate the process and dump core    quit from keyboard (CTRL-\)
9    SIGKILL    terminate the process    unblockable kill signal
15    SIGTERM    terminate the process    blockable termination signal

Pressing Alt-SysRq (PrtScr) followed by one keys does the magic of rescuing control of the system.

SAK command keys

key following Alt-SysRq	description of action
`k`	kill all processes on the current virtual console (SAK)
`s`	sync all mounted filesystems to avoid data corruption
`u`	remount all mounted filesystems read-only (umount)
`r`	restore the keyboard from raw mode after X crashes

https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html

Tip

From SSH terminal etc., you can use the Alt-SysRq feature by writing to the "/proc/sysrq-trigger". For example, "echo s > /proc/sysrq-trigger; echo u > /proc/sysrq-trigger" from the root shell prompt syncs and umounts all mounted filesystems.

Debian amd64 Linux kernel has /proc/sys/kernel/sysrq=438 =0b110110110

/proc/sys/kernel/sysrq:

0 - disable sysrq completely
1 - enable all functions of sysrq

>1 - bitmask of allowed sysrq functions (see below for detailed function description):

=   0x2 - enable control of console logging level
=   0x4 - enable control of keyboard (SAK, unraw)
=   0x8 - enable debugging dumps of processes etc.
=  0x10 - enable sync command
=  0x20 - enable remount read-only
=  0x40 - enable signalling of processes (term, kill, oom-kill)
=  0x80 - allow reboot/poweroff
= 0x100 - allow nicing of all RT tasks

ou can check who is on the system by the following.

who(1) shows who is logged on.
w(1) shows who is logged on and what they are doing.
last(1) shows listing of last logged in user.
lastb(1) shows listing of last bad logged in users.

	Tip
	"`/var/run/utmp`", and "`/var/log/wtmp`" hold such user information. See `login`(1) and `utmp`(5).

lspci -nn

`/proc/bus/pci/devices`

`tree /sys/bus/pci`

List of hardware identification tools

package	popcon	size	description
`pciutils`	V:232, I:991	212	Linux PCI Utilities: `lspci`(8)
`usbutils`	V:72, I:865	320	Linux USB utilities: `lsusb`(8)
`nvme-cli`	V:11, I:18	1486	NVMe utilities for Linux: `nvme`(1)
`pcmciautils`	V:7, I:11	91	PCMCIA utilities for Linux: `pccardctl`(8)
`scsitools`	V:0, I:2	375	collection of tools for SCSI hardware management: `lsscsi`(8)
`procinfo`	V:0, I:8	132	system information obtained from "`/proc`": `lsdev`(8)
`lshw`	V:13, I:91	919	information about hardware configuration: `lshw`(1)
`discover`	V:39, I:955	98	hardware identification system: `discover`(8)

hardware configuration tools

package	popcon	size	description
`console-setup`	V:96, I:966	428	Linux console font and keytable utilities
`x11-xserver-utils`	V:291, I:520	576	X server utilities: `xset`(1), `xmodmap`(1)
`acpid`	V:94, I:170	154	daemon to manage events delivered by the Advanced Configuration and Power Interface (ACPI)
`acpi`	V:10, I:157	47	utility to display information on ACPI devices
`sleepd`	V:0, I:0	86	daemon to put a laptop to sleep during inactivity
`hdparm`	V:206, I:383	256	hard disk access optimization (see Section 9.6.9, “Optimization of hard disk”)
`smartmontools`	V:196, I:244	2199	control and monitor storage systems using S.M.A.R.T.
`setserial`	V:4, I:7	103	collection of tools for serial port management
`memtest86+`	V:1, I:22	12687	collection of tools for memory hardware management
`scsitools`	V:0, I:2	375	collection of tools for SCSI hardware management
`setcd`	V:0, I:0	37	compact disc drive access optimization
`big-cursor`	I:0	26	larger mouse cursors for X

hwclock --utc --systohc

hwclock --show

"/etc/terminfo/*/*"

"$TERM" environment variable

setterm(1), stty(1), tic(1), and toe(1)

aplay /dev/urandom

List of sound packages

package	popcon	size	description
`alsa-utils`	V:317, I:459	2537	utilities for configuring and using ALSA
`oss-compat`	V:1, I:17	20	OSS compatibility under ALSA preventing "`/dev/dsp not found`" errors
`pipewire`	V:253, I:309	111	audio and video processing engine multimedia server - metapackage
`pipewire-bin`	V:264, I:309	1607	audio and video processing engine multimedia server - audio server and CLI programs
`pipewire-alsa`	V:66, I:111	204	audio and video processing engine multimedia server - audio server to replace ALSA
`pipewire-pulse`	V:108, I:154	48	audio and video processing engine multimedia server - audio server to replace PulseAudio
`pulseaudio`	V:288, I:347	6462	PulseAudio server
`libpulse0`	V:395, I:576	969	PulseAudio client library
`jackd`	V:2, I:20	9	JACK Audio Connection Kit. (JACK) server (low latency)
`libjack0`	V:1, I:10	329	JACK Audio Connection Kit. (JACK) library (low latency)
`libgstreamer1.0-0`	V:415, I:587	4441	GStreamer: GNOME sound engine
`libphonon4qt5-4`	V:73, I:163	572	Phonon: KDE sound engine

List of commands for disabling the screen saver

environment	command
The Linux console	`setterm -powersave off`
The X Window (turning off screensaver)	`xset s off`
The X Window (disabling dpms)	`xset -dpms`
The X Window (GUI configuration of screen saver)	`xscreensaver-command -prefs`

echo "set bell-style none">> ~/.inputrc

ystem security and integrity check

package	popcon	size	description
`logcheck`	V:6, I:8	110	daemon to mail anomalies in the system logfiles to the administrator
`debsums`	V:5, I:36	98	utility to verify installed package files against MD5 checksums
`chkrootkit`	V:7, I:18	924	rootkit detector
`clamav`	V:9, I:47	28695	anti-virus utility for Unix - command-line interface
`tiger`	V:1, I:2	7800	report system security vulnerabilities
`tripwire`	V:2, I:2	12088	file and directory integrity checker
`john`	V:1, I:9	471	active password cracking tool
`aide`	V:1, I:1	289	Advanced Intrusion Detection Environment - static binary
`integrit`	V:0, I:0	2659	file integrity verification program
`crack`	V:0, I:1	152	password guessing program

Since the debsums package uses MD5 checksums stored locally, it can not be fully trusted as the system security audit tool against malicious attacks.

find / -perm 777 -a \! -type s -a \! -type l -a \! \( -type d -a -perm 1777 \)

filesystem management packages

package	popcon	size	description
`e2fsprogs`	V:742, I:999	1496	utilities for the ext2/ext3/ext4 filesystems
`btrfs-progs`	V:45, I:72	4851	utilities for the Btrfs filesystem
`reiserfsprogs`	V:12, I:26	469	utilities for the Reiserfs filesystem
`zfsutils-linux`	V:28, I:29	1615	utilities for the OpenZFS filesystem
`dosfstools`	V:180, I:526	315	utilities for the FAT filesystem. (Microsoft: MS-DOS, Windows)
`exfatprogs`	V:25, I:318	281	utilities for the exFAT filesystem maintained by Samsung.
`exfat-fuse`	V:7, I:159	73	read/write exFAT filesystem (Microsoft) driver for FUSE.
`exfat-utils`	V:5, I:148	231	utilities for the exFAT filesystem maintained by the exfat-fuse author.
`xfsprogs`	V:23, I:97	3476	utilities for the XFS filesystem. (SGI: IRIX)
`ntfs-3g`	V:196, I:506	1470	read/write NTFS filesystem (Microsoft: Windows NT, …) driver for FUSE.
`jfsutils`	V:0, I:8	1577	utilities for the JFS filesystem. (IBM: AIX, OS/2)
`reiser4progs`	V:0, I:2	1367	utilities for the Reiser4 filesystem
`hfsprogs`	V:0, I:5	394	utilities for HFS and HFS Plus filesystem. (Apple: Mac OS)
`zerofree`	V:5, I:128	25	program to zero free blocks from ext2/3/4 filesystems

compress btrfs root

btrfs filesystem defragment -r -v -czstd /

disk image

cp /dev/sdb disk.img

 dd if=/dev/sdb of=disk.img

mbr

dd if=/dev/hda of=mbr.img bs=512 count=1

dd if=/dev/hda of=mbr-nopart.img bs=446 count=1

 dd if=/dev/hda of=mbr-part.img skip=446 bs=1 count=66

dd if=disk.img of=/dev/sdb
dd if=partition.img of=/dev/sdb1

losetup -v -f partition.img

mkdir -p /mnt/loop0

mount -t auto /dev/loop0 /mnt/loop0

umount /dev/loop0

losetup -d /dev/loop0

mkdir -p /mnt/loop0

mount -t auto -o loop partition.img /mnt/loop0

 umount partition.img

 modinfo -p loop # verify kernel capability

modprobe loop max_part=16

zerofree /dev/loop3
cp --sparse=always disk.img new.img
 
 empty disk
dd bs=1 count=0 if=/dev/zero of=disk.img seek=5G
 fallocate can do same
  
List of packages which view and edit binary data
            
            
              
                
                  
                  
                  
                  
                
                
                  
                     package 
                     popcon 
                     size 
                     description 
                  
                
                
                  
                    
                       coreutils 
                    
                    
                      V:876, I:999
                    
                    
                      18062
                    
                     basic package which has od(1) to dump files (HEX, ASCII, OCTAL, …) 
                  
                  
                    
                       bsdmainutils 
                    
                    
                      V:15, I:389
                    
                    
                      17
                    
                     utility package which has hd(1) to dump files (HEX, ASCII, OCTAL, …) 
                  
                  
                    
                       hexedit 
                    
                    
                      V:0, I:9
                    
                    
                      73
                    
                     binary editor and viewer (HEX, ASCII) 
                  
                  
                    
                       bless 
                    
                    
                      V:0, I:2
                    
                    
                      924
                    
                     full featured hexadecimal editor (GNOME) 
                  
                  
                    
                       okteta 
                    
                    
                      V:0, I:10
                    
                    
                      1581
                    
                     full featured hexadecimal editor (KDE4) 
                  
                  
                    
                       ncurses-hexedit 
                    
                    
                      V:0, I:1
                    
                    
                      130
                    
                     binary editor and viewer (HEX, ASCII, EBCDIC) 
                  
                  
                    
                       beav 
                    
                    
                      V:0, I:0
                    
                    
                      137
                    
                     binary editor and viewer (HEX, ASCII, EBCDIC, OCTAL, …) 
                  
                
              
            List of packages for data file recovery and forensic analysis
            
            
              
                
                  
                  
                  
                  
                
                
                  
                     package 
                     popcon 
                     size 
                     description 
                  
                
                
                  
                    
                       testdisk 
                    
                    
                      V:2, I:29
                    
                    
                      1413
                    
                     utilities for partition scan and disk recovery 
                  
                  
                    
                       magicrescue 
                    
                    
                      V:0, I:2
                    
                    
                      255
                    
                     utility to recover files by looking for magic bytes 
                  
                  
                    
                       scalpel 
                    
                    
                      V:0, I:3
                    
                    
                      88
                    
                     frugal, high performance file carver 
                  
                  
                    
                       myrescue 
                    
                    
                      V:0, I:2
                    
                    
                      83
                    
                     rescue data from damaged harddisks 
                  
                  
                    
                       extundelete 
                    
                    
                      V:0, I:8
                    
                    
                      147
                    
                     utility to undelete files on the ext3/4 filesystem 
                  
                  
                    
                       ext4magic 
                    
                    
                      V:0, I:4
                    
                    
                      233
                    
                     utility to undelete files on the ext3/4 filesystem 
                  
                  
                    
                       ext3grep 
                    
                    
                      V:0, I:2
                    
                    
                      293
                    
                     tool to help recover deleted files on the ext3 filesystem 
                  
                  
                    
                       scrounge-ntfs 
                    
                    
                      V:0, I:2
                    
                    
                      50
                    
                     data recovery program for NTFS filesystems 
                  
                  
                    
                       gzrt 
                    
                    
                      V:0, I:0
                    
                    
                      33
                    
                     gzip recovery toolkit 
                  
                  
                    
                       sleuthkit 
                    
                    
                      V:2, I:24
                    
                    
                      1611
                    
                     tools for forensics analysis. (Sleuthkit) 
                  
                  
                    
                       autopsy 
                    
                    
                      V:0, I:1
                    
                    
                      1027
                    
                     graphical interface to SleuthKit 
                  
                  
                    
                       foremost 
                    
                    
                      V:0, I:5
                    
                    
                      102
                    
                     forensics application to recover data 
                  
                  
                    
                       guymager 
                    
                    
                      V:0, I:1
                    
                    
                      1021
                    
                     forensic imaging tool based on Qt 
                  
                  
                    
                       dcfldd 
                    
                    
                      V:0, I:4
                    
                    
                      114
                    
                     enhanced version of dd for forensics and security 
                  
                
              
            
           
 split -b 2000m large_file
cat x* >large_file
Please make sure you do not have any files starting with "x" to avoid name crashes.
 clear file in use 
:>file_to_be_cleared
 
 ls -li
 
 lsof -s -X / |grep deleted
 
  
List of virtualization tools
            
            
              
                
                  
                  
                  
                  
                
                
                  
                     package 
                     popcon 
                     size 
                     description 
                  
                
                
                  
                    
                       coreutils 
                    
                    
                      V:876, I:999
                    
                    
                      18062
                    
                     GNU core utilities which contain chroot(8) 
                  
                  
                    
                       systemd-container 
                    
                    
                      V:48, I:56
                    
                    
                      1299
                    
                     systemd container/nspawn tools which contain systemd-nspawn(1) 
                  
                  
                    
                       schroot 
                    
                    
                      V:5, I:7
                    
                    
                      2508
                    
                     specialized tool for executing Debian binary packages in chroot 
                  
                  
                    
                       sbuild 
                    
                    
                      V:1, I:3
                    
                    
                      243
                    
                     tool for building Debian binary packages from Debian sources 
                  
                  
                    
                       debootstrap 
                    
                    
                      V:5, I:55
                    
                    
                      308
                    
                     bootstrap a basic Debian system (written in sh) 
                  
                  
                    
                       cdebootstrap 
                    
                    
                      V:0, I:1
                    
                    
                      111
                    
                     bootstrap a Debian system (written in C) 
                  
                  
                    
                       virt-manager 
                    
                    
                      V:10, I:42
                    
                    
                      2296
                    
                     Virtual Machine Manager: desktop application for managing virtual machines 
                  
                  
                    
                       libvirt-clients 
                    
                    
                      V:44, I:63
                    
                    
                      1212
                    
                     programs for the libvirt library 
                  
                  
                    
                       games-emulator 
                    
                    
                      I:0
                    
                    
                      21
                    
                     games-emulator: Debian's emulators for games 
                  
                  
                    
                       bochs 
                    
                    
                      V:0, I:0
                    
                    
                      6956
                    
                    Bochs: IA-32 PC emulator 
                  
                  
                    
                       qemu 
                    
                    
                      I:18
                    
                    
                      97
                    
                     QEMU: fast generic processor emulator 
                  
                  
                    
                       qemu-system 
                    
                    
                      I:20
                    
                    
                      66
                    
                     QEMU: full system emulation binaries 
                  
                  
                    
                       qemu-user 
                    
                    
                      V:1, I:7
                    
                    
                      103943
                    
                     QEMU: user mode emulation binaries 
                  
                  
                    
                       qemu-utils 
                    
                    
                      V:11, I:104
                    
                    
                      10344
                    
                     QEMU: utilities 
                  
                  
                    
                       qemu-system-x86 
                    
                    
                      V:33, I:89
                    
                    
                      45580
                    
                     KVM: full virtualization on x86 hardware with the hardware-assisted virtualization 
                  
                  
                    
                       virtualbox 
                    
                    
                      V:6, I:8
                    
                    
                      131137
                    
                     VirtualBox: x86 virtualization solution on i386 and amd64 
                  
                  
                    
                       xen-tools 
                    
                    
                      V:0, I:2
                    
                    
                      719
                    
                     tools to manage debian XEN virtual server 
                  
                  
                    
                       wine 
                    
                    
                      V:13, I:59
                    
                    
                      135
                    
                     Wine: Windows API Implementation (standard suite) 
                  
                  
                    
                       dosbox 
                    
                    
                      V:1, I:15
                    
                    
                      2671
                    
                     DOSBox: x86 emulator with Tandy/Herc/CGA/EGA/VGA/SVGA graphics, sound and DOS 
                  
                  
                    
                       lxc 
                    
                    
                      V:9, I:12
                    
                    
                      25643
                    
                     Linux containers user space tools 
                  
                  
                    
                       python3-venv 
                    
                    
                      I:72
                    
                    
                      6
                    
                     venv for creating virtual python environments (system library) 
                  
                  
                    
                       python3-virtualenv 
                    
                    
                      V:9, I:49
                    
                    
                      364
                    
                     virtualenv for creating isolated virtual python environments 
                  
                  
                    
                       pipx 
                    
                    
                      V:2, I:10
                    
                    
                      931
                    
                     pipx for installing python applications in isolated environments 
                  
                
              
            
          
            
 List of archive and compression tools
            
            
              
                
                  
                  
                  
                  
                  
                  
                
                
                  
                     package 
                     popcon 
                     size 
                     extension 
                     command 
                     comment 
                  
                
                
                  
                    
                       tar 
                    
                    
                      V:907, I:999
                    
                    
                      3144
                    
                     .tar 
                    tar(1) 
                     the standard archiver (de facto standard) 
                  
                  
                    
                       cpio 
                    
                    
                      V:439, I:998
                    
                    
                      1141
                    
                     .cpio 
                    cpio(1) 
                     Unix System V style archiver, use with find(1) 
                  
                  
                    
                       binutils 
                    
                    
                      V:164, I:629
                    
                    
                      143
                    
                     .ar 
                    ar(1) 
                     archiver for the creation of static libraries 
                  
                  
                    
                       fastjar 
                    
                    
                      V:1, I:15
                    
                    
                      183
                    
                     .jar 
                    fastjar(1) 
                     archiver for Java (zip like) 
                  
                  
                    
                       pax 
                    
                    
                      V:9, I:16
                    
                    
                      170
                    
                     .pax 
                    pax(1) 
                     new POSIX standard archiver, compromise between tar and cpio 
                  
                  
                    
                       gzip 
                    
                    
                      V:872, I:999
                    
                    
                      252
                    
                     .gz 
                    gzip(1), zcat(1), … 
                     GNU LZ77 compression utility (de facto standard) 
                  
                  
                    
                       bzip2 
                    
                    
                      V:161, I:969
                    
                    
                      121
                    
                     .bz2 
                    bzip2(1), bzcat(1), … 
                    Burrows-Wheeler block-sorting compression utility with higher compression ratio than gzip(1) (slower than gzip with similar syntax) 
                  
                  
                    
                       lzma 
                    
                    
                      V:1, I:18
                    
                    
                      149
                    
                     .lzma 
                    lzma(1) 
                    LZMA compression utility with higher compression ratio than gzip(1)  (deprecated) 
                  
                  
                    
                       xz-utils 
                    
                    
                      V:380, I:979
                    
                    
                      1248
                    
                     .xz 
                    xz(1), xzdec(1), … 
                    XZ compression utility with higher compression ratio than bzip2(1) (slower than gzip but faster than bzip2; replacement for LZMA compression utility) 
                  
                  
                    
                       zstd 
                    
                    
                      V:125, I:325
                    
                    
                      2138
                    
                     .zstd 
                    zstd(1), zstdcat(1), … 
                    Zstandard fast lossless compression utility 
                  
                  
                    
                       p7zip 
                    
                    
                      V:114, I:472
                    
                    
                      987
                    
                     .7z 
                    7zr(1), p7zip(1) 
                    7-Zip file archiver with high compression ratio (LZMA compression) 
                  
                  
                    
                       p7zip-full 
                    
                    
                      V:117, I:474
                    
                    
                      4664
                    
                     .7z 
                    7z(1), 7za(1) 
                    7-Zip file archiver with high compression ratio (LZMA compression and others) 
                  
                  
                    
                       lzop 
                    
                    
                      V:15, I:139
                    
                    
                      164
                    
                     .lzo 
                    lzop(1) 
                    LZO compression utility with higher compression and decompression speed than gzip(1) (lower compression ratio than gzip with similar syntax) 
                  
                  
                    
                       zip 
                    
                    
                      V:47, I:387
                    
                    
                      616
                    
                     .zip 
                    zip(1) 
                    InfoZIP: DOS archive and compression tool 
                  
                  
                    
                       unzip 
                    
                    
                      V:102, I:774
                    
                    
                      379
                    
                     .zip 
                    unzip(1) 
                    InfoZIP: DOS unarchive and decompression tool 
                  
                
              
            
          
          
copy and synchronization tools
            
            
              
                
                  
                  
                  
                  
                  
                
                
                  
                     package 
                     popcon 
                     size 
                     tool 
                     function 
                  
                
                
                  
                    
                       coreutils 
                    
                    
                      V:876, I:999
                    
                    
                      18062
                    
                     GNU cp 
                     locally copy files and directories ("-a" for recursive) 
                  
                  
                    
                       openssh-client 
                    
                    
                      V:854, I:997
                    
                    
                      5814
                    
                     scp 
                     remotely copy files and directories (client, "-r" for recursive) 
                  
                  
                    
                       openssh-server 
                    
                    
                      V:723, I:818
                    
                    
                      1948
                    
                     sshd 
                     remotely copy files and directories (remote server) 
                  
                  
                    
                       rsync 
                    
                    
                      V:249, I:557
                    
                    
                      776
                    
                     

                     1-way remote synchronization and backup 
                  
                  
                    
                       unison 
                    
                    
                      V:3, I:13
                    
                    
                      14
                    
                     

                     2-way remote synchronization and backup

Copying files with rsync(8) offers richer features than others.

delta-transfer algorithm that sends only the differences between the source files and the existing files in the destination
quick check algorithm (by default) that looks for files that have changed in size or in last-modified time
"--exclude" and "--exclude-from" options similar to tar(1)
"a trailing slash on the source directory" syntax that avoids creating an additional directory level at the destination.

tar -cvJf archive.tar.xz ./source

 tar -xvJf archive.tar.xz 
 
List of filesystem choices for removable storage devices with typical usage scenarios
            
            
              
                
                  
                  
                
                
                  
                     filesystem name 
                     typical usage scenario 
                  
                
                
                  
                     FAT12 
                     cross platform sharing of data on the floppy disk (<32MiB) 
                  
                  
                     FAT16 
                     cross platform sharing of data on the small hard disk like device (<2GiB) 
                  
                  
                     FAT32 
                     cross platform sharing of data on the large hard disk like device (<8TiB, supported by newer than MS Windows95 OSR2) 
                  
                  
                     exFAT 
                     cross platform sharing
 of data on the large hard disk like device (<512TiB, supported by 
WindowsXP, Mac OS X Snow Leopard 10.6.5, and  Linux kernel since 5.4 
release) 
                  
                  
                     NTFS 
                     cross platform sharing of data on the large hard disk like device (supported natively on MS Windows NT and later version, and supported by NTFS-3G via FUSE on Linux) 
                  
                  
                     ISO9660 
                     cross platform sharing of static data on CD-R and DVD+/-R 
                  
                  
                     UDF 
                     incremental data writing on CD-R and DVD+/-R (new) 
                  
                  
                     MINIX 
                     space efficient unix file data storage on the floppy disk 
                  
                  
                     ext2 
                     sharing of data on the hard disk like device with older Linux systems 
                  
                  
                     ext3 
                     sharing of data on the hard disk like device with older Linux systems 
                  
                  
                     ext4 
                     sharing of data on the hard disk like device with current Linux systems 
                  
                  
                     btrfs 
                     sharing of data on the hard disk like device with current Linux systems with read-only snapshots
                  
                
              
            
          
data security infrastructure tools
          
          
            
              
                
                
                
                
                
              
              
                
                   package 
                   popcon 
                   size 
                   command 
                   description 
                
              
              
                
                  
                     gnupg 
                  
                  
                    V:551, I:914
                  
                  
                    885
                  
                   gpg(1) 
                   GNU Privacy Guard -  OpenPGP encryption and signing tool 
                
                
                  
                     gpgv 
                  
                  
                    V:889, I:999
                  
                  
                    917
                  
                   gpgv(1) 
                   GNU Privacy Guard - signature verification tool 
                
                
                  
                     paperkey 
                  
                  
                    V:1, I:11
                  
                  
                    58
                  
                   paperkey(1) 
                   extract just the secret information out of OpenPGP secret keys 
                
                
                  
                     cryptsetup 
                  
                  
                    V:36, I:78
                  
                  
                    410
                  
                   cryptsetup(8), … 
                   utilities for dm-crypt block device encryption supporting LUKS 
                
                
                  
                     coreutils 
                  
                  
                    V:876, I:999
                  
                  
                    18062
                  
                   md5sum(1) 
                   compute and check MD5 message digest 
                
                
                  
                     coreutils 
                  
                  
                    V:876, I:999
                  
                  
                    18062
                  
                   sha1sum(1) 
                   compute and check SHA1 message digest 
                
                
                  
                     openssl 
                  
                  
                    V:832, I:995
                  
                  
                    2290
                  
                   openssl(1ssl) 
                   compute message digest with "openssl dgst" (OpenSSL) 
                
                
                  
                     libsecret-tools 
                  
                  
                    V:0, I:13
                  
                  
                    41
                  
                   secret-tool(1) 
                   store and retrieve passwords (CLI) 
                
                
                  
                     seahorse 
                  
                  
                    V:74, I:262
                  
                  
                    7987
                  
                   seahorse(1) 
                   key management tool (GNOME) 
                
              
            
          
        
 GNU Privacy Guard commands for the key management
            
            
              
                
                  
                  
                
                
                  
                     command 
                     description 
                  
                
                
                  
                     gpg --gen-key 
                     generate a new key 
                  
                  
                     gpg --gen-revoke my_user_ID 
                     generate revoke key for my_user_ID 
                  
                  
                     gpg --edit-key user_ID 
                     edit key interactively, "help" for help 
                  
                  
                     gpg -o file --export 
                     export all keys to file 
                  
                  
                     gpg --import file 
                     import all keys from file 
                  
                  
                     gpg --send-keys user_ID 
                     send key of user_ID to keyserver 
                  
                  
                     gpg --recv-keys user_ID 
                     recv. key of user_ID from keyserver 
                  
                  
                     gpg --list-keys user_ID 
                     list keys of user_ID 
                  
                  
                     gpg --list-sigs user_ID 
                     list sig. of user_ID 
                  
                  
                     gpg --check-sigs user_ID 
                     check sig. of user_ID 
                  
                  
                     gpg --fingerprint user_ID 
                     check fingerprint of user_ID 
                  
                  
                     gpg --refresh-keys 
                     update local keyring 
                  
                
              
            
          
 List of GNU Privacy Guard commands on files
            
            
              
                
                  
                  
                
                
                  
                     command 
                     description 
                  
                
                
                  
                     gpg -a -s file 
                     sign file into ASCII armored file.asc 
                  
                  
                     gpg --armor --sign file 
                     , , 
                  
                  
                     gpg --clearsign file 
                     clear-sign message 
                  
                  
                     gpg --clearsign file|mail [email protected] 
                     mail a clear-signed message to [email protected] 
                  
                  
                     gpg --clearsign --not-dash-escaped patchfile 
                     clear-sign patchfile 
                  
                  
                     gpg --verify file 
                     verify clear-signed file 
                  
                  
                     gpg -o file.sig -b file 
                     create detached signature 
                  
                  
                     gpg -o file.sig --detach-sign file 
                     , , 
                  
                  
                     gpg --verify file.sig file 
                     verify file with file.sig 
                  
                  
                     gpg -o crypt_file.gpg -r name -e file 
                     public-key encryption intended for name from file to binary crypt_file.gpg 
                  
                  
                     gpg -o crypt_file.gpg --recipient name --encrypt file 
                     , , 
                  
                  
                     gpg -o crypt_file.asc -a -r name -e file 
                     public-key encryption intended for name from file to ASCII armored crypt_file.asc 
                  
                  
                     gpg -o crypt_file.gpg -c file 
                     symmetric encryption from file to crypt_file.gpg 
                  
                  
                     gpg -o crypt_file.gpg --symmetric file 
                     , , 
                  
                  
                     gpg -o crypt_file.asc -a -c file 
                     symmetric encryption intended for name from file to ASCII armored crypt_file.asc 
                  
                  
                     gpg -o file -d crypt_file.gpg -r name 
                     decryption 
                  
                  
                     gpg -o file --decrypt crypt_file.gpg 
                     , , 
                  
                
              
            
List of source code merge tools
          
          
            
              
                
                
                
                
                
              
              
                
                   package 
                   popcon 
                   size 
                   command 
                   description 
                
              
              
                
                  
                     patch 
                  
                  
                    V:98, I:699
                  
                  
                    248
                  
                  patch(1) 
                   apply a diff file to an original 
                
                
                  
                     vim 
                  
                  
                    V:94, I:374
                  
                  
                    3665
                  
                  vimdiff(1) 
                   compare 2 files side by side in vim 
                
                
                  
                     imediff 
                  
                  
                    V:0, I:0
                  
                  
                    169
                  
                  imediff(1) 
                   interactive full screen 2/3-way merge tool 
                
                
                  
                     meld 
                  
                  
                    V:8, I:29
                  
                  
                    3500
                  
                  meld(1) 
                   compare and merge files (GTK) 
                
                
                  
                     wiggle 
                  
                  
                    V:0, I:0
                  
                  
                    174
                  
                  wiggle(1) 
                   apply rejected patches 
                
                
                  
                     diffutils 
                  
                  
                    V:859, I:996
                  
                  
                    1598
                  
                  diff(1) 
                   compare files line by line 
                
                
                  
                     diffutils 
                  
                  
                    V:859, I:996
                  
                  
                    1598
                  
                  diff3(1) 
                   compare and merges three files line by line 
                
                
                  
                     quilt 
                  
                  
                    V:2, I:23
                  
                  
                    774
                  
                  quilt(1) 
                   manage series of patches 
                
                
                  
                     wdiff 
                  
                  
                    V:7, I:52
                  
                  
                    648
                  
                  wdiff(1) 
                   display word differences between text files 
                
                
                  
                     diffstat 
                  
                  
                    V:13, I:123
                  
                  
                    74
                  
                  diffstat(1) 
                   produce a histogram of changes by the diff 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  combinediff(1) 
                   create a cumulative patch from two incremental patches 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  dehtmldiff(1) 
                   extract a diff from an HTML page 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  filterdiff(1) 
                   extract or excludes diffs from a diff file 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  fixcvsdiff(1) 
                   fix diff files created by CVS that patch(1) mis-interprets 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  flipdiff(1) 
                   exchange the order of two patches 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  grepdiff(1) 
                   show which files are modified by a patch matching a regex 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  interdiff(1) 
                   show differences between two unified diff files 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  lsdiff(1) 
                   show which files are modified by a patch 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  recountdiff(1) 
                   recompute counts and offsets in unified context diffs 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  rediff(1) 
                   fix offsets and counts of a hand-edited diff 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  splitdiff(1) 
                   separate out incremental patches 
                
                
                  
                     patchutils 
                  
                  
                    V:15, I:122
                  
                  
                    232
                  
                  unwrapdiff(1) 
                   demangle patches that have been word-wrapped 
                
                
                  
                     dirdiff 
                  
                  
                    V:0, I:2
                  
                  
                    167
                  
                  dirdiff(1) 
                   display differences and merge changes between directory trees 
                
                
                  
                     docdiff 
                  
                  
                    V:0, I:0
                  
                  
                    553
                  
                  docdiff(1) 
                   compare two files word by word / char by char 
                
                
                  
                     makepatch 
                  
                  
                    V:0, I:0
                  
                  
                    100
                  
                  makepatch(1) 
                   generate extended patch files 
                
                
                  
                     makepatch 
                  
                  
                    V:0, I:0
                  
                  
                    100
                  
                  applypatch(1) 
                   apply extended patch files 
                
              
            
           diff -u file.old file.new > file.patch0
merge patch
 patch -p0 file < file.patch0
patch -p1 file < file.patch1
 
 
imediff -o file.merged file.old file.newimediff -o file.merged file.yours file.base file.theirs
 git related packages and commands
          
          
            
              
                
                
                
                
                
              
              
                
                   package 
                   popcon 
                   size 
                   command 
                   description 
                
              
              
                
                  
                     git 
                  
                  
                    V:333, I:534
                  
                  
                    44963
                  
                  git(7) 
                   Git, the fast, scalable, distributed revision control system 
                
                
                  
                     gitk 
                  
                  
                    V:5, I:32
                  
                  
                    1814
                  
                  gitk(1) 
                   GUI Git repository browser with history 
                
                
                  
                     git-gui 
                  
                  
                    V:1, I:17
                  
                  
                    2408
                  
                  git-gui(1) 
                   GUI for Git (No history) 
                
                
                  
                     git-email 
                  
                  
                    V:0, I:10
                  
                  
                    1062
                  
                  git-send-email(1) 
                   send a collection of patches as email from the Git 
                
                
                  
                     git-buildpackage 
                  
                  
                    V:1, I:9
                  
                  
                    1990
                  
                  git-buildpackage(1) 
                   automate the Debian packaging with the Git 
                
                
                  
                     dgit 
                  
                  
                    V:0, I:1
                  
                  
                    483
                  
                  dgit(1) 
                   git interoperability with the Debian archive 
                
                
                  
                     imediff 
                  
                  
                    V:0, I:0
                  
                  
                    169
                  
                  git-ime(1) 
                   interactive git commit split helper tool 
                
                
                  
                     stgit 
                  
                  
                    V:0, I:0
                  
                  
                    601
                  
                  stg(1) 
                   quilt on top of git (Python) 
                
                
                  
                     git-doc 
                  
                  
                    I:12
                  
                  
                    13067
                  
                   N/A 
                   official documentation for Git 
                
                
                  
                     gitmagic 
                  
                  
                    I:0
                  
                  
                    721
                  
                   N/A 
                   "Git Magic", easier to understand guide for Git 
                
              
            
          
Git tips
            
            
              
                
                  
                  
                
                
                  
                     Git command line 
                     function 
                  
                
                
                  
                     gitk --all 
                     see complete Git 
history and operate on them such as resetting HEAD to another commit, 
cheery-picking patches, creating tags and branches ... 
                  
                  
                     git stash 
                     get the clean working tree without loosing data 
                  
                  
                     git remote -v 
                     check settings for remote 
                  
                  
                     git branch -vv 
                     check settings for branch 
                  
                  
                     git status 
                     show working tree status 
                  
                  
                     git config -l 
                     list git settings 
                  
                  
                     git reset --hard HEAD; git clean -x -d -f 
                     revert all working tree changes and clean them up completely 
                  
                  
                     git rm --cached filename 
                     revert staged index changed by git add filename 
                  
                  
                     git reflog 
                     get reference log (useful for recovering commits from the removed branch)
                  
                  
                     git branch new_branch_name HEAD@{6} 
                     create a new branch from reflog information
                  
                  
                     git remote add new_remote URL 
                     add a new_remote remote repository pointed by URL 
                  
                  
                     git remote rename origin upstream 
                     rename the remote repository name from origin to upstream 
                  
                  
                     git branch -u upstream/branch_name 
                     set the remote tracking to the remote repository upstream and its branch name branch_name. 
                  
                  
                     git remote set-url origin https://foo/bar.git 
                     change URL of origin 
                  
                  
                     git remote set-url --push upstream DISABLED 
                     disable push to upstream (Edit .git/config to re-enable) 
                  
                  
                     git checkout -b topic_branch ; git push -u topic_branch origin 
                     make a new topic_branch and push it to origin
                  
                  
                     git branch -m oldname newname 
                     rename local branch name 
                  
                  
                     git push -d origin branch_to_be_removed 
                     remove remote branch (new method)
                  
                  
                     git push origin :branch_to_be_removed 
                     remove remote branch (old method)
                  
                  
                     git checkout --orphan unconnected 
                     create a new unconnected branch
                  
                  
                     git fetch upstream foo:upstream-foo 
                     create a local (possibly orphan) upstream-foo branch as a copy of foo branch the upstream repository 
                  
                  
                     git rebase -i origin/main 
                     reorder/drop/squish commits from origin/main to clean branch history 
                  
                  
                     git reset HEAD^; git commit --amend  
                     squash last 2 commits into one
                  
                  
                     git checkout topic_branch ; git merge --squash topic_branch  
                     squash entire topic_branch into a commit 
                  
                  
                     git fetch --unshallow --update-head-ok origin '+refs/heads/*:refs/heads/*'  
                     convert a shallow clone to the full clone of all branches 
                  
                  
                     git ime 
                     split the last commit into a series of file-by-file smaller commits etc. (imediff package required)
                  
                  
                     git repack -a -d; git prune 
                     repack the local repository into single pack (this may limit chance of lost data recovery from erased branch etc.)
                  
                
              
            
other version control system tools
            
            
              
                
                  
                  
                  
                  
                  
                  
                
                
                  
                     package 
                     popcon 
                     size 
                     tool 
                     VCS type 
                     comment 
                  
                
                
                  
                    
                       mercurial 
                    
                    
                      V:5, I:31
                    
                    
                      1049
                    
                     Mercurial 
                     distributed 
                     DVCS in Python and some C 
                  
                  
                    
                       darcs 
                    
                    
                      V:0, I:4
                    
                    
                      34070
                    
                     Darcs 
                     distributed 
                     DVCS with smart algebra of patches (slow) 
                  
                  
                    
                       bzr 
                    
                    
                      I:7
                    
                    
                      28
                    
                     Bazaar 
                     distributed 
                     DVCS influenced by tla written in Python (historic) 
                  
                  
                    
                       tla 
                    
                    
                      V:0, I:1
                    
                    
                      1022
                    
                     GNU arch 
                     distributed 
                     DVCS mainly by Tom Lord (historic) 
                  
                  
                    
                       subversion 
                    
                    
                      V:13, I:75
                    
                    
                      4838
                    
                     Subversion 
                     remote 
                     "CVS done right", newer standard remote VCS (historic) 
                  
                  
                    
                       cvs 
                    
                    
                      V:3, I:28
                    
                    
                      4609
                    
                     CVS 
                     remote 
                     previous standard remote VCS (historic)
                  
                  
                    
                       tkcvs 
                    
                    
                      V:0, I:1
                    
                    
                      1498
                    
                     CVS, … 
                     remote 
                     GUI display of VCS (CVS, Subversion, RCS) repository tree 
                  
                  
                    
                       rcs 
                    
                    
                      V:2, I:12
                    
                    
                      564
                    
                     RCS 
                     local 
                     "Unix SCCS done right" (historic)
                  
                  
                    
                       cssc 
                    
                    
                      V:0, I:0
                    
                    
                      2044
                    
                     CSSC 
                     local 
                     clone of the Unix SCCS (historic) 
                  
                
              
            
iconv -f encoding1 -t encoding2 input.txt >output.txtList of encoding values and their usage
            
            
              
                
                  
                  
                
                
                  
                     encoding value 
                     usage 
                  
                
                
                  
                     ASCII 
                    American Standard Code for Information Interchange, 7 bit code w/o accented characters 
                  
                  
                     UTF-8 
                     current multilingual standard for all modern OSs 
                  
                  
                     ISO-8859-1 
                     old standard for western European languages, ASCII + accented characters 
                  
                  
                     ISO-8859-2 
                     old standard for eastern European languages, ASCII + accented characters 
                  
                  
                     ISO-8859-15 
                     old standard for western European languages, ISO-8859-1 with euro sign 
                  
                  
                     CP850 
                     code page 850, Microsoft DOS characters with graphics for western European languages, ISO-8859-1 variant 
                  
                  
                     CP932 
                     code page 932, Microsoft Windows style Shift-JIS variant for Japanese 
                  
                  
                     CP936 
                     code page 936, Microsoft Windows style GB2312, GBK or GB18030 variant for Simplified Chinese 
                  
                  
                     CP949 
                     code page 949, Microsoft Windows style EUC-KR or Unified Hangul Code variant for Korean 
                  
                  
                     CP950 
                     code page 950, Microsoft Windows style Big5 variant for Traditional Chinese 
                  
                  
                     CP1251 
                     code page 1251, Microsoft Windows style encoding for the Cyrillic alphabet 
                  
                  
                     CP1252 
                     code page 1252, Microsoft Windows style ISO-8859-15 variant for western European languages 
                  
                  
                     KOI8-R 
                     old Russian UNIX standard for the Cyrillic alphabet 
                  
                  
                     ISO-2022-JP 
                     standard encoding for Japanese email which uses only 7 bit codes 
                  
                  
                     eucJP 
                     old Japanese UNIX standard 8 bit code and completely different from Shift-JIS 
                  
                  
                     Shift-JIS 
                     JIS X 0208 Appendix 1 standard for Japanese (see CP932) 
                  
                
              
            
 
 
iconv -f utf8 -t utf8 input.txt >/dev/null || echo "non-UTF-8 found"
 
filename convert
#!/bin/sh
ENCDN=iso-8859-1
for x in *;
 do
 mv "$x" "$(echo "$x" | iconv -f $ENCDN -t utf-8)"
done
 
 
 graphic data tools
          
          
            
              
                
                
                
                
                
              
              
                
                   package 
                   popcon 
                   size 
                   keyword 
                   description 
                
              
              
                
                  
                     gimp 
                  
                  
                    V:50, I:260
                  
                  
                    19877
                  
                   image(bitmap) 
                   GNU Image Manipulation Program 
                
                
                  
                     imagemagick 
                  
                  
                    I:321
                  
                  
                    176
                  
                   image(bitmap) 
                   image manipulation programs 
                
                
                  
                     graphicsmagick 
                  
                  
                    V:1, I:13
                  
                  
                    5510
                  
                   image(bitmap) 
                   image manipulation programs (fork of imagemagick) 
                
                
                  
                     xsane 
                  
                  
                    V:12, I:148
                  
                  
                    2339
                  
                   image(bitmap) 
                   GTK-based X11 frontend for SANE (Scanner Access Now Easy) 
                
                
                  
                     netpbm 
                  
                  
                    V:27, I:330
                  
                  
                    8200
                  
                   image(bitmap) 
                   graphics conversion tools 
                
                
                  
                     icoutils 
                  
                  
                    V:7, I:54
                  
                  
                    221
                  
                   png↔ico(bitmap) 
                   convert MS Windows icons and cursors to and from PNG formats (favicon.ico) 
                
                
                  
                     scribus 
                  
                  
                    V:1, I:16
                  
                  
                    30242
                  
                   ps/pdf/SVG/… 
                  Scribus DTP editor 
                
                
                  
                     libreoffice-draw 
                  
                  
                    V:71, I:421
                  
                  
                    13525
                  
                   image(vector) 
                   LibreOffice office suite - drawing 
                
                
                  
                     inkscape 
                  
                  
                    V:14, I:122
                  
                  
                    99316
                  
                   image(vector) 
                  SVG (Scalable Vector Graphics) editor 
                
                
                  
                     dia 
                  
                  
                    V:2, I:21
                  
                  
                    3908
                  
                   image(vector) 
                   diagram editor (Gtk) 
                
                
                  
                     xfig 
                  
                  
                    V:0, I:9
                  
                  
                    7825
                  
                   image(vector) 
                   Facility for Interactive Generation of figures under X11 
                
                
                  
                     pstoedit 
                  
                  
                    V:2, I:53
                  
                  
                    1003
                  
                   ps/pdf→image(vector) 
                   PostScript and PDF files to editable vector graphics converter (SVG) 
                
                
                  
                     libwmf-bin 
                  
                  
                    V:6, I:130
                  
                  
                    151
                  
                   Windows/image(vector) 
                   Windows metafile (vector graphic data) conversion tools 
                
                
                  
                     fig2sxd 
                  
                  
                    V:0, I:0
                  
                  
                    151
                  
                   fig→sxd(vector) 
                   convert XFig files to OpenOffice.org Draw format 
                
                
                  
                     unpaper 
                  
                  
                    V:2, I:17
                  
                  
                    412
                  
                   image→image 
                   post-processing tool for scanned pages for OCR 
                
                
                  
                     tesseract-ocr 
                  
                  
                    V:7, I:34
                  
                  
                    2135
                  
                   image→text 
                   free OCR software based on the HP's commercial OCR engine 
                
                
                  
                     tesseract-ocr-eng 
                  
                  
                    V:7, I:34
                  
                  
                    4032
                  
                   image→text 
                   OCR engine data: tesseract-ocr language files for English text 
                
                
                  
                     gocr 
                  
                  
                    V:0, I:6
                  
                  
                    545
                  
                   image→text 
                   free OCR software 
                
                
                  
                     ocrad 
                  
                  
                    V:0, I:3
                  
                  
                    578
                  
                   image→text 
                   free OCR software 
                
                
                  
                     eog 
                  
                  
                    V:57, I:270
                  
                  
                    7770
                  
                   image(Exif) 
                   Eye of GNOME graphics viewer program 
                
                
                  
                     gthumb 
                  
                  
                    V:3, I:16
                  
                  
                    5321
                  
                   image(Exif) 
                   image viewer and browser (GNOME) 
                
                
                  
                     geeqie 
                  
                  
                    V:4, I:14
                  
                  
                    15402
                  
                   image(Exif) 
                   image viewer using GTK 
                
                
                  
                     shotwell 
                  
                  
                    V:16, I:248
                  
                  
                    6187
                  
                   image(Exif) 
                   digital photo organizer (GNOME) 
                
                
                  
                     gtkam 
                  
                  
                    V:0, I:2
                  
                  
                    1154
                  
                   image(Exif) 
                   application for retrieving media from digital cameras (GTK) 
                
                
                  
                     gphoto2 
                  
                  
                    V:0, I:7
                  
                  
                    947
                  
                   image(Exif) 
                   The gphoto2 digital camera command-line client 
                
                
                  
                     gwenview 
                  
                  
                    V:30, I:101
                  
                  
                    11755
                  
                   image(Exif) 
                   image viewer (KDE) 
                
                
                  
                     kamera 
                  
                  
                    I:101
                  
                  
                    983
                  
                   image(Exif) 
                   digital camera support for KDE applications 
                
                
                  
                     digikam 
                  
                  
                    V:1, I:9
                  
                  
                    292
                  
                   image(Exif) 
                   digital photo management application for KDE 
                
                
                  
                     exiv2 
                  
                  
                    V:2, I:29
                  
                  
                    278
                  
                   image(Exif) 
                   EXIF/IPTC metadata manipulation tool 
                
                
                  
                     exiftran 
                  
                  
                    V:1, I:15
                  
                  
                    69
                  
                   image(Exif) 
                   transform digital camera jpeg images 
                
                
                  
                     jhead 
                  
                  
                    V:0, I:7
                  
                  
                    131
                  
                   image(Exif) 
                   manipulate the non-image part of Exif compliant JPEG (digital camera photo) files 
                
                
                  
                     exif 
                  
                  
                    V:2, I:34
                  
                  
                    339
                  
                   image(Exif) 
                   command-line utility to show EXIF information in JPEG files 
                
                
                  
                     exiftags 
                  
                  
                    V:0, I:3
                  
                  
                    292
                  
                   image(Exif) 
                   utility to read Exif tags from a digital camera JPEG file 
                
                
                  
                     exifprobe 
                  
                  
                    V:0, I:3
                  
                  
                    499
                  
                   image(Exif) 
                   read metadata from digital pictures 
                
                
                  
                     dcraw 
                  
                  
                    V:1, I:11
                  
                  
                    583
                  
                   image(Raw)→ppm 
                   decode raw digital camera images 
                
                
                  
                     findimagedupes 
                  
                  
                    V:0, I:1
                  
                  
                    76
                  
                   image→fingerprint 
                   find visually similar or duplicate images 
                
                
                  
                     ale 
                  
                  
                    V:0, I:0
                  
                  
                    839
                  
                   image→image 
                   merge images to increase fidelity or create mosaics 
                
                
                  
                     imageindex 
                  
                  
                    V:0, I:1
                  
                  
                    145
                  
                   image(Exif)→html 
                   generate static HTML galleries from images 
                
                
                  
                     outguess 
                  
                  
                    V:0, I:1
                  
                  
                    230
                  
                   jpeg,png 
                   universal Steganographic tool 
                
                
                  
                     librecad 
                  
                  
                    V:1, I:14
                  
                  
                    8798
                  
                   DXF 
                   CAD data editor (KDE) 
                
                
                  
                     blender 
                  
                  
                    V:2, I:30
                  
                  
                    89560
                  
                   blend, TIFF, VRML, … 
                   3D content editor for animation etc 
                
                
                  
                     mm3d 
                  
                  
                    V:0, I:0
                  
                  
                    3881
                  
                   ms3d, obj, dxf, … 
                   OpenGL based 3D model editor 
                
                
                  
                     open-font-design-toolkit 
                  
                  
                    I:0
                  
                  
                    9
                  
                   ttf, ps, … 
                   metapackage for open font design 
                
                
                  
                     fontforge 
                  
                  
                    V:0, I:6
                  
                  
                    3980
                  
                   ttf, ps, … 
                   font editor for PS, TrueType and OpenType fonts 
                
                
                  
                     xgridfit 
                  
                  
                    V:0, I:0
                  
                  
                    806
                  
                   ttf 
                   program for gridfitting and hinting TrueType fonts

https://github.com/systemd/mkosi

src

https://github.com/docker-linux/kali/blob/master/build-kali.sh

https://wiki.alpinelinux.org/wiki/Running_glibc_programs

https://www.gnu.org/software/gettext/manual/gettext.html

https://github.com/anomous/DietPi-Debian/

https://github.com/debuerreotype/docker-debian-artifacts

https://github.com/docker-library/official-images/tree/master

https://github.com/elementary/os/blob/master/debootstrap-backport-zstd-support.patch

https://wiki.debian.org/DebianRepository/Format

https://www.debian.org/doc/manuals/aptitude/ch02s05s05.en.html

https://www.debian.org/doc/manuals/debian-reference/

https://www.debian.org/doc/manuals/debian-reference/index.en.html

https://newgtlds.icann.org/en/program-status/delegated-strings

package	popcon	size	description
`testdisk`	V:2, I:29	1413	utilities for partition scan and disk recovery
`magicrescue`	V:0, I:2	255	utility to recover files by looking for magic bytes
`scalpel`	V:0, I:3	88	frugal, high performance file carver
`myrescue`	V:0, I:2	83	rescue data from damaged harddisks
`extundelete`	V:0, I:8	147	utility to undelete files on the ext3/4 filesystem
`ext4magic`	V:0, I:4	233	utility to undelete files on the ext3/4 filesystem
`ext3grep`	V:0, I:2	293	tool to help recover deleted files on the ext3 filesystem
`scrounge-ntfs`	V:0, I:2	50	data recovery program for NTFS filesystems
`gzrt`	V:0, I:0	33	gzip recovery toolkit
`sleuthkit`	V:2, I:24	1611	tools for forensics analysis. (Sleuthkit)
`autopsy`	V:0, I:1	1027	graphical interface to SleuthKit
`foremost`	V:0, I:5	102	forensics application to recover data
`guymager`	V:0, I:1	1021	forensic imaging tool based on Qt
`dcfldd`	V:0, I:4	114	enhanced version of `dd` for forensics and security

package	popcon	size	extension	command	comment
`tar`	V:907, I:999	3144	`.tar`	`tar`(1)	the standard archiver (de facto standard)
`cpio`	V:439, I:998	1141	`.cpio`	`cpio`(1)	Unix System V style archiver, use with `find`(1)
`binutils`	V:164, I:629	143	`.ar`	`ar`(1)	archiver for the creation of static libraries
`fastjar`	V:1, I:15	183	`.jar`	`fastjar`(1)	archiver for Java (zip like)
`pax`	V:9, I:16	170	`.pax`	`pax`(1)	new POSIX standard archiver, compromise between `tar` and `cpio`
`gzip`	V:872, I:999	252	`.gz`	`gzip`(1), `zcat`(1), …	GNU LZ77 compression utility (de facto standard)
`bzip2`	V:161, I:969	121	`.bz2`	`bzip2`(1), `bzcat`(1), …	Burrows-Wheeler block-sorting compression utility with higher compression ratio than `gzip`(1) (slower than `gzip` with similar syntax)
`lzma`	V:1, I:18	149	`.lzma`	`lzma`(1)	LZMA compression utility with higher compression ratio than `gzip`(1) (deprecated)
`xz-utils`	V:380, I:979	1248	`.xz`	`xz`(1), `xzdec`(1), …	XZ compression utility with higher compression ratio than `bzip2`(1) (slower than `gzip` but faster than `bzip2`; replacement for LZMA compression utility)
`zstd`	V:125, I:325	2138	`.zstd`	`zstd`(1), `zstdcat`(1), …	Zstandard fast lossless compression utility
`p7zip`	V:114, I:472	987	`.7z`	`7zr`(1), `p7zip`(1)	7-Zip file archiver with high compression ratio (LZMA compression)
`p7zip-full`	V:117, I:474	4664	`.7z`	`7z`(1), `7za`(1)	7-Zip file archiver with high compression ratio (LZMA compression and others)
`lzop`	V:15, I:139	164	`.lzo`	`lzop`(1)	LZO compression utility with higher compression and decompression speed than `gzip`(1) (lower compression ratio than `gzip` with similar syntax)
`zip`	V:47, I:387	616	`.zip`	`zip`(1)	InfoZIP: DOS archive and compression tool
`unzip`	V:102, I:774	379	`.zip`	`unzip`(1)	InfoZIP: DOS unarchive and decompression tool

filesystem name	typical usage scenario
FAT12	cross platform sharing of data on the floppy disk (<32MiB)
FAT16	cross platform sharing of data on the small hard disk like device (<2GiB)
FAT32	cross platform sharing of data on the large hard disk like device (<8TiB, supported by newer than MS Windows95 OSR2)
exFAT	cross platform sharing of data on the large hard disk like device (<512TiB, supported by WindowsXP, Mac OS X Snow Leopard 10.6.5, and Linux kernel since 5.4 release)
NTFS	cross platform sharing of data on the large hard disk like device (supported natively on MS Windows NT and later version, and supported by NTFS-3G via FUSE on Linux)
ISO9660	cross platform sharing of static data on CD-R and DVD+/-R
UDF	incremental data writing on CD-R and DVD+/-R (new)
MINIX	space efficient unix file data storage on the floppy disk
ext2	sharing of data on the hard disk like device with older Linux systems
ext3	sharing of data on the hard disk like device with older Linux systems
ext4	sharing of data on the hard disk like device with current Linux systems
btrfs	sharing of data on the hard disk like device with current Linux systems with read-only snapshots

package	popcon	size	command	description
`gnupg`	V:551, I:914	885	`gpg`(1)	GNU Privacy Guard - OpenPGP encryption and signing tool
`gpgv`	V:889, I:999	917	`gpgv`(1)	GNU Privacy Guard - signature verification tool
`paperkey`	V:1, I:11	58	`paperkey`(1)	extract just the secret information out of OpenPGP secret keys
`cryptsetup`	V:36, I:78	410	`cryptsetup`(8), …	utilities for dm-crypt block device encryption supporting LUKS
`coreutils`	V:876, I:999	18062	`md5sum`(1)	compute and check MD5 message digest
`coreutils`	V:876, I:999	18062	`sha1sum`(1)	compute and check SHA1 message digest
`openssl`	V:832, I:995	2290	`openssl`(1ssl)	compute message digest with "`openssl dgst`" (OpenSSL)
`libsecret-tools`	V:0, I:13	41	`secret-tool`(1)	store and retrieve passwords (CLI)
`seahorse`	V:74, I:262	7987	`seahorse`(1)	key management tool (GNOME)

command	description
`gpg --gen-key`	generate a new key
`gpg --gen-revoke my_user_ID`	generate revoke key for my_user_ID
`gpg --edit-key user_ID`	edit key interactively, "help" for help
`gpg -o file --export`	export all keys to file
`gpg --import file`	import all keys from file
`gpg --send-keys user_ID`	send key of user_ID to keyserver
`gpg --recv-keys user_ID`	recv. key of user_ID from keyserver
`gpg --list-keys user_ID`	list keys of user_ID
`gpg --list-sigs user_ID`	list sig. of user_ID
`gpg --check-sigs user_ID`	check sig. of user_ID
`gpg --fingerprint user_ID`	check fingerprint of user_ID
`gpg --refresh-keys`	update local keyring

command	description
`gpg -a -s file`	sign file into ASCII armored file.asc
`gpg --armor --sign file`	, ,
`gpg --clearsign file`	clear-sign message
`gpg --clearsign file\|mail [email protected]`	mail a clear-signed message to `[email protected]`
`gpg --clearsign --not-dash-escaped patchfile`	clear-sign patchfile
`gpg --verify file`	verify clear-signed file
`gpg -o file.sig -b file`	create detached signature
`gpg -o file.sig --detach-sign file`	, ,
`gpg --verify file.sig file`	verify file with file.sig
`gpg -o crypt_file.gpg -r name -e file`	public-key encryption intended for name from file to binary crypt_file.gpg
`gpg -o crypt_file.gpg --recipient name --encrypt file`	, ,
`gpg -o crypt_file.asc -a -r name -e file`	public-key encryption intended for name from file to ASCII armored crypt_file.asc
`gpg -o crypt_file.gpg -c file`	symmetric encryption from file to crypt_file.gpg
`gpg -o crypt_file.gpg --symmetric file`	, ,
`gpg -o crypt_file.asc -a -c file`	symmetric encryption intended for name from file to ASCII armored crypt_file.asc
`gpg -o file -d crypt_file.gpg -r name`	decryption
`gpg -o file --decrypt crypt_file.gpg`	, ,

package	popcon	size	command	description
`patch`	V:98, I:699	248	`patch`(1)	apply a diff file to an original
`vim`	V:94, I:374	3665	`vimdiff`(1)	compare 2 files side by side in vim
`imediff`	V:0, I:0	169	`imediff`(1)	interactive full screen 2/3-way merge tool
`meld`	V:8, I:29	3500	`meld`(1)	compare and merge files (GTK)
`wiggle`	V:0, I:0	174	`wiggle`(1)	apply rejected patches
`diffutils`	V:859, I:996	1598	`diff`(1)	compare files line by line
`diffutils`	V:859, I:996	1598	`diff3`(1)	compare and merges three files line by line
`quilt`	V:2, I:23	774	`quilt`(1)	manage series of patches
`wdiff`	V:7, I:52	648	`wdiff`(1)	display word differences between text files
`diffstat`	V:13, I:123	74	`diffstat`(1)	produce a histogram of changes by the diff
`patchutils`	V:15, I:122	232	`combinediff`(1)	create a cumulative patch from two incremental patches
`patchutils`	V:15, I:122	232	`dehtmldiff`(1)	extract a diff from an HTML page
`patchutils`	V:15, I:122	232	`filterdiff`(1)	extract or excludes diffs from a diff file
`patchutils`	V:15, I:122	232	`fixcvsdiff`(1)	fix diff files created by CVS that `patch`(1) mis-interprets
`patchutils`	V:15, I:122	232	`flipdiff`(1)	exchange the order of two patches
`patchutils`	V:15, I:122	232	`grepdiff`(1)	show which files are modified by a patch matching a regex
`patchutils`	V:15, I:122	232	`interdiff`(1)	show differences between two unified diff files
`patchutils`	V:15, I:122	232	`lsdiff`(1)	show which files are modified by a patch
`patchutils`	V:15, I:122	232	`recountdiff`(1)	recompute counts and offsets in unified context diffs
`patchutils`	V:15, I:122	232	`rediff`(1)	fix offsets and counts of a hand-edited diff
`patchutils`	V:15, I:122	232	`splitdiff`(1)	separate out incremental patches
`patchutils`	V:15, I:122	232	`unwrapdiff`(1)	demangle patches that have been word-wrapped
`dirdiff`	V:0, I:2	167	`dirdiff`(1)	display differences and merge changes between directory trees
`docdiff`	V:0, I:0	553	`docdiff`(1)	compare two files word by word / char by char
`makepatch`	V:0, I:0	100	`makepatch`(1)	generate extended patch files
`makepatch`	V:0, I:0	100	`applypatch`(1)	apply extended patch files

package	popcon	size	command	description
`git`	V:333, I:534	44963	`git`(7)	Git, the fast, scalable, distributed revision control system
`gitk`	V:5, I:32	1814	`gitk`(1)	GUI Git repository browser with history
`git-gui`	V:1, I:17	2408	`git-gui`(1)	GUI for Git (No history)
`git-email`	V:0, I:10	1062	`git-send-email`(1)	send a collection of patches as email from the Git
`git-buildpackage`	V:1, I:9	1990	`git-buildpackage`(1)	automate the Debian packaging with the Git
`dgit`	V:0, I:1	483	`dgit`(1)	git interoperability with the Debian archive
`imediff`	V:0, I:0	169	`git-ime`(1)	interactive git commit split helper tool
`stgit`	V:0, I:0	601	`stg`(1)	quilt on top of git (Python)
`git-doc`	I:12	13067	N/A	official documentation for Git
`gitmagic`	I:0	721	N/A	"Git Magic", easier to understand guide for Git

Git command line	function
`gitk --all`	see complete Git history and operate on them such as resetting HEAD to another commit, cheery-picking patches, creating tags and branches ...
`git stash`	get the clean working tree without loosing data
`git remote -v`	check settings for remote
`git branch -vv`	check settings for branch
`git status`	show working tree status
`git config -l`	list git settings
`git reset --hard HEAD; git clean -x -d -f`	revert all working tree changes and clean them up completely
`git rm --cached filename`	revert staged index changed by `git add filename`
`git reflog`	get reference log (useful for recovering commits from the removed branch)
`git branch new_branch_name HEAD@{6}`	create a new branch from reflog information
`git remote add new_remote URL`	add a `new_remote` remote repository pointed by URL
`git remote rename origin upstream`	rename the remote repository name from `origin` to `upstream`
`git branch -u upstream/branch_name`	set the remote tracking to the remote repository `upstream` and its branch name `branch_name`.
`git remote set-url origin https://foo/bar.git`	change URL of `origin`
`git remote set-url --push upstream DISABLED`	disable push to `upstream` (Edit `.git/config` to re-enable)
`git checkout -b topic_branch ; git push -u topic_branch origin`	make a new `topic_branch` and push it to `origin`
`git branch -m oldname newname`	rename local branch name
`git push -d origin branch_to_be_removed`	remove remote branch (new method)
`git push origin :branch_to_be_removed`	remove remote branch (old method)
`git checkout --orphan unconnected`	create a new `unconnected` branch
`git fetch upstream foo:upstream-foo`	create a local (possibly orphan) `upstream-foo` branch as a copy of `foo` branch the `upstream` repository
`git rebase -i origin/main`	reorder/drop/squish commits from `origin/main` to clean branch history
`git reset HEAD^; git commit --amend`	squash last 2 commits into one
`git checkout topic_branch ; git merge --squash topic_branch`	squash entire `topic_branch` into a commit
`git fetch --unshallow --update-head-ok origin '+refs/heads/:refs/heads/'`	convert a shallow clone to the full clone of all branches
`git ime`	split the last commit into a series of file-by-file smaller commits etc. (`imediff` package required)
`git repack -a -d; git prune`	repack the local repository into single pack (this may limit chance of lost data recovery from erased branch etc.)

package	popcon	size	tool	VCS type	comment
`mercurial`	V:5, I:31	1049	Mercurial	distributed	DVCS in Python and some C
`darcs`	V:0, I:4	34070	Darcs	distributed	DVCS with smart algebra of patches (slow)
`bzr`	I:7	28	Bazaar	distributed	DVCS influenced by `tla` written in Python (historic)
`tla`	V:0, I:1	1022	GNU arch	distributed	DVCS mainly by Tom Lord (historic)
`subversion`	V:13, I:75	4838	Subversion	remote	"CVS done right", newer standard remote VCS (historic)
`cvs`	V:3, I:28	4609	CVS	remote	previous standard remote VCS (historic)
`tkcvs`	V:0, I:1	1498	CVS, …	remote	GUI display of VCS (CVS, Subversion, RCS) repository tree
`rcs`	V:2, I:12	564	RCS	local	"Unix SCCS done right" (historic)
`cssc`	V:0, I:0	2044	CSSC	local	clone of the Unix SCCS (historic)

encoding value	usage
ASCII	American Standard Code for Information Interchange, 7 bit code w/o accented characters
UTF-8	current multilingual standard for all modern OSs
ISO-8859-1	old standard for western European languages, ASCII + accented characters
ISO-8859-2	old standard for eastern European languages, ASCII + accented characters
ISO-8859-15	old standard for western European languages, ISO-8859-1 with euro sign
CP850	code page 850, Microsoft DOS characters with graphics for western European languages, ISO-8859-1 variant
CP932	code page 932, Microsoft Windows style Shift-JIS variant for Japanese
CP936	code page 936, Microsoft Windows style GB2312, GBK or GB18030 variant for Simplified Chinese
CP949	code page 949, Microsoft Windows style EUC-KR or Unified Hangul Code variant for Korean
CP950	code page 950, Microsoft Windows style Big5 variant for Traditional Chinese
CP1251	code page 1251, Microsoft Windows style encoding for the Cyrillic alphabet
CP1252	code page 1252, Microsoft Windows style ISO-8859-15 variant for western European languages
KOI8-R	old Russian UNIX standard for the Cyrillic alphabet
ISO-2022-JP	standard encoding for Japanese email which uses only 7 bit codes
eucJP	old Japanese UNIX standard 8 bit code and completely different from Shift-JIS
Shift-JIS	JIS X 0208 Appendix 1 standard for Japanese (see CP932)

package	popcon	size	keyword	description
`gimp`	V:50, I:260	19877	image(bitmap)	GNU Image Manipulation Program
`imagemagick`	I:321	176	image(bitmap)	image manipulation programs
`graphicsmagick`	V:1, I:13	5510	image(bitmap)	image manipulation programs (fork of `imagemagick`)
`xsane`	V:12, I:148	2339	image(bitmap)	GTK-based X11 frontend for SANE (Scanner Access Now Easy)
`netpbm`	V:27, I:330	8200	image(bitmap)	graphics conversion tools
`icoutils`	V:7, I:54	221	png↔ico(bitmap)	convert MS Windows icons and cursors to and from PNG formats (favicon.ico)
`scribus`	V:1, I:16	30242	ps/pdf/SVG/…	Scribus DTP editor
`libreoffice-draw`	V:71, I:421	13525	image(vector)	LibreOffice office suite - drawing
`inkscape`	V:14, I:122	99316	image(vector)	SVG (Scalable Vector Graphics) editor
`dia`	V:2, I:21	3908	image(vector)	diagram editor (Gtk)
`xfig`	V:0, I:9	7825	image(vector)	Facility for Interactive Generation of figures under X11
`pstoedit`	V:2, I:53	1003	ps/pdf→image(vector)	PostScript and PDF files to editable vector graphics converter (SVG)
`libwmf-bin`	V:6, I:130	151	Windows/image(vector)	Windows metafile (vector graphic data) conversion tools
`fig2sxd`	V:0, I:0	151	fig→sxd(vector)	convert XFig files to OpenOffice.org Draw format
`unpaper`	V:2, I:17	412	image→image	post-processing tool for scanned pages for OCR
`tesseract-ocr`	V:7, I:34	2135	image→text	free OCR software based on the HP's commercial OCR engine
`tesseract-ocr-eng`	V:7, I:34	4032	image→text	OCR engine data: tesseract-ocr language files for English text
`gocr`	V:0, I:6	545	image→text	free OCR software
`ocrad`	V:0, I:3	578	image→text	free OCR software
`eog`	V:57, I:270	7770	image(Exif)	Eye of GNOME graphics viewer program
`gthumb`	V:3, I:16	5321	image(Exif)	image viewer and browser (GNOME)
`geeqie`	V:4, I:14	15402	image(Exif)	image viewer using GTK
`shotwell`	V:16, I:248	6187	image(Exif)	digital photo organizer (GNOME)
`gtkam`	V:0, I:2	1154	image(Exif)	application for retrieving media from digital cameras (GTK)
`gphoto2`	V:0, I:7	947	image(Exif)	The gphoto2 digital camera command-line client
`gwenview`	V:30, I:101	11755	image(Exif)	image viewer (KDE)
`kamera`	I:101	983	image(Exif)	digital camera support for KDE applications
`digikam`	V:1, I:9	292	image(Exif)	digital photo management application for KDE
`exiv2`	V:2, I:29	278	image(Exif)	EXIF/IPTC metadata manipulation tool
`exiftran`	V:1, I:15	69	image(Exif)	transform digital camera jpeg images
`jhead`	V:0, I:7	131	image(Exif)	manipulate the non-image part of Exif compliant JPEG (digital camera photo) files
`exif`	V:2, I:34	339	image(Exif)	command-line utility to show EXIF information in JPEG files
`exiftags`	V:0, I:3	292	image(Exif)	utility to read Exif tags from a digital camera JPEG file
`exifprobe`	V:0, I:3	499	image(Exif)	read metadata from digital pictures
`dcraw`	V:1, I:11	583	image(Raw)→ppm	decode raw digital camera images
`findimagedupes`	V:0, I:1	76	image→fingerprint	find visually similar or duplicate images
`ale`	V:0, I:0	839	image→image	merge images to increase fidelity or create mosaics
`imageindex`	V:0, I:1	145	image(Exif)→html	generate static HTML galleries from images
`outguess`	V:0, I:1	230	jpeg,png	universal Steganographic tool
`librecad`	V:1, I:14	8798	DXF	CAD data editor (KDE)
`blender`	V:2, I:30	89560	blend, TIFF, VRML, …	3D content editor for animation etc
`mm3d`	V:0, I:0	3881	ms3d, obj, dxf, …	OpenGL based 3D model editor
`open-font-design-toolkit`	I:0	9	ttf, ps, …	metapackage for open font design
`fontforge`	V:0, I:6	3980	ttf, ps, …	font editor for PS, TrueType and OpenType fonts
`xgridfit`	V:0, I:0	806	ttf	program for gridfitting and hinting TrueType fonts

self.note