[{"content":" Avoid old kernel to remain installed after upgrade Change /etc/yum.conf installonly_limit\n[main] gpgcheck=1 installonly_limit=3 # \u0026lt;=== Desired limit clean_requirements_on_remove=True best=True skip_if_unavailable=False ","date":"29 julho 2025","externalUrl":null,"permalink":"/notes/linux/2025072901-prevent_old_kernel_buildup/","section":"Notes","summary":"Avoid old kernel to remain installed after upgrade Change /etc/yum.","title":"Oracle Linux prevent old kernels build up","type":"notes"},{"content":" Just sparking interest in t(erminal)mu(ltiple)x(er) \u0026ldquo;tmux is a terminal multiplexer1. it enables a number of terminals to be created, accessed, and controlled from a single screen. tmux may be detached from a screen and continue running in the background, then later reattached.\u0026rdquo;2\nHow tmux is organized # tmux hierarchy:\nSessions Windows Panes - like tabs. The result of split windows Default prefix indicates that CTRL + b should be pressed and then the key or sequence.\ntmux command mode - prefix + : (or CTRL + b + : )\nMy most used commands and key bindings # commands (anywhere) # Open tmux command mode and type set -g mouse on to enable mouse support\nleaving # What do you want to do Command leave Ctrl + d or exit dettach prefix + d Sessions # What do you want to do Command New unnamed session tmux New named session tmux new -s session_name Atach Session name tmux attach -t session_name Switch session tmux switch -t session_name List Sessions tmux list-sessions Windows # What do you want to do Command create a new window prefix + c Browse windows (all sessions) prefix + w Switch windows using numbers [0-9] prefix + [0-9] Panes # What do you want to do Command split vertically prefix + % split horizontally prefix + \u0026quot; circle planes prefix + o show numbers prefix + q zoom pane prefix + z switch panes layout prefix + \u0026lt;space\u0026gt; Most effortless way to navigate windows/panes # prefix + w and use the arrows to select where to go.\nSimple sharing session # user01 commands # Create session specifying the socket tmux -S /path/to/sock Grant permissions to the user on the socket # very lazy way chmod 777 /path/to/sock # if the users have a common group chgrp \u0026lt;shared group\u0026gt; /path/to/sock chmod g+rwx /path/to/sock user02 commands # Attach to the sessionWithin the tmux session tmux -S /path/to/sock attach Sharing session with more resources # https://github.com/zolrath/wemux\nPlugins # https://github.com/tmux-plugins/list?tab=readme-ov-file\nReferences # https://tmuxcheatsheet.com\nhttps://www.thefreedictionary.com/multiplexer\u0026#160;\u0026#x21a9;\u0026#xfe0e;\nhttps://man7.org/linux/man-pages/man1/tmux.1.html\u0026#160;\u0026#x21a9;\u0026#xfe0e;\n","date":"3 julho 2025","externalUrl":null,"permalink":"/notes/linux/2024070301-tmux/","section":"Notes","summary":"Just sparking interest in t(erminal)mu(ltiple)x(er) \u0026ldquo;tmux is a terminal multiplexer1.","title":"Sparking tmux guide","type":"notes"},{"content":"Origami collection from 2018 that I copied from IG\n","date":"3 julho 2025","externalUrl":null,"permalink":"/posts/2025070301-2018-origamis/","section":"Posts","summary":"Origami collection from 2018 that I copied from IG","title":"Origami Collection 2018","type":"posts"},{"content":"","date":"3 julho 2025","externalUrl":null,"permalink":"/posts/","section":"Posts","summary":"","title":"Posts","type":"posts"},{"content":" I moved from QOwnnotes but this a good MD reference I found there Markdown Cheatsheet # This cheatsheet is intended as a quick reference and showcase of the markdown syntax in QOwnNotes.\nHeaders # # H1 ## H2 ### H3 #### H4 ##### H5 ###### H6 Alternatively, for H1 and H2, an underline-ish style: Alt-H1 ====== Alt-H2 ------ H1 # H2 # H3 # H4 # H5 # H6 # Alternatively, for H1 and H2, an underline-ish style:\nAlt-H1 # Alt-H2 # Emphasis # Emphasis, aka italics, with *asterisks*. Strong emphasis, aka bold, with **asterisks**. Emphasis, aka italics, with asterisks.\nStrong emphasis, aka bold, with asterisks.\nLists # (In this example, leading and trailing spaces are shown with with dots: ⋅)\n1. First ordered list item 2. Another item ⋅⋅* Unordered sub-list. 1. Actual numbers don\u0026#39;t matter, just that it\u0026#39;s a number ⋅⋅1. Ordered sub-list 4. And another item. ⋅⋅⋅You can have properly indented paragraphs within list items. Notice the blank line above, and the leading spaces (at least one, but we\u0026#39;ll use three here to also align the raw Markdown). ⋅⋅⋅To have a line break without a paragraph, you will need to use two trailing spaces.⋅⋅ ⋅⋅⋅Note that this line is separate, but within the same paragraph.⋅⋅ * Unordered list can use asterisks - Or minuses + Or pluses First ordered list item Another item Unordered sub-list. Actual numbers don\u0026rsquo;t matter, just that it\u0026rsquo;s a number\nOrdered sub-list\nAnd another item.\nYou can have properly indented paragraphs within list items. Notice the blank line above, and the leading spaces (at least one, but we\u0026rsquo;ll use three here to also align the raw Markdown).\nTo have a line break without a paragraph, you will need to use two trailing spaces.\nNote that this line is separate, but within the same paragraph.\nUnordered list can use asterisks Or minuses Or pluses Links # There are two ways to create links.\n[I\u0026#39;m an inline-style link](https://www.google.com) [I\u0026#39;m an inline-style link with title](https://www.google.com \u0026#34;Google\u0026#39;s Homepage\u0026#34;) [You can use numbers for reference-style link definitions][1] URLs and URLs in angle brackets will automatically get turned into links in the preview. http://www.example.com or \u0026lt;http://www.example.com\u0026gt; [1]: https://www.qownnotes.org I\u0026rsquo;m an inline-style link\nI\u0026rsquo;m an inline-style link with title\nYou can use numbers for reference-style link definitions\nURLs and URLs in angle brackets will automatically get turned into links in the preview. http://www.example.com or http://www.example.com\nInline code and code blocks # Inline `code` has `backticks around` it. Inline code has backticks around it.\nBlocks of code are either fenced by lines with three backticks, or are indented with four spaces.\n4-Spaces fence # s = \u0026#34;Code with space indent\u0026#34; print s s = \u0026quot;Code with space indent\u0026quot; print s Backtick fence # ``` Code goes here Code goes here ``` Code goes here Code goes here Backtick fence with code highlighting # # I am a comment cd Notes Tables # Tables aren\u0026rsquo;t part of the core Markdown spec, but the QOwnNotes preview supports them.\nColons can be used to align columns. | Tables | Are | Cool | | ------------- |:-------------:| -----:| | col 3 is | right-aligned | $1600 | | col 2 is | centered | $12 | | zebra stripes | are neat | $1 | There must be at least 3 dashes separating each header cell. The outer pipes (|) are optional, and you don\u0026#39;t need to make the raw Markdown line up prettily. You can also use inline Markdown. Markdown | Less | Pretty --- | --- | --- *Still* | `renders` | **nicely** 1 | 2 | 3 Colons can be used to align columns.\nTables Are Cool col 3 is right-aligned $1600 col 2 is centered $12 zebra stripes are neat $1 There must be at least 3 dashes separating each header cell. The outer pipes (|) are optional, and you don\u0026rsquo;t need to make the raw Markdown line up prettily. You can also use inline Markdown.\nMarkdown Less Pretty Still renders nicely 1 2 3 Blockquotes # \u0026gt; Blockquotes are very handy in email to emulate reply text. \u0026gt; This line is part of the same quote. Quote break. \u0026gt; This is a very long line that will still be quoted properly when it wraps. Oh boy let\u0026#39;s keep writing to make sure this is long enough to actually wrap for everyone. Oh, you can *put* **Markdown** into a blockquote. Blockquotes are very handy in email to emulate reply text. This line is part of the same quote.\nQuote break.\nThis is a very long line that will still be quoted properly when it wraps. Oh boy let\u0026rsquo;s keep writing to make sure this is long enough to actually wrap for everyone. Oh, you can put Markdown into a blockquote.\nHorizontal Rule # Three or more... --- Hyphens *** Asterisks ___ Underscores Three or more\u0026hellip;\nHyphens\nAsterisks\nUnderscores\nLine Breaks # Here\u0026#39;s a line for us to start with. This line is separated from the one above by two newlines, so it will be a *separate paragraph*. This line is also begins a separate paragraph, but... This line is only separated by two trailing spaces and a single newline, so it\u0026#39;s a separate line in the *same paragraph*. Here\u0026rsquo;s a line for us to start with.\nThis line is separated from the one above by two newlines, so it will be a separate paragraph.\nThis line is also begins a separate paragraph, but\u0026hellip;\nThis line is only separated by two trailing spaces and a single newline, so it\u0026rsquo;s a separate line in the same paragraph.\nComments # [comment]: # (This comment will not appear in the preview) Checkbox lists # - [x] done - [ ] todo done todo Credit: markdown-here\nLicense: CC-BY\n","date":"2 julho 2025","externalUrl":null,"permalink":"/notes/linux/2025070201-markdown_cheatsheet/","section":"Notes","summary":"I moved from QOwnnotes but this a good MD reference I found there Markdown Cheatsheet # This cheatsheet is intended as a quick reference and showcase of the markdown syntax in QOwnNotes.","title":"Markdown Cheatsheet","type":"notes"},{"content":" Reseting USB devices after resuming from sleep/suspend # After resuming my devices were not usable # My devices were becoming unresponsive after resuming from suspend. I did not troubleshoot/replaced the KVM switch, but it could be a hardware issue as this started out of nowehere.\nMake sure you have usbutils installed # sudo apt-get install usbutils List your devices # $ lsusb Bus 004 Device 002: ID 05e3:0620 Genesys Logic, Inc. GL3523 Hub Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 003 Device 003: ID 0bda:b832 Realtek Semiconductor Corp. 802.11ac WLAN Adapter Bus 003 Device 008: ID 046d:c52b Logitech, Inc. Unifying Receiver Bus 003 Device 006: ID 05ac:024f Apple, Inc. Aluminium Keyboard (ANSI) Bus 003 Device 005: ID 05ac:0265 Apple, Inc. Magic Trackpad Bus 003 Device 012: ID 046d:0807 Logitech, Inc. Webcam B500 Bus 003 Device 011: ID 1235:8210 Focusrite-Novation Scarlett 2i2 3rd Gen Bus 003 Device 010: ID 046d:085e Logitech, Inc. BRIO Ultra HD Webcam Bus 003 Device 009: ID 0fd9:0080 Elgato Systems GmbH Stream Deck MK.2 Bus 003 Device 007: ID 2109:2817 VIA Labs, Inc. USB2.0 Hub Bus 003 Device 004: ID 2109:2817 VIA Labs, Inc. USB2.0 Hub Bus 003 Device 002: ID 05e3:0610 Genesys Logic, Inc. Hub Create the unit file # sudo vim /lib/systemd/system-sleep/reset-usb Populate the file # #!/bin/sh case \u0026#34;$1\u0026#34; in pre) ;; post) # Add the devices you want to reset /usr/bin/usbreset 0bda:b832 # wifi adapter /usr/bin/usbreset 05ac:0265 # trackpad /usr/bin/usbreset 05ac:024f # keyboard /usr/bin/usbreset 1235:8210 # sound bridge ;; esac Change permissions # sudo chmod +x /lib/systemd/system-sleep/reset-usb Reload the unit files # sudo systemctl daemon-reload ","date":"5 junho 2025","externalUrl":null,"permalink":"/notes/linux/2025060501-usb_reset_script/","section":"Notes","summary":"Reseting USB devices after resuming from sleep/suspend # After resuming my devices were not usable # My devices were becoming unresponsive after resuming from suspend.","title":"USB reset after sleep/suspend","type":"notes"},{"content":"OGNotes Commenting Privacy Policy Effective Date: May 24, 2025\nThis Privacy Policy describes how OGNotes (https://ognotes.com) collects, uses, and protects information related to comments posted on our site.\nInformation We Collect When you post a comment on OGNotes, we may collect the following information: a. Comment Content: The text, images, or other media you include in your comment. b. Identifier Information: If you comment anonymously, your IP address. If you comment using an OAuth provider (e.g., Google, GitHub, Discord), the username/identifier and email address provided by that service (as permitted by the service and your privacy settings). Any name or email address you voluntarily provide (if anonymous commenting allows it). c. Technical Information: Data such as the time and date of the comment, and potentially browser information. How We Use Your Information We use the collected information for the following purposes: a. Displaying Comments: To publish your comments on the website. b. Moderation: To review, approve, reject, or delete comments in accordance with our Terms of Service. c. Spam Prevention: To identify and prevent spam or malicious activity. d. Identification: To attribute comments to their author. e. Improvement: To understand comment activity and improve the comment service.\nData Storage All comment data collected is stored on our self-hosted Remark42 comment system. This means your comment data is not shared with or stored by third-party commercial comment service providers.\nData Sharing We do not share, sell, rent, or trade your comment data with third parties, except in the following limited circumstances: a. Legal Compliance: If required by law, subpoena, or other legal process. b. Protection of Rights: To protect the rights, property, or safety of [Your Website Name], our users, or the public.\nYour Rights You have certain rights regarding your comment data: a. Access: You can request access to your comment data. b. Correction: You can request corrections to your comment data. c. Deletion: You can request the deletion of your comments. Please contact us at [Your Contact Email Address] to exercise these rights.\nData Security We implement reasonable measures to protect the security of your comment data. However, no method of transmission over the Internet or electronic storage is 100% secure.\nChanges to This Privacy Policy We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page. Your continued use of the comment service after such changes constitutes your acceptance of the updated policy.\nContact Us If you have any questions about this Privacy Policy or our commenting practices, please contact us at: ognotescom@gmail.com\n","date":"24 maio 2025","externalUrl":null,"permalink":"/privacy-remark42/","section":"Home","summary":"OGNotes Commenting Privacy Policy Effective Date: May 24, 2025","title":"Privacy policy","type":"page"},{"content":"By posting comments on OGNotes.com (https://ognotes.com), you agree to abide by these Terms of Service. These terms apply to all users who post comments on our site.\nContent Ownership and Responsibility a. You retain ownership of the content you post in comments. b. By posting, you grant [Your Website Name] a non-exclusive, royalty-free, perpetual, and worldwide license to use, display, reproduce, and distribute your comments on this website. c. You are solely responsible for the content of your comments. Do not post content that is illegal, defamatory, obscene, hateful, discriminatory, or infringes on any intellectual property rights.\nProhibited Conduct a. Do not engage in spamming, advertising, or self-promotion in comments. b. Do not post malicious code, viruses, or any content that could harm the website or its users. c. Do not impersonate other individuals or entities. d. Do not harass, threaten, or abuse other users or the website administrators.\nModeration and Rights of OGNotes.com a. All comments are subject to review and moderation by OGNotes administrators. b. We reserve the right to edit, remove, or refuse to publish any comment for any reason, without notice. This includes comments that violate these Terms, are off-topic, or are otherwise deemed inappropriate. c. We may block users who repeatedly violate these Terms. d. The opinions expressed in comments are solely those of the individual authors and do not necessarily reflect the views of OGNotes or its administrators.\nNo Guarantee of Service a. We provide the comment service as a convenience. We do not guarantee its continuous availability or functionality. b. We are not liable for any loss or damage arising from the use of, or inability to use, the comment service.\nChanges to Terms a. We reserve the right to update or modify these Terms of Service at any time. Any changes will be effective immediately upon posting. Your continued use of the comment service after such changes constitutes your acceptance of the new Terms.\n","date":"24 maio 2025","externalUrl":null,"permalink":"/tos-remark42/","section":"Home","summary":"By posting comments on OGNotes.","title":"Terms of Service - Remark42 @ OGNotes.com","type":"page"},{"content":"","date":"21 maio 2025","externalUrl":null,"permalink":"/pt-br/about/","section":"Abouts","summary":"","title":"Abouts","type":"about"},{"content":" Sobre OGNotes # Meu Desafio # Escrevo notas em vários lugares. Elas estão em diferentes formatos. Poderiam ser melhor organizadas. Às vezes, a nota é um bookmark para uma discussão ou um vídeo sem um atalho para o ponto principal. Estou envelhecendo e guardando minha memória para outras coisas :) O Que Você Encontrará Aqui # Este é o meu site pessoal e meu centro de informações. Tenho uma página no Linktr.ee, mas queria a liberdade de experimentar coisas, ter mais controle e explorar possibilidades. Minhas postagens de blog - o que quer que eu decida escrever. Principalmente relacionado à infraestrutura de TI com a qual lido, mas ocasionalmente hobbies e outros interesses. Uma versão organizada das minhas notas. A maioria das notas consistirá em uma seção TL;DR (Too Long; Didn\u0026rsquo;t Read) para informações \u0026ldquo;rápidas e sujas\u0026rdquo;. Sempre que o tempo/interesse permitir, também haverá mais informações. Projetos futuros - muitas ideias e pouca ação. Espero que uma melhor organização leve a mais resultados. ","date":"21 maio 2025","externalUrl":null,"permalink":"/pt-br/about/about-ognotes/","section":"Abouts","summary":"Sobre OGNotes # Meu Desafio # Escrevo notas em vários lugares.","title":"Sobre OGnotes","type":"about"},{"content":" Sobre OG # Minha Missão # Capacitar indivíduos e organizações ao compartilhar conhecimento e experiência em Linux e infraestrutura de TI, fomentando o crescimento e a inovação através da resolução eficaz de problemas e de soluções tecnológicas.\nMinha História # Com uma carreira que abrange mais de duas décadas, trilhei os caminhos da TI e da administração de sistemas Linux, evoluindo de funções técnicas práticas para posições estratégicas em consultoria de vendas, gestão de produtos e treinamento técnico. Minha passagem por empresas líderes como Oracle, Rackspace e Novell tem sido um testemunho da minha dedicação à excelência tecnológica e da minha paixão por ajudar os outros a navegar pelo complexo cenário da TI.\nMeus Valores # Meus valores centrais estão focados na inovação, integridade e inclusão. Acredito em correr atrás dos problemas para encontrar as melhores soluções, independentemente de quem recebe o crédito. Minha abordagem é sempre centrada no aluno, visando ensinar e inspirar outros a atingir seu potencial. Estou comprometido com o aprendizado contínuo e a melhoria, tanto para mim quanto para aqueles que sirvo.\nAo combinar minha expertise técnica com a paixão por ensinar, busco causar um impacto duradouro no mundo da TI, ajudando os outros a navegar por suas complexidades e a aproveitar seu potencial para o crescimento pessoal e organizacional.\nTrajetória # Começando como engenheiro de suporte técnico, minha fascinação por Linux e tecnologias de código aberto cresceu, guiando-me para a especialização em administração de sistemas Linux. Na Novell/Suse/Rackspace, aprimorei minhas habilidades em suporte a servidores e atendimento ao cliente, lançando as bases para minhas futuras funções. Transicionando para a Oracle, abracei os desafios da tecnologia em nuvem, levando à minha função atual como Principal Training Lead e Evangelist, onde me concentro no desenvolvimento de materiais de treinamento, conteúdo técnico e certificações para soluções em nuvem.\nMomento Eureka # Meu momento crucial veio quando percebi que minha verdadeira vocação não era apenas resolver problemas técnicos, mas capacitar outras pessoas a entender e utilizar a tecnologia para seu benefício. Essa percepção me impulsionou para funções onde eu poderia influenciar uma mudança mais significativa através da educação e da mentoria.\nQuem Eu Sirvo # Sirvo a um público diversificado que vai desde profissionais de TI e administradores de sistemas até líderes de negócios e organizações que buscam aprimorar suas capacidades tecnológicas. Meu objetivo é auxiliar indivíduos a avançar em suas habilidades técnicas e empresas a alcançar a transformação digital através do uso eficaz de soluções de infraestrutura de TI e nuvem.\nO Que Eu Ofereço # Ofereço programas de treinamento abrangentes, workshops e serviços de consultoria projetados para desmistificar conceitos complexos de TI e fornecer soluções práticas e acionáveis. Minhas áreas de foco incluem administração de sistemas Linux, tecnologias de nuvem e estratégias de transformação digital.\n","date":"21 maio 2025","externalUrl":null,"permalink":"/pt-br/about/about-og/","section":"Abouts","summary":"Sobre OG # Minha Missão # Capacitar indivíduos e organizações ao compartilhar conhecimento e experiência em Linux e infraestrutura de TI, fomentando o crescimento e a inovação através da resolução eficaz de problemas e de soluções tecnológicas.","title":"Sobre Orlando","type":"about"},{"content":"##Teste - Português\n","date":"20 maio 2025","externalUrl":null,"permalink":"/pt-br/test/","section":"Home","summary":"##Teste - Português","title":"Teste","type":"page"},{"content":" Install Docker on Oracle Linux 9 using docker repository Docker install OL9\nTo install Docker on Oracle Linux 9, follow these steps:\nUpdate your system packages: sudo yum update -y Add Docker\u0026rsquo;s official repository to your system\u0026rsquo;s yum sources list: sudo dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo Install Docker Engine, CLI, and containerd: sudo yum install docker-ce docker-ce-cli containerd.io Enable and start the Docker service: sudo systemctl enable docker sudo systemctl start docker Verify that Docker is up and running by running a test image: sudo docker run hello-world You should see :\nUnable to find image \u0026#39;hello-world:latest\u0026#39; locally latest: Pulling from library/hello-world c9c5fd25a1bd: Pull complete Digest: sha256:dd01f97f252193ae3210da231b1dca0cffab4aadb3566692d6730bf93f123a48 Status: Downloaded newer image for hello-world:latest Hello from Docker! This message shows that your installation appears to be working correctly. To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the \u0026#34;hello-world\u0026#34; image from the Docker Hub. (arm64v8) 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://hub.docker.com/ For more examples and ideas, visit: https://docs.docker.com/get-started/ To allow a non-root user to manage Docker, you can add the user to the docker group:\nsudo usermod -aG docker \u0026lt;username\u0026gt; Log out and log back in for the group membership to take effect.\n","date":"23 abril 2025","externalUrl":null,"permalink":"/notes/linux/2025042301-install_docker_on_ol9/","section":"Notes","summary":"Install Docker on Oracle Linux 9 using docker repository Docker install OL9","title":"Install Docker on Oracle Linux 9","type":"notes"},{"content":" \u0026ldquo;You lost the SSH private key to an instance. How to access it again?\u0026rdquo;. TL;DR # Launching Cloud Shell Connection Local Connection Enter boot manager Enter “edit mode” on grub Edit the grub entry SELinux (if enabled) Remount the root partition Change password or add keys Back in business Long version # In cloud compute instances, the default connection method is SSH, but sometimes something could prevent SSH(boot did not finish, missing key, etc.). Some people argue that troubleshooting some issues is not worth it, create a new instance and move forward. Well, I\u0026rsquo;m not here to open that can of worms, and I will assume you need to troubleshoot for whatever reason that is important to you. Use with parsimony :)\nWhen the server is on traditional infrastructure, you can plug a KVM(keyboard-video-mouse), either physically or remotely. On OCI, you have a similar option: the Instance Console connection. It is a serial console you can access through SSH or Cloud Shell.\nLaunching Cloud Shell Connection # In the instance details, there will be the Console connection under Resources. Clicking on it, there are the choices to *Launch Cloud Shell connection or Create local connection. The first option will do all your work and show the console using Cloud Shell. Using the second option, you need to provide SSH keys, copy the SSH command, run from your SSH client or terminal of choice, and then you will be able to see the console screen. You can see how that is done in the animations below.\nLocal Connection # After that, you will be at the login prompt of the console. By default, the opc/ubuntu users do not have passwords set, so at this point, it will not be possible to advance in the process. The choice left is to start the instance in maintenance mode.\nEnter boot manager # First, you will reboot the instance from the console and quickly return to the shell console. Click on the window to set the focus, and press the Esc key repeatedly until you see the following image. Using the arrows, select Boot Manager.\nIf you see the boot process happening, you missed the chance and will need to reboot the instance and try again.\nIn the Boot Manager menu, select UEFI Oracle BlockVolume, press Enter, and Esc right after it. It can be tricky on Ubuntu. Some users reported having to use a terminal macro that presses Esc multiple in a timely manner to be able to do this step.\nEnter \u0026ldquo;edit mode\u0026rdquo; on grub # In the boot menu, highlight the top item in the menu, and press e to edit the boot entry.\nEdit the grub entry # Once in edit mode, use the down arrow key to scroll down through the entries until you reach the line that starts with linux or linuxefi.\nUse the right arrow to move to the end of the line (the End key should take you there too). If you make any mistake, you can press Esc to return to the previous screen and start over by pressing e again. At the end of the line, add:\ninit=/bin/bash Press Ctrl + x\nOnce the boot finishes, the prompt will look like this:\nSELinux # Load the SELinux policies to preserve the context of the files you are modifying:\n/usr/sbin/load_policy -i Remount the root partition # Remount the root partition with read/write permissions:\n/bin/mount -o remount, rw / Change password or add keys # At this point, you will be ready to change configurations, manipulate authorized_key files to include/remove keys, set a password for opc/ubuntu user, or perform any other maintenance operation you could not do before because you could not connect using SSH to the instance.\nBack in business # When you are finished, you can either start the system by using:\nexec /usr/lib/systemd/systemd Or reboot the server using:\n/usr/sbin/reboot -f Happy troubleshooting, and let me know how this helped you.\n","date":"30 outubro 2024","externalUrl":null,"permalink":"/notes/oci/20241030-recover_instance_without_key_m03/","section":"Notes","summary":"\u0026ldquo;You lost the SSH private key to an instance.","title":"Recover instance without SSH key - method 03","type":"notes"},{"content":" \u0026ldquo;Does OCI have YUM servers?\u0026rdquo;. OCI has local YUM servers on each region. They are no accessible externally of the region.\nThe format is as following:\nhttp://yum-\u0026lt;3-letter region\u0026gt;.oracle.com\nIf the instance is located in a private subnet, a route rule using a NAT or Service Gateway in the subnet\u0026rsquo;s assigned route table.\n","date":"12 outubro 2024","externalUrl":null,"permalink":"/notes/oci/20241012-oci_yum_servers/","section":"Notes","summary":"\u0026ldquo;Does OCI have YUM servers?","title":"OCI YUM servers","type":"notes"},{"content":" \u0026ldquo;You lost the SSH private key to an instance. How to access it again? method 02\u0026rdquo;. Long version # Losing an SSH key can be problematic and troubling. However, on OCI, it is simple to add another key to the opc user’s authorized_keys file. Follow the instructions below to regain access.\nJump to TLDR for instructions.\nBe aware of the following:\na temporary instance is required use an instance with a different Linux version. For example, create aux OL7, if the the no key instance is OL8. OL8 and OL9 uses LVM. The UUID of the Logical Volume is the same in most images and you would need to make adjustments. if the instance was created with no ssh key, more steps are required. TLDR # Stop the instance with lost key (lostkey from now on) Detach nokey\u0026rsquo;s boot volume Go to the auxiliary instance (aux from now on) Under aux instance block volumes, attach nokey boot volume. SSH to aux instance Mount the root partition (lsblk -f will show the partitions and UUID) Add the key to the .authorized_keys Umount the volume from the nokey instance Re-attach the nokey volume to the nokey instance Start the nokey instance You should now be able to SSH into the instance again\n","date":"8 julho 2024","externalUrl":null,"permalink":"/notes/oci/20240703-recover_instance_without_key_m02/","section":"Notes","summary":"\u0026ldquo;You lost the SSH private key to an instance.","title":"Recover instance without SSH key - method 02","type":"notes"},{"content":" \u0026ldquo;You lost the SSH private key to an instance. How to access it again? method 01\u0026rdquo;. Long version # Losing an SSH key can be problematic and troubling. However, on OCI, it is simple to add another key to the opc user’s authorized_keys file. Follow the instructions below to regain SSH access.\nJump to TLDR for instructions.\nThe new SSH key will be appended to the authorized_keys file.\nBe aware of the following potential issues when deleting the instance:\nIf the instance is not using a reserved IP, the IP will be recycled. Creating a new instance can be challenging if you are using an always-free tenancy. TLDR # Delete the instance, preserving the boot volume. Recreate the instance using the boot volume of the deleted instance. Add the new SSH key in the SSH key section. You should now be able to SSH into the instance again.\n","date":"3 julho 2024","externalUrl":null,"permalink":"/notes/oci/20240703-recover_instance_without_key_m01/","section":"Notes","summary":"\u0026ldquo;You lost the SSH private key to an instance.","title":"Recover instance without SSH key - method 01","type":"notes"},{"content":" Setting up Wayland on Debian 12. # Checking if Wayland is active # echo $WAYLAND_DISPLAY If it returns something like wayland-0, you are running a Wayland session.\nCheck driver # nvidia-smi Installing (GNOME already installed with Nvidia proprietary driver) # sudo apt install weston wayland-protocols xwayland Troubleshooting # Some versions of the NVIDIA driver have had compatibility issues with Wayland.\n1. Ensure the NVIDIA Driver Supports Wayland # First, make sure you are using a version of the NVIDIA driver that supports Wayland. As of the latest updates, the proprietary NVIDIA drivers support Wayland, but you need to ensure KMS is enabled.\n2. Enable KMS for NVIDIA # To enable KMS for the NVIDIA driver, follow these steps:\nEdit the Kernel Command Line # Open a terminal.\nEdit the GRUB configuration file:\nsudo nano /etc/default/grub Find the line starting with GRUB_CMDLINE_LINUX_DEFAULT and add nvidia-drm.modeset=1 to it. It should look something like this:\nGRUB_CMDLINE_LINUX_DEFAULT=\u0026#34;quiet splash nvidia-drm.modeset=1\u0026#34; Save the file and update GRUB:\nsudo update-grub Create a Configuration File for NVIDIA DRM # Create a new configuration file for the NVIDIA DRM module:\nsudo nano /etc/modprobe.d/nvidia-kms.conf Add the following line:\noptions nvidia-drm modeset=1 Save the file.\n3. Rebuild Initramfs # Rebuilding the initramfs ensures that the changes take effect at boot.\nsudo update-initramfs -u 4. Reboot Your System # Reboot your computer to apply the changes:\nsudo reboot 5. Select Wayland Session in GDM # After rebooting, you should see the option to select a Wayland session in the GDM login screen:\nClick on your user account. Click the gear icon and select \u0026ldquo;GNOME on Wayland\u0026rdquo;. Enter your password and log in. Troubleshooting # If you still don\u0026rsquo;t see the Wayland option, or if you encounter issues, check the following:\nEnsure NVIDIA Drivers Are Loaded Properly: Verify that the NVIDIA drivers are loaded correctly and KMS is enabled.\nsudo dmesg | grep -i nvidia sudo dmesg | grep -i drm Check GDM Configuration: Ensure that GDM is configured to support Wayland. The GDM configuration file should not have WaylandEnable=false.\nsudo nano /etc/gdm3/custom.conf Ensure the line WaylandEnable=false is commented out or set to true:\n#WaylandEnable=false Nvidia Services # The driver install creates the following services:\nnvidia-persistenced.service nvidia-powerd.service nvidia-suspend.service\nIf you encounter issues with these services:\nCheck Logs: Use journalctl to view logs for more detailed information.\njournalctl -u nvidia-persistenced.service journalctl -u nvidia-powerd.service journalctl -u nvidia-suspend.service My system had one missing. I manually created the unit file, user and run directory. Re-installing the driver should fix it too.\nCreating unit file # vim /etc/systemd/system/nvidia-persistenced.service [Unit] Description=NVIDIA Persistence Daemon Documentation=man:nvidia-persistenced(1) After=network.target [Service] Type=forking ExecStart=/usr/bin/nvidia-persistenced --user nvidia-persistenced ExecStopPost=/bin/rm -rf /var/run/nvidia-persistenced PIDFile=/var/run/nvidia-persistenced/nvidia-persistenced.pid [Install] WantedBy=multi-user.target Adding the user # sudo useradd -r -d /var/run/nvidia-persistenced -s /sbin/nologin -c \u0026#34;NVIDIA Persistence Daemon\u0026#34; nvidia-persistenced Run directory # sudo mkdir -p /var/run/nvidia-persistenced sudo chown nvidia-persistenced:nvidia-persistenced /var/run/nvidia-persistenced Reload unit, enable and start # sudo systemctl daemon-reload sudo systemctl enable nvidia-persistenced.service sudo systemctl start nvidia-persistenced.service NVreg not set porperly # To check if NVreg_PreserveVideoMemoryAllocations is enabled on your NVIDIA driver, you can use several methods. This parameter is used to ensure that video memory allocations are preserved across suspend and resume cycles, which can be particularly important for systems that frequently enter and exit sleep states.\nMethod 1: Check the Current Parameter Value # You can check the current value of NVreg_PreserveVideoMemoryAllocations by looking at the NVIDIA kernel module parameters:\nUsing modinfo:\nsudo modinfo -p nvidia This command lists all parameters for the NVIDIA module. Look for NVreg_PreserveVideoMemoryAllocations in the output.\nUsing cat:\ncat /proc/driver/nvidia/params/NVreg_PreserveVideoMemoryAllocations If this file exists, it should contain the current value of the parameter.\nMethod 2: Check the Module Configuration File # Check if the parameter is set in the NVIDIA module configuration file:\nOpen the configuration file:\nsudo nano /etc/modprobe.d/nvidia.conf Look for a line that sets NVreg_PreserveVideoMemoryAllocations:\noptions nvidia NVreg_PreserveVideoMemoryAllocations=1 Method 3: Using sysfs Interface # Check the value using the sysfs interface:\ncat /sys/module/nvidia/parameters/NVreg_PreserveVideoMemoryAllocations If the parameter is enabled, the file should contain the value 1. If it is not enabled, it may contain 0 or not exist.\nEnabling NVreg_PreserveVideoMemoryAllocations # If you need to enable NVreg_PreserveVideoMemoryAllocations, follow these steps:\nEdit the module configuration:\nsudo vim /etc/modprobe.d/nvidia.conf Add the following line (or modify it if it exists):\noptions nvidia NVreg_PreserveVideoMemoryAllocations=1 Update the initramfs to ensure the changes take effect on boot:\nsudo update-initramfs -u Reboot your system to apply the changes:\nsudo reboot Verifying the Change # After rebooting, verify that the parameter is enabled using one of the methods above, such as checking the sysfs interface or the module parameters.\nBy following these steps, you can check and enable the NVreg_PreserveVideoMemoryAllocations parameter on your NVIDIA driver, ensuring that video memory allocations are preserved across suspend and resume cycles.\n","date":"1 julho 2024","externalUrl":null,"permalink":"/notes/linux/20240702-setting_up_wayland_on_debian_12/","section":"Notes","summary":"Setting up Wayland on Debian 12.","title":"Setting up Wayland on Debian 12","type":"notes"},{"content":" Write an ISO to an USB drive with system commands if you are using MacOS MacOS # Find the disk # diskutil list Umount partitions # sudo diskutil umount /dev/\u0026lt;disk_part\u0026gt; Write using dd # sudo dd if=\u0026lt;iso file\u0026gt; of=/dev/\u0026lt;usb drive\u0026gt; bs=1m status=progress ","date":"20 abril 2024","externalUrl":null,"permalink":"/notes/linux/2024042001-iso_to_usb/","section":"Notes","summary":" Write an ISO to an USB drive with system commands if you are using MacOS MacOS # Find the disk # diskutil list Umount partitions # sudo diskutil umount /dev/\u0026lt;disk_part\u0026gt; Write using dd # sudo dd if=\u0026lt;iso file\u0026gt; of=/dev/\u0026lt;usb drive\u0026gt; bs=1m status=progress ","title":"ISO to USB using MacOS","type":"notes"},{"content":"Some photos from the Total Solar Eclipse taken from Austin-Texas.\nIt was the best I could do considering clouds and lack of planning\nPrevious Nextsads ","date":"8 abril 2024","externalUrl":null,"permalink":"/posts/20240408-solar_eclipse/","section":"Posts","summary":"Some photos from the Total Solar Eclipse taken from Austin-Texas.","title":"Solar Eclipse 2024","type":"posts"},{"content":" “I created a filesystem, but it is not performing as expected. How can the performance be improved?” Originally posted at the Oracle University Learning Community\nUnlike Block Volumes, File Systems adjust their performance dynamically (no tiers), and this can give the impression that the performance is low.\nMost of the time, the issue is that the way it works is not fully understood. The aspects that need to be observed:\nAvailable bandwidth - make sure that the instance has enough bandwidth allocated. VMs have bandwidth based on the number of OCPUs Latency - file systems are contained in an availability domain but can be accessed from anywhere (if rules allow). Placing the instance in the same AD will minimize latency and improve performance. Mount options - not setting window size for read and write operations, the client and server can negotiate values that provide the best performance. Filesystem size - the available read and write throughput increases proportionally to the size of the file system. Parallelism - multiple threads, multiple clients, and multiple mount targets. In particular, scalability will be greatest when clients and threads access independent portions of the file system. Also, use fss-parallel-tools. Observing these items, it is easy to improve and maximize the performance. Do you have another tip? Let us know and share in the comments.\n","date":"1 abril 2024","externalUrl":null,"permalink":"/posts/2024040101-fss-performance/","section":"Posts","summary":"“I created a filesystem, but it is not performing as expected.","title":"From an OU Expert: FSS performance","type":"posts"},{"content":" I need to run programs with a graphical interface at my OCI instance. TL;DR # Xserver install # sudo dnf config-manager --enable ol8_codeready_builder* sudo dnf -y update sudo dnf install -y xorg-x11-apps xorg-x11-xauth At his point, ssh -x will work fine\nGnome install # sudo dnf groupinstall -y \u0026#34;Server with GUI\u0026#34; sudo systemctl set-default graphical.target sudo systemctl set-default graphical Install access to the graphical interface # sudo dnf config-manager --enable ol8_developer_EPEL sudo dnf -y update sudo dnf -y install xrdp sudo systemctl enable xrdp --now sudo systemctl status xrdp sudo firewall-cmd --add-port=3389/tcp --permanent sudo firewall-cmd --reload Change opc password # sudo passwd opc Use an RDP client to access the instance.\nLong Version # TBD\n","date":"26 março 2024","externalUrl":null,"permalink":"/notes/linux/2024032601-install_gnome_on_ol8_at_oci/","section":"Notes","summary":"I need to run programs with a graphical interface at my OCI instance.","title":"Install GNOME on OL8 at OCI","type":"notes"},{"content":" Adding multiple ports to an NGINX server block. server { listen 80; listen 8000; server_name example.org; root /var/www/; } ","date":"25 março 2024","externalUrl":null,"permalink":"/notes/linux/2024032501-adding-_multiple_ports_to_an_nginx_server_block/","section":"Notes","summary":"Adding multiple ports to an NGINX server block.","title":"Adding multiple ports to an NGINX server block","type":"notes"},{"content":" “How could I automate the iSCSI attachments, making them as convenient as the paravirtualized ones?” Originally posted at the Oracle University Learning Community\nAt the beginning of OCI compute, there was a rule of thumb for choosing how to attach block volumes to compute instances: if you wanted an easy way to deal with that, you would choose paravirtualized for the block volume attachment. If you need a slightly better performance, iSCSI would be the choice and you would need to deal with the extra commands on the OS level to finish the setup.\nNo doubt that paravirtualized is convenient and simple, but with higher performance and ultra-performance volumes, it is not an option if you want to use the full potential of those tiers. To run the commands, most OCI users would use Ansible, Chef, or any other automation tool. But in the same way that the performance was improved, other features came along to address that gap.\nOCI cloud agent for Linux instances has a plugin to manage the iSCSI attachments automatically. In order to enable the plugin, you will need to set up a dynamic group for the instances and a policy for granting permissions to that group to use instances and volumes, and the iSCSI volumes will be available in the OS without any other action.\nAre you taking advantage of the plugin or using an automation tool? If you are not using the plugin, what is preventing you from using it?\n","date":"25 março 2024","externalUrl":null,"permalink":"/posts/2024032501-simplifying-iscsi-attachments-with-block-volume-management-plugin/","section":"Posts","summary":"“How could I automate the iSCSI attachments, making them as convenient as the paravirtualized ones?","title":"From an OU Expert: Simplifying iSCSI attachments with Block Volume Management Plugin","type":"posts"},{"content":" Adding multiple ports to an Apache vhost. # Listen 80 Listen 8080\n\u0026lt;VirtualHost *:80 *:8080\u0026gt; ... DocumentRoot \u0026#34;/var/www/html\u0026#34; ... \u0026lt;/VirtualHost\u0026gt; ","date":"24 março 2024","externalUrl":null,"permalink":"/notes/linux/2024032401-adding_multiple_ports_to_an_apache_vhost/","section":"Notes","summary":"Adding multiple ports to an Apache vhost.","title":"Adding multiple ports to an Apache vhost","type":"notes"},{"content":" \u0026quot; Fetching existing quotas and zeroing everything\u0026quot;. TL;DR # List services based on limits # oci limits service list -c \u0026lt;comaprtment\u0026gt; \u0026gt; list-of-services.json jq to filter and format json # jq -r \u0026#39;.data[]| select(.\u0026#34;are-quotas-supported\u0026#34;==true)|\u0026#34;zero \u0026#34; + (.\u0026#34;service-name\u0026#34;| @text) + \u0026#34; quota \u0026#34; + .\u0026#34;name\u0026#34; + \u0026#34; in compartment sandbox\u0026#34;\u0026#39;:q list-of-services.json \u0026gt; zeroquotas.json edit the file, adding [ as the first line and ] as the last line. in the last quota, remove the trailing ,.\nThe service name is not correct for some compute offerings (still being fixed). List in the Long Version.\nValidate the jason file # jq empty zeroquotas.json update quota # oci limits quota update --quota-id \u0026lt;quota ocid\u0026gt; --statements file://./quotas.json Long Version # List of services that need to be adjusted\ncompute-memory \u0026lt;== dense-io-e4-memory-count compute-memory \u0026lt;== dense-io-e5-memory-count compute-memory \u0026lt;== optimized3-memory-count compute-memory \u0026lt;== standard-a1-memory-count compute-memory \u0026lt;== standard-a1-memory-regional-count compute-memory \u0026lt;== standard-e3-memory-count compute-memory \u0026lt;== standard-e4-memory-count compute-memory \u0026lt;== standard-e5-memory-count compute-memory \u0026lt;== standard3-memory-count compute-core \u0026lt;== dense-io-e4-core-count compute-core \u0026lt;== dense-io-e5-core-count compute-core \u0026lt;== dense-io1-core-count compute-core \u0026lt;== dense-io2-core-count compute-core \u0026lt;== dvh-dense-io2-core-count compute-core \u0026lt;== dvh-optimized3-core-count compute-core \u0026lt;== dvh-standard-e2-core-count compute-core \u0026lt;== dvh-standard-e3-core-count compute-core \u0026lt;== dvh-standard-e4-core-count compute-core \u0026lt;== dvh-standard2-core-count compute-core \u0026lt;== dvh-standard3-core-count compute-core \u0026lt;== gpu-a10-count compute-core \u0026lt;== gpu-a100-v2-count compute-core \u0026lt;== gpu2-count compute-core \u0026lt;== gpu3-count compute-core \u0026lt;== gpu4-count compute-core \u0026lt;== high-io1-core-count compute-core \u0026lt;== hpc2-core-count compute-core \u0026lt;== optimized3-core-count compute-core \u0026lt;== standard-a1-core-count compute-core \u0026lt;== standard-a1-core-regional-count compute-core \u0026lt;== standard-b1-core-count compute-core \u0026lt;== standard-e2-core-count compute-core \u0026lt;== standard-e2-micro-core-count compute-core \u0026lt;== standard-e4-core-count compute-core \u0026lt;== standard-e5-core-count compute-core \u0026lt;== standard1-core-count compute-core \u0026lt;== standard2-core-count compute-core \u0026lt;== standard3-core-count ","date":"24 março 2024","externalUrl":null,"permalink":"/notes/oci/20240324-aa-zero-quotas/","section":"Notes","summary":"\u0026quot; Fetching existing quotas and zeroing everything\u0026quot;.","title":"Zero Quotas for all services","type":"notes"},{"content":" “Don\u0026rsquo;t be afraid of upgrading your tenancy - Here is why.” Originally posted at the Oracle University Learning Community\nOCI has one of the most generous if not the most, always-free tiers.\nLet me list what you get (always check here for the latest information):\nIf you are getting your feet wet on OCI, it is a no-brainer, but what if I tell you that you can have even more stuff for free? To access this gold pot at the end of the rainbow, you only need to upgrade your tenancy. You will continue to enjoy the Always-Free and also have access to many more services. I will list some of my favorites (some are part of the Always-Free, but I don\u0026rsquo;t know why they are not listed as so):\nCloud Shell\nCode Editor\nOracle Linux and Oracle Autonomous Linux (You are free to use the images, but Premier support is added)\nCloud advisor\nContainer Engine for Kubernetes\nContainer Registry\nNotifications\nDevOps\nSecurity Zones\nCloud Guard\nVulnerability Scanning\nData Transfer Service\nThe list keeps going, and you can see the whole list here and here.\nPlease be aware that some services will use some underlying infrastructure, and that can have a cost. For example, you can create and basic OKE cluster for free, but you have to pay for the worker nodes you decide to use (assuming they are not Always-Free compute instances).\nKnowing that those services are free is beneficial not only for your personal use while learning OCI but also shows you as a professional aware of the business implications (costs) and not just a guy who knows how to use the cloud.\nUpgrading your tenancy requires you to be mature and understand that you have access to the whole OCI portfolio, and you should be aware of the cost of the services you choose to use.\nI could cite the parable of the Sword of Damocles, but I will go with a more recent equivalent quote:\n\u0026ldquo;With great power comes great responsibility\u0026rdquo; - Parker, Ben\nBut do not let that cast any fear upon you. In a future post, I will tell you how to leverage OCI tools to remove most of the risk of spending without knowing by creating a safe space for you. Dr. Strange would call it a mirror dimension (just to keep throwing superhero references). 😃\n","date":"21 março 2024","externalUrl":null,"permalink":"/posts/2024032101-why-should-you-upgrade-your-tenancy-account/","section":"Posts","summary":"“Don\u0026rsquo;t be afraid of upgrading your tenancy - Here is why.","title":"From an OU expert: why should you upgrade your tenancy?","type":"posts"},{"content":" “I added an instance to a load balancer backend set, I can see the test page, but the LB health check keeps showing it as not healthy.” Originally posted at the Oracle University Learning Community\nHow often do our eyes betray us, and we end up tricked? This is one of the scenarios where that happens.\nLet’s set the stage: you created a load balancer with all the required infrastructure (VNC, subnets, security lists, and all the good stuff). The web server is not part of your duties but to validate your work, so you quickly provision an Oracle Linux instance with Apache in the backend set.\nAfter waiting a couple of minutes, the health check does not turn green, and you wonder what could be wrong. Nothing is wrong on the network level, with everything working as it should. You access the web server using your browser, and the test page shows up promptly.\nI saw this issue countless times, haunting OCI admins of all levels and consuming precious time.\nAs a refresher, here is the default health check in a backend set:\nIt will try to fetch a page at the Root of the web server, which should return an HTTP/200 code to be marked as healthy. You can see the test page, but it makes no sense. That’s where the tricky part is: if you inspect the response of the web server, you will see that despite showing the test page and it looks like a simple page; the return code is HTTP/403, as you can see below:\nI checked using curl, but you can check using the web developer tools from your browser.\nTo avoid that behavior, you can create a simple page (it will return HTTP/200) or change the parameters of the health check.\nHave you faced a similar problem to what I described in this tip? How did you solve it? I hope this tip can save you some time when you are troubleshooting issues in the future.\n","date":"18 março 2024","externalUrl":null,"permalink":"/posts/2024031801-what-you-see-is-not-what-you-get/","section":"Posts","summary":"“I added an instance to a load balancer backend set, I can see the test page, but the LB health check keeps showing it as not healthy.","title":"From an OU Expert: What you see is not what you get","type":"posts"},{"content":"","date":"18 março 2024","externalUrl":null,"permalink":"/tags/linux/","section":"Tags","summary":"","title":"linux","type":"tags"},{"content":"","date":"18 março 2024","externalUrl":null,"permalink":"/tags/loadbalancer/","section":"Tags","summary":"","title":"loadbalancer","type":"tags"},{"content":"","date":"18 março 2024","externalUrl":null,"permalink":"/tags/network/","section":"Tags","summary":"","title":"network","type":"tags"},{"content":"","date":"18 março 2024","externalUrl":null,"permalink":"/tags/networking/","section":"Tags","summary":"","title":"networking","type":"tags"},{"content":"","date":"18 março 2024","externalUrl":null,"permalink":"/tags/oracle-linux/","section":"Tags","summary":"","title":"oracle-linux","type":"tags"},{"content":" \u0026ldquo;You need to create a sequence of items on bash\u0026rdquo;. TL;DR # Ordered by the breadth of use.\nMethod 01 - bash arithmetic expansion - $((expr)) # END=5 for ((i=1;i\u0026lt;=END;i++)); do echo $i done prints\n1 2 3 4 5 Method 02 - seq command # usage: seq [-w] [-f format] [-s string] [-t string] [first [incr]] last\nseq 7 10 prints\n7 8 9 10 seq -w 1 3 15 prints\n01 04 07 10 13 seq -w -s \u0026#34;:\u0026#34; -t \u0026#34;\\n\u0026#34; 1 3 15 prints\n01:04:07:10:13: Method 03 - Bracket expansion # Generating sequences of numbers or letters:\necho {1..5} prints\n1 2 3 4 5 echo {a..e} prints\na b c d e printf \u0026#34;%03d \u0026#34; {4..7} prints (printf formatting but missing newline)\n004 005 006 007 pc:/path orlando$ echo $(printf \u0026#34;%03d \u0026#34; {4..7}) prints (echo adds a newline after the output)\n004 005 006 007 pc:/path orlando$ echo {A,B}{1,2,3} prints\nA1 A2 A3 B1 B2 B3 echo file_{01..05}.backup prints\nfile_01.backup file_02.backup file_03.backup file_04.backup file_05.backup echo {one,two}_{1..3}_{a,b} prints\none_1_a one_1_b one_2_a one_2_b one_3_a one_3_b two_1_a two_1_b two_2_a two_2_b two_3_a two_3_b Long version # TBD\n","date":"18 março 2024","externalUrl":null,"permalink":"/notes/linux/20240318-sequences_on_bash/","section":"Notes","summary":"\u0026ldquo;You need to create a sequence of items on bash\u0026rdquo;.","title":"Sequences on bash","type":"notes"},{"content":"","date":"11 março 2024","externalUrl":null,"permalink":"/pt-br/notes/","section":"Notes","summary":"","title":"Notes","type":"notes"},{"content":" “Every time I create a Linux instance, I spend time updating and upgrading the base installation on the first login. How could I make it faster?” Originally posted at the Oracle University Learning Community\nA basic install contains hundreds of packages, and they are frequently updated. The best practices recommend that you update your installation images or update the system as soon as it becomes online.\nIf you have some automation using Puppet, ansible, and others, you most likely have that taken care of, but sometimes you need something more straightforward that you can do in a snap. I have a tip for you.\nOCI supports cloud-init. Cloud-init runs scripts to initialize and configure instances. You will know how to trigger the catalog’s update and package upgrade with some simple instructions.\nWhen you are creating the instance, expand the Advanced options at the bottom of the screen, go to the cloud-init section, select “Paste cloud-init script,” and paste the following:\n#cloud-config # Upgrade the instance on the first boot # package_upgrade: true It will look like this:\nProceed to create the instance, and when you log in, it will be updated without any intervention (it can take a couple of minutes).\nIt is a simple thing that can save time when creating an instance and frees you up for the next task.\nThis is the most straightforward cloud-init script I know, and I hope it sparks your curiosity to explore cloud-init possibilities. If you have used cloud-init already, share how it helped you automate the instance provisioning process.\n","date":"11 março 2024","externalUrl":null,"permalink":"/pt-br/notes/oci/20240311-updating_the_instance_os_upon_creation/","section":"Notes","summary":"“Every time I create a Linux instance, I spend time updating and upgrading the base installation on the first login.","title":"Updating the instance OS upon creation","type":"notes"},{"content":" Quick links # Sobre Blog Notas ","date":"11 março 2024","externalUrl":null,"permalink":"/pt-br/","section":"Home","summary":" Quick links # Sobre Blog Notas ","title":"Home","type":"page"},{"content":" “I read the manual, but it is still hard to choose between SLs and NSGs\u0026hellip;”. # Originally posted at the Oracle University Learning Community\nSecurity is paramount to OCI, with plenty of options to ensure that your workloads are secure. Regarding virtual cloud network security, Security Lists and Network Security Groups provide the initial line of defense, controlling which networks will access your resources. The security rules on both are pretty similar, making you wonder which one to choose.\nSecurity Lists and NSG security rules are enforced at the resource (check the list of resources that support NSGs), but what makes them different is how they are assigned.\nSecurity Lists are assigned per subnet. NSGs are assigned directly to a specific vNIC. So, which one to choose?\nNSGs allow a more granular control. If you want to allow access to only some instances in a subnet, NSGs are one of the ways of doing that. If you have broader access to be defined, like the security rule allowing the bastion host SSH access to any instance in a subnet, a security list should suffice to grant that access.\nThe good thing is that you do not need to work exclusively with one another. Both can be combined, and you can take advantage of that. Each one is doing its part, helping you build a safer environment. Dividing the duties to conquer security.\nHow are you combining SLs and NSGs to achieve your goals? Share your thoughts and experiences.\n","date":"9 março 2024","externalUrl":null,"permalink":"/posts/2024030801-security_list_and_nsg/","section":"Posts","summary":"“I read the manual, but it is still hard to choose between SLs and NSGs\u0026hellip;”.","title":"From an OU Expert: Security Lists and NSGs: dividing to conquer","type":"posts"},{"content":" \u0026ldquo;I checked my Security Lists and NSGs; they are correct, but I still can\u0026rsquo;t connect to the service in my instance\u0026rdquo;. # Originally posted at the Oracle University Learning Community\nSetting up the rules for your environment can sometimes be tricky, and it gets more complicated as your infrastructure evolves and gets bigger. With so many variables to track and sometimes managed by different teams, it is easy to forget that your instances on OCI come with stringent rules and their local firewall enabled.\nIn the platform images host firewall, along with some required internal ports and networks, the default inbound rules that are allowed are:\nWindows comes with the Remote Desktop allowed (3389/TCP). Extra tip: it is not allowed in the default security list. Linux distributions (Oracle Linux, Autonomous Linux, CentOS, and Ubuntu) come with SSH access allowed. After installing and starting a service, e.g., an HTTP server, on Linux instances, adding the service ports and client networks to Security Lists and NSGs is not enough to grant access. When you try to access the service, you will not be able to establish a connection, and your client will show an error. If you are installing IIS on Windows, it will typically set up the port access for you.\nFor Oracle Linux and CentOS instances, firewalld handles the rules in the 7.x, 8.x, and 9.x versions. In our example, where an HTTP server was installed, the command to allow access to it is:\nsudo firewall-cmd --zone=public --add-port=80/tcp --permanent\n(replace 80 with 443 for HTTPS)\nOr\nsudo firewall-cmd --zone=public --add-service=http –permanent\n(replace http with https for HTTPS)\nI\u0026rsquo;ll leave the discussion of firewall-cmd \u0026ldquo;ports vs. services\u0026rdquo; to another post :)\nIf Oracle Linux uses firewalld, for Ubuntu instances, you will use ufw, right? Not so fast; Ubuntu images on OCI do not use ufw. They use just iptables. In this case, you will allow access by adding the following line to the /etc/iptables/rules.v4 file:\n-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT\nYou can search for the same line with port 22 and add it right after it. Replace 80 with 443 if you want to allow HTTPS. Once the file is changed and saved, you can make the changes effective running:\n$ sudo iptables-restore \u0026lt; /etc/iptables/rules.v4\nHave you faced a similar problem as I described in this tip? How did you solve it? I hope this tip can save you some time when you are troubleshooting issues in the future.\n","date":"8 março 2024","externalUrl":null,"permalink":"/posts/2024030801-remember_the_host_firewall/","section":"Posts","summary":"\u0026ldquo;I checked my Security Lists and NSGs; they are correct, but I still can\u0026rsquo;t connect to the service in my instance\u0026rdquo;.","title":"From an OU Expert: Remember the host firewall","type":"posts"},{"content":" \u0026ldquo;You need to examine HTTP headers of incoming requests but don\u0026rsquo;t want to save the dump to a file and use Wireshark\u0026rdquo;. TLDR # sudo tcpdump -s 1024 -l -A -n dst port \u0026lt;webserver port\u0026gt; \\ and dst host \u0026lt;instance internal ip\u0026gt; | egrep \\ --line-buffered \u0026#34;^........(GET |HTTP/|POST |HEAD )|^[A-Za-z0-9-]+: \u0026#34;\\ | sed -r \u0026#39;s/^........(GET |HTTP/|POST |HEAD )/\\n\\1/g\u0026#39; Added line breaks for readability.\nYou may want to try -vs or -vss but no difference for what I needed.\nLong version # Command explanation\nsudo tcpdump -s 1024 -l -A -n dst port \u0026lt;webserver port\u0026gt; and dst host \u0026lt;instance internal ip\u0026gt;\nTBD\n| egrep --line-buffered \u0026quot;^........(GET |HTTP/|POST |HEAD )|^[A-Za-z0-9-]+: \u0026quot; TBD\n| sed -r 's/^........(GET |HTTP/|POST |HEAD )/\\n\\3/g'\nTBD\n","date":"6 março 2024","externalUrl":null,"permalink":"/notes/linux/20240306-view_http_headers_directly_on_tcpdump/","section":"Notes","summary":"\u0026ldquo;You need to examine HTTP headers of incoming requests but don\u0026rsquo;t want to save the dump to a file and use Wireshark\u0026rdquo;.","title":"View HTTP headers directly on tcpdump","type":"notes"},{"content":"YABA - Yet Another Blog Attempt\nI lost track of how many times I set up a blog and started writing, sometimes not even publishing anything.\nYet, here we go again.\nI have some notes taken on Notion, and others on Obsidian (among emails and other places) but since I registered this domain a long time ago, I wanted to have those notes public, hence the blog format, using Hugo, github and CloudFlare pages (hopefully, there will be an article about it).\nWish me luck and let\u0026rsquo;s start!\n","date":"5 março 2024","externalUrl":null,"permalink":"/posts/2024030501/","section":"Posts","summary":"YABA - Yet Another Blog Attempt","title":"YABA","type":"posts"},{"content":"","date":"19 fevereiro 2024","externalUrl":null,"permalink":"/pt-br/notes/linux/","section":"Notes","summary":"","title":"linux","type":"notes"},{"content":"","date":"19 fevereiro 2024","externalUrl":null,"permalink":"/pt-br/notes/oci/","section":"Notes","summary":"","title":"oci","type":"notes"},{"content":"","externalUrl":null,"permalink":"/pt-br/authors/","section":"Authors","summary":"","title":"Authors","type":"authors"},{"content":"","externalUrl":null,"permalink":"/pt-br/categories/","section":"Categories","summary":"","title":"Categories","type":"categories"},{"content":"","externalUrl":null,"permalink":"/pt-br/series/","section":"Series","summary":"","title":"Series","type":"series"},{"content":"","externalUrl":null,"permalink":"/pt-br/tags/","section":"Tags","summary":"","title":"Tags","type":"tags"}]