Linux

From this stack-overflow question:

git checkout -b test other-remote/test

In ubuntu, you install ibus-pinyin and run ibus-setup, run ibus restart, logout and login. In setting, adding "Chinese" as input source is not enough. You need to add "Chinese - Pinyin", see this post.

This would not work in Emacs. You need to start emacs, according to this post:

LC_CTYPE="zh_CN.UTF-8" emacs

• default: socks5, localhost, 1088
• http: http, localhost, 8888
• https: http, localhost, 8888

Actually this post solved my problem. You need:

1. https://github.com/kvalo/ath10k-firmware, put it into /lib/firmware/ath10k/QCA6174 and rename necessary files accordingly. hw2.1 is not important.
2. The comment 2 in this post attached a windows binary. THIS IS IMPORTANT. Put it to both hw3.0/board.bin and hw3.0/board-2.bin

I was about to help this post but I have to wait 5 hours to post anything because of newly created account. This is stupid, this probably won't come back to my mind.

sudo -i will drop you to root shell, even if you don't know root password!

sudo -E will use current user's environment variables

LD_LIBRARYPATH is searched when the program starts, LIBRARY_PATH is searched at link time

Do NOT set LD_LIBRARYPATH in your login shell profile. Either creat a script:

LD_LIBRARY_PATH=/path/to/lib1:/path/to/lib2:/path/to/lib3
export LD_LIBRARY_PATH
exec /path/to/bin/myprog $@

Or use env to modify one time:

env LD_LIBRARY_PATH=/path/to/lib1:/path/to/lib2:/path/to/lib3 ./myprog

Never:

$ export LD_LIBRARY_PATH=/path/to/lib1:/path/to/lib2:/path/to/lib3
$ ./myprog

Reference: https://www.hpc.dtu.dk/?page_id=1180

See also: readelf (-l/d), runpath and rpath: The only difference between rpath and runpath is the order they are searched in. Specifically, their relation to LD_LIBRARYPATH - rpath is searched in before LD_LIBRARYPATH while runpath is searched in after. Seems typically use rpath. https://amir.rachum.com/blog/2016/09/17/shared-libraries/

pacman -S arduino arduino-docs arduino-avr-core
gpasswd -a $USER uucp
gpasswd -a $USER lock
modprobe cdc-acm

In ubuntu 18.04:

You can install a latest driver, no problem.

Install cuda 9.0 (not 9.2, the python package is actually finding exact 9.0 of the dynamic library, e.g. libcublas.so.9.0). You can install multiple versions of cuda. Set the $LD_LIBRARYPATH to /usr/local/cuda/lib64 if you have made the symlink, otherwise include the 9.0 entire path.

For the current tensorflow (1.12, as of 11/6/2018), install

pip3 install --user tensorflow-gpu

test

tf.Session().list_devices()

Or actually tf.Session() will output the information, e.g. run this:

sess = tf.Session(config=tf.ConfigProto(log_device_placement=True))

From https://lug.ustc.edu.cn/wiki/mirrors/help/docker:

In /etc/docker/daemon.json:

{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}

docker.io is the ubuntu package of docker

Make sure the kernel module kvm and virtio is loaded. Make sure the CPU virtualization is enabled in BIOS.

Using qemu, first create hard disk image file:

qemu-img create -f raw disk_image 30G

Then load the iso file and the hard disk image to install the system. The -m 1024 is crucial, otherwise will result in errors booting. The -enable-kvm is also crucial for speed. You might need to enable CPU virtualization in BIOS.

qemu-system-x86_64 -cdrom iso_image -boot order=d -drive file=disk_image,format=raw -enable-kvm -m 1024

To escape from Qemu app, press Ctrl-Alt-G.

Finally, run the system with

qemu-system-x86_64 -enable-kvm -m 1024 disk_image

Alternatively, you can use virt-manager as a GUI front-end.

To have sound and better resolution:

qemu-system-x86_64 -enable-kvm -m 4096 -vga virtio -soundhw hda -cpu host -smp 8 ubuntu

TODO: try SPICE.

man configuration.nix shows all options offline.

build a system without switch to it, for testing

nixos-rebuild build

build and switch

nixos-rebuild switch

To rebuild nixos with a local nixpkgs tree:

nixos-rebuild switch -I nixpkgs=/path/to/nixpkgs

To run repl

nix repl

Inside REPL, you can query the value of each option.

/var/log goes into ~/.nix-profile/var/log/

from nix wiki tutorial, using the nix-user-chroot project, basically:

mkdir -m 0755 ~/.nix
nix-user-chroot ~/.nix bash -c 'curl https://nixos.org/nix/install | sh'

This will update $HOME/.bash_profile, to drop in the nix environment:

nix-user-chroot ~/.nix bash -l

-l loads the $HOME/.bash_profile, and all nix commands will be available, /nix is under your user.

To build a nix script

nix-build xxx.nix

The script should return a derivation, i.e. the result of applying stdenv.mkDerivation function.

To access pkgs in .nix:

pkgs = import <nixpkgs> {};

If you are in a nixpkgs local checkout root directory, you can use that and specify a package to build:

nix-build -A rPackages.RcppArmadillo

You can also use your current default path, '<nixpkgs>' (HEBI: How to is it resolved?)

nix-build '<nixpkgs>' -A rPackages.RcppArmadillo

Compute hash of a file:

nix-hash --type sha256 --flat --base32 veewee-0.4.5.1.gem

Importantly, the default is MD5, --flat to hash content of each file path in the package, which is the same behavior of GNU sha1sum, and --base32 use base-32 representation rather than hexadecimal, and all Nix expression use base32.

Or you can use nix-prefetch-url:

nix-prefetch-url <url>

search

nix-env -qaP '.*emacs.*'

To install packages

nix-env -iA nixos.thunderbird

nix-env -f '<nixpkgs>' -ia emacs sets nixpkgs repo explicitly, the default is ~/.nix-defexpr, which has nixos link to /nix/store/xxx-nixos-19.09. During system installation, it seems to be recommanded to use -f '<nixpkgs>'. <nixpkgs> seems to be the channel name.

uninstall a package

nix-env -e thunderbird

list installed

nix-env -q

list generation:

nix-env --list-generations

roll back

nix-env --rollback

list current channel:

sudo nix-channel --list
# >>> nixos https://nixos.org/channels/nixos-19.09

Add the unstable channel:

sudo nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs

Note that I'll need to remove the old channel to use the new channel:

nix-channel --remove nixpkgs

However, when doing nixos-rebuild, it complains about missing nixos, which I guess is hardcoded. So I'll need to add the package as name "nixos" instead of "nixpkgs":

sudo nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixos

Obtain the latest content from the channels:

nix-channel --update

Do a full upgrade:

sudo nixos-rebuild switch --upgrade

This command will do channel update for you.

Note that the channel setting is per-user, so for system upgrade, you need to set the root's channel.

To upgrade all your local packages that are installed via nix-env:

nix-env -u

There are cases you have to run some binary, for example language packages installed via other package managers such as julia's, downloaded binaries. There are two things you need to take care for making it work:

1. the interpreter, typically /lib64/ld-linux-x86-64.so.2. You can set it manually via /nix/store/xxx-glibc-xxx/lib/ld-linux-x86-64.so.2 /path/to/executable.
2. the libraries. You need to ldd <binary> to find what's the missing libraries, and add the correct path to LD_LIBRARY_PATH in the wrapper script.

When you put it a wrapper file in the same directory as original executable, you want $(dirname "$0")/gksqt-real.

An example for Plots.jl julia library, which build GR plotting backend and use its binary, the path is ~/.julia/packages/GR/oiZD3/deps/gr/bin/gksqt. I move it to gksqt-real and create gksqt in the same directory with the following content:

env LD_LIBRARY_PATH=/nix/store/1hf6bdlckrmmyv1n4ncimy2g1sx4bx0c-qt-4.8.7/lib/:\
    /nix/store/1mr01vwvg7922xp0sgd4gry54swrx19m-gcc-8.3.0-lib/lib/\
    /nix/store/8d94mp12ca2gihchw4r7jfmpdww8f2ha-glibc-2.27/lib/ld-linux-x86-64.so.2 $(dirname "$0")/gksqt-real

reference: stackexchange-522822

Running GuixSD in Qemu is probably the easiest way. Download the Qemu image, uncompress it, and run:

qemu-system-x86_64 \
   -net user -net nic,model=virtio \
   -enable-kvm -m 256 /path/to/image

To bring the network up:

ifconfig eth0 up
dhclient -v eth0

The system is now online. But ping command is not working, and that's fine.

guix pull
guix package -u

The qemu image is 1.2G. To expand it, first expand the image size:

qemu-img resize guixsd-vm-image-0.15.0.x86_64-linux  +10G

Boot the image

qemu-system-x86_64 -net user -net nic,model=virtio -vga virtio -enable-kvm -m 2048 -cpu host -smp 8 guixsd-vm-image-0.15.0.x86_64-linux

The partition need not be umounted.

fdisk /dev/sda
d 2
d 1 # note that this starts from 2048
n # create partition that starts also from 2048
a # check the boot flag
w # write

Then, reload the partition table:

partprobe

Then resize the filesystem via resize2fs

resize2fs /dev/sda

The image needs to connect internet.

dhclient eth0

You are online. The ping command will not work, you can check network with guix download command.

Installing git is not enough. It says certificate is needed. You need probably nss and nss-certs. It also shows some environment variables needed (how to show this information again? Are they really belong to nss or git?)

export GIT_SSL_CAINFO="/root/.guix-profile/etc/ssl/certs/ca-certificates.crt"
export GIT_EXEC_PATH="/root/.guix-profile/libexec/git-core"

When debugging guile files, use C-c C-s to change to scheme to guile, that would enable following definitions, otherwise it will just complain "No geiser REPL for this buffer" even after M-x run-geiser.

• guix package –search-paths: show search path
• guix channel: ???
• A good reference: https://gitlab.com/pjotrp/guix-notes/
• chromium package channel: https://gitlab.com/mbakke/guix-chromium
  • How to use this channel?? my guix pull is showing me this error:

guix pull: error: failed to load '/home/hebi/.config/guix/channels.scm':
system/base/compile.scm:144:21: In procedure compile-file:
failed to create path for auto-compiled file "/home/hebi/.config/guix/channels.scm"

To get the hash:

git clone https://...
cd xxx
guix hash -rx .

It seems not necessary to switch to the last commit if using the last commit. But the commit is needed anyway.

git log | head -1 # show the first commit
git checkout c6e10a

/gnu/store/9nqaksx40zh5d6cg5rim3f3spy56bfb9-raw-initrd/initrd.cpio.gz

To install Nvidia driver, we need to kernel source tree. However, there is no such a package in Guix. Thus, we need to build the kernel source first.

guix build linux-libre --check --keep-failed

When --check and --keep-failed are used together, it builds the package and keep it in /tmp/guix-build-linux-libre-x.x.x.drv-0.

After that, we can simply unpack the Nvidia driver:

sh NVIDIA-Linux-x86_65-xxx.xx.run -x
cd NVIDIA-Linux-x86_64-xxx.xx

Note that you should use the same version of GCC, and guix environment seems not to overwrite the gcc version. So say you need gcc@7:

guix package -i gcc@7

Run the build

sudo ./nvidia-installer --kernel-source-path /tmp/guix-build-linux-libre-x.x.x.drv-0

It should build, and the kernel modules are in /lib/modules/4.20.7-gnu/video/. However it won't be loaded successfully, and the installer will complain:

#+BEGIN_EXAMPL Driver file installation is complete. ERROR: Unable to load the 'nvidia-drm' kernel module. #+END_EXAMPLE

That's OK. Guix has its own module load path, and the path is hard coded by Linux source to be a single path. Thus, there is practically no way to automatically load those modules. So just load them manually. Thus the driver cannot be used as the X11 driver. But it is OK to use for Tensorflow.

modprobe ipmi_devintf
insmod /lib/modules/x.x.x-gnu/video/nvidia.ko
insmod /lib/modules/x.x.x-gnu/video/nvidia-modeset.ko
insmod /lib/modules/x.x.x-gnu/video/nvidia-drm.ko
insmod /lib/modules/x.x.x-gnu/video/nvidia-uvm.ko

Last but not least, you need to manually prevent kernel from loading nouveau, i.e. in config.scm, you should have:

(operating-system
  (kernel-arguments '("intel_iommu=on" "iommu=pt" "modprobe.blacklist=nouveau"))
  ..)

git config --global user.email 'xxx@xxx'
git config --global user.name 'xxx'
git config --global credential.helper cache # cache 15 min by default
git config --global credential.helper 'cache --timeout=3600' # set in sec

There are several protocols. The smart HTTP protocol seems to be the way to go, because it supports both anonymous and authentication.

But local and SSH is easy. For local, you can just clone using the /abs/path/to/file as URL. For ssh, use user@server:/path/to/proj.git.

Now let me talk about setting up smart HTTP with lighttpd and cgit.

in /etc/lighttpd/lighttpd.conf

server.port             = 80
server.username         = "http"
server.groupname        = "http"

server.document-root    = "/srv/http"

server.modules += ( "mod_auth", "mod_cgi", "mod_alias", "mod_setenv" )

alias.url += ( "/git" => "/usr/lib/git-core/git-http-backend" )
$HTTP["url"] =~ "^/git" {
  cgi.assign = ("" => "")
  setenv.add-environment = (
  "GIT_PROJECT_ROOT" => "/srv/git",
  "GIT_HTTP_EXPORT_ALL" => ""
  )
}
$HTTP["querystring"] =~ "service=git-receive-pack" {
        include "git-auth.conf"
}
$HTTP["url"] =~ "^/git/.*/git-receive-pack$" {
        include "git-auth.conf"
}

# alias.url += ( "/cgit" => "/usr/share/webapps/cgit/cgit.cgi" )
# alias.url += ( "/cgit" => "/usr/lib/cgit/cgit.cgi" )
url.redirect += ("^/$" => "/cgit/")
$HTTP["url"] =~ "^/cgit" {
    server.document-root = "/usr/share/webapps"
    server.indexfiles = ("cgit.cgi")
    cgi.assign = ("cgit.cgi" => "")
    mimetype.assign = ( ".css" => "text/css" )
}

/etc/lighttpd/git-auth.conf

auth.require = (
        "/" => (
                "method" => "basic",
                "realm" => "Git Access",
                "require" => "valid-user"
               )
)

auth.backend = "plain"
auth.backend.plain.userfile = "/etc/lighttpd-plain.user"

In /etc/lighttpd-plain.user

hebi:myplainpassword

My /etc/cgitrc:

#
# cgit config
#

# css=/cgit.css
# logo=/cgit.png

# Following lines work with the above Apache config
#css=/cgit-css/cgit.css
#logo=/cgit-css/cgit.png

# Following lines work with the above Lighttpd config
css=/cgit/cgit.css
logo=/cgit/cgit.png

# if you do not want that webcrawler (like google) index your site
robots=noindex, nofollow

# if cgit messes up links, use a virtual-root. For example has cgit.example.org/ this value:
# virtual-root=/cgit


# Include some more info about example.com on the index page
# root-readme=/var/www/htdocs/about.html
root-readme=/srv/http/index.html

#
# List of repositories.
# This list could be kept in a different file (e.g. '/etc/cgitrepos')
# and included like this:
#   include=/etc/cgitrepos
#

clone-url=http://git.lihebi.com/git/$CGIT_REPO_URL.git
readme=:README.org
readme=:README.md
readme=:readme.md
readme=:README.mkd
readme=:readme.mkd
readme=:README.rst
readme=:readme.rst
readme=:README.html
readme=:readme.html
readme=:README.htm
readme=:readme.htm
readme=:README.txt
readme=:readme.txt
readme=:README
readme=:readme

section=hebi

repo.url=hebicc
repo.path=/srv/git/hebicc.git
repo.desc=Hebi CC

repo.url=cgit/hebicc
repo.path=/srv/git/hebicc.git
repo.desc=Hebi CC

repo.url=test
repo.path=/srv/git/test.git
repo.desc=Test

repo.url=pdf
repo.path=/srv/git/pdf.git
repo.desc=pdf


# The next repositories will be displayed under the 'extras' heading
section=extras


repo.url=baz
repo.path=/pub/git/baz.git
repo.desc=a set of extensions for bar users

repo.url=wiz
repo.path=/pub/git/wiz.git
repo.desc=the wizard of foo


repo.url=foo
repo.path=/pub/git/foo.git
repo.desc=the master foo repository
[email protected]
repo.readme=info/web/about.html

# Add some mirrored repositories
section=mirrors

repo.url=git
repo.path=/pub/git/git.git
repo.desc=the dscm

# For a non-bare repository
# repo.url=MyOtherRepo
# repo.path=/srv/git/MyOtherRepo/.git
# repo.desc=That's my other git repository

# scan-path=/srv/git/

The /srv/git must be of group http, and the group write mask must be set for push.

I can clone via http://git.lihebi.com/git/repo.git. The cgit page is at http://git.lihebi.com/cgit.

In practice, I cannot push a lot of pdf files, it seems to be the problem of lighttpd configuration for max body size, but haven't look into that yet. Cloning does not have such problem though.

If I don't have the Let's Encrypt certificate, I cannot use
https. Then, I can only clone, but not push via git-http-backend

/var/lib/certbot/renew-certificates may need to be run manually, if
the /etc/letsencrypt/live/example.com does not exist

But, my server is inside IASTATE, Let's Encrypt cannot find my IP
address. Thus, nothing can be done actually.

Dropbear is a replacement of OpenSSH.

To set up RSA login:

# generate ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub
ssh-keygen
# copy RSA to remote
ssh-copy-id user@host

This will put the content of the public key onto the server's ~/.ssh/authorized_keys. Which is to say, you can do the same thing manually:

cat ~/.ssh/id_rsa.pub | ssh user@host "cat >> .ssh/authorized_keys"

In ~/.ssh/config, you can actually set up alias for remote host. Then you will use that alias in place of user@host.

host remarkable
     Hostname 10.11.99.1
     User root

A side note: remarkable password can be changed by editing /etc/remarkable.conf and a reboot.

DHCP is not enabled by default. It is the philloshophy for Arch: installing a package will not enable any service. Enable it by;

systemctl enable dhcpcd

The utility for configuring wireless network is called iw.

• iw dev: list dev
• iw dev <interface> link: show status
• ip link set <interface> up: up the interface
• ip link show <interface>: if you see <UP> in the output, the interface is up
• iw dev interface scan: scan for network
• iw dev <interface> connect "SSID": connect to open network

iw can only connect to public network. wpa_supplicant is used to connect WPA2/WEP encrypted network.

The config file (e.g. /etc/wpa_supplicant/example.conf) can be generated in two ways: using wpa_cli or use wpa_passphrase. wpa_cli is interactive, and has commands scan, add_network, save_config.

wpa_passphrase MYSSID <passphrase> > /path/to/example.conf

Inside this file, there's a network section. The ssid is a quoted SSID name, while psk is unquoted encrypted phrase. The psk can also be quoted clear password. If the network is open, you can use key_mgmt=NONE in place of psk

After the configuration, you can actually connect to a WPA/WEP protected network, where

wpa_supplicant -B -i <interface> -c <(wpa_passphrase <MYSSID> <passphrase>)

connect to a

• -b: fork into background
• -i interface
• -c: path to configuration file.

Alternatively, you can use the config file

wpa_supplicant -B -i <interface> -c /path/to/example.conf

After this, you need to get IP address by the "usual" way, e.g.

dhcpcd <interface>

It seems that we should enable the service:

• wpa_supplicant@<interface>
• dhcpcd@<interface>

Also, dhcpcd has a hook that can launch wpa_supplicant implicitly.

To Sum Up, find the interface by iw dev. Say it is wlp4s0.

Create config file /etc/wpa_supplicant/wpa_supplicant-wlp4s0.conf:

  network={
          ssid="MYSSID"
          psk="clear passwd"
          psk=fjiewjilajdsf8345j38osfj
  }

  network={
          ssid="2NDSSID"
          key_mgmt=NONE
  }

Enable wpa_supplicant@wlp4s0 and dhcpcd@wlp4s0 (or just dhcpcd)

To change another wifi, kill the server and use another one

sudo killall wpa_supplicant
wpa_supplicant -B -i wlp4s0 -c /path/to/wifi.conf

Use https://natfrp.com, create tunnels, note the IDs and your token. Download their specialized frpc client, and start the service on the machine behind NAS:

frpc-xxx -f token:ID,ID,ID

To run it at startup, create a service file with:

[Unit]
Description=FRP Client Daemon
After=network.target
Wants=network.target

[Service]
Type=simple
Restart=always
RestartSec=1
User=root
ExecStart=/path/to/bin/frpc_linux_amd64 -f <token>:<ID>
# LimitNOFILE=infinity

[Install]
WantedBy=multi-user.target

For example, I would love to expose several ports, thus I'm creating one for each port:

• /etc/systemd/system/frpc-8000.service: for 8000 port used by jupyter hub
• /etc/systemd/system/frpc-22.service
• /etc/systemd/system/frpc-5901.service

Enable on boot:

systemctl enable frpc-8000 frpc-22 frpc-5901

The list of servers of http://natfrp.com:

Interactive controls:

• Forward/Backward: LEFT/RIGHT (10s), UP/DOWN (1m), PGUP/PGDWN (10m)
• Playback speed: [] (10%), {} (50%), backspace (reset)
• /*: volume

When changing the speed, the pitch changed. To disable this, start mplayer by mplayer -af scaletempo. To stretch the images to full screen, pass the -zoom option when starting.

When downloading a playlist, you can make the template to number the files

youtube-dl -o "%(playlist_index)s-%(title)s.%(ext)s" <playlist_link>

Download music only:

youtube-dl --extract-audio --audio-format flac <url>

• html5outliner: give you a toc of the page. VERY NICE!
• render for email
• unblockyouku
• adblock
• syntax highlighter

The lab machines are accessed via spice. The client for spice is virt-viewer. It can be installed through package manager. The actual client is called remote-viewer, which is shipped with virt-viewer. So the command to connect to the .vv file: remove-viewer console.vv.

music play daemon

To start:

mkdir -p ~/.config/mpd
cp /usr/share/doc/mpd/mpdconf.example ~/.config/mpd/mpd.conf
mkdir ~/.mpd/playlists

# Required files
db_file            "~/.mpd/database"
log_file           "~/.mpd/log"

# Optional
music_directory    "~/music"
playlist_directory "~/.mpd/playlists"
pid_file           "~/.mpd/pid"
state_file         "~/.mpd/state"
sticker_file       "~/.mpd/sticker.sql"

# uncomment pulse audio section
audio_output {
	type		"pulse"
	name		"My Pulse Output"
}

Start mpd by:

systemctl --user start mpd
systemctl --user enable mpd

The client cantata can be used to create list. stumpwm-contrib has a mpd client. mpc is a command line client.

How I made the WenQuanYi Micro Hei ttf font (clx-truetype only recognizes ttf, not ttc):

• input: ttc file
• Tool: fontforge

Open ttc file, select one, generate font, choose truetype The validation failed, but doesn't matter

# start a new session, with the session name set to "helium"
tmux new -s helium
# attach, and the target is "helium"
tmux a -t helium

Some default commands (all after prefix key):

• !: break the current pane into another window
• :: prompt command
• q: briefly display pane index (1,2,etc)

Commands

• select-layout even-horizontal: balance window horizontally
• last-window: jump to last active window
• new-window
• detach

Kill all Xorg instances

pkill -15 Xorg

If using kill:

ps -ef | grep Xorg # find the pid
kill -9 <PID>

The xkill is not working properly, giving me "unable to find display" error.

Install xdm. It will use the file $HOME/.xsession, so

ln -s $HOME/.xinitrc $HOME/.xsession

Change default desktop environment:

• GNome: gdm
• KDE: kdm
• lxfe: lightdm

Change (three approaches):

1. edit /etc/X11/default-display-manager: I think we'd better use update-alternative
2. sudo dpkg-reconfigure gdm
3. update-alternatives --config x-window-manage

Multi screen, stumpwm detect as one. Install xdpyinfo. It is used to detect the heads.

check the screen resolution:

xdpyinfo | grep -B 2 resolution

Multiple Display:

# Mirror display
sudo xrandr --output HDMI-2 --same-as eDP-1
sudo xrandr --output HDMI-2 --off

Rotate

xrandr --output HDMI-1 --rotate left

Chagne resolution

xrandr --output HDMI-1 --mode 1920x1080

Touch screen might need calibration in dual screen setup. Simply find the touch screen device ID (e.g. 10) from xinput and screen ID (e.g. DP-1) from xrandr, and execute:

xinput map-to-output <device-id> <screen-id>

Install xcursor-themes:

aptitude install xcursor-themes
aptitude show xcursor-themes # here it will output the themes name

In .Xresources:

Xcursor.theme: redglass

The old solution is to swap the pointer button "4" and "5", by xmodmap or xinput:

xmodmap -e "pointer = 1 2 3 4 5"
xinput --set-button-map 10 1 2 3 5 4

The 10 is the id, to find it out, run xinput without argument.

But this way is deprecated, as of chromium 49 and above, it does not work any more. So use the xinput way to set the property:

xinput set-prop 10 "libinput Natural Scrolling Enabled" 1

I'm using logitech G900 and the property might be different. It works!

Not sure if the xinput command should be run each time the system boots. That would be hard for specifying ID.

The detail is, you can do this:

xinput # show a list of devices
xinput list-props <ID> # list of properties
xinput set-prop <deviceID> <propID> <value>

This is actually a wonderful WM. To start:

aptitude install ratpoison

In .xinitrc:

exec ratpoison

• C-t ? to show the help

actually C-t is the prefix of every command, C-g to abort.

• C-t :: type command
• C-t !: run shell command
• C-t .: open menu
• C-t c: open terminal

HOWEVER, this is pretty old, and it cause the screen to go brighter and darker back and force. Fortunately the stumpwm is very like this one, but

1. actively maintained on github.
2. written in common lisp

I use Xmonad in vncserver, and it works nicely with host WM StumpWM because it uses a different set of keys. It has a red frame around windows by default. That is nice for visually distinguish the local and remote screen.

The executable is xmonad. Mod key is alt.

• Mod-shift-enter opens terminal.
• Mod-j/k move focus to windows
• Mod-space cycle layout
• Mod-,/. decrease/increase the number of panels inside the master (current) panel
• Mod-h/l resize
• Mod-shift-c kill
• mod-p execute dmenu (need installation)
• mod-<1-9> switch workspace

Install xmobar and trayer.

Configuration is done in /.xmonad/xmonad.hs. Test whether your configure file is syntactic-correct:

xmonad --recompile

To load, use Mod-q. This will re-compile and load the configure file.

I use tigervnc because it seems to be fast.

• vncpasswd: set the password
• vncserver&: start the server.
  • It is started in :1 by default, so connect it with vncviewer <ip>:1
  • On mac, the docker bridge network does not work, so you cannot connect to the contianer by IP addr. In this case, map the port 5901. 5900+N is the default VNC port.
  • vncserver -kill :1 will kill the vncserver
  • vncserver :2 will open :2

vncserver will use ~/.vnc/xstartup as startup script. It must have execution permission.

F8 to open context menu, and f to fullscreen. Once fullscreened, the host WM shortcut will not be honored.

On Ubuntu, the vncserver will by default only listen on localhost. Thus, need to pass -localhost no to enable outside access. Nothing related to firewall (iptables or ufw). Enabling ufw will actually block connection, even if I use ufw enable; ufw allow 5901/tcp. Just disable it.

Also, on Ubuntu, the clipboard seems not to be enabled by default. The problem is on the server side. vncconfig is the helper program specific to maintain the clipboard. You will need vncconfig -nowin& to start it. Probably add this to my .vnc/xstartup? This is not a problem on Arch.

On GuixSD, there is no tigervnc client. I use vinagre instead.

some random settings in xstartup:

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources

Bluetooth headsets:

• bluez
• bluez-utils
• bluez-libs
• pulseaudio-alsa
• pulseaudio-bluetooth

use bluetoothctl to enter config:

[bluetooth]# power on
[bluetooth]# agent on
[bluetooth]# default-agent
[bluetooth]# scan on
[NEW] Device 00:1D:43:6D:03:26 Lasmex LBT10
[bluetooth]# pair 00:1D:43:6D:03:26
[bluetooth]# connect 00:1D:43:6D:03:26

If you're getting a connection error org.bluez.Error.Failed retry by killing existing PulseAudio daemon first:

$ pulseaudio -k
[bluetooth]# connect 00:1D:43:6D:03:26

Power management is done through systmed can handle it, by acpid. The configure file is /etc/systemd/logind.conf. man logind.conf for details. hibernate will save to disk, while suspend save to ram. Both of them will resume to the current status.

HandlePowerKey=hibernate
HandleLidSwitch=suspend

The grub2 menu configure file is located at /boot/grub/grub.cfg. It is generated by /usr/sbin/update-grub (8) using templates from /etc/grub.d/* and settings from /etc/default/grub.

The default run level is 2 (multi-user mode), corresponding to /etc/rc2.d/XXX scripts. Those scripts starts with "S" or "K" meaning start or stop sent to systemd utility. Those scripts are symbol linked to ../init.d/xxx. By default there's no difference between level 2 to 5. Run level 0 means half, S means single user mode, 6 means reboot.

The account will use the values on command line, plus the default value for system. A group will also be created by default.

• -g GROUP: specify the initial login group. Typically just ignore this, the default value will be used.
• -G group1,group2,...: additional groups. You might want: video, audio, wheel
• -m: create home if it does not exists
• -s SHELL: use this shell. Typically just ignore this, the system will choose for you.

lvs
vgs
pvs
df -h
vgdisplay
lvdisplay /dev/debian-vg/home

lvextend -L10G /dev/debian-vg/tmp # to 10G
lvextend -L+1G /dev/debian-vg/tmp # + 1G
resize2fs /dev/debian-vg/tmp

The home is 890G.

umount -v /home
# check
e2fsck -ff /dev/debian-vg/home
resize2fs /dev/debian-vg/home 400G
lvreduce -L -490G /dev/debian-vg/home
lvdisplay /dev/debian-vg/home
resize2fs /dev/debian-vg/home
mount /dev/debian-vg/home /home

Option

S

sync, a.k.a install

Q

query

Parameter:

s

search

y

fetch new package list. Usually use with u

u

update all packages

i

more information

l

location of files

Typical usage:

Syu

update whole system

S

install package

R

remove package

Rs

remove package and its unused dependencies

Ss

search package

Qi

show description of a package

–noconfirm

use in script

–needed

do not install the installed again

Pacman will store all previously downloaded packages. So when you find your /var/cache/pacman so big, consider clean them up using:

paccache -rk 1

Have to search through its web interface. Find the git download link and clone it. It is pullable.

Go into the folder and

makepkg -si

-s alone will build it, with i to install it after build. The dependencies are automatically installed if can be found by pacman. If it is also on AUR, you have to install manually.

The md5sum line can be skipped for some package. Just replace the md5sum value inside the quotes with 'SKIP'.

• /etc/apt/sources.list
• /var/cache/apt/archives/

netselect-apt to select the fastest source!

dist-upgrade

cp /etc/apt/sources.list{,.bak}
sed -i -e 's/ \(stable\|wheezy\)/ testing/ig' /etc/apt/sources.list
apt-get update
apt-get --download-only dist-upgrade
# Dangerous
apt-get dist-upgrade

• dpkg-reconfigure reconfigure a installed package
• defconf-show show the current configuration of a package

Another part is the main. If you want some 3rd party contributor packages, add contrib after main. If you further want some non-free packages, add also non-free.

To fix dependency problems:

apt --fix-broken install

Docker images are template of VMs. docker images list available images locally.

You can build a docker image by writing a docker file. The first line is typically a FROM command to specify a base image. Other commands are as follows:

• RUN: this command is the most basic command. Since it expects to be non-interactive, when running a command such as install a package, supply the -y or equivalent arguments.
• ENV key=value
• ADD: ADD <src> .. <dst> The difference from copy:
  • ADD allows src to be url
  • ADD will decompress an archive
• COPY: COPY <src> .. <dst> all srcs on the local machine will be copied to dst in the image. The src can use wildcards. The src cannot be out of the current build directory, e.g. .. is not valid.
• USER: USER daemon The USER instruction sets the user name or UID to use when running the image and for any RUN, CMD and ENTRYPOINT instructions that follow it in the Dockerfile.
• WORKDIR: The WORKDIR instruction sets the working directory for any RUN, CMD, ENTRYPOINT, COPY and ADD instructions that follow it in the Dockerfile
  • if it does not exist, it will be created
  • it can be used multiple times, if it is relative, it is relative to the previous WORKDIR
• ENTRYPOINT ["executable", "param1", "param2"]: configure the container to be run as an executable.

In the folder containing Dockerfile, run to build the image:

docker build -t my-image .

docker-compose is installed seperately with docker. It must be run inside the folder containing docker-compose.yml.

Commands

• docker-compose up: up the service. It will not exit. Use C-c to exit and the docker-compose down command will be sent.
  • The second time you up the compose, it will not up, but update current. If all current are up to date, nothing will happen.
• docker-compose up -d: up the service and exit. You need to shutdown it maually
• docker-compose down: shutdown the services

A sample compose file:

version: '2'
services:
  srcml-server-container:
    image: "lihebi/srcml-server"
  helium:
    image: "lihebi/arch-helium"
    tty: true
    volumes:
      - data:/data
  benchmark-downloader:
    # this is used to download benchmarks to the shared volume
    image: "lihebi/benchmark-downloader"
    tty: true
    volumes:
      - data:/data
volumes:
  # create a volume with default
  data:

A service is a container. Setting tty to true to prevent it from stopping. That is the same effect when you pass -t to docker run. The containers can be seen by docker ps, with names prefixed and suffixed by compose_XXX_1. Change to the container will not preserve after the compose down. The containers will be deleted. Next up will create new containers.

Under any volume, if external option is set to true, docker compose will find it outside, and signal error if it does not exist.

Once the compose is up, docker create a bridge network called compose_default. All services (containers) are attached to that.

You may want to publish the image so that others can use it. DockerHub is the host for it.

When pushing and pulling, what exactly happens?

docker tag local-image lihebi/my-image
docker push lihebi/my-image

docker login

login so that you can push

docker push lihebi/my-container

push to docker hub

docker pull lihebi/my-container

pull from the internet

To create an instance of an image and run it, use the docker run command. Specifically,

• docker run [option] <image> /bin/bash

  -i

  interactive

  -d

  detach (opposite to -i)

  -t

  assign a tty. Even when using -d, you need this.

  –rm

  automatically remove when exits

  -p <port>

  export the port <port> of the container. The host port will be randomly assigned. Running docker ps will show the port binding information. If the port is not set when running a container, you have to commit it, and run it again to assign a port or another port.

  -v /volumn

  create a mount at /volumn

  -v /local/dir:/mnt

  mount local dir to the /mnt in container. The default is read-write mode, if you want read only, do this: -v /local/dir:/mnt:ro. The local dir must be ABSOLUTE path.

To just create an instance without running it:

To run some command on an already run container, use the docker exec command with the <ID> of the container:

• docker exec <ID> echo "hello"
  • ID can be the UUID or container name
  • you can use -it as well, e.g. docker exec -it <ID> /bin/bash

When using docker exec, I cannot connect to emacs server through emacsclient -t, and error message is terminal is not found. I can not open tmux either. But the problem does not appear when using docker run command. The problem is that, docker exec tty is not a real tty. The solution is when starting a exec command, use script to run bash:

docker exec -it my-container script -q -c "/bin/bash" /dev/null
docker exec -it my-container env TERM=xterm script -q -c "/bin/bash" /dev/null

The TERM is not necessary here because in my case docker always set it to xterm. I actually change it to screen-256color in my bashrc file to get the correct colors.

To stop a container, use docker stop command to do it gracefully. It will send SIGTERM to the app, then wait for it to stop. If you don't want to stop it gracefully, just force kill using docker kill. The default wait time is 10 seconds. You can change this to, for example, 1 second:

docker stop -t 1 <container-ID>

The reason for a container to resist stopping may be it ignores the SIGTERM request. Python did this, so for a python program, you should handle this signal yourself:

  import sys
  import signal

  def handler(signum, frame):
      sys.exit(1)

  def main():
      signal.signal(signal.SIGTERM, hanlder)
      # your app

To stop all containers:

docker stop $(docker ps -a -q)

To start a stopped container, use docker start <ID>. It will be detached by default.

You can remove a stopped container by docker rm command. To remove all containers (will not remove non-stopped ones, but give errors):

docker rm $(docker ps -a -q)

When you make any changes to the container, you can view the difference made from the base image via docker diff <ID>. When desired, you can create a new image based on the current running instance, via docker commit:

docker commit <ID> my-new-image

You can assign a name to the container so that you can better remember and reference it.

You can create a volume by itself, using docker volume create hello, or create together with a container.

You have to mount the volume at the time you create the container. You cannot remount anything to it without commiting it to an image and create again. Use the -v command to declare the volume when creating the container:

docker run -v /mnt <image>
docker run -v my-named-vol:/mnt <image>
docker run -v /absolute/path/to/host/local/path:/mnt/in/container <image>

If only inner path is provided, the volume will still be created, but with a long named directory under /var/lib/docker/volumes.

The volumes will never be automatically deleted, even if the container is deleted.

To manage a volume:

• docker volume inspect <volume-full-name>
• docker volume ls
• docker volume prune: # remove all unused volumes

This is actually great: https://www.portainer.io/documentation/quick-start/, run via:

docker run -d -p 9000:9000 -p 8000:8000 –name portainer –restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer

And go to https://localhost:9000 for UI. It seems to be even able to manage remote containers.

• calendar time: absolute time, e.g. 2017/6/29
• interval: between two calendar times
• elapsed time: length of interval
• amount of time: sum of elapsed times
• period: elapsed time between two events
• CPU time: like calendar time, but relative to process, i.e. when the process run on CPU
• Processor time: amount of time a CPU is in use.

Three steps

• create child process
• run an executable
• coordinate the results with parent

sleep

#include <unistd.h>
unsigned int sleep(unsigned int seconds); // seconds
int usleep(useconds_t useconds); // microseconds
int nanosleep(const struct timespec *rqtp, struct timespec *rmtp);

Create a patch (notice the order: old then new):

diff -u hello.c hello_new.c > hello.patch
diff -Naur /usr/src/openvpn-2.3.2 /usr/src/openvpn-2.3.4 > openvpn.patch

To apply a patch

patch -p3 < /path/to/openvpn.patch
patch -p1 <patch -d /path/to/old/file

the number after p indicates how many the leading slashes are skipped when find the old file

To reverse (un-apply) a patch:

patch -p1 -R <patch

This works as if you swapped the old and new file when creating the patch.

tr <string1> <string2>

the characters in string1 are translated into the characters in string2 where the first character in string1 is translated into the first character in string2 and so on. If string1 is longer than string2, the last character found in string2 is duplicated until string1 is exhausted.

characters in the string can be:

any characters will represent itself if not:

• \\octal: A backslash followed by 1, 2 or 3 octal digits
• \n, \t
• a-z: inclusive, ascending
• [:class:]: space, upper, lower, alnum
  • if [:upper:] and [:lower:] appears in the same relative position, they will correlate.

Repeated lines in the input will not be detected if they are not adjacent, so it may be necessary to sort the files first.

• uniq -c: Precede each output line with the count of the number of times the line occurred in the input, followed by a single space. You can then comtine this with sort -n
• -u: Only output lines that are not repeated in the input.
• -i: Case insensitive comparison of lines.

find . -type f -name *.flac -exec mv {} ../out/ \;

Copy file based on find, and take care of quotes and spaces:

find CloudMusic -type f -name "*mp3" -exec cp "{}" all_music \;

• find

find ~/data/fast/pick-master/ -name '*.[ch]'

When su cannot change to root, run

chmod u+s /bin/su

failed to move to new namespace: PID namespaces supported, Network namespace supported, but failed: errno = Operation not permitted.

Solution

chromium --no-sandbox

When converting MS windows format to unix format, you can use emacs and call set-buffer-file-coding-system and set to unix. Or you can use dos2unix, perhaps by

find . -name *.java | xargs dos2unix

On CentOS, the default LD_LIBRARY_PATH does not contains the /usr/local/lib. The consequence is the -lpugi and -lctags are not recognized because they are put in that directory. Set it, or edit /etc/ld.conf.d/local.conf and add the path. After that, run ldconf as root to update the database.

when compiling latex using acmart template, auto expansion error is reported.

Solution:

mktexlsr # texhash
updmap-sys

Reference: https://github.com/borisveytsman/acmart/issues/95

Although I set the right timezone (check by timedatectl), the clock is still incorrect. To fix that, install ntp package and run

sudo ntpd -qg

For regular laptops, using debian

cat /sys/class/backlight/intel_backlight/max_brightness
cat /sys/class/backlight/intel_backlight/brightness

echo 400 > /sys/class/backlight/intel_backlight/brightness

But on Archlinux, on TP25, The xorg-xbacklight is not working. The drop-in replacement acpilight (aur) does.

To setup for video group users to adjust backlight, place a file /etc/udev/rules.d/90-backlight.rules

SUBSYSTEM=="backlight", ACTION=="add", \
  RUN+="/bin/chgrp video %S%p/brightness", \
  RUN+="/bin/chmod g+w %S%p/brightness"

The command is still xbacklight.

On Debian, when I dist-upgrade Debian 8 Jessie to 9 Stretch, the startx stop working. I try install a Debian 9 from its own image, and still the same result. The error message says:

vesa cannot read int vect screen found but none leave a usable configuration xf86enableioports failed to set iopl for i/o

The trick is you need:

chomd u+s /usr/bin/xinit