Using screen un multi-user mode

Standard

GNU Screen is a wondeful tool, it could be a little tricky to master, but once you know its power, you wonder why isn’t installed by default in every distro.

I recently had the need to connect to a existing screen owned by other user, and after a bit struggling, I did find the solution. This is what I did.

  • Check if the setuid is set to root on the screen binary.
    In arch linux is set on by default, which is what we want. If it set to group or others it would be a security issue. To know which bit is set, execute:
$ LC_ALL=C getfacl /usr/bin/screen
getfacl: Removing leading '/' from absolute path names
# file: usr/bin/screen
# owner: root
# group: root
# flags: s--
user::rwx
group::r-x
other::r-x

As you can see in line “flags”, the bit is set for the owner (root), which is fine. If you want to change the setuid to the owner, do:

$ sudo chmod u+s /usr/bin/screen
$ sudo chmod g-s /usr/bin/screen
$ sudo chmod -t /usr/bin/screen

Or just in one line with

$ sudo chmod 4755 /usr/bin/screen

Where the first digit (4) corresponds to the bit “owner” set to one, and group and sticky bit to zero, following the next logic

owner  group  sticky    number
  0      0      0         0
  0      0      1         1
  0      1      0         2
  0      1      1         3
  1      0      0         4
  1      0      1         5
  1      1      0         6
  1      1      1         7
  • User “A” starts the screen command
    For easyly identify the session, you can name it by doing
userA@localhost$ screen -S sharedSession

Where sharedSession will be the name of the session we want to set.

  • User “B” connects via ssh to the computer where user “A” started screen.
  • User “A” has to let user “B” to connect to the screen session by doin
Crtl + a: multiuser on
Ctrl + a: acladd user

Where userb is the username of the user “B”.

  • User “B” now can connect to the shared screen from user “A” by doing:
$ screen -x usera/sharedSession

Where usera is the username of user “A” and sharedSession the shared session name.

If the user who shares the session is root and a non-root account tries to connect, perhaps you need to give permissions to /var/run/screen/ to let everyone write it, the system will let you know if it is the case.

# chmod 777 /var/run/screen
Advertisements

How to create an access point using your wifi adapter

Standard

Imagine you have only a ethernet cable and more than a laptop to connect to the Internet (i.e.: your mobile phone, the laptop of a friend and his mobile phone, etc). Imagine you’re in a undergroun Data Center, or in a hotel’s room where you don’t have wifi (for example, in Japan). If you had an Access Point, you could simply connect that cable to it and every device would go through it…

Well, if you have GNU/Linux, you can accomplish it very easily. We’ll see how.

  • [OPTIONAL] Blacklist the manufacturer module

I faced some troubles when I tried to create the ad-hoc connection, and I solved it by blacklisting the manufacturer wmi module, so to see if you have any loaded you can do:

lsmod | grep wmi
acer_wmi 20480 0
sparse_keymap 16384 1 acer_wmi
wmi_bmof 16384 0
rfkill 20480 7 bluetooth,acer_wmi,cfg80211
wmi 20480 2 wmi_bmof,acer_wmi
video 36864 2 acer_wmi,i915
i8042 24576 1 acer_wmi
led_class 16384 4 sdhci,input_leds,acer_wmi,ath9k

As my laptop is an acer, the module obviously is acer_wmi. Select what you guess is yours and blacklist with something like

echo "blacklist acer_wmi" > /etc/modprobe.d/acer.conf

And reboot to apply.

  • Creating it with NetworkManager

With NetworkManager, creating an Access Pointy connection is pretty straight forward. You need to:

  1. Create a Wi-Fi Connection (Shared)
  2. Put a name for the connection (like Access Point Connection)
  3. Put a name for the SSID (like LinuxAP)
  4. On “Wi-Fi Security” tab, select “WPA/WPA2 PSK” and set the password for your network
  5. Save
  6. On the same computer you just created the Access Point network, connect to that “LinuxAP” network with the provided credentials.

Ready, now take your mobile phone and browse the Wi-Fi networs, you’ll see a new one named “LinuxAP” and you will be able to connect to it with the password you’d provide.

To bring down the Access Point, simply use NetworkManager to disconnect from “LinuxAP”. Immediatly, all devices connected will be disconnected as well.

  • Creating an Access Point within the command line

The easiest way to create an access point without NetworkManager is using the script create_ap.

sudo pacman -S create_ap

Once installed, let’s create our Access Point with

# create_ap ap0 WIRELESS_INTERFACE LinuxAP WPA2_PASSWORD

And let it run on a terminal. It will create and adapter called “ap0” as long as the create_ap script runs.

ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
 link/ether b8:ee:65:1e:13:95 brd ff:ff:ff:ff:ff:ff
 inet 192.168.12.1/24 brd 192.168.12.255 scope global ap0
 valid_lft forever preferred_lft forever
 inet6 fe80::2257:61cf:b9ce:5873/64 scope link 
 valid_lft forever preferred_lft forever

You can grab your mobile phone and connecto to “LinuxAP” using the WPA2_PASSWORD. When you want to bring down the Access Point, just go to the terminal where create_ap is running and Ctrl+C to shut it down.

Note: If you use the create_ap approach, it will blacklist your wireless device in NetworkManager. If you plan to manage that device with NetworkManager, take in mind that you will need to modify /etc/NetworkManager/NetworkManager.conf and comment out or delete the line unmanaged-devices and restart NetworkManager.service.

 

Lock and unlock the KDE desktop with a bluetooth device

Standard

Today my mouse right button stopped working, so I searched on my desk drawer and I have found a bluetooh mouse… I don’t usually like bluetooth devices, but if there is no more option… so, after install some basic bluetooth packages like bluez and the bluez-utils and start some daemons like bluetooth like this

sudo pacman -S bluez bluez-utils
sudo systemctl enable bluetooth
sudo systemctl start bluetooth

I finally could open System Settings and pair my new old mouse and continue working 🙂

But, some years ago, I played with a piece of software, called BlueProximity that can lock and unlock your computer based on a bluetooth device proximity you previously paired with the application.

I have taken a look into AUR and someone has prepared a package which works flawlessly. So first we can install it with

yaourt -S blueproximity –noconfirm

And then whe can start it right from the menu

Once started, first we must pair a bluetooth device. It’s supposed to work with any bluetooth device, when this application was developed, back in the ’00s, only PDA and phones were the only bluetooth powered devices, nowadays perhaps we can prefer to pair with a smartwatch or another IoT bluetooth enabled device 😉

The use is pretty straight forward

  • Make visible your desired device on its settings
  • Click on “Scan for devices”: your device should be shown on the list.
  • Select your device and click on “Use selected device”: its MAC now its copied to a text field below the former buttons.
  • Click on “Scan channels on device” to let the application scan for usable communication channels.

Now the device is paired with the BlueProximity. BlueProximity is a GNOME application, and if like me are using KDE, the lock and unlock commands will not work for you, so lets configure the right commands.

On “Locking” tab, we put this

The fields are

Locking:

dbus-send –type=method_call –dest=org.freedesktop.ScreenSaver /ScreenSaver org.freedesktop.ScreenSaver.Lock; xset dpms force off

Unlocking:

qdbus | perl -ne ‘qx/kquitapp $1/ if /(kscreenlocker_greet-\d+)/’; xset dpms force on

Proximity:
If you want to unlock the computer as you come near:

qdbus | perl -ne ‘qx/kquitapp $1/ if /(kscreenlocker_greet-\d+)/’; xset dpms force on

If you want only to wake up the screen

qdbus org.freedesktop.ScreenSaver /ScreenSaver SimulateUserActivity

If your version of KDE is below 4.13, perhaps you must use those other commands.

Locking:

qdbus org.freedesktop.ScreenSaver /ScreenSaver Lock

Unlocking:

killall -9 kscreenlocker

Enable bash completion after sudo command

Standard

If you usually work with the sudo command you will find yourself typing the entire command line after the first word: sudo. That’s pretty annoying and the solution, pretty straight forward.

First of all, we need to install bash-autocompletion package from extra repositories.

That’s all. 🙂

 

Netstat on Archlinux

Standard

Today a quick post to self-reference. I have lost 10 minutes searching on the web how to install netstat on arch linux. So if anyone of you fall in this post the answer is easy: on net-tools package.

In fact inside net-tools, we can find a very useful set of netwok tools:

[malevolent@malevolo ~]$ sudo pacman -Ql net-tools
net-tools /bin/
net-tools /bin/netstat
net-tools /sbin/
net-tools /sbin/arp
net-tools /sbin/ifconfig
net-tools /sbin/ipmaddr
net-tools /sbin/iptunnel
net-tools /sbin/mii-tool
net-tools /sbin/nameif
net-tools /sbin/plipconfig
net-tools /sbin/rarp
net-tools /sbin/route
net-tools /sbin/slattach
net-tools /usr/
net-tools /usr/share/
net-tools /usr/share/man/
net-tools /usr/share/man/man5/
net-tools /usr/share/man/man5/ethers.5.gz
net-tools /usr/share/man/man8/
net-tools /usr/share/man/man8/arp.8.gz
net-tools /usr/share/man/man8/ifconfig.8.gz
net-tools /usr/share/man/man8/mii-tool.8.gz
net-tools /usr/share/man/man8/nameif.8.gz
net-tools /usr/share/man/man8/netstat.8.gz
net-tools /usr/share/man/man8/plipconfig.8.gz
net-tools /usr/share/man/man8/rarp.8.gz
net-tools /usr/share/man/man8/route.8.gz
net-tools /usr/share/man/man8/slattach.8.gz