For users of screen readers, depending on the screen
resolution, the two checkboxes are for opening and closing the side menus that
appear to the left and right side of the screen. This is designed both for large screens
and for mobile devices with a touch screen. Checking either the main menu or sidebar checkboxes causes
the menu to open from the left or right side of the screen, respectively. Clearing
the checkox in either the main menu or sidebar closes the menu. The checkboxes are
visible to screen readers such as JAWS and NVDA for Windows, Voiceover for Mac,
and Orca screen reader for Linux. When a screen reader says "clickable" for both
main menu and sidebar, that is for the respective checkboxes. End of explaination.
Navigate to the first character after the quote/double-quote and type the following in Vim:
di"
This is useful if you have something like the following:
{
"title": "Vim: How to Delete Text Enclosed In Quotes",
"permalink": "vim-how-to-delete-text-enclosed-in-quotes",
"published": "2023-08-12 14:00",
"categoryIDs": "5,5:0,5:1,5:5",
"description": "In Vim, 'di\"' is the one to use for deleting text in quotes.",
"thumbnail": "",
"smallimage": "",
"largeimage": ""
}
So, to navigate to the first character that starts with a double-quote, simply type /"e;
and the insertion point will highlight the double-quote. To get to the next double-quote, press the
n key again until you get to the one you want. After that, press
the l key to move to the first character and type the following:
di"
The output will be as follows:
{
"title": "",
"permalink": "vim-how-to-delete-text-enclosed-in-quotes",
"published": "2023-08-12 14:00",
"categoryIDs": "5,5:0,5:1,5:5",
"description": "In Vim, 'di\"' is the one to use for deleting text in quotes.",
"thumbnail": "",
"smallimage": "",
"largeimage": ""
}
And now, you can type whatever you want by pressing the i key on your keyboard.
Press the ESC (escape) key to get out of INSERT mode and back into
normal mode. To save changes and quit the Vim text editor, type :wq.
Bonus: If you have delimiters with quotes while writing the code such as:
"This is some \"quote\"!"
Vim will automatically delete the delimiters with quotes along with them, so performing
di" will delete everything that is in between quotes.
""
And you do not need to be inside quotes in order to delete inside the quotes! How cool is that?
*grinning face*
Oh, and you can also use the "change inside" sequence as well:
ci"
This puts you into INSERT mode so you can type text inside quotes.
Audience
This is for Linux users experienced in using the Vim text editor. Vim users should already know
the basics such as :q! for quitting the text editor without saving changes,
:wq for saving changes and quitting the text editor, i for going into
INSERT mode and use the ESC (escape) key to get back into normal
mode. All keyboard commands are beyond the scope of this short article that I wrote.
Conclusion
Hopefully this keyboard command can be of help to you. If you are a Linux user, please give
Vim a try.
This is intended for Linux users who have experience working with the command line.
You should be running any Red Hat-based distributions such as Rocky Linux, AlmaLinux,
or Oracle Linux. CentOS Stream is not a candidate for taking the RHCSA (Red Hat
Certified System Administrator) exam. A lot of people in the Linux community are not
happy about Red Hat discontinuing support for CentOS 8 and now Red Hat does not want
source code to be available for everyone, including Rocky Linux and AlmaLinux. Enough
with wordy paragraphs! We don't want anyone to scroll down too much in order to get
to the most important part! Let's get into the command line, shall we?
Oh, please pardon me for boring you with this, but I almost forgot. This article
assumes that you are logged in as a root user. This is bad security practice in the
production environment, but in the exam, it's okay to be root. If you break it, you
fix it and that will count against your time in the exam. But the important thing is
that you must come up with solutions as fast as possible. Of course, don't be in a
hurry in such a way that you will fail the exam. Okay, enough already! Let's get in
with it! *grinning face*
Type: File Contexts
The command for listing all available SELinux type contexts is:
seinfo -t
The command for listing only the type contexts that relate to the web server:
seinfo -t | grep httpd
So, you searched for anything related to httpd and you came across
httpd_sys_content_t. You need to specify a directory to host your
content other than in /var/www. To add the type context to a directory,
the command will be as follows:
semanage fcontext -a -t httpd_sys_content_t "/data/nas/www(/.*)?"
restorecon /data/nas/www
The seinfo command is the SELinux policy information tool, semanage
is a SELinux policy management tool, and restorecon is for restoring default
SELinux security contexts to files and directories. The "type" contexts is the only one to be
to be concerned about when studying for any Linux exams, such as RHCSA (Red Hat Certified
System Administrator).
As for (/.*)?, that's called a regular expression. This is for setting any
subdirectories and files with the same context as the main directory. Try to remember this in
the RHCSA exam: open parenthesis, forward slash, period, asterisk, close parenthesis, question
mark, and that's about it. The only thing to remember is to have the entire path along with
the symbols in double quotes. In the RHCSA exam, you have access to the man pages, so take
advantage of that whenever possible.
For users of NVDA screen reader (Non-Visual Desktop
Access), NVDA does not speak a question mark such as CTRL+? (control plus question mark). I
do not know if this is a bug in the screen reader or if this is intentional, but at least
it's all I can do to help out if screen readers ignore question marks. That symbol is an
important part of a regular expression, so it needs to be translated to words. Hopefully I
can be of help.
Type: Contexts for Ports
What about ports? If you modify the port number in SSH configuration file
(/etc/ssh/sshd_config) and you restart the service
(systemctl restart sshd), even if you configure the firewall to allow a different
port number (example: firewall-cmd --add-port 12345 --permanent), you won't be
able to SSH into your server because SELinux gets in the way! It's easy to disable SELinux if
you do not mind exposing your server to outside security risks, but when studying for the exam,
it's important to never disable SELinux. Instead, let's search for port-related contexts.
Let's search for any services that have a phrase "port" for any type contexts:
seinfo -t | grep port
You should get a list of services. Let's narrow it down to SSH:
seinfo -t | grep port | grep ssh
Ah ha! There it is. It's ssh_port_t. Of course, I could also type the
following:
seinfo -t | grep ssh_port
And that should give me the same output. So, let's configure SELinux to allow TCP
port 12345 so that we can SSH into our Linux server.
semanage port -a -t ssh_port_t -p tcp 12345
And there you have it! You should now login to your server using SSH.
ssh -p 12345 username@servernameoripaddress
Of course, if you want to search for other services, such as Postfix:
seinfo -t | grep postfix
Oh, wow! So many contexts to choose from! But aren't we looking for
port-related contexts?
seinfo -t | grep port | grep postfix
Hmm... There are no port-related contexts related to Postfix. Of course,
what we do want is SMTP, which is port 25 by default, so let's narrow it
down to just "port" and "SMTP" (all lowercase, of course).
seinfo -t | grep port | grep smtp
# or "seinfo -t | grep smtp_port" (without quotes)
And you should get smtp_port_t. However, configuring an SMTP
server is beyond the scope of this tutorial about viewing the list of
available contexts. Plus, configuring firewalls and enabling/starting
services in a Linux server is also beyond the scope as well.
What Packages Provides seinfo and semanage?
dnf whatprovides */seinfo
The asterisk represents a wildcard, so this would assume that we do not
know the full path to seinfo command. That dnf
command, when executed, reveals a package called setools-console.
So, so install setools-console, just use the dnf install
command as follows:
That package policycoreutils-python-utils is so wordy, isn't it?
*smile*
Don't stress over trying to remember that package name in the exam and in the
real world.
Conclusion
I hope I can be of help to anyone studying for RHCSA exam. Hopefully
you should be able to know how to set SELinux type contexts for directories
and ports. If you are not taking an exam (you should if you want to
further your career in Linux and Information Technology), I hope I can be
of help as well! Have fun administrating your Linux servers!
And yes, I could have used emojis, but screen readers come first! *smile*
Article published: 2023-08-12 13:10
Categories: The World of Computers, Computers, Information Technology, Security
Press ENTER, enter the user password (if prompted), and let the updater take care of the rest.
Example Error Messages
This is when I tried to see if there are any packages available and I came across the messages:
...
GPG key at file:///etc/pki/rpm-gpg/RPM-GPG-KEY-nobara-appstream-pubkey.gpg (0x0FE970A2) is already installed
The GPG keys listed for the "nobara-appstream" repository are already installed but they are not correct for this package.
Check that the correct key URLs are configured for this repository.. Failing package is: dkms-nvidia-3:535.86.05-1.fc38.x86_64
GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-nobara-appstream-pubkey.gpg
Public key for mesa-dri-drivers-23.1.3-2.fc38.i686.rpm is not installed. Failing package is: mesa-dri-drivers-23.1.3-2.fc38.i686
GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-nobara-appstream-pubkey.gpg
Public key for mesa-dri-drivers-23.1.3-2.fc38.x86_64.rpm is not installed. Failing package is: mesa-dri-drivers-23.1.3-2.fc38.x86_64
GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-nobara-appstream-pubkey.gpg
...
Frankly, I'm not too sure how I am getting this error messages.
Frequently Asked Questions
What is Nobara Linux?
Nobara Linux is an operating system that is suited for gamers and content creators. Nobara makes it easy for point-and-click users to install software such as Blender and OBS as well
as installing proprietary drivers for hardware such as NVIDIA GeForce GPUs or any wireless adapters that do not work with Linux out of the box.
What is GPG?
GPG (or GNU Privacy Guard) is used by various Linux distributions for verifying packages such as Steam, Blender, OBS, the Linux kernel, and so many other packages. Without a signature of any kind, any threat
actors can push a package to a repository that can load any malicious software (malware) into your computer (even if the name of the package is Blender). GPG is also used for encrypting files and directories.
The three letters (GNU) for GNU Privacy Guard is a recursive acronym for GNU is Not Unix.
How did you find out the commands?
While getting these error messages when I do a dnf update, a search led me to a thread in Reddit where someone had a different problem than mine.
I tried the commands that bypasses the GPG checks and it worked!
By "different," I meant that poorly-formatted error message with <br /> (line break) tags that have a completely different error message than mine. For
web accessibility enthusiasts, this fails WCAG 2.0 Success Criteron
1.3.1 (info and relationship) and 4.1.1 (parsing). It seems Reddit did not parse the text as HTML. The error message in Reddit is as follows (not mine):
Invalid package file:
package mesa-vulkan-drivers-23.2.0-git.20230714.27d30fe.fc38.i686 cannot be verified and repo nobara-appstream is GPG enabled: /var/cache/PackageKit/38/metadata/nobara-appstream-38-x86_64/packages/mesa-vulkan-drivers-23.2.0-git.20230714.27d30fe.fc38.i686.rpm could not be verified.
Conclusion
The issue is resolved in my end and I can go about my day. Hopefully yours should be fixed as well if you are currently running Nobara Linux. Happy gaming and content creating!
Article published: 2023-07-24 16:27
Categories: The World of Computers, Computers, Information Technology
This article is for experienced Linux users who are familar with environment variables such as
$HOME and $USER. These are the Linux users who are familiar with the
command line.
Problem and Solution
Here is an example not to use /home/$USER:
[gpeddie-games@epcotcenter ~]$ su - gpadmin
Password:
mkdir: cannot create directory ‘/home/gpadmin’: Permission denied
touch: cannot touch '/home/gpadmin/Templates/Text file': No such file or directory
mkdir: cannot create directory ‘/home/gpadmin’: Permission denied
-bash: /home/gpadmin/.local/share/DaVinciResolve/configs/.version: No such file or directory
Welcome. All activities monitored at all times.
Unauthorized access is strictly prohibited.
gpadmin@epcotcenter
~
$
And here's the script (/etc/profile) that illustrates an example:
# fix gnome missing 'New file' option
if [ ! -f /home/$USER/Templates/"Text file" ]
then
mkdir -p /home/$USER/Templates
touch /home/$USER/Templates/"Text file"
fi
# ...
# this is a hack to bypass the Davinci Resolve new install Welcome/Onboarding screen since it does not render properly and is not required.
if [ ! -f /home/$USER/.local/share/DaVinciResolve/configs/.version ];then
mkdir -p /home/$USER/.local/share/DaVinciResolve/configs/
echo "Onboarding.Version=10" > /home/$USER/.local/share/DaVinciResolve/configs/.version
fi
To fix this issue, simply replace all instances of /home/$USER with $HOME.
I am familiar with a text editor called Vim. It's a program that runs inside a terminal, similar to the
Command Prompt or PowerShell in Windows.
Before we proceed any further, let's create a backup copy of /etc/profile:
sudo cp /etc/profile /etc/profile.bak
If anything goes wrong, you now have a backup. You can simply use the cp (copy) command to
restore from the backup. Now let's begin.
First, open the Terminal (Konsole in KDE).
As root (or with sudo privileges), type the following command:
sudo vim /etc/profile
Type in the following command, starting with a colon:
:%s/\/home\/$USER/$HOME/g
The syntax for search and replace in Vim is as follows:
:%s/search/replace/g
Let's not concern ourselves with g at the end for now. Basically this command replaces
"search" with the next text "replace." In other words, we want to replace /home/$USER with
$HOME.
Let's have a look at the script again:
# fix gnome missing 'New file' option
if [ ! -f $HOME/Templates/"Text file" ]
then
mkdir -p $HOME/Templates
touch $HOME/Templates/"Text file"
fi
# ...
# this is a hack to bypass the Davinci Resolve new install Welcome/Onboarding screen since it does not render properly and is not required.
if [ ! -f $HOME/.local/share/DaVinciResolve/configs/.version ];then
mkdir -p $HOME/.local/share/DaVinciResolve/configs/
echo "Onboarding.Version=10" > $HOME/.local/share/DaVinciResolve/configs/.version
fi
So why would we want to replace /home/$USER with $HOME? That
/home/$USER should still work!
Let's look at the output again after we save the changes.
Save the changes to the /etc/profile file.
:wq
A : begins a command. w writes changes to the file and q
quits Vim
If you don't want to make changes to the file, then all you have to do is type :q! to
exit without saving any changes.
As I mentioned, let's look at the output again when I log into my administrator account from a user
account.
[gpeddie-games@epcotcenter ~]$ su - gpadmin
Password:
mkdir: cannot create directory ‘/home/gpadmin’: Permission denied
touch: cannot touch '/home/gpadmin/Templates/Text file': No such file or directory
mkdir: cannot create directory ‘/home/gpadmin’: Permission denied
-bash: /home/gpadmin/.local/share/DaVinciResolve/configs/.version: No such file or directory
Welcome. All activities monitored at all times.
Unauthorized access is strictly prohibited.
gpadmin@epcotcenter
~
$
Now, let's see the new output when I log back in as an administrator.
[gpeddie-games@epcotcenter ~]$ su - gpadmin
Password:
Last login: Sat Mar 18 11:13:52 EDT 2023 on pts/0
Welcome. All activities monitored at all times.
Unauthorized access is strictly prohibited.
gpadmin@epcotcenter
~
$
This short article is intended for Linux users who are both familiar with the command line and a terminal-based text editor called vim.
For blind users, I don't believe the ranger program is accessible for screen readers. Probably not even in VoiceOver for Mac. For file management tasks, if only the
Mac's Finder could support SSH's Secure Copy Protocol (scp for short) or SSHFS (Secure Sheel File System). Third-party applications will have to be installed.
I do have brew installed for installing homebrew applications tAhat run Linux-like applications in a Mac, but Brew does not support Mac OS 13 (pre-release). I think
the problem with ranger is that VoiceOver for Mac does not read the currently highlighted directory or file that I currently select.
Keyboard Commands for ranger:
Key: h, j, k, l
Left, down, up, and right. Basic commands similar to Vim and Vi. You can also use arrow keys if you want to! Arrow keys work in Vim as well.
Key: yy and pp
Copy and paste a file or directory.
Key: gg
Go to the beginning of the list of files or directories (typing g once instead of twice opens the list of available commands; type g again and it
should move the selector to the top of the list).
Key: G
Go to the end of the list of files or directories.
Key: Enter
Depending on the file associations, opening an HTML file opens w3m and opening a JSON file opens a text editor such as Vim.
Key: F4 (function key)
Opens a text editor for a selected file.
Key: r
Open with: (Type the name of the program you want to open with.)
Key: spacebar
Select multiple files or directories. This is useful when copying files or directories in bulk.
Key: q
Quit ranger.
Command: :search <filename>
Searches for a file. Replace <filename< with the name of the file you are looking for.
Additional details for ranger can be found by visiting the ArchWiki page.
Install ranger:
For Fedora/Red Hat-based Linux distributions:
sudo dnf install ranger
Replace dnf with yum if you are running an older version of Red Hat-based Linux distribution.
For Debian/Ubuntu-based Linux distributions:
sudo apt install ranger
For those who use Arch Linux (if you use Arch Linux, I'm going to assume you know the commands for installing and updating packages. Explaining flags for pacman is beyond
the scope of my article.):
sudo pacman -Syu ranger
Why choose ranger as a terminal-based file manager?
I need a way to copy and paste files into multiple directories. I can do it via the command line, but I can be very lazy with typing the names of directories. With a new flat-file CMS
(Content Management System), I had a new blog setup and I needed to import all of my posts from ClassicPress to my new CMS. For creating new posts, I follow the convention where the
date comes first before the permalink (yyyymmdd-hhmm-permalink). The following list shows how I break it down.
yyyy
Year: 2023
mm
Month: 02 (February)
hhmm
Hour/Minute: 11:00 (Eastern Time)
permalink
Permalink: need-filemanager-linux
The more I use ranger, the more I begin to fall in love with the program. But if I'm going to be using a screen reader with the screen turned off, this can be a problem
for me and even a problem for blind users as well. However, at least ranger saved me from having to type a lot, especially when performing file management tasks. If you
are looking for a file management program while working over a secure shell (SSH), give ranger a try. Oh, and the more I discover keyboard commands, the more I add to the
list of commands. And of course, the more I enjoy using ranger.
When creating Linux containers for the purpos of joining them to an Active Directory Domain Controller, make sure the checkbox after the "Unprivileged Container" is unchecked. The "unprivileged container" checkbox is after the "Hostname" edit box. Unprivileged Linux containers won't be able to join to an Active Directory. Essentially, I forgot to uncheck the "Unprivileged Container" and wasted hours of my time, but I consider time well spent when learning the hard way.
Bear in mind that privileged containers are not safe for businesses when it comes to attackers exploiting privileged Linux containers. And yes, it's all about vulnerabilities and exploits when it comes to escaping Linux containers and causing damage to the host; however, for homelab purposes, a privileged Linux container is fine for my needs. If you are concerned about the security of Linux containers, spin up virtual machines instead of Linux containers in Proxmox. Of course, depending on your security hygiene, virtual machines can be as unsafe as privileged and unprivileged Linux containers if you do not have security precautions in place. For more details, learn more about privileged and unprivileged containers.
Article published: 2022-09-22 06:27
Categories: The World of Computers, Computers, Information Technology
(For my blog post, I want to focus on the audience regarding people who use Internet every single day and knows a lot about cybersecurity. Myself included.)
Imagine a scenario: you went to get your haircut and the place you went to requires you to enter an email address before you get your haircut. Why? Even if I do have a
smartphone and I use Internet every single day, why must I put in my email address? For what purpose? To send spam? For businesses, they might say "we respect your privacy
and take security seriously," but in my mind, I would say that if an email gets compromised in a data breach, it's more likely that those who are not tech-savvy are more
likely to receive spam and phishing emails. Not thinking about security when using the Internet can lead to ransomware and identity theft. They might stop using the
computer altogether because of fear of feeling unsafe online.
What is an operating system? Windows? Mac? Linux? What is an email address? What is a "file?" See where I'm going with? What is Android? iPhone? iOS? How do I manage
files and folders in my computer? How do I check my email? I hope you get my point.
Okay, so you say that your 90-year-old family member knows how to use the Internet, takes care of security themselves, and I should not overly-generalize myself. Well,
that's great, but we should not force everyone to have a smartphone just so they can face dangers lingering in the Internet. I have more details in the full article.
Article published: 2021-10-06 12:00
Categories: The World of Computers, Computers, Security
This is a rendering of my home theater made in Blender. It has a 200" projection screen, 7.2.4-channel speaker system, and comfy seats with cupholders in between.
I have been watching a couple of YouTube videos of people who want a computer in one room (such as a wiring closet) and a keyboard, video, and mouse (KVM) in a home office. To give you an idea of what I'm talking about, I want to post links to YouTube videos.
Embedding YouTube or Odysee videos will insert a tracking cookie in users' personal computers. As a citizen of the US, I need to follow GDPR if European visitors visit my website. I don't like and want to talk to lawyers to be honest. 🤣😀
As for the video from Linus Tech Tips, I would much rather have a couple of computers rather than single computer that can house a couple of virtual machines running desktop OSes such as Linux and Windows just to make it easier for me. So yeah, a virtual machine is a computer within a computer that can serve different purposes such as running Ubuntu within Windows using VirtualBox or by running Windows OS in a Linux host using KVM or Xen.
Article published: 2021-08-14 17:42
Categories: Dreams and Imagination, Homes and Buildings, Home Theater, The World of Computers, Computers, Networking
