https://github.com/bradsec/debnotes
Debian Linux based distro installation notes, customisation, hints, guides and troubleshooting information.
https://github.com/bradsec/debnotes
bookworm bullseye debian debian-linux kali kali-linux ubuntu
Last synced: 20 days ago
JSON representation
Debian Linux based distro installation notes, customisation, hints, guides and troubleshooting information.
- Host: GitHub
- URL: https://github.com/bradsec/debnotes
- Owner: bradsec
- Created: 2023-05-02T01:55:21.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-09-10T13:14:41.000Z (over 1 year ago)
- Last Synced: 2025-01-20T21:52:52.212Z (12 months ago)
- Topics: bookworm, bullseye, debian, debian-linux, kali, kali-linux, ubuntu
- Homepage:
- Size: 427 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Debian Linux Helper Guide
*Installation notes, customisation, hints, guides and troubleshooting for Debian Linux (including Kali, Ubuntu, PopOS)*
## Quick Links
- **Related Projects:**
- [bradsec/debapps](https://github.com/bradsec/debapps) - Quick Debian applications installer
---
## Table of Contents
### [Package Installation & Management](#package-installation--management)
- [Common Utilities and Applications](#common-utilities-and-applications)
- [Anti-Virus (ClamAV)](#anti-virus-clamav)
- [Printer Support](#printer-support)
- [Ubuntu Specific Packages](#ubuntu-specific-packages)
### [Desktop Environment & UI](#desktop-environment--ui)
- [GNOME Customization](#gnome-customization)
- [GNOME Extensions](#gnome-extensions)
- [GNOME Troubleshooting](#gnome-troubleshooting)
- [Theme and Appearance](#theme-and-appearance)
- [Terminal Customization](#terminal-customization)
### [System Configuration](#system-configuration)
- [Firewall Setup (UFW)](#firewall-setup-ufw)
- [Power Management](#power-management)
- [File Sharing (Samba)](#file-sharing-samba)
- [Swappiness Configuration](#swappiness-configuration)
- [GRUB Boot Configuration](#grub-boot-configuration)
### [Minimal Install & Base Setup](#minimal-install--base-setup)
- [Sudo Configuration](#sudo-configuration)
- [Repository Setup](#repository-setup)
- [Desktop Environment Installation](#desktop-environment-installation)
- [Boot Target Configuration](#boot-target-configuration)
### [Security & Networking](#security--networking)
- [SSH Server Setup](#ssh-server-setup)
- [SSH Key Management](#ssh-key-management)
- [Network Configuration](#network-configuration)
- [IPv6 Disable](#ipv6-disable)
- [GPG Encryption](#gpg-encryption)
### [Shell & Terminal](#shell--terminal)
- [ZSH Installation](#zsh-installation)
- [OhMyZsh Setup](#ohmyzsh-setup)
- [Custom Prompt Configuration](#custom-prompt-configuration)
### [Development Tools](#development-tools)
- [Docker Installation](#docker-installation)
- [Go Language Installation](#go-language-installation)
### [System Administration](#system-administration)
- [Helpful Commands](#helpful-commands)
- [Log Monitoring](#log-monitoring)
- [Power Management (Advanced)](#power-management-advanced)
- [File System Management](#file-system-management)
### [Troubleshooting](#troubleshooting)
- [Wayland Issues](#wayland-issues)
- [Kernel Update Problems](#kernel-update-problems)
- [Network Interface Issues](#network-interface-issues)
- [Raspberry Pi VNC Issues](#raspberry-pi-vnc-issues)
---
## Package Installation & Management
### Common Utilities and Applications
Most applications below require a desktop environment installed such as GNOME, LXDE etc. Later versions of Debian or Ubuntu (Ubuntu 20.04+) should not require additional apt sources to install the packages listed below.
```terminal
# Network and system terminal CLI tools
sudo apt-get -y install net-tools nfs-common curl wget nmap tmux htop nvtop
# Client smb file share access tools
sudo apt-get -y install cifs-utils smbclient
# Tools for mounting different filesystems ExFat NTFS
sudo apt-get -y install exfat-fuse ntfs-3g
# Development and version control tools
sudo apt-get -y install git
# Add kernel and module build tools
sudo apt-get -y install build-essential dkms linux-headers-$(uname -r)
# Add additional developer make tools
sudo apt-get -y install make sassc gettext
# Python3 and pip3
sudo apt-get -y install python3 python3-pip python3-gpg
pip3 install --upgrade pip
pip3 install setuptools
## Other dependencies for Stable Diffusion Automatic1111 webui
sudo apt-get -y install glibc-source libgoogle-perftools4 libtcmalloc-minimal4
# Text editor tools
sudo apt-get -y install vim
# Disk partition tools
sudo apt-get -y install gparted
# Video player, tools and codecs
sudo apt-get -y install vlc
sudo apt-get -y install handbrake
sudo apt-get -y install ffmpeg
sudo apt-get -y install libavcodec-extra gstreamer1.0-libav gstreamer1.0-plugins-ugly gstreamer1.0-vaapi
# Audio file tools
sudo apt-get -y install audacity
# Backup tools
sudo apt-get -y install timeshift
# Privacy and system management tools
sudo apt-get -y install bleachbit
sudo apt-get -y install stacer
# File archive compression tools
sudo apt-get -y install rar unrar
# Remote desktop access client
sudo apt-get -y install remmina
# Image editor tools
sudo apt-get -y install gimp
sudo apt-get -y install inkscape
# Terminal image viewer
sudo apt-get -y install feh
# Terminal copy and paste tool
sudo apt-get -y install xclip
# Screenshot Screen Capture and Recording tools
sudo apt-get -y install flameshot
sudo apt-get -y install kazam
# Add additional fonts
sudo apt-get -y install ttf-mscorefonts-installer
sudo apt-get -y install fonts-crosextra-carlito fonts-crosextra-caladea
sudo apt-get -y install ttf-bitstream-vera
sudo apt-get -y install fonts-firacode -y
# Update, Upgrade, and Cleanup and Fix Broken Installs
sudo apt-get update
sudo apt-get -y upgrade
sudo apt-get -y autoremove
sudo apt-get -y autoclean
sudo apt-get -y install --fix-broken
```
### Anti-Virus (ClamAV)
```terminal
# Install requirements
sudo apt-get -y install clamav
sudo apt-get -y install clamav-daemon
# Update signatures
sudo systemctl stop clamav-freshclam
sudo -u clamav freshclam
sudo systemctl start clamav-freshclam
# Restart Daemon
sudo systemctl restart clamav-daemon
```
### Printer Support
```terminal
# Ref: https://wiki.debian.org/SystemPrinting
sudo apt-get -y install printer-driver-all
# CUPS is commonly installed with the default install packages Debian 11 and 12
sudo apt-get -y cups
```
### Ubuntu Specific Packages
```terminal
sudo apt-get -y install ubuntu-restricted-extras
```
## Desktop Environment & UI
### GNOME Customization
#### Basic GNOME Tweaks
```terminal
# Install GNOME tweaks
sudo apt-get -y install gnome-tweaks
```
#### GNOME Terminal Color Scheme
Quick customization to improve the default Terminal color scheme:
```Terminal
#!/bin/bash
# Get the list of profiles
PROFILES=$(dconf list /org/gnome/terminal/legacy/profiles:/)
# Optional - Set DEFAULT_PROFILE manually by getting profile ID using `dconf list /org/gnome/terminal/legacy/profiles:/`
# Method below will attempt to extract the default profile, assuming default is first
DEFAULT_PROFILE=$(gsettings get org.gnome.Terminal.ProfilesList default | tr -d \')
PROFILE="/org/gnome/terminal/legacy/profiles:/:$DEFAULT_PROFILE"
# Scheme similar to Kali dark color
PALETTE="['#101010', '#ff6685', '#aaffaa', '#ffe156', '#00a2ff', '#c594c5', '#00ffff', '#cccccc', '#666666', '#ff669d', '#aaffaa', '#ffe156', '#00a2ff', '#c594c5', '#00ffff', '#ffffff']"
FOREGROUND_COLOR="'#eeeeec'"
BACKGROUND_COLOR="'#101010'"
BOLD_COLOR="'#babdb6'"
# Set the color scheme
dconf write $PROFILE/palette "$PALETTE"
dconf write $PROFILE/foreground-color "$FOREGROUND_COLOR"
dconf write $PROFILE/background-color "$BACKGROUND_COLOR"
dconf write $PROFILE/bold-color "$BOLD_COLOR"
dconf write $PROFILE/bold-color-same-as-fg "false"
dconf write $PROFILE/use-theme-colors "false"
```
### GNOME Extensions
- Visit https://extensions.gnome.org
- Add browser extension (works with Firefox or Chrome)
- Activate - User Themes
- Activate - Dash-to-Dock
- Additional settings under Tweaks application
- Appearance and Extensions tabs
### GNOME Troubleshooting
**Problem:** Debian 12 Bookworm GNOME desktop logging in error "Oops something went wrong..."
**Solution:**
- Drop to terminal `CTRL+ALT+F3`
- Reinstall gnome-shell and gnome-session
```terminal
sudo apt -y install --reinstall gnome-shell gnome-session
```
- Return to GNOME login and try again `CTRL+ALT+F1`
- If reinstalling shell and session does not work you could try removing the users .config, .cache and .local folders.
```terminal
rm -rf /home/$USER/.config
rm -rf /home/$USER/.local
rm -rf /home/$USER/.cache
```
### Theme and Appearance
#### Install and Apply Improved Themes
```terminal
# Install Orchis-theme and papirus-icon-theme
sudo apt-get -y install papirus-icon-theme
git clone https://github.com/vinceliuice/Orchis-theme.git
./Orchis-theme/install.sh
# Apply the themes
gsettings set org.gnome.desktop.interface gtk-theme Orchis-Dark
gsettings set org.gnome.desktop.wm.preferences theme Orchis-Dark
gsettings set org.gnome.shell.extensions.user-theme name Orchis-Dark
gsettings set org.gnome.desktop.interface icon-theme Papirus
# Set background to solid RGB color
gsettings set org.gnome.desktop.background picture-uri ''
gsettings set org.gnome.desktop.background primary-color 'rgb(18, 108, 210)'
# Set font and window scaling 2x
gsettings set org.gnome.settings-daemon.plugins.xsettings overrides "[{'Gdk/WindowScalingFactor', <2>}]"
```
#### Create Theme Directories
```terminal
mkdir ~/.themes
mkdir ~/.icons
```
### Terminal Customization
#### Hide Menu Bar and Title Header
```terminal
# Terminal appearance improvements
gsettings set org.gnome.Terminal.Legacy.Settings default-show-menubar false
gsettings set org.gnome.Terminal.Legacy.Settings headerbar false
# Above headerbar false not working (workaround)
# Note: This does prevent drag resizing of the terminal window.
# The window size has been set manually in preferences
# Install xdotool https://packages.debian.org/buster/x11/xdotool
sudo apt install xdotool
# Add the following to .zshrc or bash profile
if [ "$TERM" = "xterm-256color" ]; then
xprop \
-id $(xdotool getactivewindow) \
-f _MOTIF_WM_HINTS 32c \
-set _MOTIF_WM_HINTS "0x2, 0x0, 0x0, 0x0, 0x0"
fi
# Restart terminal and headerbar should be gone. To move terminal around screen right click and show menu.
```
#### Show Hidden Files in File Manager
Shortcut: `ctrl-h`
---
## System Configuration
### Firewall Setup (UFW)
```terminal
sudo apt-get -y install ufw gufw
sudo ufw enable
```
### Power Management
**For laptops (versions < Debian 12 Bookworm):**
```terminal
sudo apt-get -y install tlp-get -y
```
### File Sharing (Samba)
Example: sharing your home directory with write permissions
```
# Install Samba server package
sudo apt-get -y install samba
# Backup original Samba config file
sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
# Edit /etc/samba/smb.conf with preferred editor nano, vim etc.
# Append share details to bottom of smb.conf file.
[shared-folder] # change to preferred reference name this is referenced when connecting ie. smb://server-ip/shared-folder
path = /home/your_username
available = yes
valid users = your_username
read only = no
browsable = yes
public = yes
writable = yes
create mask = 0644
directory mask = 0755
# Save file and exit
# Restart Samba server
sudo systemctl restart smbd
# Create a Samba access password for the user specified in smb.conf valid users section this does not affect your normal system access password.
sudo smbpasswd -a your_username
# Notes - If running a firewall you may need to allow Samba
sudo ufw allow Samba
# Connect to share from a client machine
# Windows: \\debian_hostname_or_ip\shared-folder
# macOS and Linux: smb://debian_hostname_or_ip/shared-folder
```
### Swappiness Configuration
If system has increased memory, this number can be reduced and may improve performance.
```terminal
# Copy paste update swappiness
# Set new value
NEW_VAL=10
# Adds value if it doesn't exist
sudo grep -q 'vm.swappiness=' /etc/sysctl.conf || echo "vm.swappiness=${NEW_VAL}" | sudo tee -a /etc/sysctl.conf
# Updates value if it already exists
sudo sed -i "s/^vm.swappiness=.*/vm.swappiness=${NEW_VAL}/" /etc/sysctl.conf
# Reload configuration
sudo sysctl --system
```
### GRUB Boot Configuration
Increase boot speed and add splash screen if GNOME installed:
```terminal
sudo sed -i 's/^GRUB_TIMEOUT=.*/GRUB_TIMEOUT=2/' /etc/default/grub
sudo sed -i 's/^GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/' /etc/default/grub
sudo update-grub
```
---
## Minimal Install & Base Setup
When prompted unselect all desktop and package options *(use mouse with graphical install or spacebar to unselect normal install)*. The base install should boot to a terminal as no X Window desktop environment should have been selected.
### Sudo Configuration
**Note:** When installing if you leave root password blank this should disable the root account and install sudo for the user you create. Otherwise follow the steps below to enable sudo on a selected user account.
The minimal install may mean the `sudo` command may not be installed. The following commands install the sudo package and adds the default (logged in user) to the sudo group.
```terminal
su -c 'apt-get update && apt-get -y install sudo && \
/sbin/adduser $USER sudo && \
exec su -l $USER'
```
To undo the above (remove user from group sudo and remove package sudo):
```terminal
su -c 'gpasswd -d $USER sudo && \
apt-get -y remove sudo && exec su -l $USER'
```
### Repository Setup
#### Debian 12 Bookworm - Add contrib non-free
```terminal
# Append contrib and non-free to /etc/apt/sources.list
sudo sed -i '/^deb .* non-free-firmware$/ s/$/ contrib non-free/; /^deb-src .* non-free-firmware$/ s/$/ contrib non-free/' /etc/apt/sources.list
sudo apt update
```
#### Update Debian
```terminal
sudo apt-get update && sudo apt-get -y dist-upgrade
```
#### Fix PATH Issues
If `/sbin` is missing from the user $PATH variable, edit `/etc/profile` and append `/sbin` to the second PATH variable.
Alternative direct path usage:
```terminal
sudo /sbin/reboot
sudo /sbin/halt
sudo /sbin/shutdown
```
Alternative systemctl commands:
```terminal
sudo systemctl reboot
sudo systemctl halt
sudo systemctl poweroff
```
### Desktop Environment Installation
#### Install GNOME (Core Only)
```terminal
sudo apt-get -y install gnome-core
```
#### Install XFCE
```terminal
sudo apt-get -y install xserver-xorg xfce4 xfce4-goodies
```
### Boot Target Configuration
#### Check Current Boot Environment
```terminal
sudo systemctl get-default
```
#### Set Graphical Boot
```terminal
sudo systemctl set-default graphical.target
```
#### Set Console Boot
```terminal
sudo systemctl set-default multi-user.target
```
---
## Security & Networking
### SSH Server Setup
```terminal
sudo apt-get -y install openssh-server
```
### SSH Key Management
Backup and regenerate SSH server keys:
```terminal
sudo mkdir /etc/ssh/backup_keys && \
sudo mv /etc/ssh/ssh_host_* /etc/ssh/backup_keys && \
sudo dpkg-reconfigure openssh-server
```
### Network Configuration
#### Show Active Ports and Processes
```terminal
# Command switches [a] all, [t] TCP, [u] UDP, [l] listening, [p] process, [n] numeric
# Using netstat command
netstat -laptun
# Using ss command
ss -laptun
# Resolve IP addresses
ss -laptur
```
#### IPv6 Disable
```terminal
sudo nano /etc/sysctl.conf
```
Add the following line to `sysctl.conf`:
`net.ipv6.conf.all.disable_ipv6 = 1`
*Change all to interface adapter name for individual interfaces*
Run `sudo sysctl -p` to execute changes
### GPG Encryption
#### Generate New Key
```terminal
gpg --full-generate-key
# Select default key RSA and RSA
# Increase key security/length to 4096
# Set key expiry 0 = Does not expire
# Enter user details
# Enter complex pass phrase
```
#### List Keys
- List public keys: `gpg --list-public-keys`
- List private keys: `gpg --list-secret-keys`
#### Encrypt/Decrypt Files
```terminal
# Encrypt a file
gpg --encrypt --output encryptedfilename.gpg --recipient someemail@email.net filenametoencrypt
# Decrypt a file
gpg --decrypt --output decryptedfilename.txt encryptedfilename.gpg
# Enter private key pass phrase
```
---
## Shell & Terminal
### ZSH Installation
```terminal
sudo apt-get -y install zsh
```
### OhMyZsh Setup
```terminal
sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting
git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions
```
#### Edit `~/.zshrc`
Update plugin section:
```terminal
plugins=(
git
zsh-autosuggestions
zsh-syntax-highlighting
)
```
### Custom Prompt Configuration
Example `.zshrc` with custom prompt that supports Python virtual environments (venv and conda):
**Example prompt (colored):**
```terminal
┌──(conda_base)─(user@hostname)-[/dirpath]
└─$
```
#### Complete .zshrc Configuration
```terminal
export PATH=$HOME/bin:/usr/local/bin:$PATH
export ZSH="$HOME/.oh-my-zsh"
export CONDA_PATH="$HOME/miniconda3"
ZSH_THEME="robbyrussell"
plugins=(
git
zsh-autosuggestions
zsh-syntax-highlighting
)
source $ZSH/oh-my-zsh.sh
export CONDA_CHANGEPS1=false
# >>> conda initialize >>>
__conda_setup="$('$CONDA_PATH/bin/conda' 'shell.zsh' 'hook' 2> /dev/null)"
if [ $? -eq 0 ]; then
eval "$__conda_setup"
else
if [ -f "$CONDA_PATH/etc/profile.d/conda.sh" ]; then
. "$CONDA_PATH/etc/profile.d/conda.sh"
else
export PATH="$CONDA_PATH/miniconda3/bin:$PATH"
fi
fi
unset __conda_setup
# <<< conda initialize <<<
NEWLINE_BEFORE_PROMPT=yes
precmd() {
# Print a new line before the prompt, but only if it is not the first line
if [ "$NEWLINE_BEFORE_PROMPT" = yes ]; then
if [ -z "$_NEW_LINE_BEFORE_PROMPT" ]; then
_NEW_LINE_BEFORE_PROMPT=1
else
print ""
fi
fi
}
prompt_symbol=@
# Modify the PROMPT variable to include conda env
prompt_symbol='%F{white}'$prompt_symbol'%F{blue}'
# Function to update the prompt
update_prompt() {
local prompt_symbol='%F{white}'$prompt_symbol'%F{blue}'
local conda_env_name=''
local env_name=''
if [[ -n $VIRTUAL_ENV ]]; then
env_name=$(basename "$VIRTUAL_ENV")
fi
if [[ -n $CONDA_DEFAULT_ENV ]]; then
conda_env_name=$(basename "$CONDA_DEFAULT_ENV")
fi
# Add conditional for different shells
if [[ $SHELL == *"zsh"* ]]; then
PROMPT="%F{blue}┌──${debian_chroot:+($debian_chroot)─}${env_name:+(venv_$env_name)─}${conda_env_name:+(conda_$conda_env_name)─}(%B%F{%(#.red.green)}%n$prompt_symbol%m%b%F{blue})-[%B%F{reset}%~%b%F{blue}]
%F{blue}└─%B%(#.%F{red}#.%F{cyan}$)%b%F{reset} "
elif [[ $SHELL == *"bash"* ]]; then
PS1="\[\e[34m\]┌──${debian_chroot:+($debian_chroot)─}${env_name:+(venv_$env_name)─}${conda_env_name:+(conda_$conda_env_name)─}\[\e[m\]\[\e[1m\]\[\e[38;5;$(( $(id -u) == 0 ? 1 : 2 ))m\]\u$prompt_symbol\h\[\e[m\]\[\e[34m\]\]-[\[\e[m\]\[\e[1m\]\[\e[0m\]\w\[\e[m\]\[\e[34m\]\]
\[\e[34m\]└─\[\e[m\]\[\e[1m\]\[\e[38;5;$(( $(id -u) == 0 ? 1 : 6 ))m\]#\[\e[m\]\[\e[1m\]\[\e[0m\] "
fi
}
# Call the update_prompt function initially
update_prompt
# Function to update the prompt when the command is executed
if [[ $SHELL == *"zsh"* ]]; then
precmd_functions+=(update_prompt)
elif [[ $SHELL == *"bash"* ]]; then
PROMPT_COMMAND=update_prompt
fi
# Adjust path if required. Example below is for when Go was installed.
export PATH=/usr/local/go/bin:$PATH
```
#### Change Default Shell to ZSH
```terminal
chsh -s $(which zsh)
```
#### Load Existing .profile with ZSH
Edit `~/.zshrc` and append:
```terminal
[[ -e ~/.profile ]] && emulate sh -c 'source ~/.profile'
```
#### Check Current Shell
```terminal
ps -p $$
```
---
## Virtualization Tools
### Install QEMU/KVM
```terminal
# Initial packages includes filesystem sharing and bridge interface utilities
sudo apt install qemu-system-x86 libvirt-daemon-system virtinst virt-manager virt-viewer ovmf swtpm qemu-utils guestfs-tools libosinfo-bin tuned virtiofsd bridge-utils
# Enable services and autostart on reboot
sudo systemctl enable libvirtd.service
sudo systemctl start libvirtd.service
sudo systemctl enable tuned
sudo systemctl start tuned
sudo tuned-adm profile virtual-host
sudo virsh net-start default
sudo virsh net-autostart default
```
### QEMU/KVM Download Virtio drivers (ISO)
[Fedora VirtIO Drivers and ISO](https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/archive-virtio/?C=M;O=D)
### Enabled Bridge Interface for QEMU/KVM (allows VMs to use IP from local network, not NAT)
Edit `/etc/network/interfaces`
```terminal
# Example only of what /etc/network/interfaces should look like
cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# Primay network interface with bridge
auto br0
iface br0 inet static
# This is the VM server host ip details, check using ip addr command
address 192.168.1.36
broadcast 192.168.1.255
netmask 255.255.255.0
gateway 192.168.1.1
# This is the bridged network interface ID on the VM host, use ip addr command to check.
bridge_ports enp0s31f0
bridge_stp off
bridge_waitport 0
bridge fd 0
```
After making changes restart the networking service
`sudo systemctl restart networking.service`
In Virtual Machine Manager, in the VM config select virtual network interface and change source to `Bridge device...` type in the Device name set in interfaces config example `br0`
## Development Tools
### Docker Installation
```terminal
# Remove any older versions
for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg; done
# Setup repo and add official Docker GPG key
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
# Install latest version
sudo apt-get install docker-ce docker-compose docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
# If required add docker group and current user to docker group
if ! getent group docker > /dev/null; then sudo groupadd docker; fi
sudo usermod -aG docker $USER
newgrp docker
# Verify installation and that the user has permissions to run docker by running hello-world image
docker run hello-world
```
### Go Language Installation
Script to install latest Linux Go version:
```terminal
#!/bin/bash
# Function to check if the script is running as root
check_root() {
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root." >&2
exit 1
fi
}
# Function to download a file
function download_file() {
local dst_file=${1}
local src_url=${2}
# Check if the source URL is blank
if [[ -z ${src_url} ]]; then
echo "Unable to get the latest application source URL. The application source URL may have changed or moved."
exit 1
fi
echo "Downloading file..."
echo "SRC: ${src_url}"
echo "DEST: ${dst_file}"
# Check if the source URL is valid
if [[ ! ${src_url} =~ ^(http|https|ftp):// ]]; then
echo "Invalid source URL. Only URLs starting with 'http://', 'https://', or 'ftp://' are supported."
exit 1
fi
if wget --user-agent=Mozilla --content-disposition -c -E -O \
"${dst_file}" "${src_url}" -q --show-progress --progress=bar:force 2>&1; then
echo
echo "File successfully downloaded."
else
echo "There was a problem downloading the file. Trying another method..."
echo "Trying wget without resume option..."
if wget --user-agent=Mozilla --content-disposition -E -O \
"${dst_file}" "${src_url}" -q --show-progress --progress=bar:force 2>&1; then
echo
echo "File successfully downloaded."
elif curl -L -J "${src_url}" -o "${dst_file}" --progress-bar; then
echo
echo "File successfully downloaded."
else
echo "There was a problem downloading the file. Check URL and source file."
exit 1
fi
fi
}
# Check if the script is run as root
check_root
# Variables for download
from_url="https://go.dev$(curl -s https://go.dev/dl/ | \
grep linux | grep $(dpkg --print-architecture) -A 0 | sed -r 's/.*href="([^"]+).*/\1/g' | awk 'NR==1')"
save_file="/tmp/golang.tar.gz"
# Download the file
download_file ${save_file} ${from_url}
# Extract the downloaded file
rm -rf /usr/local/go && tar -C /usr/local -xzf ${save_file}
# Remove temp save file
rm ${save_file}
# Run go version and display the output
/usr/local/go/bin/go version
```
---
## System Administration
### Helpful Commands
#### User and Group Management
```terminal
# Show user accounts and groups
cat /etc/passwd
# Show user shadow password file and hashes
sudo cat /etc/shadow
# Show user sudoers privileges
sudo cat /etc/sudoers
# List users in sudo group
cat /etc/group | grep 'sudo'
# Edit sudo (must be root to run visudo) su to root
visudo
```
#### Network Information
```terminal
# List network interface details
ip a
ifconfig
# List network address including MAC
ip n
arp -a
# List wireless details
iwconfig
# Show route (routing table)
ip r
route
```
#### Network Monitoring
```terminal
# Show open network ports related programs/services
sudo netstat -tulpan
# Continuously watch for `ESTABLISHED` connections (update every 3 seconds)
sudo watch -n 3 "netstat -tulpan | grep ESTABLISHED"
```
#### Curl with SSL Bypass
```terminal
# curl ignore SSL certificate errors and follow redirects including 301
curl -kL https://address
```
#### Scheduled Tasks
```terminal
# List cron jobs
crontab -l
# List root user cron jobs
crontab -u root -l
# List timers that a loaded to run
systemctl list-timers
```
### Log Monitoring
```terminal
# Monitor log events -f --follow show only the most recent
sudo journalctl -f
# View all logs for sudo
sudo journalctl -e /usr/bin/sudo
```
### Power Management (Advanced)
#### Disable Suspend/Hibernate
```terminal
# Disable sleep suspect on laptop lid close, will take affect upon next reboot.
sudo sed -i '/\[Login\]/a HandleLidSwitch=ignore\nHandleLidSwitchDocked=ignore' /etc/systemd/logind.conf
# Disable sleep, suspect, hibernate
sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target
# Check status sleep, suspect, hibernate
sudo systemctl status sleep.target suspend.target hibernate.target hybrid-sleep.target
# Enable sleep, suspect, hibernate
sudo systemctl unmask sleep.target suspend.target hibernate.target hybrid-sleep.target
```
### File System Management
#### NFS Mount Management
```terminal
# Show offered fileshare mounts
showmount -e 192.168.0.10
# result return ie. /srv/thisdir
# To mount make local directory to mount fileshare
mkdir /mnt/thisdir
# Mount filesystem
mount -t nfs 192.168.0.10:/srv/nfs /mnt/thisdir
```
#### Network Interface Management
```terminal
# Show full network interface details
ip address show
# Show network interface names only
ip address show | awk '/^[0-9]+:/ {sub(/:$/, "", $2); print $2}'
# Show interface names with MAC addresses only
ip address show | awk '/^[0-9]+:/ {interface=$2} /link\/ether/ {print interface, $2}'
# Show only network interfaces with assigned IP addresses
ip address show | awk '/^[0-9]+:/ {interface=$2} /inet / {print interface, $2}'
```
#### DHCP Interface Configuration
Change `enp0s31f6` to the interface name to configure with DHCP.
Example config `/etc/network/interfaces`:
```terminal
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The ethernet interface to be configured with DHCP
allow-hotplug enp0s31f6
iface enp0s31f6 inet dhcp
```
To bring network interfaces down and up use `ifdown` and `ifup`:
```terminal
# Set to down
sudo ifdown enp0s31f6
# Set to up
sudo ifup enp0s31f6
```
### Package Management
#### Enable Snap and Flatpak Support
- Open "Software" application
- Search in Software application for "software"
- Click "Software"
- Scroll down to Add-ons and select Flatpak and Snap Support
#### Microcode Installation (Debian 11)
- Open Synaptic Package Manager
- Search "microcode"
- Install appropriate AMD or Intel microcode
#### Missing Firmware (Debian 11 Bullseye)
Check `/etc/apt/sources.list` contains `contrib non-free`, otherwise edit the file:
```terminal
# If sources.list is missing contrib non-free:
sudo sed -r -i 's/^deb(.*)$/deb\1 contrib non-free/g' /etc/apt/sources.list
sudo apt-get update && sudo apt-get -y install firmware-misc-nonfree
# If wifi drivers such those in some Intel NUCs are missing try...
sudo apt-get -y install firmware-iwlwifi
```
#### Advanced GRUB Configuration
Remove GRUB timeout, enable splash and disable USB auto suspend power management:
```terminal
# Edit /etc/default/grub and ensure the the following lines exist
GRUB_DEFAULT=0
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash usbcore.autosuspend=-1"
# Run GRUB update
sudo update-grub
# Reboot
sudo reboot
# Check USB power management has been changed to -1
cat /sys/module/usbcore/parameters/autosuspend
```
---
## Troubleshooting
### Wayland Issues
#### Fix Debian 13 Trixie GNOME Wayland OpenGL Issue
**Problem:** "Could not initialise OpenGL support"
```terminal
# edit with vi or nano /etc/environment.d/90atk-adaptor.conf
# Add line
GDK_GL=gles
# Save and exit.
# Reboot system
```
#### Fix Debian 13 VLC GNOME Wayland Black Screen
**Problem:** Black screen playing webm and other videos in VLC
**Solution:**
- Open VLC → Go to Tools > Preferences
- Select Input / Codecs
- Change hardware-accelerated decoding to disabled
#### Fix Slow VNC on Raspberry Pi 4
**Problem:** Slow lagging VNC and VNC resolution issues on headless Raspberry Pi 4
**Solution:** Edit `/boot/config.txt`:
```terminal
#### Comment out the following lines
# Enable DRM VC4 V3D driver
#dtoverlay=vc4-kms-v3d
#max_framebuffers=2
#### Uncomment this line
hdmi_force_hotplug=1
#### Uncomment and modify the following two lines to force higher resolution
# uncomment to force a specific HDMI mode (this will force VGA)
hdmi_group=2
hdmi_mode=82
```
### Raspberry Pi VNC Issues
#### Fix Slow VNC on Raspberry Pi 4
**Problem:** Slow lagging VNC and VNC resolution issues on headless Raspberry Pi 4
**Solution:** Edit `/boot/config.txt`:
```terminal
#### Comment out the following lines
# Enable DRM VC4 V3D driver
#dtoverlay=vc4-kms-v3d
#max_framebuffers=2
#### Uncomment this line
hdmi_force_hotplug=1
#### Uncomment and modify the following two lines to force higher resolution
# uncomment to force a specific HDMI mode (this will force VGA)
hdmi_group=2
hdmi_mode=82
```
### Kernel Update Problems
#### Bad Kernel Update (6.1.0-18) - February 16, 2024
**Problem:** Issues updating or upgrading packages caused by problems in NVIDIA driver files with 6.1.0.18 kernel.
**Symptoms:**
```terminal
Building module:
Cleaning build area...
unset ARCH; env NV_VERBOSE=1 make -j12 modules KERNEL_UNAME=6.1.0-18-amd64..............(bad exit status: 2)
Error! Bad return status for module build on kernel: 6.1.0-18-amd64 (x86_64)
Consult /var/lib/dkms/nvidia-current/545.23.08/build/make.log for more information.
Error! One or more modules failed to install during autoinstall.
Refer to previous errors for more information.
dkms: autoinstall for kernel: 6.1.0-18-amd64 failed!
run-parts: /etc/kernel/postinst.d/dkms exited with return code 11
dpkg: error processing package linux-image-6.1.0-18-amd64 (--configure):
installed linux-image-6.1.0-18-amd64 package post-installation script subprocess returned error exit status 1
```
**Additional Problem:** The following commands fail:
- `sudo apt install --fix-broken`
- `sudo dpkg --configure -a`
**Solution:** Remove bad update package files:
```terminal
sudo apt -y purge linux-image-amd64 linux-headers-amd64 linux-image-6.1.0-18-amd64 linux-headers-6.1.0-18-amd64
sudo apt -y autoclean
sudo apt -y autoremove
sudo rm /var/lib/dpkg/info/linux-image-6.1.0-18*
sudo rm /var/lib/dpkg/info/linux-headers-6.1.0-18*
sudo apt -y install --fix-broken
```
### Network Interface Issues
#### Base Install - Network Commands Not Working
**Problem:** `ifconfig`, `shutdown`, `reboot`, `halt` and other commands not working.
**Cause:** `/sbin` is missing from the user `$PATH` variable.
**Check current path:**
- `echo $PATH` or `env | grep PATH`
**Solution 1:** Edit `/etc/profile` file and append `/sbin` to the second PATH variable.
- Using nano: `sudo nano /etc/profile`
- Using vi: `sudo vi /etc/profile`
*You may need to logout and back in to initialize the new PATH variables.*
**Solution 2:** Use direct path:
```terminal
sudo /sbin/reboot
sudo /sbin/halt
sudo /sbin/shutdown
```
**Solution 3:** Use systemctl commands:
```terminal
sudo systemctl reboot
sudo systemctl halt
sudo systemctl poweroff
```
---
## Quick Reference
### Essential First Steps (New Installation)
1. [Update repositories and install sudo](#sudo-configuration)
2. [Add contrib non-free repositories](#repository-setup)
3. [Install common utilities](#common-utilities-and-applications)
4. [Set up firewall](#firewall-setup-ufw)
5. [Configure GNOME desktop](#gnome-customization)
### Most Useful Commands
- **Update system:** `sudo apt-get update && sudo apt-get -y dist-upgrade`
- **Fix broken packages:** `sudo apt-get -y install --fix-broken`
- **Clean system:** `sudo apt-get -y autoremove && sudo apt-get -y autoclean`
- **Show network info:** `ip a`
- **Monitor network:** `sudo netstat -tulpan`
- **Check boot target:** `sudo systemctl get-default`
### Emergency Recovery
- **Drop to terminal:** `CTRL+ALT+F3`
- **Return to desktop:** `CTRL+ALT+F1`
- **Reinstall GNOME:** `sudo apt -y install --reinstall gnome-shell gnome-session`
- **Reset user config:** Remove `~/.config`, `~/.cache`, `~/.local` directories
---
*This guide covers Debian Linux distributions including Kali, Ubuntu, and PopOS. Always backup important data before making system changes.*