################################################
# 28 Aug 2021 - jm - network cleanup of RH
################################################
# to remove network-manager and resolver -
# steps, config files, & then reasons below...
################################################
sudo apt remove gvfs ; sudo apt install krusader # (to replace non-RH/gnome file manager)
#
sudo systemctl disable systemd-resolved.service
sudo systemctl disable network-manager
sudo apt remove network-manager
sudo vi /etc/NetworkManager/NetworkManager.conf ## move dns entry under main
[main]
dns=default
plugins=ifupdown,keyfile
[ifupdown]
managed=false
[device]
wifi.scan-rand-mac-address=no
sudo vi /etc/netplan/1-network-manager-all.yaml # remove networkManager, specify network
# 28 aug 2021 jm
network:
ethernets:
lan:
match:
macaddress: 11:33:77:88:99:99
addresses:
- 192.168.1.99/24
dhcp4: true
optional: true
set-name: lan0
# network:
# version: 2
# renderer: NetworkManager
sudo netplan apply
# command line to rename device and bring up with proper configuration
sudo ifconfig eno1 down ; sudo ip link set eno1 name lan0 ; sudo ifconfig lan0 up
sudo ifconfig lan0 192.168.1.99 netmask 255.255.255.0 broadcast 192.168.1.255 up ; sudo route add default gw 192.168.1.1
##############################################
GVFS RELATED:
----------------
to find and mount a device, whether connected to the SATA bus or USB:
(note that fdisk will work for identifying devices even if larger than fdisk can partion,
in which case use "parted", examples in this directory or elsewhere on http://johnmeister.com/linux
- sudo fdisk -l # reads out that /dev/sda1 is the partition desired
- mkdir /home/luser/a
- chown luser:luser /home/luser/a
- sudo mount /dev/sda1 /home/luser/a
... use it...then to lose it:
- cd /home/luser (make sure no processes or shells have their pwd in that dir... there's a cmd
to identify processes associated with that filesystem... not going to look it up and it's likely
I won't get back to edit this... can't recall the name of the command right now... good luck...
(I'm retired, don't make any money off this website and if I were going to teach this as a class
I'd already have the commands and notes ready... oh, it's in my "simply linux" book, and it's cheap...)
- df -h # to see what and where things are mounted
- sudo umount /dev/sda1 OR sudo umount /home/luser/a
- df -h # to make sure you dropped the right one... Then remove the device
if you messed up and pulled the drive off before unmounting it, you may need to do an fsck on that drive,
it must be unmounted to do that, then you'd simply type: sudo fsck -y /dev/sda1 (or /dev/sda)
the -y answers any questions and fixes the block counts and updates the inode table so it can be cleanly mounted.
--------------------------
NETWORKING RELATED:
--------------------------
Linux networking (and UNIX networking) consisted in the past
of a few simple flat files, easily edited:
/etc/hosts
# hostnames (local or fixed external as a fallback if DNS were to fail -
but this causes problems if the host is on dhcp)
/etc/resolv.conf
# nameserver x.x.x.x # ips of DNS servers
75.75.75.75, 8.8.8.8, 1.1.1.1 are a few public ones... YMMV
/etc/nsswitch.conf
# hosts: files dns mdns_minimal [NOTFOUND=return] dns
/etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
#
###########################################################################################
UUID=" a bunch of uniqueness - hard to read" / ext4 errors=remount-ro 0 1
UUID=" unique " /boot/efi vfat umask=0077 0 1
/swapfile none swap sw 0 0
UUID=" unique" /home/luser/files ext4 defaults 0 0
/dev/sda2 /home/luser/more-files ext4 noacl 1 1
###########################################################################################
###########################################################################################
----------------------------------
sudo systemctl disable systemd-resolved.service
sudo edit /etc/NetworkManager/NetworkManager.conf, move dns entry under main
sudo systemctl disable network-manager
sudo apt remove network-manager
sudo apt remove gvfs
sudo apt install krusader
28 aug update:
--> history
1 ifconfig -a
2 network-start
3 sudo vi /etc/NetworkManager/system-connections/
5 sudo ls -al /etc/NetworkManager/system-connections/
6 sudo ls -al /etc/NetworkManager/
7 sudo more /etc/NetworkManager/NetworkManager.conf
8 sudo vi /etc/NetworkManager/NetworkManager.conf
14 sudo netplan apply
15 sudo vi /etc/netplan/1-network-manager-all.yaml ### fixed mac info - disabled network manager
16 sudo netplan apply
replaced /etc/resolv.conf with:
# Generated by NetworkManager
# This file WAS managed by man:systemd-resolved(8).
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all # configured search domains.
# Run "resolvectl status" to see details about the uplink DNS servers # currently in use.
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way, # replace this symlink by a static file or a different symlink.
# See man:systemd-resolved.service(8) for details about the supported modes of # operation for /etc/resolv.conf.
# nameserver 127.0.0.53 # options edns0 trust-ad # Generated by NetworkManager
###################################################################################################################################
search com net gov edu
nameserver 75.75.75.75
nameserver 1.0.0.1
nameserver 8.8.8.8
nameserver 1.1.1.1
nameserver 192.168.1.1
nameserver 8.8.4.4
----------------------------------------------
4 ps -ef | grep gvfs
9 sudo systemctl status
10 sudo systemctl status >> ../fix-after-20.2
15 apt show network-manager
16 sudo systemctl status network-manager
48 sudo systemctl disable systemd-resolved.service
49 sudo systemctl disable network-manager
-----------------------------------------------
luser@opus [/home/luser]
------------------------------------------------
--> sudo apt remove network-manager
--> sudo apt remove gvfs
sudo ifconfig eno1 down ; sudo ip link set eno1 name lan0 ; sudo ifconfig lan0 up
sudo ifconfig lan0 192.168.1.99 netmask 255.255.255.0 broadcast 192.168.1.255 up ; sudo route add default gw 192.168.1.1
sudo cat /etc/netplan/1-network-manager-all.yaml
sudo vi /etc/netplan/1-network-manager-all.yaml
# Let NetworkManager manage all devices on this system
# network:
# version: 2
# renderer: NetworkManager
# 28 aug 2021 jm
# Let NetworkManager manage all devices on this system
#
network:
ethernets:
lan:
match:
macaddress: 99:99:99:99:99:99
addresses:
- 192.168.1.99/24
dhcp4: true
optional: true
set-name: lan0
# network:
# version: 2
# renderer: NetworkManager
sudo ifconfig eno1 down ; sudo ip link set eno1 name lan0 ; sudo ifconfig lan0 up
sudo ifconfig lan0 192.168.1.99 netmask 255.255.255.0 broadcast 192.168.1.255 up ; sudo route add default gw 192.168.1.1
##############################################
###########################################################################################
REASONS for disabling such "nice" annoyances...
###########################################################################################
gvfs automatically mounts anything plugged into a usb port... this is a bit of both
an annoyance and a security risk...
removing gvfs eliminates a desktop GUI file manager - not usually a big deal, but if you
are into click and drool, or just tired of launching various viewers/readers to check file versions,
install KDE's Krusader... in the steps below.
RedHat's Network-Manager was overbearing and didn't work when connection to a long established
and stable network at home... and certainly doesn't work (for me) on the road. I ended up using
my phone as a hot spot to connect or used my mac... tried to make network-manager behave using nm commands,
but got fed up with it and wanted basic, normal FLAT FILE management of a simple process.
Took me a bit to figure out how to disable these embedded and insidious tools... I'd
get the daemon to go away, set the network, reboot and it wasn't working...
What is listed below was gleaned from 3 separate Linux Mint MATE systems from history files for
the last few weeks... all three systems are on the lan and wireless after reboots...
fdisk -l and manual mounting works fine... if you have users on your system you could write your
own script to help them or grant them limited sudo rights... but there are other ways... chances
are they will be connecting to your Linux system via ssh, so rather employ SAMBA or let them use
their PC's and setup secure copy tools from there or a variety of decent windows tools that use ssh,
scp, etc... or setup vsftp and let them use an FTP gui tool... rather than plugging things in to
your Linux system... whoever came up with gvfs hasn't read about STUXNET apparently... although it
would be much harder to deploy on Linux... given the risk and social engineering... best to disable it.
JohnMeister.com Today's Date:
|
