apt-mark pour lister les paquets hold, auto, manual - UBUNTU

Pour  lister tous les paquets qui sont hold

apt-mark showhold

extrait du man page de apt-mark

DESCRIPTION

       apt-mark will change whether a package has been marked as being
       automatically installed.

       When you request that a package is installed, and as a result other
       packages are installed to satisfy its dependencies, the dependencies
       are marked as being automatically installed. Once these automatically
       installed packages are no longer depended on by any manually installed
       packages, they will be removed by e.g.  apt-get or aptitude.

       auto
           auto is used to mark a package as being automatically installed,
           which will cause the package to be removed when no more manually
           installed packages depend on this package.

       manual
           manual is used to mark a package as being manually installed, which
           will prevent the package from being automatically removed if no
           other packages depend on it.

       hold
           hold is used to mark a package as held back, which will prevent the
           package from being automatically installed, upgraded or removed.
           The command is only a wrapper around dpkg --set-selections and the
           state is therefore maintained by dpkg(1) and not affected by the
           --file option.

       unhold
           unhold is used to cancel a previously set hold on a package to
           allow all actions again.

       showauto
           showauto is used to print a list of automatically installed
           packages with each package on a new line. All automatically
           installed packages will be listed if no package is given. If
           packages are given only those which are automatically installed
           will be shown.

       showmanual
           showmanual can be used in the same way as showauto except that it
           will print a list of manually installed packages instead.

       showhold
           showhold is used to print a list of packages on hold in the same
           way as for the other show commands.

ubuntu wifi settings by cli iwconfig command

Pour se connecter à un réseau wifi protégé par web

iwconfig eth1 mode managed key restricted motdepasseduwifi
iwconfig eth1 essid MyWifi
ifconfig eth1 up
dhclient eth1

Commandes firewall Windows XP

Commandes firewall Windows XP

tasklist > tasklist.txt
tasklist /svc > tasklist.txt
Netsh firewall show state
Netsh firewall show config

Recueil de donnéesCommande Description

show allowedprogram Indique les programmes autorisés.
show config Indique la configuration locale en détail.
show currentprofile Indique le profil.
show icmpsetting Indique les paramètres ICMP.
show logging Indique les paramètres de connexion.
show opmode Indique le mode d'opération.
show portopening Indique les ports avec exceptions.
show service Indique les services.
show state Indique les informations sur l'état.
show notifications Indique les paramètres des notifications.

ConfigurationCommande Description

add allowedprogram Permet d'ajouter du trafic avec exception en précisant le nom de fichier du programme.
set allowedprogram Permet de modifier les paramètres d'un programme autorisé.
delete allowedprogram Permet de supprimer un programme autorisé.
set icmpsetting Permet de préciser le trafic ICMP autorisé.
set logging Permet de préciser les options de connexion du Pare-feu Windows, globalement ou pour une connexion spécifique (interface).
set opmode Permet de préciser le mode d'opération du Pare-feu Windows, globalement ou pour une connexion spécifique (interface).
add portopening Permet d'ajouter un trafic avec exception en précisant un port TCP ou UDP.
set portopening Permet de modifier les paramètres d'un port TCP ou UDP ouvert.
delete portopening Permet de supprimer un port TCP ou UDP ouvert.
set service Pour activer ou ignorer le trafic RPC et DCOM, le partage de fichiers et d'imprimantes et le trafic UPnP.
set notifications Permet de préciser si les notifications à l'utilisateur, lorsque les programmes essaient d'ouvrir les ports, sont activées.
reset Rétablit la configuration standard du pare-feu. Cette fonction est équivalente au bouton Paramètres par défaut de l'interface du Pare-feu Windows.

mysql check database & repair table

Pour réparer une table signalée en erreur  comme :

mysqld: 151224 12:10:27 [ERROR] /usr/sbin/mysqld: Table './metar_2013/M05_error' is marked as crashed and should be repaired

Utiliser la commande mysql

repair table nombase.nomtable;

mysqlcheck — A Database Maintenance Program

shell> mysqlcheck [options] db_name [tbl_name ...]
shell> mysqlcheck [options] --databases db_name ...
shell> mysqlcheck [options] --all-databases

The names shown in the following table can be used to change mysqlcheck default behavior.

Command	Meaning
mysqlrepair	The default option is --repair
mysqlanalyze	The default option is --analyze
mysqloptimize	The default option is --optimize

mysqlrepair:   The default option will be -r
mysqlanalyze:  The default option will be -a
mysqloptimize: The default option will be -o

Usage: mysqlcheck [OPTIONS] database [tables]
OR     mysqlcheck [OPTIONS] --databases DB1 [DB2 DB3...]
OR     mysqlcheck [OPTIONS] --all-databases

Default options are read from the following files in the given order:
/etc/mysql/my.cnf /usr/etc/my.cnf ~/.my.cnf
The following groups are read: mysqlcheck client
The following options may be given as the first argument:
--print-defaults    Print the program argument list and exit
--no-defaults        Don't read default options from any options file
--defaults-file=#    Only read default options from the given file #
--defaults-extra-file=# Read this file after the global files are read
  -A, --all-databases Check all the databases. This will be same as
                      --databases with all databases selected.
  -a, --analyze       Analyze given tables.
  -1, --all-in-1      Instead of issuing one query for each table, use one
                      query per database, naming all tables in the database in
                      a comma-separated list.
  --auto-repair       If a checked table is corrupted, automatically fix it.
                      Repairing will be done after all tables have been
                      checked, if corrupted ones were found.
  --character-sets-dir=name
                      Directory where character sets are.
  -c, --check         Check table for errors.
  -C, --check-only-changed
                      Check only tables that have changed since last check or
                      haven't been closed properly.
  -g, --check-upgrade Check tables for version-dependent changes. May be used
                      with --auto-repair to correct tables requiring
                      version-dependent updates.
  --compress          Use compression in server/client protocol.
  -B, --databases     To check several databases. Note the difference in usage;
                      In this case no tables are given. All name arguments are
                      regarded as databasenames.
  -#, --debug[=#]     This is a non-debug version. Catch this and exit.
  --default-character-set=name
                      Set the default character set.
  -F, --fast          Check only tables that haven't been closed properly.
  -f, --force         Continue even if we get an sql-error.
  -e, --extended      If you are using this option with CHECK TABLE, it will
                      ensure that the table is 100 percent consistent, but will
                      take a long time. If you are using this option with
                      REPAIR TABLE, it will force using old slow repair with
                      keycache method, instead of much faster repair by
                      sorting.
  -?, --help          Display this help message and exit.
  -h, --host=name     Connect to host.
  -m, --medium-check  Faster than extended-check, but only finds 99.99 percent
                      of all errors. Should be good enough for most cases.
  -o, --optimize      Optimize table.
  -p, --password[=name]
                      Password to use when connecting to server. If password is
                      not given it's solicited on the tty.
  -P, --port=#        Port number to use for connection or 0 for default to, in
                      order of preference, my.cnf, $MYSQL_TCP_PORT,
                      /etc/services, built-in default (3306).
  --protocol=name     The protocol of connection (tcp,socket,pipe,memory).
  -q, --quick         If you are using this option with CHECK TABLE, it
                      prevents the check from scanning the rows to check for
                      wrong links. This is the fastest check. If you are using
                      this option with REPAIR TABLE, it will try to repair only
                      the index tree. This is the fastest repair method for a
                      table.
  -r, --repair        Can fix almost anything except unique keys that aren't
                      unique.
  -s, --silent        Print only error messages.
  -S, --socket=name   Socket file to use for connection.
  --ssl               Enable SSL for connection (automatically enabled with
                      other flags). Disable with --skip-ssl.
  --ssl-ca=name       CA file in PEM format (check OpenSSL docs, implies
                      --ssl).
  --ssl-capath=name   CA directory (check OpenSSL docs, implies --ssl).
  --ssl-cert=name     X509 cert in PEM format (implies --ssl).
  --ssl-cipher=name   SSL cipher to use (implies --ssl).
  --ssl-key=name      X509 key in PEM format (implies --ssl).
  --ssl-verify-server-cert
                      Verify server's "Common Name" in its cert against
                      hostname used when connecting. This option is disabled by
                      default.
  --tables            Overrides option --databases (-B).
  --use-frm           When used with REPAIR, get table structure from .frm
                      file, so the table can be repaired even if .MYI header is
                      corrupted.
  -u, --user=name     User for login if not current user.
  -v, --verbose       Print info about the various stages.
  -V, --version       Output version information and exit.
 

Verify & Repair Permissions in OS X El Capitan via command line

To verify

sudo /usr/libexec/repair_packages --verify --standard-pkgs /

To repair

sudo /usr/libexec/repair_packages --repair --standard-pkgs --volume /

Finalisation installation EL CAPITAN os x 10.11

- Remove Apple HD Recovery

En mergeant la partition via diskutil  mergePartitions

J'ai l'impression que la réactivité est meilleure depuis que j'ai réduis au minimum le nombre de partitions sur le disque et notamment en supprimant les partitions de recovery. A confirmer et éventuellement obtenir une explication logique à cela



Pour lister tous les services chargés :

launchctl list

launchctl print-disabled system 

Pour lister les services system disabled à true

enable | disable service-target

              Enables or disables the service in the requested domain. Once a service is disabled, it cannot be loaded in the specified domain until it is once

              again enabled. This state persists across boots of the device. This subcommand may only target services within the system domain or user and

              user-login domains.

list [-x] [label]

              With no arguments, list all of the jobs loaded into launchd in three columns. The first column displays the PID of the job if it is running.  The

              second column displays the last exit status of the job. If the number in this column is negative, it represents the negative of the signal which

              stopped the job. Thus, "-15" would indicate that the job was terminated with SIGTERM.  The third column is the job's label. If [label] is speci-

              fied, prints information about the requested job.

              -x       This flag is no longer supported.

print-disabled

              Prints the list of disabled services.

blame service-target

              If the service is running, prints a human-readable string describing why launchd launched the service. Note that services may run for many rea-

              sons; this subcommand will only show the most proximate reason. So if a service was run due to a timer firing, this subcommand will print that

              reason, irrespective of whether there were messages waiting on the service's various endpoints. This subcommand is only intended for debugging

              and profiling use and its output should not be relied upon in production scenarios.

     print domain-target | service-target

              Prints information about the specified service or domain. Domain output includes various properties about the domain as well as a list of ser-

              vices and endpoints in the domain with state pertaining to each. Service output includes various properties of the service, including information

              about its origin on-disk, its current state, execution context, and last exit status.

              IMPORTANT: This output is NOT API in any sense at all. Do NOT rely on the structure or information emitted for ANY reason. It may change from

              release to release without warning.

load | unload [-wF] [-S sessiontype] [-D domain] paths ...

              Load the specified configuration files or directories of configuration files.  Jobs that are not on-demand will be started as soon as possible.

              All specified jobs will be loaded before any of them are allowed to start. Note that per-user configuration files (LaunchAgents) must be owned by

              root (if they are located in /Library/LaunchAgents) or the user loading them (if they are located in $HOME/Library/LaunchAgents).  All system-

              wide daemons (LaunchDaemons) must be owned by root. Configuration files must disallow group and world writes. These restrictions are in place for

              security reasons, as allowing writability to a launchd configuration file allows one to specify which executable will be launched.

              Note that allowing non-root write access to the /System/Library/LaunchDaemons directory WILL render your system unbootable.

              -w       Overrides the Disabled key and sets it to false or true for the load and unload subcommands respectively. In previous versions, this

                       option would modify the configuration file. Now the state of the Disabled key is stored elsewhere on- disk in a location that may not be

                       directly manipulated by any process other than launchd.

              -F       Force the loading or unloading of the plist. Ignore the Disabled key.

              -S sessiontype

                       Some jobs only make sense in certain contexts. This flag instructs launchctl to look for jobs in a different location when using the -D

                       flag, and allows launchctl to restrict which jobs are loaded into which session types. Sessions are only relevant for per-user launchd

                       contexts. Relevant sessions are Aqua (the default), Background and LoginWindow.  Background agents may be loaded independently of a GUI

                       login. Aqua agents are loaded only when a user has logged in at the GUI. LoginWindow agents are loaded when the LoginWindow UI is dis-

                       playing and currently run as root.

              -D domain

                       Look for plist(5) files ending in *.plist in the domain given. This option may be thoughts of as expanding into many individual paths

                       depending on the domain name given. Valid domains include "system," "local," "network" and "all." When providing a session type, an

                       additional domain is available for use called "user." For example, without a session type given, "-D system" would load from or unload

                       property list files from /System/Library/LaunchDaemons.  With a session type passed, it would load from /System/Library/LaunchAgents.

                       Note that launchctl no longer respects the network domain.

              NOTE: Due to bugs in the previous implementation and long-standing client expectations around those bugs, the load and unload subcommands will

              only return a non-zero exit code due to improper usage.  Otherwise, zero is always returned.

- Turn off / Disable Apple Push Notifications

sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.apsd.plist


Bloqué avec littlesnitch

- com.apple.Safari.SafeBrowsing.Service

Bloqué avec littlesnitch

From : http://www.sitepronews.com/2014/10/01/googles-safe-browsing-service-killing-privacy/

Google Safe Browsing is a service through which Google provides lists of URLs (addresses) of websites that contain malware or phishing content. These lists of suspicious sites are continuously updated using Google’s web crawlers, programs that scour the web to index sites for Google’s search engine. Lists from the Google Safe Browsing service are used by browsers such as Google Chrome, Mozilla Firefox and apple Safari for checking web-pages users are trying to access against potential threats. The service issues alerts when they are about to open websites or content Google has classified as malicious. The warnings are display as ‘visual messages’ along with specific details relating to the malicious content concerned. The service is also designed to block the downloading of files infected with malware and, once a user’s computer has been infected, it can issue instructions on how to detect and remove the malware.

...

The Firefox and Safari browsers however use a second version of the API, Safe Browsing API v2, to exchange data with the server. This uses hashed URLs so the Google server never knows the actual URLs queried by the user. However the Safe Browsing API also stores a cookie on the user’s computer which the NSA (US National Security Agency) uses to identify individual computers. This is a mandatory requirement that many users feel is acceptable as it helps them feel safe. In addition, Google stores another cookie on the user’s computer that can be used to identify the IP addresses the user visits, ie can be used to track him or her. Google’s excuse is that the tracking cookie logs this data in order to prevent DDoS (distributed denial-of-service) attacks. That may be so. The API in the user’s browser (eg, Chrome) will ‘phone home’ every few hours to check for updates to its list of malicious sites. At the same time it sends a payload that includes the machine’s ID and the user’s ID.

Peut être activé ou désactivé dans les préférences de safari onglet Sécurité. Si la liste n'est pas mise à jour, le service se désactive de lui-même.

IMAgent is an OSX daemon which runs as part of FaceTime.

launchctl unload -w /System/Library/LaunchAgents/com.apple.imagent.plist



launchctl unload -w /System/Library/LaunchAgents/com.apple.icloud.findmydeviced.findmydev

ice-user-agent.plist

launchctl unload -w /System/Library/LaunchAgents/com.apple.icloud.fmfd.plist

launchctl unload -w /System/Library/LaunchAgents/com.apple.findmymacmessenger.plist

launchctl enable system/com.apple.imagent

launchctl disable system/com.apple.imagent

Little Snitch rules

...

Préférences / Extensions... 

ajuster selon les besoins.






Empêcher OS X de monter un volume au démarrage / Prevent OS X to mount a disk at startup

Prevent a partition from mounting in OS X

diskutil info /Volumes/disk-to-not-be-auto-mounted

Get 

Volume UUID:              EADFE3D8-33C0-3D52-8D66-E5EA0748F81D

vi  /etc/fstab


UUID=EADFE3D8-33C0-3D52-8D66-E5EA0748F81D none hfs rw,no auto