ITT: The first command you run after a fresh GNU/Linux install

ITT: The first command you run after a fresh GNU/Linux install

>$sudo apt-get remove tracker* apport evolution transmission* rhythmbox

Other urls found in this thread:

git.suckless.org/dwm
twitter.com/NSFWRedditGif

>$ init 0

sudo rm -rf --no-preserve-root and install windows

No directory... This is why HB1 beat the crap out of you.

sudo apt install aptitude checkinstall
git clone git clone git.suckless.org/dwm
cd dwm-6.1
cp config.def.h config.h
nano config.h
sudo checkinstall
nano .xinitrc
startx

sudo ufw enable

A script
#!/bin/bash
apt-get remove --purge openssh-server selinux rlogind rshd rcmd rexecd rbootd rquotad rstatd rusersd rwalld rexd fingerd tftpd telnet anacron httpd apache apache2 smtp apcupsd postfix;

apt-get install ufw sudo xorg mvm xterm ratpoison cowsay gcp jargon purity screen tty-clock lynx dwb iceweasel mutt liferea hexchat notmuch mumble suckless-tools xsel xbindkeys xdotool xnest unrar-free icedtea-7-jre-jamvm wine qemu-kvm xarchiver spacefm transmission-daemon htop libasound2-plugin-equal aumix moc moc-ffmpeg-plugin alsa-utils alsa-tools alsa-oss oss-compat easytag inkscape imagemagick darktable sxiv lightspark mpv vlc libav-tools iproute2 xchm lyx zathura zathura-cb zathura-djvu zathura-ps calibre anki gjots2 pdfsam aspell gnumeric vim emacs klavaro abiword mat gnupg keepassx devhelp tig openssh-client minicom celestia-glut stellarium skycat savi bioperl freecad maxima maxima-emacs marble-qt graphmonkey clamav gdebi gparted inxi vrms lshw;
ufw enable;
apt-get remove --purge pulseaudio
apt-get autoclean;
apt-get clean;
apt-get autoremove
apt-get update;
apt-get upgrade


Notice that I do a minimal install. Might change some stuff.

>sudo

I'll never understand this meme. Why would you not want to be 24/7 root on your machine?

Security?

How does that have any impact on security? Being root on your machine doesn't mean that all applications run as root or have to run as root.

>leave the machine for a moment
>root shell accessible to an adversary
>type in a command in a root shell by mistake
Also, with sudo you can block the root account entirely.
Also, with sudo you can grant access to certain commands for certain users.

go home terry

dnf remove tracker* abrt*

wget link://to/windows/10.iso

this

>Also, with sudo you can grant access to certain commands for certain users.

I actually had a customer that insisted that I got sudoers for certain rights instead of getting root access for application managment. The thing is, if the admin is a retard this won't help you. They gave me sudoer rights on vi, less and fucking find, with all of these tools I can easily open a root shell.

>leave the machine for a moment

Who does that? I don't whenever I leave my workplace, be it just 1minute or to help a coworker that sits right next to me I lock my pc.

>root shell accessible to an adversary
Working environment isn't an anime, buddy.

>type in a command in a root shell by mistake

Like what? "rm -rf /" ? I fuck a lot of shit up, don't get me wrong but I've never typed in a command like that by mistake.

No shit it's not an anime but you've obviously never severely pissed off a coworker. It happens.

>you've obviously never severely pissed off a coworker

If they fuck up any of the systems be it via my shell or their shell the whole teams has to fix it.

sudo apt-get gf

sed -i -e 's/stable/testing/g' /etc/apt/sources.list

Eh. If you make a mistake and type a wrong command or something that could ruin your PC as a normal user the system will tell you to go fuck yourself; if however you're root then it'll delete the files without even asking for confirmation.

There are programs that won't even run if you're root for safety reasons. You may trust yourself to not delete anything important but some program (maybe it has a bug) might do just that; which is why you should them as a normal user unless root privilege is absolutely necessary.

If you don't have anything important in your computer and have nothing better to do then go ahead and run as root 24/7. People who DO have important stuff to protect usually won't take the risk though.

>not experimental
What a cuck

Ubuntu 16.04, standard routine

sudo apt autoremove firefox
sudo apt install chromium-browser unity-tweak-tool lm-sensors screenfetch tlp tlp-rdw mesa-utils playonlinux ubuntu-restricted-extras skype qbittorrent gimp flux-gui

done

second

>-e
for what purpose?

If your job is being a Debian tester then go for it.

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
iptables -A OUTPUT -j ACCEPT
ip6tables-restore

That's more than one command.

That's the first thing I do.

>iptables -P OUTPUT DROP
U wot m8?

I add a rule to allow everything. I want iptables -F to lock my computer.

UID and GID outbound matching can take your iptables to a whole new level. Functions provided by the "owner" module.

No. I don't trust those bullshits. It's like filter ip in firewall, it's bullshit.

how is this bullshit

filtering an ip isnt permanently blocking the connection?
why does hosts exist?

elaborate pls

>filtering an ip isnt permanently blocking the connection?
You're so naive. Pirates would love you if you were manager of IT security.

elaborate faggot

why is it that way? can i spoof ip adress?

Spoofing an ip address? No way.

you know what.. fuck you

> jimies have been rustled

when i block an ipadress, ofcourse i can just use another one for the same purpose.
but given the tools we have in the end
blocking ips (specific or range) is, in the end, the only thing one can do to block connections
securely

>vlc
>mpv
Why?

>xbindkeys
>not using the superior sxhkd

emerge app-editors/vim

pacman -Syu emacs-nox