xfconf-query save and load from file

xfconf-query load from file

Introduction

The wonderful xfce desktop environment provides a mechanism to inspect and modify your settings, similar to dconf. This tool is named xfconf-query, and it allows you to list and modify entries one at a time. Unfortunately, it does not provide a way to export to a file and import, the way dconf does (with standard redirection).

Save settings to file
For xfce, you can display the settings by specifying the channel:

xfconf-query -c thunar -lv

#place sample output here

You can save this to a file with output redirection, but you won’t be able to load this very easily from such a file.

To get the settings in a nicer format for saving to a text file, use this oneliner:

xfconf-query -l | sed -r -e '/Channels:/d' | while read line; do xfconf-query -lv -c "${line}" | sed -r -e "s/^/${line} /"; done > my-settings.xfconf

#place sample output here

xfconf-query load settings from file

I wrote a wrapper script that loads the settings from such a file. Please check out the full xfconf.sh script at github.
Its basic use is very simple. Call the script with the settings file as the only parameter:

xfconf.sh mysettings.xfconf

Code walkthrough

#!/bin/sh
# File: /usr/share/bgconf/inc/xfconf.sh
# Author: bgstack15
# Startdate: 2017-09-17 08:10
# Title: Script that Loads Settings into Xfconf
# Purpose: To make a single interface for other bgconf scripts to call for loading an xfconf file
# History:
#    2017-06 Main research was done but put in separate bgconf scripts.
#    2017-09-17 I decided to separate it out to streamline the bgconf scripts themselves.
# Usage:
#    In a script, determine that an xfconf file exists, then call:
#       xfconf.sh mysettings.xfconf
#    To generate a new xfconf file, you can run:
#       xfconf-query -l | sed -r -e '/Channels:/d' | while read line; do xfconf-query -lv -c "${line}" | sed -r -e "s/^/${line} /"; done > outfile
# Reference:
# Improve:
# Document: Below this line

thisDE=xfce
thisDEconf=xfconf-query
infile="${1}"

# get DBUS_SESSION_BUS_ADDRESS of first DE process of this user
# reference:  https://unix.stackexchange.com/questions/29128/how-to-read-environment-variables-of-a-process/29132#29132
tmpfile1="$( mktemp )"
if test -n "${SUDO_USER}"; then _user="${SUDO_USER}"; else _user="${USER}"; fi
cat /proc/$( ps -eu${_user} | grep -E "${thisDE}" | tail -n1 | awk '{print $1}' )/environ 2>/dev/null | tr '\0' '\n' | grep -E "DBUS_SESSION_BUS_ADDRESS|DISPLAY" > "${tmpfile1}"
test -f "${tmpfile1}" && test $( grep -cE "(DBUS_SESSION_BUS_ADDRESS|DISPLAY)=.+" "${tmpfile1}" 2>/dev/null ) -ge 2 || echo "$0 error: Skipping ${thisDE}: Could not find current session." 1>&2
chmod +rx "${tmpfile1}" 2>/dev/null
. "${tmpfile1}"
/bin/rm -f "${tmpfile1}" 1>/dev/null 2>&1

# Assume infile exists as a file
if test -n "$( cat "${infile}" 2>/dev/null )" && test -x "$( which "${thisDEconf}" )" && ps -ef | grep -qE "${thisDE}" && test -n "${DBUS_SESSION_BUS_ADDRESS}";
then

   # get user of that directory
   thisowner="$( stat -c '%U' "${infile}" )"
   thisowneruid="$( stat -c '%u' "${infile}" )"

   # xfce custom configuration
   grep -viE '^\s*((#|;).*)?$' "${infile}" | while read channel attrib value;
   do

      # display output
      #printf "channel=%s\tattrib=%s\tvalue\%s\n" "${channel}" "${attrib}" "${value}"

      # provide data type. This needs to be researched before making a new .xfconf file.
      _thistype=string
      case "${attrib}" in
         *last-separator-position) _thistype=integer ;;
         *last-show-hidden|*misc-single-click) _thistype=bool ;;
      esac

      # make change
      sudo su - "${thisowner}" -c "DISPLAY=${DISPLAY} DBUS_SESSION_BUS_ADDRESS=${DBUS_SESSION_BUS_ADDRESS} ${thisDEconf} --create -t ${_thistype} -c ${channel} -p ${attrib} -s ${value}"

   done

fi
/bin/rm -f "${tmpfile1}" 2>/dev/null

The line numbers here are different from the script on github, and probably will get outdated as I make improvements to this utility. So I will use line numbers for the version seen above. Also, this script was originally written as a small portion of a larger project to deploy my settings to a whole system. That’s why you’ll see the “sudo – su” and logic to determine file ownership, because it is being called by a command running with sudo.

Lines 23-31 find the running desktop environment for the user (or the user who called sudo) and grab the values for DBUS_SESSION_BUS_ADDRESS and DISPLAY that point to that running desktop environment. I don’t know a more official way, so I assembled this kludge over the course of this project. I’m rather fond of this logic despite the kludgeyness. You will observe on line 30 that this script actually dot sources a temp file with those variables. I actually first used this technique for loading conf files in an attempt to be more unix-like and use environment variables first, and then load in a conf file.

Line 34 calculates the requested file has contents, and the desktop environment really exists and is running, and one of the variables from the previous section is defined.
Lines 42-58 perform the actual import of settings from the file. The interesting regular expression is my official non-blank non-comment regex. For quick hand-typed oneliners, I normally just use ‘^$|^#’ but here I went with the fancier version that handles whitespace.
So the block reads three entries per line, the channel, item, and item value. Then it runs xfconf-query and plugs in the variable.
Lines 48-53 perform a manual type declaration based on hard-coded names. I don’t know how to query that from xfconf-query, so I had to use the graphical xfce settings tool to collect the exact names. You will definitely need to read through your xfconf files to make sure you include all the right options here. I suppose one could find a list of all the datatypes maybe from xfce’s documentation and parse it. I guess I’ll add that to the “Improve:” header.

Advertisements

dconf save and load from file

dconf save and load to file

GNOME-based desktops use a settings utility that is a little similar to the registry of a famous non-free operating system. I’ll spare you the ideological diatribe and get to the task at hand. I use Cinnamon from the Linux Mint project, and it is based on GNOME 3.

The command line tool for manipulating the settings is titled dconf.

Saving dconf settings to file

Dumping its output is easy.

dconf dump /
[net/launchpad/plank/docks/dock1]
icon-size=32
show-dock-item=false
position='left'
dock-items=['org.gnome.Terminal.dockitem', 'nemo.dockitem', 'firefox.dockitem']
unhide-delay=0
items-alignment='center'

Redirect to a file and you’re done.

dconf dump / > my-cinnamon.dconf

Pick a subdirectory if you wish to narrow it down.

dconf dump /org/cinnamon/sounds/
[/]
maximize-enabled=false
unmaximize-enabled=false
tile-enabled=false
map-enabled=false
close-enabled=false
minimize-enabled=false
switch-enabled=false

Loading dconf settings from file

The reverse is also as easy.
Make sure you use the same directory in the layout.

dconf load / < my-cinnamon.dconf

The story

This post is a precursor to a discussion about manipulating the settings programmatically in xfconf-query, which is the settings cli tool for the xfce desktop environment.
I wrote a wrapper script for a project of mine. Check out dconf.sh at github underneath my project bgconf.

Firefox disable don’t load tabs until selected

tl;dr

about:config
browser.sessionstore.restore_on_demand = False

Explanation

When I tell my browser to run, I want it to load all of my previous tabs, as well as actually load the tabs. When I switch to it, it should be fast, because it as already loaded the content. I don’t want it to flash and load upon my selecting the tab; it should already do that!

There used to be an option in Firefox’s preferences for changing this, but it was removed from the gui. But it’s still there in about:config.

References

Weblinks

https://bugzilla.mozilla.org/show_bug.cgi?id=711193#c63

sshd_config match negate address

tl;dr

Match Address *,!192.168.1.0/24

Negating address in match statement in sshd_config

I was locking down my ssh server configuration on a host, so that it will not accept password auth from outside a certain IP address range.
I had to learn how to get the Match Address directive to work with a negation. To make it work, you need to insert a wildcard before you then state the exclusion.

Match Address *,!192.168.1.0/24

And then I added the directives for this matched IP address range.

   AuthenticationMethods publickey
   PubkeyAuthentication yes
   PasswordAuthentication no
   X11Forwarding no

References

Weblinks

  1. https://serverfault.com/questions/408284/how-can-the-address-condition-in-a-match-conditional-block-in-sshd-config-be-neg

Man pages

  1. sshd_config
  2. ssh_config

sudoers Match AD group

Using AD groups in sudoers

When you need to add an Active Directory group to the sudoers, you need to know a few things.
I learned from the sudoers man page that alias names can only be in capital letters, numbers, and underscores.
Also, when you use an AD group in a sudoers file (in my case, /etc/sudoers.d/70_web-dev_grp), you prepend the group name with a percent sign.

Also, I’m pretty sure you need to have the casing of the group name exactly correct, but I haven’t tested other casings and don’t plan to. If you know anything about this, comment and let me know!

User_Alias WEBDEVGRP = %Web-dev_grp
WEBDEVGRP ALL=(ALL) /sbin/apachectl

Reference

http://serverfault.com/questions/436037/sudoers-file-allow-sudo-on-specific-file-for-active-directory-group/444875#444875

sshd_config Match AD group

Overview

I use CentOS 7. One of the biggest reasons I join my servers to Active Directory is for the users and groups. Getting sshd_config to work with AD-defined groups is easy and just needs the smallest amount of work.

If you want to use sftp, and have rules for just a specific AD group, you need to specify the group name exactly as it is cased.
[root@amazon|/var/log]# getent group Web_Dev_Grp
web_dev_grp:*:5829038:asmith,rltompki,fkowalks,bangel,lfrederi

So use the “web_dev_grp” as shown in your sshd_config:
Match Group web_dev_grp
ChrootDirectory /var/www
ForceCommand internal-sftp

Hide comments and blank lines in file

Hide comments and blank lines when viewing file

Original title: Show all non-blank non-comment lines in file

If you want to see just the lines with content, such as in a config file, use this one-liner:

grep -viE '^\s*((#|;).*)?$' smb.conf

How it works

grep -v means invert the selection, i.e., everything that does not match this search.
-iE case Insensitive, and treat this as a regular Expression. Technically there are no letters being searched, so the i is irrelevant, but I always use it in my searches anyway.
^ start of line
\s* white space, any amount from zero onward. This is a greedy search, so it will match all the white space (spaces, tabs, etc.)
(#|;) either a pound or a semicolon, which usually denote comments in config files (in my case, smb.conf)
((#|;).*) the above sentence, followed by any character (the period), and any amount of those “any characters.”
((#|;).*)? the whole thing in parentheses shown here, optionally.
$ end of line
So any line that starts with any amount of white space, followed by (a comment symbol, followed by anything else) optionally, and the end of the line.
So show everything but the above sentence, and tada, just the important stuff.