Month: March 2022

Error “convert: cache resources exhausted” (SOLVED)

When using the convert utility to convert images, you may encounter an error stating that the cache resources have been exhausted.

Command example:

convert -density 300 -quality 100 input.pdf output.png

An example of the error it causes:

convert-im6.q16: cache resources exhausted `/tmp/magick-q7O_IcbbGpFULs5R34rLlwAyeW1slGHi19' @ error/cache.c/OpenPixelCache/4095.

This error occurs when two conditions are combined:

  • processing a large file (for example, when converting PDF to JPG)
  • weak computer with little RAM

As a quick fix, you can try reducing the image quality:

convert -density 150 -quality 70 input.pdf output.png

The -density option specifies the horizontal and vertical density of the image, that is, the number of dots. Typically, for scanning photographs, the setting is set to 300 dots – this is enough for good image quality for viewing on a monitor screen and for printing. You can experiment by choosing a lower value.

The -quality option specifies the compression level for JPEG/MIFF/PNG. Option value 100 means no compression, 100% image quality. An option value of 70 means 70% of the image quality by reducing its size.

If you do not want to reduce the quality, then you can try changing the settings. To do this, open the policy.xml file. Depending on your Linux distribution and version of ImageMagick, the path to the file may vary, for example:

  • /etc/ImageMagick-6/policy.xml
  • /etc/ImageMagick-7/policy.xml

Find and edit the string value:

<policy domain="resource" name="memory" value="256MiB"/>

Error “attempt to perform an operation not allowed by the security policy `PDF’” (SOLVED)

On Debian, Ubuntu, Linux Mint, Arch Linux, and derivative systems, when converting documents from PDF to PNG, an error occurs:

attempt to perform an operation not allowed by the security policy `PDF'

An example of a command that causes this error:

convert -density 300 -quality 100 PL48536179.pdf out.jpg
convert-im6.q16: attempt to perform an operation not allowed by the security policy `PDF' @ error/constitute.c/IsCoderAuthorized/421.
convert-im6.q16: no images defined `out.jpg' @ error/convert.c/ConvertImageCommand/3229.

Apparently Imagemagick's security policy does not allow this conversion from pdf to png. Converting other formats seems to work, but not from pdf. This happens with the default imagemagick settings.

Two options for solving the problem:


In the file /etc/ImageMagick-6/policy.xml before the line


insert the line:

  <policy domain="coder" rights="read | write" pattern="PDF" />

and everything will work.

Note: The path to the policy.xml file may differ depending on the version of ImageMagick, for example, the path may be: /etc/ImageMagick-7/policy.xml


The second option is similar, you also need to open the file /etc/ImageMagick-6/policy.xml

Find uncommented lines there

  <policy domain="coder" rights="none" pattern="PS" />
  <policy domain="coder" rights="none" pattern="PS2" />
  <policy domain="coder" rights="none" pattern="PS3" />
  <policy domain="coder" rights="none" pattern="EPS" />
  <policy domain="coder" rights="none" pattern="PDF" />
  <policy domain="coder" rights="none" pattern="XPS" />

And comment them out, that is, put <!-- in front of them, and --> at the end.

This should work for Debian, Ubuntu, Linux Mint, and derivative systems.

In Arch Linux open the file /etc/ImageMagick-7/policy.xml

Find the uncommented line there

<policy domain="coder" rights="none" pattern="{PS,PS2,PS3,EPS,PDF,XPS}" />

And comment them out, that is, put <!-- in front of them, and --> at the end.

After that pdf conversion should work again.

No need to do two options at once – choose one of them. The first option will only allow conversion from PDF, the second option will allow conversion from all PS, PS2, PS3, EPS, PDF, XPS formats.

This PDF policy was added due to a bug in Ghostscript that has now been fixed. That is, if you are using the current version of Ghostscript, then this policy is no longer needed.

That is, don't forget to update your Ghostscript to the latest version!

Where Samba stores passwords. How to Extract Samba Usernames and Passwords (SOLVED)

This article is about the Samba password database. It answers popular questions about where Samba passwords are stored and how to perform common actions on the Samba password database.

To set the Samba password, use the command:

sudo smbpasswd -a USER

If you want the user to have no password, then specify the -n option.

See also: SMB and Samba Security Audit Tools

In which file does Samba store passwords?

Samba passwords are stored in the /var/lib/samba/private/passdb.tdb file.

Depending on the distribution and version of Samba, the path to the passdb.tdb file may be different.

What is the format of the Samba password file passdb.tdb?

The passdb.tdb file is a binary file, not a plain text file.

The passdb.tdb file can be opened with the tdbtool utility, but this file is not meant to be edited by the user directly, including with the tdbtool utility. You can also export and import the contents of this file using the pdbedit utility.

tdbtool is a tool for displaying and modifying the contents of Samba TDB (Trivial DataBase) files. Each of the commands listed below can be entered interactively or provided on the command line.

To open the passdb.tdb file, you must run the tdbtool utility as root, otherwise it will not have enough rights even to view this file:

sudo tdbtool

Then run the “open” command specifying the path to the file you want to open:

open /var/lib/samba/private/passdb.tdb

If there were no errors during the opening (for example, due to the fact that the wrong path was specified), then nothing will be displayed.

For help, type


Popular commands you might find useful:


print the hash table of the database and the list of free spaces


show database contents as strings


print a list of database keys as strings


display summary information about the database


clear the database

Is it possible to view or extract passwords from the Samba database?

No, it is not possible to view or extract passwords from the passdb.tdb file. Moreover, the passdb.tdb file does not store passwords in plain text, the Samba database contains only password hashes.

The hash algorithm used is NTLM. Online LM/NTLM hash generator:

You can export hashes as a hex string with the following command:

sudo pdbedit -L -w

The following command will export all data, including hashes:

sudo pdbedit -e smbpasswd:/root/samba-users.backup

How to view Samba usernames?

You can view usernames with the following commands:

sudo pdbedit -L
sudo pdbedit -L -v

How to remove a single user from a Samba database?

To delete, use the -x (--delete) option. You also need to specify the username with the -u option, for example:

sudo pdbedit -x -u mial

How to wipe the Samba password database?

The following command will wipe the entire Samba password database:

sudo tdbtool /var/lib/samba/private/passdb.tdb erase

How to manage Samba accounts?

The -c|--account-control FLAG option can be used with the pdbedit command when adding or modifying a user account. It will specify the user account control property. Possible flags are listed below:

  • N: No password required
  • D: Account disabled
  • H: Home directory required
  • T: Temporary duplicate of other account
  • U: Regular user account
  • M: MNS logon user account
  • W: Workstation Trust Account
  • S: Server Trust Account
  • L: Automatic Locking
  • X: Password does not expire
  • I: Domain Trust Account

Example: -c "[X ]"

How to install the latest version of Tor on Ubuntu

How to get the latest version of Tor on Ubuntu

The tor package is present in the Ubuntu repositories, but its version may be out of date. This is especially true for Ubuntu distributions released several years ago, even if they have long-term support (LTS).

In new versions of Tor, identified weaknesses and vulnerabilities are eliminated, as well as updating and supplementing the functionality. For this reason, you may need to install the latest version of the tor package.

Like other programs on Linux, you can compile Tor from source, and this article will show you how. Fortunately, the Tor developers maintain a binary repository for Ubuntu and Debian distributions.

In this guide, we will look at two ways to install a fresh version of Tor – from the repositories and from the source code.

How to install Tor from the Tor developers repositories

The Tor Project has its own Debian repository. Debian itself includes an LTS version of Tor. With it, you will not always be able to have the latest and most stable version of Tor. Therefore, it is recommended to install tor from the Tor Project repository.

This section will show you how to enable the Tor package repository on Debian-based Linux distributions.

Prerequisite: Verify the CPU architecture

The package repository offers amd64, arm64, and i386 binaries. Verify your operating system is capable of running the binary by inspecting the output of the following commend:

dpkg --print-architecture

It should output either amd64, arm64, or i386. The repository does not support other CPU architectures.

Note on Raspbian: The package repository does not offer 32-bit ARM architecture (armhf) images (yet). You should either install the version Debian offers (make sure to check out Debian backports, too, as that one has often a more up-to-date Tor package), or build Tor from source.

1. Install apt-transport-https

This step is only required for apt versions below 1.5. Support for https was added in versions of apt 1.5 and later, so currently the apt-transport-https package is kept in the repository for compatibility only and can be removed from the system without consequences.

To check the version of apt use the command

apt --version

On older distributions, you may need to install this package:

sudo apt install apt-transport-https

2. Create a new file in /etc/apt/sources.list.d/ named tor.list.

sudo gedit /etc/apt/sources.list.d/tor.list

Add the following entries:

deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] <DISTRIBUTION> main
deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] <DISTRIBUTION> main

In these lines, replace <DISTRIBUTION> with your operating system code. Run

lsb_release -c

to find out the operating system code.

The following command will output only the distribution code (the command is suitable for use in scripts):

lsb_release -c | awk '{print $2}'

Note. Starting with Ubuntu Focal, 32-bit applications are no longer supported, so when using sudo apt update, you may encounter the message:

Skipping acquire of configured file 'main/binary-i386/Packages' as repository ' focal InRelease' doesn't support architecture 'i386'

To get rid of this message, the entries in the /etc/apt/sources.list.d/tor.list file need to be edited to be in the following format:

   deb     [arch= signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] focal main
   deb-src [arch= signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] focal main

Replace <ARCHITECTURE> with the architecture of your system, which can be viewed with the command

dpkg --print-architecture

For example:

deb [arch=amd64 signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] impish main
deb-src [arch=amd64 signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] impish main

3. Then add the gpg key used to sign the packages by running the following command at your command prompt:

wget -qO- | gpg --dearmor | sudo tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null

4. Install tor and tor debian keyring

It is provided a Debian package to help you keep the latest version of your signing key. To install, use the following commands:

sudo apt update
sudo apt install tor


How to compile and install Tor from source on Ubuntu and Debian

This method differs from the previous one from a practical point of view in at least two important points:

  1. You need to keep track of new versions and update Tor yourself
  2. With this method, tor.service files are not created, that is, it will not be possible to manage the service using systemd with commands like
sudo systemctl start tor

To compile tor run the following commands:

sudo apt remove tor
sudo apt update
sudo apt install git make build-essential automake autoconf libevent-dev libssl-dev zlib1g-dev zlib1g asciidoc liblzma-dev libzstd-dev systemd libsystemd-dev pkg-config libnss3-dev
git clone
cd tor
./configure --enable-systemd --enable-nss

Note that if the make command throws an error

make: *** No targets specified and no makefile found. Stop.

this means that the previous configure command failed. You need to return to its output and look in the last lines for the name of the missing package or another reason due to which the configuration failed.

After a successful compilation configuration, the installation is done like this:

sudo make install

To start Tor run the command:


A sample configuration file is located at /usr/local/etc/tor/torrc.sample, you can use this as a base to configure Tor:

sudo cp /usr/local/etc/tor/torrc.sample /usr/local/etc/tor/torrc

Should I install Tor from my package manager or build from source?

If you are using Debian or Ubuntu, installing Tor from the Tor Project repository has several advantages:

  1. Your ulimit -n is set to 32768, which is enough for Tor to keep all necessary connections open.
  2. The user profile is created only for Tor, so Tor does not need to be run as root.
  3. An init script is included in the package so that Tor can be configured to start on boot. You can use systemd and systemctl to control the service
  4. Tor works with the --verify-config option, which means that before starting the service, the configuration file will be checked for correctness – this can help you solve problems if the service is not running.
  5. Tor can bind to low-level ports and then lower the privileges of its process.

See also: More Tor manuals

Setting up Android for battery saving

What settings should be enabled on an Android phone to reduce battery consumption

What settings do you need to enable in your mobile phone so that it is enough for a long trip or flight? What should I do if my phone's battery runs out too quickly? This guide is dedicated to answering these questions.

Enabling battery saving in quick settings on the curtain

Part of the settings can be done in the curtain. The red color indicates features that are not normally required for a trip and turning off which will help save a lot of energy. Yellow color indicates settings that can be turned off to reduce battery consumption, but not all users will want to give up these functions. Green color indicates the settings, the activation of which allows you to reduce battery consumption.

Remember, it's up to you to decide whether or not to disable a particular feature based on your needs and conditions – below are the settings for maximum battery savings.

Turn off “Wi-Fi” and “Bluetooth”. If you do not plan to use the Internet, then turn off “Mobile data” as well.

Turn on “Power saving”.


  • Quick Share
  • Nearby Share
  • Mobile Hotspot

Turn off “Location” and “NFC”. If you wish, disable “Sync” (responsible for the background uploading of contacts and other data to the cloud, receiving e-mail and some other functions).

Enable battery saver in settings

Now go to phone settings.

Display settings

Go to Display → Screen resolution and select the minimum resolution.

Decrease the “Screen timeout” value (this is the time after which the screen goes blank when there is no user activity).

If desired, turn off “Adaptive brightness” and select a lower display brightness.

Go to the “Motion smoothness” section.

And choose “Standard”. Click the “Apply” button.

Connections settings

Go to settings Connections → Mobile networks.

In “Network mode SIM”, check if 5G support is enabled.

If there are no 5G networks in your country, then select the option without 5G from the drop-down list so that the phone does not waste time and energy searching for such networks.

Go to settings section Connections → More connection settings.

Pay attention to the “Nearby device scanning” setting.

Disable this feature if you don't need it while traveling.

Device care settings

Go to Device care → Battery.

Go to “More battery settings”.

Turn on “Adaptive battery”. Turn on “Fast charging” and “Super fast charging”.

Go to the “Processing speed” section.

Select “Optimized”.

Advanced features settings

Go to settings section Advanced features → Video brightness.

Select “Normal”.

Tips for long trips:

  1. In airplanes, airports, trains and buses in some countries, you can find USB sockets for charging mobile phones.
  2. If you are traveling with a laptop, then while it is running, connect your phone via USB cable – this will recharge it.
  3. Consider purchasing a Power Bank (external batteries) with which you can recharge mobile phones and other gadgets.

How to watch IPTV on your phone

How to watch digital TV on your phone

There are many applications for Android with which you can watch digital TV from various Internet providers. These applications can be installed on the set-top box and even on tablets and mobile phones.

I have selected two of the best applications for watching IPTV on Android. Both of them are free and allow you to add channel lists to .m3u both from a URL link and from local files.

See also: How to connect to digital TV from a computer in Linux (IPTV, DVB-IP and TVoIP)

Best apps to watch IPTV on Android:

  • Simple IPTV
  • LazyIptv Deluxe

How to watch digital TV in Simple IPTV

Install and run Simple IPTV.

The Simple IPTV application manages TV channel lists, but playback starts in an external player.

Open Simple IPTV settings.

Select the desired player to play.

If you do not have any of the listed streaming players installed, then install any of the following list:

  • MX Player
  • BSPlayer
  • VLC

To add a new channel list in .m3u format, click the “+” button

Choose one of the options:

  • Open file – open a file on the device
  • Add URL – open a list of channels on the Internet

For example, if you have previously downloaded TV channel lists, then select “Open file”. Find the .m3u files on your device and open them.

The first channel list has been added – to open it, tap on it.

If desired, you can add any number of TV channel lists.

To start watching IPTV, click on the channel list and select the channel you are interested in.

IPTV on phone:

Information about IPTV channel stream in VLC:

How to watch digital TV in LazyIptv Deluxe

LazyIptv Deluxe is an alternative to the previous program. If you are satisfied with the previous program, then you do not need to install both at once – you can skip this section.

However, LazyIptv Deluxe has some advantages that you may be interested in: the program is translated into various languages, the program has a built-in player, so you do not need to install a third-party streaming player, although you can use an external player instead of the built-in one.

Install and run LazyIptv Deluxe.

Click the PLAYLISTS button.

To add a new list of TV channels, press the “+” button

Enter playlist name (optional), enter its URL. If you want to open the list of TV channels located on the device itself, then press the button indicated by the arrow.

Specify the path to the .m3u file and open it.

To confirm your choice, press the button indicated by the arrow.

You can add any number of IPTV TV channel lists.

To watch digital TV, tap on the list of channels – a list of TV channels from this list will open.

Tap on the channel name to start playing.

You will be prompted to select a player to play the channel.

IPTV on phone:

Information about the IPTV channel in the built-in player LazyIptv Deluxe (Exoplayer):

How to connect to Tor with OpenVPN

Connecting to Tor via a VPN is usually used in practice not so much to increase anonymity (although such use takes place), but to bypass the blocking of the Tor network. In some countries, the Tor network is blocked at the state level, so to connect the Tor browser or the Tor service, you must use bridges – intermediate nodes of the Tor network. Instead of bridges, you can connect to the Tor network through a VPN.

In fact, connecting to Tor via a VPN is even easier than using bridges.

Please note that due to the peculiarities of the blocking implementation (for example, blocking is performed only at the level of providers of the last mile), even the VPN of the country in which the Tor network is blocked can be used to bypass the connection blocking to the Tor network.

Signs that the ISP is blocking access to the Tor network are that the connection to Tor stops at the very first stages.

For example, Tor Browser freezes at the inscription:

Connecting to a Tor relay
Tor Browser routes your traffic over the Tor Network, run by thousands of volunteers around the world.

Another possible error:

Loading relay information

When trying to use the Tor service by starting it with the command

sudo systemctl start tor

status check

systemctl status tor

will show that the initial bootstrap stopped at 5%, that is, at the stage of connecting to the relay:

Jan 08 11:21:40 HackWare systemd[1]: Started Anonymizing overlay network for TCP.
Jan 08 11:21:41 HackWare Tor[25392]: Bootstrapped 5% (conn): Connecting to a relay

To connect to the Tor network over a VPN, start by connecting to a VPN server, for example using OpenVPN.

Right after that, you can use the Tor service as usual – no additional configuration is required.

The Tor Browser successfully connects to the Tor network and opens websites.

The tor service successfully establishes a connection to the Tor network.

See also: