Dev VM for AWS and Github on Mac with VMWare Fusion


Have you ever been working on a project and had something go so awry with your environment than you had to rebuild your machine?

Perhaps your dilemma was not so extreme, but something happened where you wished you could roll back your code and it was not just your code changes you wanted to roll back.

Although we cannot count 100% on a VM protecting our base machine, a VM does provide some level of protection when downloading 3rd party and open source software for testing.

Perhaps you want a different VM set up for different client projects.

If you don't want software going out to the Internet once installed, you can lock down your VM to only be accessible from your host, and restrict access to the Internet at large.

Do you want to give developers a VM that has all the tools they need pre-configured to save time getting people up and running?

Basically...a VM allows us to set up an environment and create clones of that environment as needed so we don't have to start over from scratch. You can also take snapshots as you develop so can roll back your entire VM as needed if you are playing around with changes to the VM configuration itself.

Why not?

Running in a VM may slow down your development to some degree vs. running directly on the host machine.

VMs may not always have access to the underlying resources for testing and profiling code accurately - however some settings can be changed. The solution here may be development on one machine, testing and code profiling on another.

There are probably other good reasons why you might not want a developer VM but overall they are pretty handy.

VMWare Fusion on a Mac running Fedora VM + Eclipse

For this example I'm going to set up a Fedora Linux VM on a Mac using VMWare Fusion with Eclipse. Below are the steps, some gotchas, and some security tips. VMWare Fusion is the Mac Version of VMWare's Windows products. You could follow similar steps if using Windows version and you could install other tools that you prefer using this same approach. 

Good to Know...

Terminal - To get to the terminal window in Fedora Linux click on “Activities” and type “Terminal” in the search box.

New terminal window - crtl-shift-t to get new terminal window in new tab

Browser - To get to a browser type on “Activities” then the Firefox/Mozilla icon.

sudo - For any commands below you may have to add “sudo” or execute them as root if that is not specified. By default the user I created was not in the sudoers file so I add that user below. 

Escaping the VM - The apple command button (with the flowery icon) and tab at the same time gets you out of the VM window if you seem to be stuck in it.

Customized hard disk & memory - I had problems changing VM settings (hard disk, memory) after the fact. Best to set them up front if possible.

Take snapshots! -  Take snapshots as you go so you can revert to a known good snapshot if needed or start over from a particular snapshot. If you revert to a snapshot, take another snapshot because you will lose the snapshot you revert to when you use it.

Networking -- The biggest difference using VMWare Fusion on Macs that I have found vs. Windows VMWare products has been networking, which seems to be temperamental.  I have to fiddle with the Network Adaptors at times as explained below. On Windows it is easier to select and basically hard code the network adaptor you want to use in bridged mode which usually resolves network problems.

Security -- A VM is just a file. VMS have been hacked by altering the VM file on a machine. If you are storing sensitive data on a VM protect it appropriately. Protect your VM files appropriately. Also make sure your networking is set up appropriately depending on your security rules. If you are on a VM your connections may or may not be going over your VPN, if you have one, depending on how you have things configured. Make sure you understand what's going on with your networking. Do a checksum on any files you download to ensure they are not corrupt or have been tampered with in transit.

Checksums - 

If you are on Windows you can do integrity checks for downloaded files as explained here:

To do an integrity check on linux you can use built in commands such as sha1sum, or if sha 512 use:

sha512sum [file to check]

The result will be a checksum that should match the checksum provided on the site where you downloaded the file. If it doesn't the file was corrupted in transit, or worse, altered by someone with likely evil intentions.

If you use yum to do updates or other package installers they likely have this checksum build into their install process.

Step 1: Create an ISO

An iso is a file that contains an image that can be used to create a new virtual machine. In our case we are creating an iso for Fedora Linux.

1. Go to
2. Click download
3. Click on Formats in sub menu
4. Click on 64bit DVD option
5. Download starts immediately
6. Check the integrity of the file you downloaded
7. Right click and burn to blank CD or your hard drive

You should now have a .iso file you can use to create a Linux VM

Step 2: Create a Fedora Linux VM, customized for Eclipse

1. Start Fusion. 
2. File, new, choose appropriate Linux options
3. On the top of vm screen click the icon with cd coming out of drive.*
4. Choose disk option and select the file burned to CD
5. Click on customize settings when going through the VM set up
6. Change the name of my VM
7. Click on hard disk. Change the size to the amount of storage you think you will need for this VM.
8. Hit the back arrow, apply.
9. Click on memory. I doubled mine to 2048. What number you use depends on how much memory you have on your machine and what else you are running outside the VM that will be using memory. When I didn’t increase the memory eclipse was going very slowly and using swap memory.
10. Close the settings.
11. Run your VM (big > arrow in the middle of the screen).
12. Wait…this will take a while…
13. Try to login. 

If you get an pam module error when logging in that says “system is booting up” and won’t seem to go away then restart the VM.

Step 3: Check Internet Connection

1. Make sure you can connect to internet - open a browser to test going to your favorite web site. 

2. If you have problems try changing the network adaptor settings as follows:
  • Shut down your VM [Menu: Virtual Machine > Shutdown]
  • Go to Menu: Virtual Machine > Network Adaptor > Network Adapter settings
  • Click the button that says: Add Device [Your VM must be stopped]
  • You’ll now see at the top of the dialog that it says “Network Adapter 2"
  • Click on the bridged option for Wi-Fi (or whatever your current network is that you are using) instead of “Share with my Mac”
  • Close the dialog box
  • Start your VM (click the > arrow in the middle of the VM screen or use the menu options
  • From menu choose: Virtual Machine > Network Adapter > Disconnect Network Adapter
  • Verify that Network Adapter 2 is connected on menu: Virtual Machine > Network Adapter > [you should see the option for Bridged (Wi-Fi) selected and the option to disconnect (leave it connected)
  • Restart your VM
3. You can try removing and adding Network Adapters or switching between Nat and Bridged mode. I have not experienced consistent behavior in these settings.

Step 4: Add Your User to Sudoers

1. Add user to sudoers file using visudo so you don’t have to keep logging in as root with su.

su root 
[enter password]


uncomment this line if not already uncommented

%wheel  ALL=(ALL)       ALL

Exit and save changes or just exit if nothing to change


Add the users to the wheel group you want to allow to run sudo

usermod -aG wheel [username here]

su back to your user name
su [your user name]
[enter psassword]

test that you can sudo with that user now
ls /root
(you should get permissions denied)

sudo ls /root
[enter password]

should not give any error.


Step 5: Run Security Updates

Security updates will patch known CVEs (security flaws):

sudo yum update —security

Then y and enter to install.

Note: if you have problems running this because it says PackageKit is running, here’s what I did. I don’t know if this is bad but it solved the problem:

ctrl-shift-t to open a new terminal window in new tab

ps -ax | grep Package

Got the process id, say 112233

Then kill that process which in this case would be:

sudo kill 112233

Did same for RSS

Then my security update would run.

The next problem I had during the update was report of two conflicting packages. There were two conflicting package names in the error message. I just updated the latter package stand alone:

sudo yum update abrt-java-connector-1.0.6-1.fc20.x86_64

Now run the security update again

sudo yum update --security

Step 6: This is a Good Time to Take a Snapshot

Menu: Virtual Machine > Snapshots > Take Snapshot

You can view your snapshot 

Menu: Virtual Machine > Snapshots 

You might want to right click on Get Info and add a comment like “security updates applied"

Step 7a: Install Eclipse with Yum -- READ CAVEAT FIRST

I just typed:

sudo yum install eclipse

It proceeded to install a gazillion libraries…well really it was only 100.

Then I just typed eclipse at the command line. I checked the version and it installed the “Kepler” version of eclipse, however the latest version of Eclipse (at time of this writing) is Mars. If you want to get the latest version you’ll want to download and install from web site.

So scratch that and roll back to the secure VM snapshot (and take a new snapshot)

Step 7b: Install Eclipse From Eclipse Web Site

1. Search for "eclipse" in Google
2. Click eclipse downloads in Google results
3. Click on SHA-512 to get the hash which looks like this currently:

b5fe908c9ae4ec2c1e050bca1846b07f0474d3c6abb77ec71ebbc2d71ab89ce3934b6019cb4d700386a2236f28a2ab04ca1976a48b82220ba8563cd9b672b840 eclipse-inst-linux64.tar.gz

4. Choose a mirror close to you or from a name you trust
5. Download box pops up - click OK or choose Save File
6. The file eclipse-inst-linux64.tar.gz is downloaded.
7. The file went to /var/tmp if you just clicked ok or to your downloads folder if you chose Save File. If you can't find it run this command:

sudo find / eclipse-inst-linux64.tar.gz | grep eclipse-inst-linux64.tar.gz

8. cd to the directory where the file is located

cd /var/tmp [or wherever the file is saved if not /var/tmp]

9. Run the checksum integrity check:

sha512sum eclipse-inst-linux64.tar.gz

If the file is OK the output matches the above. This of course assumes the above was not tampered with but better than doing no integrity check at all.

b5fe908c9ae4ec2c1e050bca1846b07f0474d3c6abb77ec71ebbc2d71ab89ce3934b6019cb4d700386a2236f28a2ab04ca1976a48b82220ba8563cd9b672b840  eclipse-inst-linux64.tar.gz

Since we have a match my download seems to be OK.

10. If you just hit ok the archive manager should be open. If not just double click on the downloaded file to open it.
11. Click Extract
12. The next screen gives option to create a new folder, which I did. 
13. Extract files to folder of choice.
14. I scanned the readme file for any trouble shooting tips and saw a particular version of Java is required.
15. Check your java version to make sure it is ok:

java -version

16. If java is not ok you can update manually or run:

sudo yum update java

17. Double click on the eclipse installer file (eclipse-inst) in the root directory of extracted files
18. Choose the version of Eclipse you want - I just chose the first option for basic Java IDE
19. Click install and follow the prompts.
20. Go get a cup of coffee or do some jumping jacks while you wait.
21. Click launch.
22. Change the workspace if you want - it's just the location where Eclipse stores your preferred settings. You can have multiple workspaces with different settings. I generally store settings and projects in different folders not in the same hierarchy.
23. If you get an error Eclipse is not responding, click "Wait".
24. Yay. Eclipse is running. Check the version under Help menu and make sure it is the latest.

Step 8: Take a Snapshot!

This would be a most excellent time to take a snapshot.

Step 9: Install Git

If you are using GitHub you might want to install GIT and/or any Eclipse tools for Git. You'll want to back up your source and version as frequently as possible so as not to lose your work! This allows rollback of only your code vs. rolling back your entire environment with a VM snapshot.

Step 10: Install AWS Goodies

Install your favorite AWS tools from this web page:

Perhaps you have different VMs and configurations for different projects or customers, or perhaps you have a single VM that supports them all...the choice is yours!

Windows Notes

Windows commands

Net Use - mapping drives, printers, manage users

Net user

Net session

Netsh commands

Netsh for Windows firewall

Advanced Firewall

Windows find from command line

Systeminfo - display lots of stuff including Windows Domain

Managing services from command line

Create Windows tasks from command line

Windows File Integrity Checker like sha1sum on Linux

Why doesn't Windows have a built in file integrity checker like sha1sum on Linux. You'd think this would be pretty important - for example when verifying the integrity of Windows and Microsoft product updates.

There is a tool you can download called:

Microsoft File Checksum Integrity Verifier

I see that it has no provided checksum :) Of course what would you use to check it? You'd possibly have to pull out your Linux machine. (not funny?) 

To check a file:

1. Download the app.
2. Extract to desired folder
3. Add that folder to your PATH environment variable (search on this if you don't know how)
4. Open new command prompt window.
5. Navigate to file you want to check
6. Type fciv.exe to get output with all options
7. Type this to get sha1 hash of your desired file

fciv.exe <file> -sha1

8. Compare that hash you just created to the hash provided by the site where you downloaded the software

I noticed there was a -v option to verify a file and compare to it's hash. Seems to require an XML file which I tried but failed to read my file so I just compared the two manually since it was a short value. Would be better if they had a tool that worked more like sha1sum on linux, that takes a text file with the key as input.

Linux Notes

Various Linux commands in no particular order

Coming soon...
Cron jobs
Addition in bash, spacing


Any commands that require admin privileges can be run by a user not logged in as root by putting su in front of the command. Best practice is don't log in as root and use su. You'll need to enter a root password. 



Put in front of any single command to run that command as root without entering the root password.

Users who can sudo are listed in /etc/sudo

Edit with visudo

List what's in current directory


Output file to screen in terminal window

Originally cat was use for concatenating files, but many people use it just to output the file to the screen

cat [file]

sed, awk, tr, cut - text formatting and manipulation
sed and awk are stream processors. Pass in a string and get transformed output. scripting.

tr will take input and replace or delete characters in the new output

cut extracts a portion of a file by selecting columns


Display particular lines of file (head and tail)

Show beginning lines of file

head file

Show last lines of file

tail file

Show lines 10 - 20 of file

head -10 $line file | tail -20

or awk and sed



Output results of a command to standard out and file at the same time

cat [file1] | tee [file2]

Find a file or application

In current directory:
find -name "file name in quotes"
From root
find / -name "file name in quotes
Ignore case:

find -iname "file name in quotes"

Using wild card (e.g. find all files that end in .conf)

find -name "*.conf"

Find all files with permission (e.g. 0777)

find -type f -perm 0777

Use locate

locate "*.jpg"



Find Text in a File

To find the string "text" in any text file:

grep "text" *.txt

Use strings to read the human readable portion of a binary file

strings [file]

Show permissions of files in a directory

ls -l


ls -al

or recursively display permissions of subdirectories

ls -lR

See Permissions for Specific File

ls -l [file name]

Find all the files owned by a particular user

find / -user [user]

Find all the files owned by a particular group

find / -group [group] 

File & Directory Permissions

When file permissions are listed look something like this:

-rwxrw-r-- [user] [group] [file]

Each of first 10 characters have following meaning:

d if directory otherwise -
r if owner can read otherwise -
w if owner can write otherwise -
x if owner can execute otherwise -
r if group can read otherwise -
w if group can write otherwise -
x if group can execute otherwise -
r if everyone can read otherwise -
w if everyone can write otherwise -
x if everyone can execute otherwise -
This is followed by owner, group and file name.

Numerical Permissions

The above 10 character permissions can be translated to numbers. The shortened, numerical form of permissions is used by most Unix admins when setting permissions. A letter = on (1) and a dash = off (0).

Chars = binary = decimal
rwx = 111= 7
rw- = 110 = 6
r-x = 101 = 5
r-- = 100 = 4

So to give full rights to owner (7), read only to group (4) and no rights to everyone (0) would be 740

More on binary, hexadecimal and binary if you really want to know

List users on system
awk -F':' '{print $1}' /etc/passwd


cat /etc/passwd

Determine user home directory

cat /etc/passwd
Login as another user

su [user name]

List groups on system
cut -d: -f1 /etc/group

View contents of file that defines groups
cat /etc/group

Add a user to a group

usermod -a -G <group> <username>

See if user has root permissions by checking to see if they have UID 0

grep 'x:0:' /etc/passwd

See which users are in root group

grep root /etc/group

See which users can execute as root

cat /etc/sudoers

List programs installed

compgen -c

Find a specific program

compgen -c | grep bash

Check which programs can execute as root using SUID bit

find / -perm -04000

Edit Linux networking

Edit the file specific to the interface you want to alter


View Firewall Rules

iptables -L -n

Stop Firewall

service iptables stop

Create Firewall Rules

iptables(8) -A INPUT -m state --state ESTABLSHIED, RELATED --j ACCEPT

Typically accept state ESTABLISHED, RELATED and NEW. Drop others. 

Distinction between "shell" and "terminal emulator"

The shell handles commands. The terminal or terminal emulator provides a way to send commands to the shell from a graphical user interface.

Change default terminal

update-alternatives --config x-terminal-emulator

TERM environment variable
The TERM environment variable is updated by the terminal, not used to define it.

Change file permissions 

chmod [permissions] [file]

Common file permissions 

777 no restrictions (no good)

755 owner can write, anyone can read & exec

700 only owner has rights and can read, write, exec

666 all users may read and write

644 owner may write, anyone can read

600 owner may read and write

Directory permissions

777 no restrictions

755 owner has full access, others can list files, not create or delete

700 directory owner has full access


Create a file

Use a text editor


echo "some text to put into a file" > [file]

Delete a file

rm [file]

Change file owner

chown [user] [file]

Change file group ownership 

chgrp [group] [file]

How to tell if a process is running

ps aux | grep [process]

So to see if SSH is running

ps aux | grep sshd

To see network information including mac and IP


To see gateways and routing information

route -n


netstat -r 

Default gateway on Linux 

The last entry in the route table using defines the default gateway.

route -n


Multiple interfaces (see last answer):
List Services

ls /etc/init.d

View Running Services



ps -Al 

Generate SSH key

ssh-keygen -t rsa -C ""
Enter file in which to save the key (/c/Users/you/.ssh/id_rsa): [Press enter]
Enter passphrase (empty for no passphrase): [Type a passphrase]
Enter same passphrase again: [Type passphrase again]
# start the ssh-agent in the background
ssh-agent -s
# add the key
ssh-add ~/.ssh/id_rsa

Git, for example:


SSH on command line

Using a private key file

ssh -i [path to key file][user]@[host]
On Windows you'll have to install SSH command line tool:



SSH to Linux Machine with Putty

Download putty from

Verify the integrity of the file with SHA2 (preferably)

Double click on Putty.exe to run.

Enter IP address and choose SSH as shown below.

The machine you are connecting to should probably require additional configuration to ensure your session is encrypted. 
For example, connecting to AWS instances will require you to provide the key used when you started the instance:


Putty uses ppk format for files.

You may need to generate a key, or convert a key using puttygen (download on putty site).

Make a SHA1 hash of a string

echo -n some_text_here | sha1sum | awk '{print $1}'

Make a SHA2 hash of a string 

echo -n some_text_here | sha256sum 

Create Sha1 hash of a file

sha1sum [file] > [file].sha1

Verify Sha1 hash of a file
sha1sum -c [file].sha1

Mount CDRom

If there's a CD Rom on your machine and need to mount it:

mount cdrom 


mount /dev/cdrom


mount /mnt/cdrom


Mount an ISO

If you have an iso you want to mount onto a directory:

sudo mount -o loop [iso] [directory] 

Eject CD Rom



Determine if ASCII file is Unix or Windows

Both Windows and Unix ASCII files use a carriage return at the end of a line. If you use the file command on a Unix ASCII file it will tell you the file is an ASCII file. If you use the file command on a Windows ASCII file it will tell you the file is an ASCII file with CRLS line terminators.

file [file name]

dos2unix and unix2dos

The first utility transforms DOS files to unix and vice versa for the second.

dos2unix [file] 
unix2dos [file]


Convert binary file to hex and other formats

hexdump -x


od -x

Both produce same output of binary to hex


view shell command history (.bash_history)

view recent commands

find specific text in history with grep

history | grep pwd

Search the .bash_history file. Get the folder where the .bash_history file is stored from the HIST environment variable. Go to that folder.

cat .bash_history | grep "some value to find"


Log files on Linux

Log files are typically in this directory: /var/log

Logs are generally created by rsyslog:


Types of logs:

messages - application messages
system -  system messages
access.log - apache access log

Many applications specify their own application specific log locations

Browsers history shows what pages have been visited

Proxy Settings on Linux

Different apps have proxies set in configuration files or different places on Linux.

User specific proxy settings for Firefox on Linux: click edit > preferences > advanced > network > settings

Package managers generally have their own specifics for setting a proxy.

Proxy server applications such as SQUID can also be set up on Linux to cache and proxy requests

Different versions of Linux set proxies in different ways. There may be a gui for this (*gasp*). Otherwise the network configuration is generally stored in a file with some variable for the proxy. [More later if time]

Command line proxy settings:


Find a Deleted File



Find Process Using a File

lsof [Name of file]


Find Script That Started a Process

Bring back deleted file

Get the source code for a running process running contents of a deleted file:

lsof | grep myfile

cp /proc/[pid]/fd/[file descriptor] myfile.saved


Environment Variables

set, printenv, env

get environment variables for a process

xargs --null --max-args=1 < /proc/[pid]/environ
About environment variables:


Show Libraries used by an application

user@home ~/ $ ldd [path to application]
TCP Wrappers

TCP Wrappers wraps network access controls around applications.

Configuration files: 


Find out if a file is compiled with TCP Wrappers