ubuntu bash now in windows 10…?

There’s a little-known feature now in Windows 10 which is a fairly awesome piece if you know Linux/Ubuntu and, say, you’re a coder. Microsoft and Canonical got together to add an Ubuntu on Windows subsystem in the 14393.0 “Anniversary Update” OS Build.

The feature is also called the Windows Subsystem for Linux. What’s interesting is that from bash you can actually invoke a Windows executable or one compiled for Ubuntu. It can run DOS batch files as well as shell scripts.

  1. Turn on Developer Mode in Windows 10 -> Settings -> Update & Security -> For developers
  2. Turn on the Windows Subsystem for Linux (Beta) in Windows 10 -> search for “Turn Windows features” -> select Turn Windows features on or off
  3. Restart Windows 10
  4. Go to a command prompt
  5. Enter bash and type a y to continue, noting that this step will take about 20 minutes
  6. When finally prompted, enter a UNIX username (it’s case-sensitive) and a password (again, case-sensitive) which are completely separate from your other credentials

From this point you can run an Ubuntu bash prompt either from the added Start entry or by entering bash in an MS-DOS or PowerShell prompt.

Notes

  • It’s probably not a good idea to use Notepad or similar Windows tools to edit configuration files within the Ubuntu space.
  • You should be able to sudo from this first user as you might expect.
  • Once logged in, you’ll land in a /mnt/c/Users/username location from a Unix perspective.
  • Since the OS is Ubuntu, you would run sudo apt-get update to install things.
  • If you want to invoke Windows executables from a bash session, you probably want to start by adding the SYSTEM32 folder to your path, for example: export PATH=$PATH:/mnt/c/Windows/System32 but since this is UNIX you’ll need to make sure that the capitalization is right for each path.
  • Run lsb_release -a if you’d like to see which release of Ubuntu is running.
  • In theory, you could run bash scripts within a PowerShell script.
  • At this time, it does not support GUI applications.

why PowerShell sucks so badly

Here, I attempt to answer the rhetoric question, “Why does Microsoft PowerShell suck so badly?” Where to begin…? It has such promise, it’s clear that someone has spent much time coding everything. Ultimately, there appears to be power under that shell and it’s probably truthful to its name. But if you can’t use the tool in the real world, it should be renamed to Microsoft PowerlessShell.

“But if you can’t use the tool in the real world, it should be renamed to Microsoft PowerlessShell.”

It’s almost like a group of scientists in a desert setting somewhere—think “Manhattan Project”—created a collection of methods useful for annihilating the planet and then as almost an afterthought, enough preventive controls were placed upon its use that literally nobody could in fact blow anything up.

Today’s task is to automate the creation of a VPN button for Windows 10—based remote users here at the office. End-users then in theory can just double-click a PowerShell script that I’ve placed on a SharePoint server.  I would then individually share the link with them which would remotely install the new VPN profile. Sounds easy enough.  In fact, it sounds much easier than the two-page long tutorial in a Word document which attempts to educate them how to do all this manually.  Have you ever seen how long an L2TP shared key phase can be?  It’s pretty bad.  Just think of all the support calls I’m going to get if I can’t script this.

Is the PowerShell documentation easy to use? Hell no, it’s not. I’ve just spent a full hour trying to piece together the script required from this hobbled-together documentation on Add-VpnConnection. Does my script work under a test rig? I wish I knew, because at the moment I can’t actually run the script in any form or fashion because Microsoft doesn’t want me to.

“Does my script work under a test rig? I wish I knew, because at the moment I can’t actually run the script in any form or fashion because Microsoft doesn’t want me to.”

Now granted, I’m an Administrative user on my newly-upgraded Windows 10 laptop. The script fails with some terse error message which suggests that I need to run the PowerShell command as Administrator.  Well, that would foil things here in the real world because I’m trying to have the end-users run this script remotely so that I—the administrator—don’t have to be there in the first place.

So I doggedly trudge ahead and end my session and open up PowerShell by right-mouse clicking it and choosing Run As Administrator.  And yet, this still doesn’t work.  This time it fails with another terse error message which suggests that Set-ExecutionPolicy might help.  I then research this to find that “Unrestricted” is the probable attribute but when attempting to run this, I get another terse error message suggesting that I can’t change the policy.  Seriously?

I could now go back to my earlier research and re-learn how to digitally sign a script so that I can run it.  But the process to create and to troubleshoot a script usually requires multiple iterations before the script works perfectly.  And this is especially true since nobody yet on the Internet has provided a good example for creating a VPN tunnel to a SonicWall over L2TP/Ipsec with a pre-shared secret and authenticating to the firewall instead of the domain controller.  Designing a script like this takes trial and error.  Adding a signing phase between each script attempt effectively means:  I’m not going to do this.

“Adding a signing phase between each script attempt effectively means:  I’m not going to do this.”

In short, this is why Microsoft PowerShell sucks.  If you have to sign scripts just to run them while testing then it’s not worth the effort.  Why not include a button in the PowerShell IDE which allows me to “Sign & Execute” my script attempt?  And if I don’t have a digital certificate then open a dialog box to gather the information to magically make this happen.  Or even better, just allow me to create and run scripts without all the nonsense.  How about a big toggle that says “Unsafe Mode” versus “Safe Mode”?