Loose Notes

Loose Notes



Mounting with –bind option in Linux

-needing multiple system folders to be accessed by 1 ftp account

-ftp user is chroot jailed to his /home/user folder

-we can bind mount folders

 

http://aplawrence.com/Linux/mount_bind.html

 

# mount --bind /foo /home/fred/foo

 

 

 

 

Mac OS X Stuff

http://www.tech-recipes.com/mac_system_administration_tips726.html

 

-MacPorts site

http://www.macports.org/install.php

-gnome-terminal on DarwinPorts

http://gnome-terminal.darwinports.com/

-talking about MAC OS X and terminal

http://www.twothirds.org/2006/05/27/fixing-the-mac-terminal-with-gnone-terminal/

- wmv player stuff

http://www.flip4mac.com/wmv_download.htm

 

 

FACLs – File Access Control Lists

http://www.vanemery.com/Linux/ACL/linux-acl.html

- Edit /etc/fstab to include “acl” in options sections

# mount –v –o remount /mountpt

# getfacl /mountpt

# setfacl –m u:usernm:r-- /mountpt

 

Logical Volume Management

http://www.howtoforge.com/linux_lvm


[Physical Volumes]

# pvremove /dev/sdb1 /dev/sdc1 /dev/sdd1

# pvcreate /dev/sdb1 /dev/sdc1 /dev/sdd1

# pvdisplay


[Volume Groups]

# vgcreate nameMe /dev/sdb1 /dev/sdc1 /dev/sdd1

# vgdisplay

# vgrename nameMe data

# vgscan

# vgremove


[Logical Volumes]

# lvcreate --name media --size 1G nameMe (volume name)

# lvscan

# lvrename volumeName media files

# lvdisplay

# lvremove /dev/volumeName/files

 

# mkfs.ext3 /dev/volumeName/files


Partitions Larger than 2TB

http://www.knowplace.org/pages/howtos/linux_large_filesystems_support.php

http://www.cyberciti.biz/tips/fdisk-unable-to-create-partition-greater-2tb.html


# parted


Check System Load

# sar -r -f /var/log/sa/sa13


# string

# strace


# last // lists last logins and reboots


| Can't 'su' to root

# gpasswd -a user wheel


# screen -r

  -ls

Ctrl+A   -P previous screen

      -N next screen

    -D detach screen



cron => MIN | HOUR | DAY OF MONTH | MONTH | DAY OF WEEK


Memory Usage

vmstat

free

pmap

top

sar -B

time -v date

cat /proc/meminfo


FileSystem & Storage Devices

df -k

du -sh

mount

showmount

fdisk -l

parted

/etc/fstab



Spam Assassin

# sa-learn


#head

# sort




# chattr +i myfile

-i Immutable

-a Append only for writing.

-u Undeletable


# lschattr


# host -t mx domain.com


# pam_abl

http://www.linux.com/articles/60955

/etc/security/pam_abl.conf


-CPU Limit

http://cpulimit.sourceforge.net




sort -nr

uniq -c

head

tail



awk

sed



DELL'S OSMA SNMP issues

http://www.planetmy.com/blog/how-to-installuninstall-omsa-in-sles9-or-sles10/

http://www.planetmy.com/blog/snmp-error-during-omsa-5x-installation-on-suse-910/


# fuser -n tcp 80

# rkhunter -c

# chkrootkit

# pflogsumm -d yesterday /var/log/maillog


----------


(error)

[root@roy rhn]# yum list

Loading "security" plugin

Loading "downloadonly" plugin

Loading "rhnplugin" plugin

rhel-i386-server-5 100% |=========================| 1.2 kB 00:00

Error: Cannot retrieve repository metadata (repomd.xml) for repository: rackspace-rhel-i386-server-5-php-5.2. Please verify its path and try again 


(fix)

# rhn-profile-sync 

# yum grouplist 



----------





Networking

------------------

Checking the route table in Linux


netstat -rn

route


Adding and Removing a Network in Linux


route add -net 10.10.10.0/24 gw 192.168.0.1

route del -net 10.10.10.0/24 gw 192.168.0.1


Adding and Removing a specific host in Linux


route add -host 10.10.10.45 gw 192.168.0.1

route del -host 10.10.10.45 gw 192.168.0.1



SSH Tips


SSH with Private Key 


  1. 1. Type vi <server number>.key (this opens a file for you to insert the private key)
  2. 2. Hit the letter ‘i’ to enter insert mode
  3. 3. Copy and Paste the private key into vi, including these: 

       -----BEGIN DSA PRIVATE KEY-----

       Blah blah blah blah blah blah blah blah

       -----END DSA PRIVATE KEY-----

  1. 4. Press ESC
  2. 5. Then type ‘:wq’ to save the file
  3. 6. Next, type ‘chmod 600 <server number>.key’ to give the file the proper permissions
  4. 7. Lastly, to logon type ‘ssh –i <server number>.key rack@xxx.xxx.xxx.xxx’, note that on some servers you have to logon directly as root when using a key





-ACPI establishes industry-standard interfaces enabling OS-directed configuration, power management, and thermal management of mobile, desktop, and server platforms.


----


AWStats

http://forum.swsoft.com/showthread.php?t=49950&highlight=awstats

http://awstats.sourceforge.net/docs/awstats_contrib.html#plugin_standards

http://forum.swsoft.com/showthread.php?t=51460


/usr/local/psa/admin/bin/webstatmng --set-configs --stat-prog=awstats --domain-name=<mydomain.com>


/usr/local/psa/admin/sbin/statistics --calculate-one --domain-name=<mydomain.com>


----


Sample PHP Mail Script


<?php


$to = "someone@example.com";

$subject = "Test mail";

$message = "Hello! This is a simple email message.";

$from = "someonelse@example.com";

$headers = "From: $from";

mail($to,$subject,$message,$headers);

echo "Mail Sent.";


?>


--------------------------


Removing Server and PHP information from HTTP headesrs


http://www.mydigitallife.info/2007/07/22/improve-apache-web-server-security-use-servertokens-and-serversignature-to-disable-header/


Here, we are trying to remove HTTP headers that identify the server and it's software versions.


$ curl -I empulsegroup.com

HTTP/1.1 301 Moved Permanently

Date: Mon, 18 Aug 2008 16:52:25 GMT

Server: Apache/2.0.52 (Red Hat) <--- We don't want this.

X-Powered-By: PHP/5.1.6 <--- We don't want this, either.

X-Pingback: http://www.empulsegroup.com/xmlrpc.php

Location: http://www.empulsegroup.com/

Connection: close

Content-Type: text/html; charset=UTF-8


in /etc/php.in

expose_php Off


in /etc/httpd/conf/httpd.conf

ServerTokens Prod

ServerSignature Off


# service httpd restart


Now we get:


$ curl -I http://www.apps.nokia.co.uk

HTTP/1.1 301 Moved Permanently

Date: Mon, 18 Aug 2008 17:05:54 GMT

Server: Apache <--- Now just reports "Apache", and no "X-Powered-By" line

Location: http://www.nokia.co.uk

Connection: close

Content-Type: text/html


-------------------------------------------------


Qmail queue lifetime control


http://www.qmailrocks.org/maintain.php


queuelifetime - The "queuelifetime" setting for qmail determines how long messages can stay in the queue. By default, your qmail server will keep messages in the queue for 604,800 seconds, or 7 days. However, you can set a custom queuelifetime by creating a file called /var/qmail/control/queuelifetime. The content of that file is a single line containing a number which represents the number of seconds the queue will hold any given message. If you want to set a custom queuelifetime, you might want to whip out the old calculator.


---------------------------


Setting the default umask


http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html


The user file-creation mode mask (umask) is use to determine the file permission for newly created files. It can be used to control the default file permission for new files. It is a four-digit octal number .


You can setup umask in /etc/bashrc or /etc/profile file for all users. By default most Linux distro set it to 0022 (022) or 0002 (002).


-add: umask 022


-------------------------------------


To remove the reserved space in the file system:

# tune2fs -m 0 /dev/sda1


to see if the partition has journaling:


[root@91858-app2 ~]# tune2fs -l /dev/sda1

tune2fs 1.35 (28-Feb-2004)

Filesystem volume name:   /boot

Last mounted on:          <not available>

Filesystem UUID:          d57e4642-b1a8-4812-8c26-91874eed6374

Filesystem magic number:  0xEF53

Filesystem revision #:    1 (dynamic)

Filesystem features:      has_journal ext_attr resize_inode dir_index filetype needs_recovery sparse_super

Default mount options:    (none)

Filesystem state:         clean

Errors behavior:          Continue

Filesystem OS type:       Linux


-------------------------------------


Removing a large number of file in Linux


find . -type f -exec rm -v {} \;

find . -type f -delete


Find and run files though sed


find . -type f -exec sed -i -e 's/pattern/replace/g' {} \;


The same thing with Perl


find . -name settings.xml -exec perl -e /s/pattern/replace/g' -p -i {} \;




---------------------------


Bandwidth tracking in Apache



for i in `cat vsftpd.log | grep "Aug 21" | grep DOWNLOAD | awk '{print $14}'`; do 




count=0; for i in `cat /home/rack/aug21.http`; do count=$(( $count + $i )); done; echo $count




27,554,060,508


grab out GET requests and the size of the data


cat httpd/access_log* | grep "21/Aug" | grep GET | grep "HTTP/1.1" | awk '{print $10}'


count number in a file:


count=0; for i in `cat /home/rack/aug21.http`; do count=$(( $count + $i )); done; echo $count


--------------------------


-rwxrwsr-x means that the setgid bit is set on this executable file. This means that the user invoking the script (probably Apache in this case) can execute the script with an effective group ID of the group that owns the file ( psacln ).


-rwsrwxrwx means that the setuid bit is set. This means that the user executing the script (Apache) has the same privileges as the owner pickinart 




---------------------------

wiki.empulsegroup.com

page index