unable connect to socket: No route to host (113)

Guys,

This error message usually comes when you try to access remote linux desktop using vncviewer. Please check the firewall in the linux server. It's causing this error messages. First stop the firewall and test it once again. Please allow the ports 5801,5901 and 6001 in the iptables or firewall. Then restart the firewall and try to connect to the server. It'll work.

Try :)

Read More

How to install frysk on linux rhel5?

Install frysk :

frysk : It's debugging and monitoring tool of the system.

===========
yum install -y \
antlr jdom junit gcc-java gcc-c++ \
libglade-java-devel libvte-java-devel \
automake xmlto transfig eclipse-ecj dogtail \
sharutils git audit-libs-devel binutils-devel \
yelp libtool make
===========

Try :)

Read More

Flow diagram of systemtap debugging scripting tool?

===========================

What is systemtap?

Ans : Scripting tool to debug and monitor the whole system processes or any events.

How to install it on linux machine ?

Ans :
yum install kernel-devel
yum install kernel-debuginfo
yum install systemtap

Tool to do the job :

Ans : stap

Syntax to use it :

-------------
probe {handler}

Where event is kernel.function, process.statement, timer.ms, begin, end etc

and handler can be filtering/control statement and
helper function : log, printf, pid etc
-------------

Example :

[root@vm80 systamexample]# cat hellworld.stp
probe begin
{
print("This is hello world\n")
exit()
}

[root@vm80 systamexample]

Execution :

[root@vm80 systamexample]# stap hellworld.stp
This is hello world
[root@vm80 systamexample]#

[root@vm80 systamexample]# cat primecheck.stp
function isprime (x) {
if (x < 2) return 0
for (i = 2; i < x; i++) {
if (x % i == 0) return 0
if (i * i > x) break
}
return 1
}

probe begin {
for (i = 0; i < 50; i++)
if (isprime (i)) printf("%d\n", i)
exit()
}


stap-authorize-signing-cert stap-report
[root@vm80 systamexample]# stap primecheck.stp
2
3
5
7
11
13
17
19
23
29
31
37
41
43
47
[root@vm80 systamexample]#
==============================

Try :)

Read More

How to remotely access the linux desktop from any linux or windows machine?

Guys,

I referred the following steps :

=======================
1. On server-linux(Which will be accessed) : yum install vnc*

2. On client-linux(who will access the remote desktop of the server ) : yum install vncviewer


Note : You can install the tigerVNC instead of yum. Just download the package and install it on both client and server. Here is the URL :

----------
http://sourceforge.net/projects/tigervnc/files/
----------


3. On server :
Enter command : vncpasswd
now setup a password to connect it via vnc

4. vi /etc/sysconfig/vncservers

Do the following (You can setup another user):

VNCSERVERS="1:root"

PS : here user is root

5. chkconfig vncserver on
6. service vncserver start
7. allow port 5901 at firewall

8. restart vncserver like " service vncserver restart

9. vi /root/.vnc/xstartup and comment following lines :

----
#unset SESSION_MANAGER
#exec /etc/X11/xinit/xinitrc
----

Note : In case of tigerVNC you don't need to do this.

10. On client :

Execute command : vncviewer
Enter IP of the server and password of the server. Now remote desktop will appear. OR you can access the rdesktop like :

-----
[kmaiti@kmaiti ~]$ vncviewer 10.65.211.80:1
-----

Here 10.65.211.80 is the IP of the remote linux server and 1 is the 1st user which is root.

To access the server from windows machine please install vncviewer on it and execute the binary. Then put IP of the server and password. that's it.

Here are the content of the files on linux server.

----------------

[root@vm80 /]# cat /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the lines below to start a VNC server on display :2
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see
# .

# Use "-nolisten tcp" to prevent X connections to your VNC server via TCP.

# Use "-nohttpd" to prevent web-based VNC clients connecting.

# Use "-localhost" to prevent remote VNC clients connecting except when
# doing so through a secure tunnel. See the "-via" option in the
# `man vncviewer' manual page.

VNCSERVERS="1:root"
# VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -nohttpd -localhost"

[root@vm80 /]#
[root@vm80 /]# cat /root/.vnc/xstartup
#!/bin/sh

# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
gnome-session &
#twm &
[root@vm80 /]#

----------------
========================

Try :)

Read More

How to install luci and ricci for managing the clustering infrastructure?

Luci and ricci are two softwares to manage the clustering infrastructure of the high availability services. Luci connects to the agent ie ricci which must have installed on each clustered nodes to deliver the messages. You can install the luci on any machine(may be clustered node or without clustered node).

Here are the steps that I followed :

==========
[root@kmaiti src]# wget ftp://ftp.pbone.net/mirror/ftp.centos.org/5.5/updates/x86_64/RPMS/luci-0.12.2-12.el5.centos.4.x86_64.rpm
[root@kmaiti src]# rpm -ivh luci-0.12.2-12.el5.centos.4.x86_64.rpm
warning: luci-0.12.2-12.el5.centos.4.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID e8562897: NOKEY
error: Failed dependencies:
stunnel is needed by luci-0.12.2-12.el5.centos.4.x86_64
[root@kmaiti src]# yum install stunnel
Loaded plugins: changelog, downloadonly, protect-packages, refresh-packagekit, rhnplugin, tmprepo, verify, versionlock
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package stunnel.x86_64 0:4.29-2.el6 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================================
Installing:
stunnel x86_64 4.29-2.el6 production-rhel-x86_64-workstation-6 121 k

Transaction Summary
=============================================================================================================================================
Install 1 Package(s)
Upgrade 0 Package(s)

Total download size: 121 k
Installed size: 0
Is this ok [y/N]: y
Downloading Packages:
stunnel-4.29-2.el6.x86_64.rpm | 121 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : stunnel-4.29-2.el6.x86_64 1/1

Installed:
stunnel.x86_64 0:4.29-2.el6

Complete!

[root@kmaiti src]#
[root@kmaiti src]# rpm -ivh luci-0.12.2-12.el5.centos.4.x86_64.rpm
warning: luci-0.12.2-12.el5.centos.4.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID e8562897: NOKEY
Preparing... ########################################### [100%]
1:luci ########################################### [100%]
[root@kmaiti src]#
[root@kmaiti src]# service luci start

The admin user password must be set before the luci can start
To set it, execute (as root):
luci_admin password

[root@kmaiti src]# luci_admin password
The luci site has not been initialized.
To initialize it, execute
/usr/sbin/luci_admin init
[root@kmaiti src]# /usr/sbin/luci_admin init
Initializing the luci server


Creating the 'admin' user

Enter password:
Confirm password:

Please wait...
[root@kmaiti src]#

---------
/etc/rc.d/init.d/luci
/etc/sysconfig/luci


[root@localhost src]# service luci start
Starting luci: Generating https SSL certificates... done
[ OK ]

Point your web browser to https://localhost:8084 to access luci

[root@localhost src]#

Note : You can use " yum install luci "command to do the same.

[root@localhost src]# /usr/sbin/luci_admin init
Initializing the luci server


Creating the 'admin' user

Enter password:
Confirm password:

Please wait...
The admin password has been successfully set.
Generating SSL certificates...
The luci server has been successfully initialized


You must restart the luci server for changes to take effect.

Run "service luci restart" to do so

[root@localhost src]# service luci restart
Shutting down luci: [ OK ]
Starting luci: [ OK ]

Point your web browser to https://localhost:8084 to access luci

[root@localhost src]
==========


RICCI installation :

==========

yum install ricci

Dependencies Resolved

=============================================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================================
Installing:
ricci x86_64 0.12.2-12.el5_5.4 rhel-x86_64-server-cluster-5 1.2 M
Installing for dependencies:
cman x86_64 2.0.115-61.el5 rhel-x86_64-server-5-beta 736 k
modcluster x86_64 0.12.1-2.el5 rhel-x86_64-server-cluster-5 333 k
oddjob x86_64 0.27-11.el5 rhel-x86_64-server-5-beta 61 k
oddjob-libs x86_64 0.27-11.el5 rhel-x86_64-server-5-beta 44 k
openais x86_64 0.80.6-28.el5 rhel-x86_64-server-5-beta 400 k
perl-Net-Telnet noarch 3.03-5 rhel-x86_64-server-5 56 k
perl-XML-LibXML x86_64 1.58-6 rhel-x86_64-server-5 229 k
perl-XML-LibXML-Common x86_64 0.13-8.2.2 rhel-x86_64-server-5 16 k
perl-XML-NamespaceSupport noarch 1.09-1.2.1 rhel-x86_64-server-5 15 k
perl-XML-SAX noarch 0.14-8 rhel-x86_64-server-5 77 k
pexpect noarch 2.3-3.el5 rhel-x86_64-server-5 214 k
python-pycurl x86_64 7.15.5.1-8.el5 rhel-x86_64-server-5-beta 73 k

Transaction Summary
=============================================================================================================================================
Install 13 Package(s)
Upgrade 0 Package(s)

Total download size: 3.4 M
Is this ok [y/N]:y
==========

then service ricci start.

Check the port 11111(ricci) which will have to be opened.

Try :)

Read More

How to configure a High Availability Cluster (Heartbeat) On Linux?

Guys,

You can refer the following steps :

Number of nodes : Two (node1 and node2)
Clustering software : Heart Beat
Service to be high available : http
IP : 192.168.1.1 to be configured on node1
192.168.1.2 to be configured on node2
192.168.1.3 for Heart Beat clustering enabled services(http etc)


==================
1. setup the above two IP on the server and make it sure that uname -n returns node1 or node2
2. yum install heartbeat
make sure that you installed :

heartbeat
heartbeat-pils
heartbeat-stonith

3. configure heartbeat on two node cluster. We will deal with three files. These are:

authkeys
ha.cf
haresources

Now moving to our configuration. But there is one more thing to do, that is to copy these files to the /etc/ha.d directory. In our case we copy these files as given below:

cp /usr/share/doc/heartbeat-2.1.2/authkeys /etc/ha.d/
cp /usr/share/doc/heartbeat-2.1.2/ha.cf /etc/ha.d/
cp /usr/share/doc/heartbeat-2.1.2/haresources /etc/ha.d/

4. Now let's start configuring heartbeat. First we will deal with the authkeys file, we will use authentication method 2 (sha1). For this we will make changes in the authkeys file as below.

vi /etc/ha.d/authkeys

Then add the following lines:

auth 2
2 sha1 test-ha

Change the permission of the authkeys file:

chmod 600 /etc/ha.d/authkeys

5. Moving to our second file (ha.cf) which is the most important. So edit the ha.cf file with vi:

vi /etc/ha.d/ha.cf

Add the following lines in the ha.cf file:

logfile /var/log/ha-log
logfacility local0
keepalive 2
deadtime 30
initdead 120
bcast eth0
udpport 694
auto_failback on
node node1
node node2

Note: node1 and node2 are the output generated by

uname -n

6. The final piece of work in our configuration is to edit the haresources file. This file contains the information about resources which we want to highly enable. In our case we want the webserver (httpd) highly available:

On node 1 :-

vi /etc/ha.d/haresources
Add the following line:
node1 192.168.1.3 httpd

On node 2 :-

vi /etc/ha.d/haresources
Add the following line:
node2 192.168.1.3 httpd

7. Copy the /etc/ha.d/ directory from node1 to node2 :

scp -r /etc/ha.d/ root@node2:/etc/

8. As we want httpd highly enabled let's start configuring httpd :

vi /etc/httpd/conf/httpd.conf

Add this line in httpd.conf:

Listen 192.168.1.3:80

9. Copy the /etc/httpd/conf/httpd.conf file to node2:

scp /etc/httpd/conf/httpd.conf root@node2:/etc/httpd/conf/

10. Create the file index.html on both nodes (node1 & node2):

On node1:

echo "node1 apache test server" > /var/www/html/index.html

On node2:

echo "node2 apache test server" > /var/www/html/index.html

11. Now start heartbeat on the primary node1 and slave node2:

/etc/init.d/heartbeat start

12. Open web-browser and type in the URL:

http://192.168.1.3

It will show node1 apache test server.

13. Now stop the hearbeat daemon on node1:

/etc/init.d/heartbeat stop

In your browser type in the URL http://192.168.1.3 and press enter.

It will show node2 apache test server.

14. We don't need to create a virtual network interface and assign an IP address (192.168.1.3) to it. Heartbeat will do this for you, and start the service (httpd) itself. So don't worry about this.

==================

PS : Made it available.

Try :)

Read More

How to configure autofs with NFS4?

First install NFS server on the machine.

On NFS client machine do the following :

1. yum install autofs
2. vi /etc/auto.master
and put like :

[root@kmaiti alltestfiles]# cat /etc/auto.master |grep home
/home /etc/auto.home --timeout=60
[root@kmaiti alltestfiles]#

3. Put following in /etc/auto.home :

* -fstype=nfs,rw,nosuid,soft,fsid=0 IPof_nfs_server:/home/&

4. /etc/init.d/autofs start

That's it.

PS: You need to restart the system to view the mounted partitions. df -TH

Try :)

Read More

How to install and configure NFSv4 server and client on linux machine?

Guys,

I referred the following steps :

NFS server configure for NFSv4 :

How NFS Works?

NFS consists of at least two main parts: a server and one or more clients. The client remotely accesses the data that is stored on the server machine. In order for this to function properly a few processes have to be configured and running.

The server has to be running the following daemons:

Daemon Description :

nfsd The NFS daemon which services requests from the NFS clients.
mountd The NFS mount daemon which carries out the requests that nfsd(8) passes on to it.
rpcbind This daemon allows NFS clients to discover which port the NFS server is using.

The client can also run a daemon, known as nfsiod. The nfsiod daemon services the requests from the NFS server. This is optional, and improves performance, but is not required for normal and correct operation. See the nfsiod(8)[man 8 nfs] manual page for more information.

Note : I have done it on NFS server RHEL5.x64 and NFS client RHEL6.x64.

NFS server configuration for nfs4 :


[root@vm12 alltestfiles]#yum install nfs-utils nfs4-acl-tools portmap

[root@vm12 alltestfiles]# cat /etc/exports
/var/nfs4testing/ 10.65.211.15(rw,sync,fsid=0) //Share File System /var/nfs4testing
[root@vm12 alltestfiles]#

ps : fsid is very important here.

[root@vm12 alltestfiles]# chkconfig nfs on
[root@vm12 alltestfiles]# chkconfig portmap on
[root@vm12 alltestfiles]# chkconfig --list | grep nfs
nfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off
[root@vm12 alltestfiles]# chkconfig --list | grep portmap
portmap 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@vm12 alltestfiles]#

[root@vm12 alltestfiles]# vi /etc/sysconfig/iptables
[root@vm12 alltestfiles]# cat /etc/sysconfig/iptables | grep 10.65.211
-A RH-Firewall-1-INPUT -s 10.65.211.0/24 -m state --state NEW -p tcp --dport 2049 -j ACCEP
[root@vm12 alltestfiles]#

[root@vm12 alltestfiles]# vi /etc/hosts.deny
[root@vm12 alltestfiles]# vi /etc/hosts.allow
[root@vm12 alltestfiles]# cat /etc/hosts.deny | grep portmap
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!
portmap:ALL
[root@vm12 alltestfiles]# cat /etc/hosts.allow| grep 10.65.211
portmap:10.65.211.0/24
portmap:10.65.192.0/24
[root@vm12 alltestfiles]#

Verify :
[root@vm12 alltestfiles]# rpcinfo -p
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 896 status
100024 1 tcp 899 status
100011 1 udp 1000 rquotad
100011 2 udp 1000 rquotad
100011 1 tcp 1003 rquotad
100011 2 tcp 1003 rquotad
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100021 1 udp 60156 nlockmgr
100021 3 udp 60156 nlockmgr
100021 4 udp 60156 nlockmgr
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100021 1 tcp 51539 nlockmgr
100021 3 tcp 51539 nlockmgr
100021 4 tcp 51539 nlockmgr
100005 1 udp 603 mountd
100005 1 tcp 606 mountd
100005 2 udp 603 mountd
100005 2 tcp 606 mountd
100005 3 udp 603 mountd
100005 3 tcp 606 mountd
[root@vm12 alltestfiles]#

or nfsstat

NFS client configure for NFSv4 : -

yum install nfs-utils

[root@kmaiti ~]# hostname -i
10.65.192.160 127.0.0.1
[root@kmaiti ~]#
[root@kmaiti ~]# cat /etc/sysconfig/iptables | grep 2049
#-A RH-Firewall-1-INPUT -s 10.65.192.0/24 -m state --state NEW -p tcp --dport 2049 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT

[root@kmaiti ~]# mount -t nfs 10.65.211.12:/ /mounted/


[root@kmaiti ~]# df -HT | column -t
Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/HelpDeskRHEL6-Root
ext4 16G 5.3G 9.5G 36% /
tmpfs tmpfs 2.0G 455k 2.0G 1% /dev/shm
/dev/mapper/HelpDeskRHEL6-NotBackedUp
ext4 8.5G 154M 7.9G 2% /NotBackedUp
/dev/mapper/HelpDeskRHEL6-VirtualMachines
ext4 21G 181M 20G 1% /VirtualMachines
/dev/sda1 ext4 204M 47M 147M 25% /boot
/dev/mapper/HelpDeskRHEL6-Home
ext4 4.3G 263M 3.8G 7% /home
10.65.211.12:/
nfs4 8.3G 1.6G 6.3G 20% /mounted
[root@kmaiti ~]#


[root@kmaiti ~]# cat /etc/fstab | grep mounted
10.65.211.12:/ /mounted nfs4 soft,intr,rsize=8192,wsize=8192,nosuid 0 0
[root@kmaiti ~]#

try :
)

Read More

Which desktop is used by my linux machine?

Guys,

Check the directory : /usr/share/xsessions. It has been defined there. You can also execute the following command to get the result.

-----
[root@kmaiti xsessions]# find /usr/share/xsessions -name "*.desktop" -exec basename "{}" .desktop ";"
gnome
[root@kmaiti xsessions]# pwd
/usr/share/xsessions
[root@kmaiti xsessions]#
-----

Try :)

Read More

Configuration files of Directadmin?

Guys,

You can refer the following URL.

====
http://help.directadmin.com/item.php?id=284
====

Check it out :)

Read More

How to convert from ext3 to ext2 file system?

Guys,

===========
1. # umount /dev/hda1
Now change the file system type to ext2 by typing the following command
2. # tune2fs -O ^has_journal /dev/hda1
Verify that there are no error:
3.# e2fsck -y /dev/hda1
Mount the file system to original mount point (for example /home or /mnt):
4. # mount -t ext2 /dev/hda1 /home
Go to mount point and remove .journal file
5. # rm -f .journal
===========

Try :)

Read More

How to convert ext2 to ext3 file system?

Guys,

The ext2 or second extended filesystem is a file system for the Linux kernel, and the ext3 is a journaled file system. The ext3’s main advantage over ext2 is journaling which improves reliability and eliminates the need to check the file system after an unclean shutdown. Journaling process file system log convert file system during disk, if any problem arise it will be reconstructed it will be done by tune2fs tune to ext3 file system,While the power failure occur, Journalism File system restore pre-crash data store on the disk. It will also restore unsaved data.

========

unmount hda1 and tune it by journel like :

tune2fs -c 0 -i 30 -j /dev/hda1

then mount it.
========

c : number of mounts after which the filesystem will be checked by e2fsck. If it's is 0 or -1, the number of times the filesystem is mounted will be disregarded by e2fsck and the kernel

i : Adjust the maximal time between two filesystem checks. Use it with c option.

PS: Replace the appropriate partition.

Try :)

Read More

How to enable swap space on xen VPS?

Guys,

I did the following steps :

==========
root@onweb:/# dd if=/dev/zero of=/swap bs=1024 count=1048576
1048576+0 records in
1048576+0 records out
1073741824 bytes (1.1 GB) copied, 8.60256 s, 125 MB/s
root@onweb:/# mkswap /swap
mkswap: /swap: warning: don't erase bootbits sectors
on whole disk. Use -f to force.
Setting up swapspace version 1, size = 1048572 KiB
no label, UUID=00d2e2b5-0453-48b7-809b-4e405fadd9e8
root@onweb:/# chmod 0600 /swap
root@onweb:/# vi /etc/fstab //give entry like : /swap swap swap defaults,noatime 0 0
root@onweb:/# swapon -a
root@onweb:/# free -m
total used free shared buffers cached
Mem: 531 524 6 0 5 398
-/+ buffers/cache: 120 410
Swap: 1023 0 1023
root@onweb:/#
==========

Try :)

Read More

ftp: connect: Connection refused

Guys,

If you get this type of error message, please check the server's firewall first. I have faced this error message during connecting to the FTP server. In my case passive ports ranges were not enabled in the FTP and iptables firewall.

====
PassivePortRange 30000 50000
====

Add the above line in the ftp configuration file and enable them in the iptables like :

=====
iptables -A INPUT -p tcp --destination-port 30000:50000 -j ACCEPT
iptables -A OUTPUT -p tcp --source-port 30000:50000 -j ACCEPT
=====

Then restart iptables and ftp server like :

====
service iptables restart
/etc/init.d/pure-ftpd restart
====

If above solutions don't work please configure CSF+LFD firewall on the server and stop iptables. This will solve the problem.

Another important point is that you may connect to the server through "active mode [server will connect to the client]" through the FTP client(like filezilla). Just enable the option a the FTP client and retry to connect. That's it.

Try :)

Read More

How to stop core file generation in the server from php?

Guys,

A core file records memory image of running process.when a php process is killed, apache creates core files under your account.These core files takes too much of space on server.There is no harm on deleting these files.You can get rid off these core files by modifying the httpd start up file.

=======
vi /usr/sbin/httpd and
ulimit -c 0 after the first "ulimit" counting from the last.
=======

PS: /usr/sbin/httpd is nothing but a bash script.

Try :)

Read More

eth0 errors +WARNINGs: packets is + outside range

Guys,

I got this error messages from munin monitoring service and following was the error messages :

=========
eth0 errors
WARNINGs: packets is 1.52 (outside range [:1]).
=========

So, my basic concept is either eth0 is being overloaded or isn't compatible with kernel or OS. So, I checked the settings of the eth0 and RX(receive) and TX(transmit) packet errors and I found that there is error at RX. I have pasted the results here.

========
root@server [/proc/net]#ethtool eth0
eth0 Link encap:Ethernet HWaddr 00:22:19:7A:7D:96
inet addr:178.250.55.14 Bcast:178.250.55.127
Mask:255.255.255.128
inet6 addr: fe80::222:19ff:fe7a:7d96/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:162432463 errors:3770202 dropped:0 overruns:0
frame:3770202
TX packets:258975594 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2965541413 (2.7 GiB) TX bytes:3157382941 (2.9 GiB)
Interrupt:169 Memory:f8000000-f8012800
root@server [/proc/net]#
========

You can use other commands to check the continuous traffic statistics of the card like :

-----------------
root@server [~]# watch -n 1 cat /proc/net/dev
-----------------
root@server [~]# sar -n DEV|more
-----------------
root@server [~]# netstat -plan --interfaces=eth0
-----------------

I contacted the owner of the server and he assured me that the maximum speed of the NIC is 1GB/sec. So, I increased it using the following command and that fixed the notification error messages:

==================
root@server [~]#ethtool -s eth0 speed 1000 duplex full
==================

Try :)

Read More

How to access the webalizer from the outside of the cpanel?

Guys,

I don't want to post this type of article since you'll get it from the Google. But still I did. I followed following steps :

Example :

=====
root@cp [~]# /scripts/whoowns domain.com
domain
root@cp [~]# cd ~domain
root@cp [/home/domain]# cd public_html/
root@cp [/home/domain/public_html]# pwd
/home/domian/public_html
root@cp [/home/domain/public_html]# ln -s /home/domian/tmp/webalizer stats
root@cp [/home/domain/public_html]# chown domain. stats
root@cp [/home/domain/public_html]# chmod 755 ~domain/tmp -R
=====

Now access http://domain.com/stats

PS: Domain : domain.com
username : domain

Try :)

Read More

kernel panic - not syncing: Attempted to kill init!

Guys,

Error messages during after upgrading the kernel :

----------
mount: could not find filesystem 'dev/root'

setuproot: moving /dev failed: No such file or directory

setuproot: eroor mounting /proc: No such file or directory

setuproot: eroor mounting /sys: No such file or directory

switchroot: mount failed: No such file or directory

Kernel panic - not syncing: Attempted to kill init!
----------

You need to check two important files and these are /etc/fstab and /boot/grub/grub.conf. The first file tells the system to mount the devices to the corresponding directory and second tells the exact location from which kernel will be booted.

So, as an example grub.conf contains :

-------------
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-194.3.1.el5PAE)
root (hd0,0)
kernel /vmlinuz-2.6.18-194.3.1.el5PAE ro root=LABEL=/
initrd /initrd-2.6.18-194.3.1.el5PAE.img
title CentOS (2.6.18-164.15.1.el5PAE)
root (hd0,0)
kernel /vmlinuz-2.6.18-164.15.1.el5PAE ro root=LABEL=/
initrd /initrd-2.6.18-164.15.1.el5PAE.img
title CentOS (2.6.18-164.el5PAE)
root (hd0,0)
kernel /vmlinuz-2.6.18-164.el5PAE ro root=LABEL=/
initrd /initrd-2.6.18-164.el5PAE.img
root@server [~]#
-------------

a) The root(hd2,5) is saying Linux where is the boot partition and it means, Third hard disk (the 0 counts and is the first disk) and sixth partition, in that disk. so, it is /dev/sdc6 or /dev/hdc6.
b)The next line is saying where to find the kernel and the root partition.

And in my server /etc/fstab contains :

------------
root@server [~]# cat /etc/fstab
LABEL=/ / ext3 defaults,usrquota 1 1
LABEL=/home /home ext3 defaults 1 2
LABEL=/tmp /tmp ext3 defaults 1 2
LABEL=/var /var ext3 defaults,usrquota 1 2
LABEL=/usr /usr ext3 defaults,usrquota 1 2
LABEL=/boot /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
LABEL=SWAP-sda5 swap swap defaults 0 0
------------

As per the error messages it's clear that file systems has not correctly mounted or entries in that files are wrong. So, you need correct these entries. Please also check following entries in the kernel .config file.

=============
CONFIG_SYSFS_DEPRECATED=y
CONFIG_SYSFS_DEPRECATED_V2=y
=============


Then restart the server. Hope your basic concept will give you clue :)

Try :)

Read More

How to capture the network packet?

Guys,

Try these...

Capture the network packet :

[root@vienna ~]# tcpdump -i eth0 -w traffic.eth0
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes

Read the packet :

[root@vienna ~]# tcpdump -r traffic.eth0
..............................
..............................

Read More

How to change admin password in the table of the mysql database?

Guys,

You can use following command to do the same :

=====
update agb_book_auth set password=MD5("newwpass") where username="admin";
=====

Where table agb_book_auth contains admin and password attributes.

OR :

=====
update wp_users set user_pass = 'b15a2021cb835426552c5d8599d5c7ab' where user_login = 'admin';
=====
Then execute : flush privileges;

Try :)

Read More

Plesk configuration files path + linux?

Guys,

Here are the paths :

Plesk Config & Binary file

Linux :

===========================================================
# Plesk tree
PRODUCT_ROOT_D - /usr/local/psa
==================================================
# Directory of SysV-like Plesk initscripts
PRODUCT_RC_D - /etc/init.d

/etc/psa/psa.conf // common config file
/etc/psa/.psa.shadow // admin password file
/var/log // common log file
/etc/local/psa/admin/logs //plesk log file
================================================

# Directory for config files
PRODUCT_ETC_D - /usr/local/psa/etc
================================================

# Virtual hosts directory
HTTPD_VHOSTS_D - /var/www/vhosts
/var/www/vhosts//anon_ftp , cgi-bin, conf, error_docs , httpdocs, httpsdocs , pd , private , statistics-->/logs(domain logs), subdomains , web

Domain based httpd.conf file:- /var/www/vhosts/conf/httpd.include
Doc root : /var/www/vhosts//httpdocs
===============================================

# Apache configuration files directory
HTTPD_CONF_D - /etc/httpd/conf/httpd.conf //server based
/var/www/vhosts/conf/httpd.include // domain based
------------------------------------------------------------------------------------------------------------
# Apache include files directory
HTTPD_INCLUDE_D - /etc/httpd/conf.d/mailman.conf , perl.conf, python.conf , webalizer.conf, zz010_psa_httpd.conf, fcgid.conf, manual.conf , php.conf, ssl.conf, welcome.conf
------------------------------------------------------------------------------------------------------------
# Apache binary files directory
HTTPD_BIN_D - /usr/bin
--------------------------------------------------------------------------------------------------------------
#Apache log files directory
HTTPD_LOG_D - /var/log/httpd
-----------------------------------------------------------------------------------------------------------
#apache startup script
HTTPD_SERVICE httpd
/etc/init.d/httpd [start|stop|restart|status]


================================================

# Qmail directory
QMAIL_ROOT_D /var/qmail

# Location of qmail maildirs
QMAIL_MAILNAMES_D /var/qmail/mailnames/
/var/qmail/mailnames//mail a/c/Maildir/new,cur,tmp
# Path to rblsmtpd
RBLSMTPD /usr/sbin/rblsmtpd

# Courier-IMAP
COURIER_IMAP_ROOT_D /

/etc/init.d/qmail [status,start,stop,restart] //service control

================================================
# Proftpd
FTPD_CONF /etc/proftpd.conf
FTPD_CONF_INC /etc/proftpd.include
FTPD_BIN_D /usr/bin
FTPD_VAR_D /var/run/proftpd
FTPD_SCOREBOARD /var/run/proftpd/scoreboard

Log file :- /var/log/xferlog
Service control :- /etc/init.d/proftpd [start,stop,status,restart]
================================================
# Bind
NAMED_RUN_ROOT_D /var/named/run-root/etc/named.conf
/var/named/run-root/var/ // db record

Service control :- /etc/init.d/named [status,start,stop,restart]
log:- /var/log/messages
===============================================

# Webalizer
WEB_STAT /usr/bin/webalizer
===============================================
# Logrotate
LOGROTATE /usr/local/psa/logrotate/sbin/logrotate
===============================================
# MySQL
MYSQL_VAR_D /var/lib/mysql
MYSQL_BIN_D /usr/bin

Service control:- /etc/rc.d/init.d /mysqld [start,stop,restart,status]
log :- /var/log/messages
===============================================
# PostgreSQL
PGSQL_DATA_D /var/lib/pgsql/data
PGSQL_BIN_D /usr/bin
===============================================
# Backups directory
DUMP_D /var/lib/psa/dumps
===============================================
# Mailman directories
MAILMAN_ROOT_D /usr/lib/mailman
MAILMAN_VAR_D /var/lib/mailman
===============================================
# Python binary
PYTHON_BIN /usr/bin/python2.3

# Tomcat root directory
CATALINA_HOME /usr/share/tomcat5

# DrWeb
DRWEB_ROOT_D /opt/drweb
DRWEB_ETC_D /etc/drweb

# GnuPG binary
GPG_BIN /usr/bin/gpg

# Tar binary
TAR_BIN /bin/tar
===============================================
# Curl certificates
CURL_CA_BUNDLE_FILE /usr/share/curl/curl-ca-bundle.crt
=========================================================
# AWStats
AWSTATS_ETC_D /etc/awstats
AWSTATS_BIN_D /var/www/cgi-bin/awstats
AWSTATS_TOOLS_D /usr/share/awstats
AWSTATS_DOC_D /var/www/html/awstats
===============================================
# openssl binary
OPENSSL_BIN /usr/bin/openssl

LIB_SSL_PATH /lib/libssl.so
LIB_CRYPTO_PATH /lib/libcrypto.so

CLIENT_PHP_BIN /usr/local/psa/bin/php-cli
--------------------------------------------------------------------------------------------------
Psa Spammasion:-
/usr/local/psa/admin/bin/spamd --status
--stop
--start
--------------------------------------------------------------------------------------------------

===========================

Check it out :)

Read More

Links for linux commands?

You can refer following links :

==========
http://www.hscripts.com/tutorials/linux-commands/who.html
http://www.pixelbeat.org/cmdline.html
=========

NFS and NIS configuration :

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch30_:_Configuring_NIS

If you get any link you can share here :)

Munin(server monitoring) configuration link :

http://wiki.kartbuilding.net/index.php/Munin_Statistics

Read More

How to use grep,find,sor,pg,ip,wget commands in linux

Guys,

grep -irl saqun.com * [i=case sensitive,allow both case. r=recursive, l=list out] // search domain in /hsphere/local/config/httpd/sites/
1.check php version: php -v
2.check which php: php -i // php -i |grep php.ini
3./usr/local/cpanel/logs // logs of cpanel
4./var/cpanel/userdata // gives the user data.
5.ctrl+] // to come out from established connection
Then q enter.

7.Search customer by name or by email id:-
8.vps # vzctl enter (id of domain) // to go to root of particular domain.

9.For neural customer search from database the details. Take user & password and login from www.emcwebhosting.com site.

10.cd /dir && command
11.ls /etc | pr -T9 -W$COLUMNS // print contents in 9 columns.pr=print T9=9 column W=width.
12.find -name '*.[ch]' | xargs grep -E 'expr' //Search 'expr' in this dir and below. See also findrepo
13.find -type f -print0 | xargs -r0 grep -F 'example' //Search all regular files for 'example' in this dir and below
14.find -maxdepth 1 -type f | xargs grep -F 'example' //Search all regular files for 'example' in this dir

15.find -type f ! -perm -444 ///Find files not readable by all (useful for web site)
16.find -type d ! -perm -111 //Find dirs not accessible by all (useful for web site)
17.grep --color kamal /etc/passwd //Highlight occurances of regular expression in dictionary

18. gpg -c file //Encrypt file
gpg file.gpg //Decrypt file
19. scp -p -r $USER@$HOST: file dir/ // Copy with permissions to $USER's home directory on $HOST

20.ssh -g -L 8080:localhost:80 root@$HOST //Forward connections to $HOSTNAME:8080 out to $HOST:80
ssh -R 1434:imap:143 root@$HOST //Forward connections from $HOST:1434 in to imap:143

21.
wget -c http://www.example.com/large.file //Continue downloading a partially downloaded file
wget -r -nd -np -l1 -A '*.jpg' http://www.example.com/dir/ //Download a set of files to the current directory

22.
echo 'wget url' | at 01:00 //Download url at 1AM to current dir
wget --limit-rate=20k url //Do a low priority download (limit to 20KB/s in this case)
wget -o log url // faults r stored in log file . log=/x.txt
wget --dns-timeout=seconds url
--connect-timeout=seconds url
--read-timeout=seconds url
--limit-rate=amount url
--user=user url
--password=password url

23. ethtool eth1 // show status of ethernate 0 1
24.ip link show //List network interfaces
25.

ethtool eth0 //Show status of ethernet interface eth0
ethtool --change eth0 autoneg off speed 100 duplex full //Manually set ethernet interface speed
iwconfig eth1 //Show status of wireless interface eth1
iwconfig eth1 rate 1Mb/s fixed //Manually set wireless interface speed
iwlist scan //List wireless networks in range
ip link set dev eth0 name wan //Rename interface eth0 to wan
ip link set dev eth0 up //Bring interface eth0 up (or down)
ip addr show //List addresses for interfaces
ip addr add 1.2.3.4/24 brd + dev eth0 //Add (or del) ip and mask (255.255.255.0)
ip route show //List routing table
ip route add default via 1.2.3.254 //Set default gateway to 1.2.3.254


26.
netstat -tupl //List internet services on a system with it we can search anything by grep
netstat -tup //List active connections to/from system
27.

cal -3 // Display a calendar
cal 9 1752 // Display a calendar for a particular month year
date -d fri //What date is it this friday. See also day
28. ls -lSr ls -lS // show the file order in size.

29. df -h Show free space on mounted filesystems
• df -i Show free inodes on mounted filesystems
• fdisk -l Show disks partitions sizes and types (run as root)

30.lsof -p $$ //List paths that process id has open
tcpdump not port 22 //Show network traffic except ssh. See also tcpdump_not_me
ps -e -o pid,args --forest //List processes in a hierarchy
ps -p 1,2 //List info for particular process
watch -n.1 'cat /proc/interrupts' // Watch changeable data continuously IDs

=================================================
31.• uname -a //Show kernel version and system architecture
• head -n1 /etc/issue //Show name and version of distribution
• cat /proc/partitions //Show all partitions registered on the system
• grep MemTotal /proc/meminfo //Show RAM total seen by the system
• grep "model name" /proc/cpuinfo //Show CPU(s) info
• lspci -tv //Show PCI info
• lsusb -tv //Show USB info
• mount | column -t //List mounted filesystems on the system (and align output)
• grep -F capacity: /proc/acpi/battery/BAT0/info // Show state of cells in laptop battery
# dmidecode -q | less //Display SMBIOS/DMI information
# smartctl -A /dev/sda | grep Power_On_Hours //How long has this disk (system) been powered on in total
# hdparm -i /dev/sda //Show info about disk sda
# hdparm -tT /dev/sda //Do a read speed test on disk sda
# badblocks -s /dev/sda
=====================================================

32. pg
Used to display data one page (screenful) at a time. The command can take a number of filenames as arguments.
Pg [option] [filename] [filename2]…..

33.sort
Sort is a utility program that can be used to sort text files in numeric or alphabetical order
Sort [filename]


34.& - run a program in background mode.
=================================================
35. Get back windows admin password: "C:\Program Files\SWsoft\Plesk\admin\bin\plesksrvclient.exe" –get


Check it out :)

Read More

How to delete file using inode number?

Ans :

You can find the file and remove it by rm -f command like :

$ find . -inum 782263 -exec rm -f {} \;

To view the inode number :

ls -il

Try :)

Read More

Install firewalls on linux?

Security Softwares

1. APF
2. BFD
3. CSF
4. RkHunter
5. ChkRootkit
6. DDOS-Deflate
7. Secure-Nobody

-===========================
APF

cd /usr/local/src/;
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz;
tar -xvzf apf-current.tar.gz;
rm -rf apf-current.tar.gz;
cd apf-0*;
./install.sh



BFD

cd /usr/local/src/;
wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz;
tar -xvzf bfd-current.tar.gz;
rm -rf bfd-current.tar.gz;
cd bfd-0*;
./install.sh



CSF

http://configserver.com/cp/csf.html

cd /usr/local/src/;
wget http://www.configserver.com/free/csf.tgz;
tar -xzf csf.tgz;
cd csf;
sh install.sh



RkHunter

cd /usr/local/src/;
wget http://downloads.rootkit.nl/rkhunter-1.1.4.tar.gz;
tar -xzvf rkhunter-1.1.4.tar.gz;
rm -rf rkhunter-*;
cd rkhunter;
./installer.sh

Run
rkhunter -c



ChkRootkit

cd /usr/local/src/;
wget http://www.net-security.org/dl/software/chkrootkit.tar.gz;
tar zxvf chkrootkit.tar.gz;
rm -rf chkrootkit.tar.gz;
cd chkrootkit-0*;
make sense

Run
./chkrootkit -x



DDOS-Deflate


Description:
When you run this Perl script, it will then run an netstat command check how many times each IP is connected and if there are more then the number of connections you specified then it will automatically run a command in APF for the IP to be banned.

Installing:
wget http://www.inetbase.com/scripts/ddos/install.sh
chmod 0700 install.sh
./install.sh

Uninstalling:
wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
chmod 0700 uninstall.ddos
./uninstall.ddos



Secure Nobody


wget -O securenobody.rpm servstra.com/securenobody.rpm;
rpm -Uvh securenobody.rpm;
cd /usr/local/securenobody ;
./securenobody
==========================

Try :

Read More

How to secure linux server?

Guys,

You can refer the following URL :

======
http://www.mysql-apache-php.com/basic-linux-security.htm
======

check :)

Read More

How to setup loop device?

Guys,

In Unix-like operating systems, a loop device, vnd (vnode disk), or lofi (loopback file interface) is a pseudo-device that makes a file accessible as a block device.


losetup /dev/loop0 example.img
mount /dev/loop0 /home/you/dir

The second command mounts the device on the directory /home/you/dir. The overall effect of executing these two commands is that the content of the file is used as a file system rooted at the mount point.

The mount utility is usually capable of handling the entire procedure:

mount -o loop example.img /home/you/dir

Try :)

Read More

How to create tmp partition on linux server?

PS : Making more available for you :

====
If you do not have any /tmp partition you will need to follow the directions below to create and mount a partition.

Create a 190Mb partition
shell: cd /dev/; dd if=/dev/zero of=tmpMnt bs=1024 count=200000

Format the partition
shell: mke2fs /dev/tmpMnt

Make a backup of the old data
shell: cp -Rp /tmp /tmp_backup

Mount the temp filesystem
shell: mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp

Set the permissions
shell: chmod 1777 /tmp

Copy the old files back
shell: cp -Rp /tmp_backup/* /tmp/

Once you do that go ahead and start mysql and make sure it works ok.
If it does you can add this line to the bottom of the /etc/fstab to automatically have it mounted:
/dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0

While we are at it we are going to secure /dev/shm. Look for the mount line for /dev/shm and change it to the following:
none /dev/shm tmpfs noexec,nosuid 0 0

Umount and remount /dev/shm for the changes to take effect.
shell: umount /dev/shm
shell: mount /dev/shm

If everything still works fine you can go ahead and delete the /tmp_backup directory.
shell: rm -rf /tmp_backup
====

Try :)

Read More

[a fatal error or timeout occurred while processing this directive] + cpanel

Guys,

Just check the cpanel log file and you'll get the clue from there. I got following messages :

execute : tail -f /usr/local/cpanel/logs/error_log

=====
[2010-11-03 15:16:46 -0700] warn [branding::include] Encountered error in branding::include: Branding::include(index.html) failed: can't write into /home/j279259/.cpanel/nvdata.cache: Disk quota exceeded at /usr/local/cpanel/Cpanel/NVData.pm line 60
=====

I have reduced the disk usage to fix the issue.

Try :)

Read More

How to use strace command in linux?

Guys,

strace is a useful diagnostic, instructional, and debugging tool. System administrators, diagnosticians and trouble-shooters will find it invaluable for solving problems with programs for which the source is not readily available since they do not need to be recompiled in order to trace them.

Here is the exact usage of the strace command :

=========
Arguments and returned value :

Each line in the trace contains the system call name, followed by its arguments in parentheses and its return value. An example from stracing the command ''cat /dev/null'' is:

open("/dev/null", O_RDONLY) = 3

Errors (typically a return value of -1) have the errno symbol and error string appended.

open("/foo/bar", O_RDONLY) = -1 ENOENT (No such file or directory)


Examples :

strace -s ls
strace -o output_file ls
strace -o outputfile -d ls
strace -e expr

like
strace -e trace=set
strace -e trace=open
strace -e trace=read
strace -e trace=file
strace -e trace=process
strace -e trace=network
strace -e trace=signal
strace -e trace=ipc
strace -e trace=desc //descriptors
strace -e read=set

For example, to see all input activity on file descriptors 3 and 5 use
-e read=3,5
For example, to see all output activity on file descriptors 3 and 5 use
-e write=3,5

-p pid //Attach to the process with the process ID pid and begin tracing

example : strace -e trace=network -p 4009

-u username //Run command with the user ID , group ID , and supplementary groups of username
===============

Special Use :

==================
1. Find out which config files a program reads on startup :-

strace php 2>&1 | grep php.ini
strace -e open php 2>&1 | grep php.ini

2. Why does this program not open my file?

$ strace -e open,access 2>&1 | grep your-filename

Look for an open() or access() syscall that fails

3. What is that process doing RIGHT NOW?

Ever had a process suddenly hog lots of CPU? Or had a process seem to be hanging?

strace -p 15427

4. What is taking time?

strace -c -p 11084

5. Can't I connect to that server?

strace -e poll,select,connect,recvfrom,sendto nc www.yahoo.com 80
================

Note :

-------------------------
ps -e -o pcpu,cpu,nice,state,cputime,args --sort pcpu | sed '/^ 0.0 /d' //
List processes by % cpu usage

ps -C firefox-bin -L -o pid,tid,pcpu,state //
List all threads for a particular process

watch -n.1 'cat /proc/interrupts' //
Watch changeable data continuously
--------------------------

try :)

Read More

How to view binary file in linux?

Guys,

Ans :

====
hexdump /bin/ps //in hexadecimal format
od /bin/ps //in octal format
strings /bin/ps //in human readable
====

check :)

Read More

What's the exact path of system call functions in linux?

Ans :

Where are the system call fuctions stored : /usr/src/linux/kernel/sys_call.S
many of the system calls can be found in /usr/src/linux/kernel/sys.c
Some system calls, like fork, have their own source file (e.g., kernel/fork.c).

Check it out :)

Read More

How to add shared libraries on linux?

Guys,

Example :

------
1. As root, edit file /etc/ld.so.conf. Add a line like /usr/local/pgsql/lib
2. Then run command /sbin/ldconfig
3.#In a bash shell, type
export LD_LIBRARY_PATH=/usr/local/pgsql/lib
4#In a csh shell, type
setenv LD_LIBRARY_PATH /usr/local/pgsql/lib
------

That's it. try :)

Read More

mysql query chache clear

Guys,

You can use the following command to clear the cache :

======
RESET QUERY CACHE;
======

Ref :

http://dev.mysql.com/tech-resources/articles/mysql-query-cache.html

try :)

Read More

Linux + firewall + iptables configuring ?

Firewall configuring :) Here is the excellent URL.

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptables

check :)

Read More

How to install xinetd on linux ?

Guys,

You can install it by yum like : yum install xinted*

Configuring :

xinetd Configuration files location

Following are important configuration files for xinetd:

/etc/xinetd.conf - The global xinetd configuration file.
/etc/xinetd.d/ directory - The directory containing all service-specific files such as ftp
Task: Understanding default configuration file

You can view default configuration file with less or cat command:
# less /etc/xinetd.conf
OR
# cat /etc/xinetd.conf
Output:

# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{
instances = 60
log_type = SYSLOG authpriv
log_on_success = HOST PID
log_on_failure = HOST
cps = 25 30
}

includedir /etc/xinetd.d
Where,

instances = 60 : Determines the number of servers that can be simultaneously active for a service. So 60 is the maximum number of requests xinetd can handle at once.
log_type = SYSLOG authpriv: Determines where the service log output is sent. You can send it to SYSLOG at the specified facility (authpriv will send log to /var/log/secure file).
log_on_success = HOST PID: Force xinetd to log if the connection is successful. It will log HOST name and Process ID to /var/log/secure file.
log_on_failure = HOST: Force xinetd to log if there is a connection dropped or if the connection is not allowed to /var/log/secure file
cps = 25 30: Limits the rate of incoming connections. Takes two arguments. The first argument is the number of connections per second to handle. If the rate of incoming connections is higher than this, the service will be temporarily disabled. The second argument is the number of seconds to wait efore re-enabling the service after it has been disabled. The default for this setting is 50 incoming connections and the interval is 10 seconds. This is good to avoid DOS attack against your service.
includedir /etc/xinetd.d: Read other service specific configuration file this directory.

Try :)

Read More

how to integrate TCP wrapper with xinetd + linux ?

Guys,

During installation of xinetd just use the option --with-libwrap=/path/to/libfile

That't it.

Read More

How do I examine TCP wrapper config file?

Guys.

Use tcpdchk command toexamines your tcp wrapper configuration and reports all potential and real problems it can find.

tcpdchk
tcpdchk -v

try :)

Read More

How do I predict how the TCP wrapper would handle a specific request for service?

Guys,

Use tcpdmatch command. predict how tcpd would handle a sshd request from the local system:

tcpdmatch sshd localhost

The same request, pretending that hostname lookup failed:

tcpdmatch sshd 192.168.1.5

To predict what tcpd would do when the client name does not match the client address:

tcpdmatch sshd paranoid

Replace sshd with in.telnetd, or ftpd and so on. You can use all daemon names specified in inetd.conf or xinetd.conf file.

try :)

Read More

Default Log Files of TCPwrapper ?

TCP Wrappers will do all its logging via syslog according to your /etc/syslog.conf file. The following table lists the standard locations where messages from TCP Wrappers will appear:

AIX - /var/adm/messages
HP-UX - /usr/spool/mqueue/syslog
Linux - /var/log/messages
FreeBSD / OpenBSD / NetBSD - /var/log/messages
Mac OS X - /var/log/system.log
Solaris - /var/log/syslog

Read More

Configuring TCP Wrapper Config Files?

Guys,

Note : I made this article more available for you.

/etc/hosts.allow and /etc/hosts.deny

File protections: the wrapper, all files used by the wrapper, and all directories in the path leading to those files, should be accessible but not writable for unprivileged users (mode 755 or mode 555). Do not install the wrapper set-uid.

As the root user, perform the following edits on the /etc/inetd.conf configuration file:

finger stream tcp nowait nobody /usr/sbin/in.fingerd in.fingerd

becomes:

finger stream tcp nowait nobody /usr/sbin/tcpd in.fingerd

[Note]
Note

The finger server is used as an example here.

Similar changes must be made if xinetd is used, with the emphasis being on calling /usr/sbin/tcpd instead of calling the service daemon directly, and passing the name of the service daemon to tcpd.

Contents :

Installed Programs: tcpd, tcpdchk, tcpdmatch, try-from, and safe_finger
Installed Library: libwrap.{so,a}
Installed Directories: None

Short Descriptions :

tcpd : is the main access control daemon for all Internet services, which inetd or xinetd will run instead of running the requested service daemon.

tcpdchk : is a tool to examine a tcpd wrapper configuration and report problems with it.

tcpdmatch : is used to predict how the TCP wrapper would handle a specific request for a service.

try-from : can be called via a remote shell command to find out if the host name and address are properly recognized.

safe_finger : is a wrapper for the finger utility, to provide automatic reverse name lookups.

libwrap.{so,a}


contains the API functions required by the TCP Wrapper programs as well as other programs to become “TCP Wrapper-aware”.

Try :)

Read More

How to install tcpwrapper on linux server?

Guys,

Ans : yum install tcpd

Or From sources :

#Download (HTTP): http://files.ichilton.co.uk/nfs/tcp_wrappers_7.6.tar.gz
#Download (FTP): ftp://ftp.porcupine.org/pub/security/tcp_wrappers_7.6.tar.gz
Download MD5 sum: e6fa25f71226d090f34de3f6b122fb5a

#Additional Downloads
Required Patch (Fixes some build issues and adds building a shared library): http://www.linuxfromscratch.org/patches/blfs/svn/tcp_wrappers-7.6-shared_lib_plus_plus-1.patch


Installation of TCP Wrapper

Install TCP Wrapper with the following commands:

patch -Np1 -i ../tcp_wrappers-7.6-shared_lib_plus_plus-1.patch &&
sed -i -e "s,^extern char \*malloc();,/* & */," scaffold.c &&
make REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux

This package does not come with a test suite.

Now, as the root user:

make install

Note : sed -i -e ... scaffold.c: This command removes an obsolete C declaration which causes the build to fail if using GCC >= 3.4.x.

that's it :)

Read More

Secure Linux Using TCP Wrappers or Protect the daemons using TCP wrappers on Linux??

Guys,

TCP Wrappers can be used to GRANT or DENY access to various services on your machine to the outside network or other machines on the same network. It does this by using simple Access List Rules which are included in the two files /etc/hosts.allow and /etc/hosts.deny .

Let us consider this scenario: A remote machine remote_mc trying to connect to your local machine local_mc using ssh.

When the request from the remote_mc is received by the tcp wrapped service (SSH in this case), it takes the following basic steps:

1. It checks the /etc/hosts.allow file and applies the first rule specified for that service. If it finds a matching rule , it allows the connection. If no rule is found, it moves on to step 2.

2. It checks the /etc/hosts.deny file and if a matching rule is found, it deny's the connection.

Points to remember

Rules in hosts.allow takes precedence over rules in hosts.deny . Which means if a matching rule is found in hosts.allow file, the remote_mc is allowed access to the service even if there is a matching deny rule in hosts.deny file.
You can have only one rule per service in hosts.allow and hosts.deny file.
If there are no matching rules in either of the files or if the files don't exist, then the remote_mc is allowed access to the service.
Any changes to hosts.allow and hosts.deny file takes immediate effect.

Rule Syntax
The syntax for both hosts.allow and hosts.deny file takes the following form:

daemon : client [:option1:option2:...]

Where daemon can be a combination of ssh daemon, ftp daemon, portmap daemon and so on. Basically any service which has support for libwrap.a library compiled into it is a good candidate for utilizing the services of TCP Wrappers.

client is a comma separated list of hostnames, host IP addresses, special patterns or special wildcards which identify the hosts effected by that rule.

options is an optional action like say sending mail to the administrator when this rule is matched, log to a particular file and so on. It can be a colon separated list of actions too.

Examples of using TCP Wrappers

I want to allow SSH access to hosts in a particular domain say xyz.com and deny access to all the others. I enter the following rule in the hosts.allow file.

sshd : .xyz.com

... and in the hosts.deny file I include the rule:

sshd : ALL

The next rule denys FTP access to all the hosts in the abc.co.in domain as well as hosts in the 192.168.1.0 network.

#FILE: /etc/hosts.deny
vsftpd : 192.168.1. , .abc.co.in : spawn /bin/echo `/bin/date` access denied >> /var/log/vsftpd.log : deny

The backslash (\) in the above rule is used to break the line and prevents the failure of the rule due to length.

spawn and deny are options. Spawn launches a shell command as a child process. In the above rule, spawn logs a message to the vsftpd log file each time the rule matches. deny is optional if you are including this rule in the hosts.deny file.

Note: The last line in the files hosts.allow and hosts.deny must be a new line character. Or else the rule will fail.
For example, you can use spawn option to send mail to the admin when ever a deny rule is matched.

Wildcards :-

You can use wildcards in the client section of the rule to broadly classify a set of hosts. These are the valid wildcards that can be used.

ALL - Matches everything
LOCAL - Matches any host that does not contain a dot (.) like localhost.
KNOWN - Matches any host where the hostname and host addresses are known or where the user is known.
UNKNOWN - Matches any host where the hostname or host address are unknown or where the user is unknown.
PARANOID - Matches any host where the hostname does not match the host address.
Patterns

You can also use patterns in the client section of the rule . Some examples are as follows:

ALL : .xyz.com

Matches all hosts in the xyz.com domain . Note the dot (.) at the beginning.

ALL : 123.12.

Matches all the hosts in the 123.12.0.0 network. Note the dot (.) in the end of the rule.

ALL : 192.168.0.1/255.255.255.0

IP address/Netmask can be used in the rule.

ALL : *.xyz.com

Asterisk * matches entire groups of hostnames or IP addresses.

sshd : /etc/sshd.deny

If the client list begins with a slash (/), it is treated as a filename. In the above rule, TCP wrappers looks up the file sshd.deny for all SSH connections.

sshd : ALL EXCEPT 192.168.0.15

If the above rule is included in the /etc/hosts.deny file, then it will allow ssh connection for only the machine with the IP address 192.168.0.15 and block all other connections. Here EXCEPT is an operator.

Note: If you want to restrict use of NFS and NIS then you may include a rule for portmap . Because NFS and NIS depend on portmap for their successful working. In addition, changes to portmap rules may not take effect immediately.

Suppose I want to log all connections made to SSH with a priority of emergency. See my previous post to know more on logging. I could do the following:

sshd : .xyz.com : severity emerg

Note: You can use the options allow or deny to allow or restrict on a per client basis in either of the files hosts.allow and hosts.deny

in.telnetd : 192.168.5.5 : deny
in.telnetd : 192.168.5.6 : allow

Shell Commands :-

As mentioned above, you can couple the rules to certain shell commands by using the following two options.

spawn - This option launches a shell command as a child process. For example, look at the following rule:

sshd : 192.168.5.5 : spawn /bin/echo `/bin/date` from %h >> /var/log/ssh.log : deny

Each time the rule is satisfied, the current date and the clients hostname %h is appended to the ssh.log file.

twist - This is an option which replaces the request with the specified command. For example, if you want to send to the client trying to connect using ssh to your machine, that they are prohibited from accessing SSH, you can use this option.

sshd : client1.xyz.com : twist /bin/echo "You are prohibited from accessing this service!!" : deny

When using spawn and twist, you can use a set of expressions. They are as follows :
%a — The client's IP address.
%A — The server's IP address.
%c — Supplies a variety of client information, such as the username and hostname, or the username and IP address.
%d — The daemon process name.
%h — The client's hostname (or IP address, if the hostname is unavailable).
%H — The server's hostname (or IP address, if the hostname is unavailable).
%n — The client's hostname. If unavailable, unknown is printed. If the client's hostname and host address do not match, paranoid is printed.
%N — The server's hostname. If unavailable, unknown is printed. If the server's hostname and host address do not match, paranoid is printed.
%p — The daemon process ID.
%s — Various types of server information, such as the daemon process and the host or IP address of the server.
%u — The client's username. If unavailable, unknown is printed.

Try :)

Read More

Fatal error: Out of memory (allocated +) (tried to allocate + bytes) ?

Guys,

Please increase the memory size in php.ini file. If it does not work just put following directives in the httpd.conf file and restart apache :

====
RLimitMEM 447392422
RLimitCPU 240
====

You may have increased the RLimitMEM size since above has in bytes.

OR : You can set -1 at ini_set('memory_limit', '-1'); This has in the configuration file of the script.

Try :)

Read More

DATABASE ERROR: CONNECTION FAILED! + roundcube

Guys,

If you get this error just rectify the login details in the /usr/local/cpanel/base/roundcube/config/db.inc.php file since it's clear the DB connection error.

Example :

------
root@2red [/usr/local/cpanel/base/roundcube]# cat config/db.inc.php | grep roundcube
$rcmail_config['db_dsnw'] = 'mysql://roundcube:DB_PASSWORDlocalhost/roundcube';
// postgres example: 'pgsql://roundcube:pass@localhost/roundcubemail';
root@2red [/usr/local/cpanel/base/roundcube]#
------

PS: Name of the roundcube database : roundcube
DB username : roundcube
DB password : DB_PASSWORD //it has in /root/.my.cnf file

Also give grant privileges to that db.

That's it try :)

Read More

How to install roundcube in the cpanel server?

Guys,

I referred the following steps :

-----------
cd /usr/local/cpanel/base
rm -rf roundcube*
mysql -p -e 'drop database roundcube';
chattr -i /usr/local/cpanel/base/frontend/x/webmaillogin.html
chattr -i /usr/local/cpanel/base/webmaillogin.cgi
/scripts/upcp

cd /usr/local/cpanel/base
wget http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.4.2/roundcubemail-0.4.2.tar.gz/download
tar -zxvf roundcube.tar.gz
rm -rf roundcube.tar.gz
mv -f roundcubemail-0.1-rc1 roundcube
cd roundcube
chmod -R 777 temp
chmod -R 777 logs
-----------
mysql -e "CREATE DATABASE roundcube;" -pDATABASEPASSWORD
mysql -e "use roundcube; source SQL/mysql.initial.sql;" -pDATABASEPASSWORD


Now lets sort out the configuration


cd config
mv db.inc.php.dist db.inc.php
mv main.inc.php.dist main.inc.php

Now open db.inc.php

nano db.inc.php

Find

$rcmail_config['db_dsnw'] = 'mysql://roundcube:pass@localhost/roundcubemail';


Replace with

$rcmail_config['db_dsnw'] = 'mysql://root:DATABASEPASSWORD@localhost/roundcube';



Now Open main.inc.php

nano main.inc.php

Find

$rcmail_config['default_host'] = '';


Replace with

$rcmail_config['default_host'] = 'localhost';
-----------
Now we have to configure cPanel to show roundcube in the theme. Please note this is for the X theme(default) only!! If you use another theme please skip the next part and see below.

cd /usr/local/cpanel/base/roundcube/skins/default/images/
cp --reply=yes roundcube_logo.png /usr/local/cpanel/base/frontend/x/images/roundcube_logo.png
cp --reply=yes roundcube_logo.png /usr/local/cpanel/base/webmail/x/images/roundcube_logo.png
cd /usr/local/cpanel/base
wget http://www.hostgeekz.com/files/hostgeekz/HGpatch-roundcube-0.1-rc1
patch -p0 < HGpatch-roundcube-0.1-rc1
----------

chattr +i /usr/local/cpanel/base/frontend/x/webmaillogin.html
chattr +i /usr/local/cpanel/base/webmaillogin.cgi
-----------

try.

Read More

How to migrate Plesk data manually with Plesk Migration Manager?

Manually migration?

[How to] How to migrate Plesk data manually with Plesk Migration Manager?
Article ID: 1152
Last Review: Nov,24 2009 Author: Bezborodova Anastasiya
Last updated by: Bezborodova Anastasiya APPLIES TO:
Plesk 8.x for Linux/Unix
Plesk 9.x for Linux/Unix
Resolution
To do this follow the steps below:

1. Upload migration agent and modules to the source server. For example for Parallels Plesk Panel, there are two folders: /usr/local/psa/PMM/agents/shared and /usr/local/psa/PMM/agents/PleskX. Use the command below to copy the Migration Manager:

destination ~# scp -r /usr/local/psa/PMM/agents/shared/* /usr/local/psa/PMM/agents/PleskX/* root@source:/temporary_migration_directory/

2. Login to source server and change to directory /temporary_migration_directory.
Run migration agent (PleskX.pl) with parameter --help to get all available options of the migration agent. Start dumping with options you need. For example:

source ~# cd /temporary_migration_directory
temporary_migration_directory ~# chmod 755 PleskX.pl
temporary_migration_directory ~# ./PleskX.pl --dump-all

3. This will create dump configuration file dump.xml and content dump archives in current directory /temporary_migration_directory.

4. On the destination server create directory /work_dir and copy file dump.xml from /temporary_migration_directory to it.:

source ~# scp /temporary_migration_directory/dump.xml root@destination:/work_dir/

5. On destination Parallels Plesk Panel 8 create subdirectory /work_dir/archives and copy other content dump files to this directory:

source ~# scp -r /temporary_migration_directory/* root@destinationPPP8:/work_dir/archives/

On destination Parallels Plesk Panel 9 dump.xml and all other content files should locate in the same directory. So copy all other files into /work_dir/:

source ~# scp -r /temporary_migration_directory/* root@destinationPPP9:/work_dir/

6. Deploy the data through Parallels Plesk Panel GUI.

Login to Parallels Plesk Panel (PPP) as administrator and change to the Migration Manager page. The page is Server -> Migration Manager in PPP version 8.x and Home -> Migration Manager in PPP version 9.x

Click button "Start a new migration" and choose "Data import" in PPP version 8.x or "Transfer data already processed by the migration agent and located on the local host." in PPP version 9.x.

In version 8.x pay attention for choosing correct Working directory for the data importing, it should the directory where you put the data to be restored (/work_dir).
In version 9.x put location of dump.xml file in the "Migration data file location" field. It should be /work_dir/dump.xml.

Additional information
In Parallels Plesk Panel version 9 restoration logs of manual migration are located on page Backup Manager at Home -> Backup Manager. So that is normal that you you see the Home page after specifying "Migration data file location" and click Next.


try :)

Read More

How to reduce server's load?

You can refer following steps to deal with to reduce server's load :

=======
1 )netstat -plan | grep :80 | awk '{print $5}' | cut -d: -f 1 | sort | uniq -c | sort -n

2) netstat -plan | grep :25 | awk '{print $5}' | cut -d: -f 1 | sort | uniq -c | sort -n

3) pstree -paul

4) cd /tmp

5) rm -f dos-* sess_* .spamassassin*

6) find . -user nobody -exec rm -f '{}' \;

7) ps -C exim -fH ewww

8) ps -C exim -fH eww |grep home

9) netstat -ntu | grep ':' | awk '{print $5}' | awk '{sub("::ffff:","");print}' | cut -f1 -d ':' | sort | uniq -c | sort -n

10) mysqladmin proc |grep Sleep |awk {'print $4'}|cut -d_ -f 1|sort|uniq -c|sort -nk 1

11) ps -C exim -fH ewww

12) for i in `ipcs -s | awk '{print $2}'`; do (ipcrm -s $i); done

13) for i in `mysqladmin proc |grep Sleep |cut -d " " -f 2`; do mysqladmin kill $i; done

14) exim -bp |grep "*** frozen ***" |awk '{print $3}' |xargs exim -Mrm

15) exiqgrep -z -i | xargs exim -Mrm;exiqgrep -o 432000 -i | xargs exim -Mrm
=======

Try :)

Read More

How to check server's resource usage?

You can use following script :

======
root@magneto [/var/log]# cat resusage.sh
#!/bin/bash
top -b -c -n 1 >topresult
while read line
do
awk '{if( $9 >= 20 ) print $2 ":" $9 ":" $12 }' $line
done <"topresult"
root@magneto [/var/log]

cron :

* * * * * /bin/bash /var/log/resusage.sh 1>>/var/log/server_resusagewq.log

========================
flush log :

root@magneto [/var/log]# cat flush_server_resusage.sh
#!/bin/bash

rm -f /var/log/server_resusage.log
touch /var/log/server_resusage.log
echo "===================`date`===================" >>/var/log/server_resusage.log
root@magneto [/var/log]#

cron :
0 1 * * * /bin/bash /var/log/flush_server_resusage.sh

=========================

try :)
======

Read More

How to login into the server using bash script?

Here is the script :

===
#!/bin/bash

HOST="remote-hostname"
USER="remote-user"
PASS="remore-user-password"
CMD=$@

VAR=$(expect -c "
spawn ssh -o StrictHostKeyChecking=no $USER@$HOST $CMD
match_max 100000
expect \"*?assword:*\"
send -- \"$PASS\r\"
send -- \"\r\"
expect eof
")
echo "==============="
echo "$VAR"
===

Try :)

Read More

How to recursively change the permission of the files?

Use the following commands :

----------
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;
----------

Try :)

Read More

How to get system information using bash script?

Here is the script that you can use :

--------
#!/bin/bash
# grabsysinfo.sh - A simple menu driven shell script to to get information about your
# Linux server / desktop.
# Author: Vivek Gite
# Date: 12/Sep/2007

# Define variables
LSB=/usr/bin/lsb_release

# Purpose: Display pause prompt
# $1-> Message (optional)
function pause(){
local message="$@"
[ -z $message ] && message="Press [Enter] key to continue..."
read -p "$message" readEnterKey
}

# Purpose - Display a menu on screen
function show_menu(){
date
echo "---------------------------"
echo " Main Menu"
echo "---------------------------"
echo "1. Operating system info"
echo "2. Hostname and dns info"
echo "3. Network info"
echo "4. Who is online"
echo "5. Last logged in users"
echo "6. Free and used memory info"
echo "7. exit"
}

# Purpose - Display header message
# $1 - message
function write_header(){
local h="$@"
echo "---------------------------------------------------------------"
echo " ${h}"
echo "---------------------------------------------------------------"
}

# Purpose - Get info about your operating system
function os_info(){
write_header " System information "
echo "Operating system : $(uname)"
[ -x $LSB ] && $LSB -a || echo "$LSB command is not insalled (set \$LSB variable)"
#pause "Press [Enter] key to continue..."
pause
}

# Purpose - Get info about host such as dns, IP, and hostname
function host_info(){
local dnsips=$(sed -e '/^$/d' /etc/resolv.conf | awk '{if (tolower($1)=="nameserver") print $2}')
write_header " Hostname and DNS information "
echo "Hostname : $(hostname -s)"
echo "DNS domain : $(hostname -d)"
echo "Fully qualified domain name : $(hostname -f)"
echo "Network address (IP) : $(hostname -i)"
echo "DNS name servers (DNS IP) : ${dnsips}"
pause
}

# Purpose - Network inferface and routing info
function net_info(){
devices=$(netstat -i | cut -d" " -f1 | egrep -v "^Kernel|Iface|lo")
write_header " Network information "
echo "Total network interfaces found : $(wc -w <<<${devices})"

echo "*** IP Addresses Information ***"
ip -4 address show

echo "***********************"
echo "*** Network routing ***"
echo "***********************"
netstat -nr

echo "**************************************"
echo "*** Interface traffic information ***"
echo "**************************************"
netstat -i

pause
}

# Purpose - Display a list of users currently logged on
# display a list of receltly loggged in users
function user_info(){
local cmd="$1"
case "$cmd" in
who) write_header " Who is online "; who -H; pause ;;
last) write_header " List of last logged in users "; last ; pause ;;
esac
}

# Purpose - Display used and free memory info
function mem_info(){
write_header " Free and used memory "
free -m

echo "*********************************"
echo "*** Virtual memory statistics ***"
echo "*********************************"
vmstat
echo "***********************************"
echo "*** Top 5 memory eating process ***"
echo "***********************************"
ps auxf | sort -nr -k 4 | head -5
pause
}
# Purpose - Get input via the keyboard and make a decision using case..esac
function read_input(){
local c
read -p "Enter your choice [ 1 - 7 ] " c
case $c in
1) os_info ;;
2) host_info ;;
3) net_info ;;
4) user_info "who" ;;
5) user_info "last" ;;
6) mem_info ;;
7) echo "Bye!"; exit 0 ;;
*)
echo "Please select between 1 to 7 choice only."
pause
esac
}

# ignore CTRL+C, CTRL+Z and quit singles using the trap
trap '' SIGINT SIGQUIT SIGTSTP

# main logic
while true
do
clear
show_menu # display memu
read_input # wait for user input
done
--------

PS: Please note that Vivek Gite has written this script and you can modify as per your choice.

Try :)

Read More

Meaning of special characters in bash scripting?

Guys, You can refer the following information for the bash scripting :

===========
1. Basic : Special charecter :
# --> to comment
; --> command separator.
;; --> terminator, used after "case".

like :

case "$variable" in
abc) echo "\$variable = abc" ;;
xyz) echo "\$variable = xyz" ;;
esac
----------
. --> used to create hidden file and denotes current directory.
" -->partial quoting.
' --> full quoting.
\ -->escape [backslash]
/ -->Filename path separator [forward slash]
` -->command substitution. The `command` construct makes available the output of command for assignment to a variable.
: -->null command [colon]
! --> reverse
* -->wild card [asterisk] and arithmetic multiplication.
$ -->Variable substitution (contents of a variable) and end-of-line.
${} --> Parameter substitution.
$*, $@ --> positional parameters.
$$ -->process ID variable.
{} --> Block of code.

{} --> placeholder for text. ex : ls . | xargs -i -t cp ./{} $1
{} \; --> pathname.
[ ] -->test, array element,range of characters.
> &> >& >> < <> --> redirection.

Example :

scriptname >filename redirects the output of scriptname to file filename. Overwrite filename if it already exists.

command &>filename redirects both the stdout and the stderr of command to filename.

command >&2 redirects stdout of command to stderr.

scriptname >>filename appends the output of scriptname to file filename. If filename does not already exist, it is created.

\<, \> --> word boundary , ex : bash$ grep '\' textfile
| --> pipe , echo ls -l | sh

>| --> force redirection

|| and & , && --> logical operator, & = Run job in background
- --> option, ls -al
^ --> beginning-of-line
Ctl-A -->Moves cursor to beginning of line of text (on the command-line).
Ctl-b -- >Backspace
Ctl-E -->Moves cursor to end of line of text (on the command-line).
Ctl-C -->Break. Terminate a foreground job.
Ctl-D -->Log out from a shell
Ctl-F -->Moves cursor forward one character position (on the command-line).
Ctl-B -->Moves cursor backward one character position (on the command-line).
Ctl-H -->Erases characters the cursor backs over while backspacing.
Ctl-I -->Horizontal t
Ctl-L --> clear the terminal screen
Ctl-P -->old command that has been executed.
Ctl-O -->Issues a newline (on the command-line).
Ctl-y --> PASTE
===========

Try to test :)

Read More

How to create fork bomb?

Here is the script to create fork bomb on linux machine.

Please note that once you execute this script, the load of the server will be automatically increased and it'll be hanged.

--------
---
#/bin/sh
$0 &
$0
---
--------

Prevention : http://www.cyberciti.biz/tips/linux-limiting-user-process.html

Try :)

Read More

Who is using more cpu resources on the linux server?

Guys, Here is the script that you can use :

----
This script is used to identify overloading script (http & non-http scripts)...

----
#!/bin/bash

echo
echo "Date/Time CPU% ProcessID ScriptPath"
echo =======================================================================
ps auxw | grep -v root | grep -v /mysql/ | awk '{printf "%d %d\n",$2,$3}' | \
( while read psid cpu; do

if [ $cpu -gt 2 ]; then
lsof -p $psid | grep /home | grep -v sess_ | awk '{print $9}' | \
( while read script_path; do

date +"%m/%d/%Y %H:%M:%S $cpu $psid $script_path"
date +"%m/%d/%Y %H:%M:%S,$cpu,$psid,$script_path" >> /root/sshd-script-overload.log
#mail -s "DDOS ALRT: ESTAB atk on domain.com from $ips ($num conn). Atkr blocked." root < /dev/null > /dev/null

done
)

fi
done

)
echo
----

try :)

Read More

How to send mail using bash script?

You can use following script to send mail(Pls change the e-mail address and its content)
--------
#!/bin/bash
# script to send simple email
# email subject
SUBJECT="SET-EMAIL-SUBJECT"
# Email To ?
EMAIL="admin@somewhere.com"
# Email text/message
EMAILMESSAGE="/tmp/emailmessage.txt"
echo "This is an email message test"> $EMAILMESSAGE
echo "This is email text" >>$EMAILMESSAGE
# send an email using /bin/mail
/bin/mail -s "$SUBJECT" "$EMAIL" < $EMAILMESSAGE
-------

try :)

Read More

Addition, multiplication etc in bash script?

========
#!/bin/bash
x=5 # initialize x to 5
y=3 # initialize y to 3

add=$(($x + $y)) # add the values of x and y and assign it to variable add
sub=$(($x - $y)) # subtract the values of x and y and assign it to variable sub
mul=$(($x * $y)) # multiply the values of x and y and assign it to variable mul
div=$(($x / $y)) # divide the values of x and y and assign it to variable div
mod=$(($x % $y)) # get the remainder of x / y and assign it to variable mod
========

try :)

Read More

How to fetch line by line from the file using bash script?

Guys,

I used following scripts :

----
#!/bin/bash
while read line
do
echo-e "$ line \ n"
done ----

where file name is "file.txt".

Try :)

Read More

Convert mp4 file to flv ?

use following linux command :

--------
/usr/local/bin/mencoder "video.mp4" -o "video.flv" -of lavf -oac mp3lame -lameopts abr:br=56 -ovc lavc -lavcopts vcodec=flv:vbitrate=800:mbd=2:mv0:trell:v4mv:cbp:last_pred=3 -srate 22050 -ofps 24 -vf harddup
--------

Input file name :video.mp4
Output file name : video.flv

try :)

Read More

How to convert mpg file to flv file using ffmpeg or mencoder?

Here are the steps those I once used :

=====
I converted the video using ffmpeg command line as below.
----------
ffmpeg -i lions.mpg lions-ffmpeg.flv
----------

PS: input file name : lions.mpg

The video was converted fine.

Then I converted the video using mencoder using the command mentioned below.

-------------
mencoder lions.mpg -o lions-mencoder.flv -of lavf -oac mp3lame -lameopts abr:br=56 -ovc lavc -lavcopts vcodec=flv:vbitrate=800:mbd=2:mv0:trell:v4mv:cbp:last_pred=3 -vf scale=450:400 -srate 22050
--------------

Then I generated a thumbnail using ffmpeg command mentioned below.

-------------
ffmpeg -i lions-ffmpeg.flv -ss 1 -t 00:00:01 -s 120x90 -r 1 -f mjpeg lions.jpg
-------------

Then I added meta data to the video.

-------------
flvtool2 -U -P lions-ffmpeg.flv
hasKeyframes: true
hasMetadata: true
duration: 9.976
cuePoints:
audiosamplerate: 44000
audiodatarate: 63.0167957356935
datasize: 482188
---------------
=====

Try :)

Read More

How to Install PAE kernel?

To install PAE kernel, use yum command:

1.
--------
yum install kernel-PAE
---------

Just reboot the server and make sure you boot with PAE kernel i.e. 2.6.18-8.1.15.el5PAE:

2.
---------
reboot
---------

First, update to the latest current kernel, then install the correct -devel package --

3.
---------
yum update kernel
yum install kernel-devel
---------

Finally, reboot and ensure that you are now running kernel-2.6.18-164.11.1.el5 by "uname -a" command.
===========

kernel-PAE-debuginfo rpm build for : RedHat EL 5. For other distributions click here.

Name : kernel-PAE-debuginfo

Version : 2.6.18
Vendor : Red Hat, Inc_
Release : 164.19.1.el5
Date : 2010-05-24 23:43:01
Group : Development/Debug
Source RPM : kernel-2.6.18-164.19.1.el5.src.rpm
Size : 409.63 MB


========
src :

http://rpm.pbone.net/index.php3/stat/4/idpl/14130160/dir/redhat_el_5/com/kernel-PAE-debuginfo-2.6.18-164.19.1.el5.i686.rpm.html
==========

Try :)

Read More

Can't connect to X11 window server using ':0.0' as the value of the DISPLAY variable

Guys, The steps didn't work on our server but it worked for some other guys.

=======
From one xterm run "su oracle-user" then run "export DISPLAY=localhost:0.0"
From another xterm run: "xhost +" and then from the first xterm run the installer.

$ xhost + # this allows any host to connect to the local X11 session
=======

Try :)

Read More

How to install oracle database 10g on linux server?

Guys, I referred following steps to do the same :


Oracle 10G Installations on linux 64 or 32 arch) :-

==========

1. Minimum Requirement 40 GB Hard disk and 512 RAM.
2. Check following latest packages has been installed on 32 bit linux machine :-

Note : Please note that try search in google like "download name + rpm". As an example : download Imlib _ + rpm. Then download latest rpm and use "rpm -Uvh package name " to install them. Always try download from pbone.com

.....................
Binutils-2.15.92.0.2-10.EL4
Compat-db-4.1.25-9
Control-center-2.8.0-12
Gcc-3.4.3-9.EL4
Gcc-c++-3.4.3-9.EL4
Glibc-2.3.4-2
Glibc-common-2.3.4-2
Gnome-libs-1.4.1.2.90-44.1
Libstdc++-3.4.3-9.EL4
Libstdc++-devel-3.4.3-9.EL4
Make-3.80-5
Pdksh-5.2.14-30
Sysstat-5.0.5-1
Xscreensaver-4.18-5.rhel4.2
libaio-0.3.9
.......................

3. For 64 bit architechture following packages must be there :

Note : please note that try search in google like "download name + x86_64.rpm". As an example : download Imlib _ x86_64.rpm. Then download latest rpm and use "rpm -Uvh package name " to install them. Always try download from pbone.com. It's very fast and reliable.

====
gcc-3.4.4-2.x86_64.rpm
gcc-c++-3.4.4-2.x86_64.rpm
Libstdc++-devel-3.4.4-2.x86_64.rpm
Cpp-3.4.4-2.x86_64.rpm
Glibc-devel-2.3.4-2.13.x86_64.rpm
Glibc-headers-2.3.4-2.13.x86_64.rpm
Glibc-kernheaders-2.4-9.1.98.EL.x86_64.rpm
gnome-libs-1.4.1.2.90-44.1.x86_64.rpm
Compat-db-4.1.25-9.x86_64.rpm
ORBit-0.5.17-14.x86_64.rpm
Gtk+-1.2.10-33.x86_64.rpm
Imlib-1.9.13-23.x86_64.rpm
Libpng10-1.0.16-1.x86_64.rpm
Gdk-pixbuf-0.22.0-16.el4.x86_64.rpm
Libungif-4.1.3-1.x86_64.rpm
sysstat-5.0.5-1.x86_64.rpm
====

3a). Make sure following Kernel parameters has been tuned :

=====
shmmax = 2147483648
shmmni = 4096
shmall = 2097152
shmseg = 10
semmsl = 250
semmns = 32000
semopm = 100
semmni = 128
file-max = 65536
ip_local_port_range = 1024 65000
rmem_default = 262144
rmem_max = 262144
wmem_default = 262144
wmem_max = 262144
=======

Run :
=======
/sbin/sysctl -p
=======

3b) Add the following lines to the /etc/security/limits.conf file:

==========
* soft nproc 2047
* hard nproc 16384
* soft nofile 1024
* hard nofile 65536
==========

Add the following line to the /etc/pam.d/login file, if it does not already exist:

==========
session required pam_limits.so
==========

Disable secure linux by editing the /etc/selinux/config file, making sure the SELINUX flag is set as follows:

=========
SELINUX=disabled
=========

4. Creating Oracle User Accounts :
As a root user :

=========
groupadd dba
groupadd oinstall
useradd -c "Oracle software owner" -g oinstall -G dba oracle
passwd oracle
=========

Note : //option -G : oracle is supplemntary user in the group dba

5. Creating directories :

=========
mkdir /u01/app /u01/app/oracle /u01/oradata
chown oracle:oinstall /u01/app /u01/app/oracle /u01/oradata
chmod 775 /u01/app /u01/app/oracle /u01/oradata
=========

6. Download the oracle database source file for 64 or 32 bit linux machine. Here is the site :

-----
http://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html
-----

a). Download the Oracle 10g release 2 (10.2.0.1.0) software from Oracle website.
Extract the files using following command: For 32bit installation archive

cd /usr/local/src/

unzip 10201_database_linux32.zip

b) For 64bit installation archive

gunzip 10201_database_linux_x86_64.cpio.gz
cpio -idmv <10201_database_linux_x86_64.cpio

For RHEL 5, Centos 5: Modify database/install/oraparam.ini file and add "redhat-5" to "Certified Versions" section.
Example:

[Certified Versions]
Linux=redhat-3,SuSE-9,redhat-4,UnitedLinux-1.0,asianux-1,asianux-2,redhat-5

8. Login as root and issue the following command:

=======
xhost +
=======
Note : Either use only + or use mc ip where x windows has. + will search all attached mc where x windows has.

9. Login as the oracle user and add the following lines at the end of the .bash_profile file:

-----------------------
# Oracle Settings
TMP=/tmp; export TMP
TMPDIR=$TMP; export TMPDIR

ORACLE_BASE=/u01/app/oracle; export ORACLE_BASE
ORACLE_HOME=$ORACLE_BASE/product/10.2.0/db_1; export ORACLE_HOME
ORACLE_SID=TSH1; export ORACLE_SID
ORACLE_TERM=xterm; export ORACLE_TERM
PATH=/usr/sbin:$PATH; export PATH
PATH=$ORACLE_HOME/bin:$PATH; export PATH

LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib; export LD_LIBRARY_PATH
CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib; export CLASSPATH

if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
fi
-------------

10. cd /home/oracle
. .bash_profile //activating current settings for oracle user

Installation :


11. Log into the oracle user. If you are using X emulation then set the DISPLAY environmental variable : like

........................
su - oracle
DISPLAY=:0.0; export DISPLAY

or : DISPLAY=localhost:0.0; export DISPLAY

You may have to execute as a oracle user :

export TMP=/oratmp
export TEMPDIR=/oratmp
..............


12. Start the Oracle Universal Installer (OUI) by issuing the following command in the database directory:

Go to database directory :

cd /usr/local/src/database
./runInstaller


13. You may see x11 windows could not find error. In that case make it sure that one x11 machine has connected to your server.

If it goes fine, try to proceed further to install oracle via GUI.
==============================

A) Post-Instalation Tasks : Auto Startup and Shutdown of Database and Listener :-

Login as root and modify /etc/oratab file and change last character to Y for apropriate database.

ORCL:$ORACLE_BASE/product/10.2.0/db_1:Y

As root user create new file "oracle" (init script for startup and shutdown the database) in /etc/init.d/ directory with following content:

===============
#!/bin/bash
#
# oracle Init file for starting and stopping
# Oracle Database. Script is valid for 10g and 11g versions.
#
# chkconfig: 35 80 30
# description: Oracle Database startup script

# Source function library.

. /etc/rc.d/init.d/functions

ORACLE_OWNER="oracle"
ORACLE_HOME="$ORACLE_BASE/product/10.2.0/db_1"

case "$1" in
start)
echo -n $"Starting Oracle DB:"
su - $ORACLE_OWNER -c "$ORACLE_HOME/bin/dbstart $ORACLE_HOME"
echo "OK"
;;
stop)
echo -n $"Stopping Oracle DB:"
su - $ORACLE_OWNER -c "$ORACLE_HOME/bin/dbshut $ORACLE_HOME"
echo "OK"
;;
*)
echo $"Usage: $0 {start|stop}"
esac
==============


Execute (as root) following commands (First script change the permissions, second script is configuring execution for specific runlevels):

chmod 750 /etc/init.d/oracle
chkconfig --add oracle --level 0356


2. Auto Startup and Shutdown of Enterprise Manager Database Control :-

As root user create new file "oraemctl" (init script for startup and shutdown EM DB Console) in /etc/init.d/ directory with following content:

================
#!/bin/bash
#
# oraemctl Starting and stopping Oracle Enterprise Manager Database Control.
# Script is valid for 10g and 11g versions.
#
# chkconfig: 35 80 30
# description: Enterprise Manager DB Control startup script

# Source function library.

. /etc/rc.d/init.d/functions

ORACLE_OWNER="oracle"
ORACLE_HOME="$ORACLE_BASE/product/10.2.0/db_1"

case "$1" in
start)
echo -n $"Starting Oracle EM DB Console:"
su - $ORACLE_OWNER -c "$ORACLE_HOME/bin/emctl start dbconsole"
echo "OK"
;;
stop)
echo -n $"Stopping Oracle EM DB Console:"
su - $ORACLE_OWNER -c "$ORACLE_HOME/bin/emctl stop dbconsole"
echo "OK"
;;
*)
echo $"Usage: $0 {start|stop}"
esac
===============


Execute (as root) following commands (First script change the permissions, second script is configuring execution for specific runlevels):

chmod 750 /etc/init.d/oraemctl
chkconfig --add oraemctl --level 0356

3. You may consider to use rlwrap for comfortable work with sqlplus and rman utility :-
RPM package for RedHat compatible (x86) distribution you can download here.
RPM package for RedHat compatible (x86_64) distribution you can download here.
su -
# rpm -ivh rlwrap*.rpm
# exit
echo "alias sqlplus='rlwrap sqlplus'" >> /home/oracle/.bash_profile
echo "alias adrci='rlwrap rman'" >> /home/oracle/.bash_profile
. /home/oracle/.bash_profile
=================

That's it try :)

Read More