You are on page 1of 141

50UNIX/LinuxSysadminTutorials

1. Disk to disk backup using dd command : 6ExamplestoBackupLinuxUsingddCommand(IncludingDisktoDisk) Warning:Whileusingddcommand,ifyouarenotcareful,andifyoudontknowwhatyouaredoing, youwillloseyourdata!

Example1.BackupEntireHarddisk
Tobackupanentirecopyofaharddisktoanotherharddiskconnectedtothesamesystem,execute theddcommandasshownbelow.Inthisddcommandexample,theUNIXdevicenameofthesource harddiskis/dev/hda,anddevicenameofthetargetharddiskis/dev/hdb.
#ddif=/dev/sdaof=/dev/sdb

ifrepresentsinputfile,andofrepresentsoutputfile.Sotheexactcopyof/dev/sdawillbe availablein/dev/sdb. Ifthereareanyerrors,theabovecommandwillfail.Ifyougivetheparameterconv=noerrorthen itwillcontinuetocopyiftherearereaderrors. Inputfileandoutputfileshouldbementionedverycarefully,ifyoumentionsourcedeviceinthe targetandviceversa,youmightlossallyourdata. Inthecopyofharddrivetoharddriveusingddcommandgivenbelow,syncoptionallowsyouto copyeverythingusingsynchronizedI/O.


#ddif=/dev/sdaof=/dev/sdbconv=noerror,sync

Example2.CreateanImageofaHardDisk
Insteadoftakingabackupoftheharddisk,youcancreateanimagefileoftheharddiskandsaveit inotherstoragedevices.Therearemanyadvantagestobackingupyourdatatoadiskimage,one beingtheeaseofuse.Thismethodistypicallyfasterthanothertypesofbackups,enablingyouto quicklyrestoredatafollowinganunexpectedcatastrophe.
#ddif=/dev/hdaof=~/hdadisk.img

Theabovecreatestheimageofaharddisk/dev/hda.ReferourearlierarticleHow to view initrd.imageformoredetails.

Example3.RestoreusingHardDiskImage
#ddif=hdadisk.imgof=/dev/hdb

Torestoreaharddiskwiththeimagefileofananotherharddisk,usethefollowingddcommand example. Theimagefilehdadisk.imgfile,istheimageofa/dev/hda,sotheabovecommandwillrestorethe imageof/dev/hdato/dev/hdb.

Example4.CreatingaFloppyImage

Usingddcommand,youcancreateacopyofthefloppyimageveryquickly.Ininputfile,givethe floppydevicelocation,andintheoutputfile,givethenameofyourfloppyimagefileasshown below.


#ddif=/dev/fd0of=myfloppy.img

Example5.BackupaPartition
Youcanusethedevicenameofapartitionintheinputfile,andintheoutputeitheryoucanspecify yourtargetpathorimagefileasshownintheddcommandexamplebelow.
#ddif=/dev/hda1of=~/partition1.img

Example6.CDROMBackup
ddcommandallowsyoutocreateanisofilefromasourcefile.SowecaninserttheCDandenterdd commandtocreateanisofileofaCDcontent.
#ddif=/dev/cdromof=tgsservice.isobs=2048

ddcommandreadsoneblockofinputandprocessitandwritesitintoanoutputfile.Youcanspecify theblocksizeforinputandoutputfile.Intheaboveddcommandexample,theparameterbs specifiestheblocksizefortheboththeinputandoutputfile.Sodduses2048bytesasablocksizein theabovecommand. Note:IfCDisautomounted,beforecreatinganisoimageusingddcommand,itsalwaysgoodifyou unmounttheCDdevicetoavoidanyunnecessaryaccesstotheCDROM 2. 15 rsync command examples :Everysysadminshouldmastertheusageofrsync.rsyncutilityisused tosynchronizethefilesanddirectoriesfromonelocationtoanother.Firsttime,rsyncreplicatesthe wholecontentbetweenthesourceanddestinationdirectories.Nexttime,rsynctransfersonlythe changedblocksorbytestothedestinationlocation,whichmakesthetransferreallyfast.

HowtoBackupLinux?15rsyncCommandExamples
rsyncstandsforremotesync. rsyncisusedtoperformthebackupoperationinUNIX/Linux. rsyncutilityisusedtosynchronizethefilesanddirectoriesfromonelocationtoanotherinaneffectiveway.Backup locationcouldbeonlocalserveroronremoteserver.

Importantfeaturesofrsync
Speed:Firsttime,rsyncreplicatesthewholecontentbetweenthesourceanddestinationdirectories.Nexttime,
rsynctransfersonlythechangedblocksorbytestothedestinationlocation,whichmakesthetransferreallyfast. Security:rsyncallowsencryptionofdatausingsshprotocolduringtransfer.

LessBandwidth:rsyncusescompressionanddecompressionofdatablockbyblockatthesendingandreceiving
endrespectively.Sothebandwidthusedbyrsyncwillbealwayslesscomparedtootherfiletransferprotocols.

Privileges:Nospecialprivilegesarerequiredtoinstallandexecutersync

Syntax
$rsyncoptionssourcedestination

Sourceanddestinationcouldbeeitherlocalorremote.Incaseofremote,specifytheloginname,remoteserver nameandlocation.

Example1.SynchronizeTwoDirectoriesinaLocalServer
Tosynctwodirectoriesinalocalcomputer,usethefollowingrsynczvrcommand. $rsynczvr/var/opt/installation/inventory//root/temp buildingfilelist...done sva.xml svB.xml . sent26385bytesreceived1098bytes54966.00bytes/sec totalsizeis44867speedupis1.63 $ Intheaboversyncexample:

zistoenablecompression vverbose rindicatesrecursive Nowletusseethetimestampononeofthefilesthatwascopiedfromsourcetodestination.Asyouseebelow,rsync didntpreservetimestampsduringsync. $lsl/var/opt/installation/inventory/sva.xml/root/temp/sva.xml rrr1binbin949Jun182009/var/opt/installation/inventory/sva.xml rrr1rootbin949Sep22009/root/temp/sva.xml

Example2.PreservetimestampsduringSyncusingrsynca
rsyncoptionaindicatesarchivemode.aoptiondoesthefollowing, Recursivemode Preservessymboliclinks Preservespermissions Preservestimestamp Preservesownerandgroup Now,executingthesamecommandprovidedinexample1(Butwiththersyncoptiona)asshownbelow: $rsyncazv/var/opt/installation/inventory//root/temp/ buildingfilelist...done ./ sva.xml svB.xml . sent26499bytesreceived1104bytes55206.00bytes/sec totalsizeis44867speedupis1.63 $ Asyouseebelow,rsyncpreservedtimestampsduringsync. $lsl/var/opt/installation/inventory/sva.xml/root/temp/sva.xml rrr1rootbin949Jun182009/var/opt/installation/inventory/sva.xml rrr1rootbin949Jun182009/root/temp/sva.xml

Example3.SynchronizeOnlyOneFile
Tocopyonlyonefile,specifythefilenametorsynccommand,asshownbelow. $rsyncv/var/lib/rpm/Pubkeys/root/temp/ Pubkeys
sent42bytesreceived12380bytes3549.14bytes/sec totalsizeis12288speedupis0.99

Example4.SynchronizeFilesFromLocaltoRemote
rsyncallowsyoutosynchronizefiles/directoriesbetweenthelocalandremotesystem. $rsyncavz/root/temp/thegeekstuff@192.168.200.10:/home/thegeekstuff/temp/ Password: buildingfilelist...done ./ rpm/ rpm/Basenames rpm/Conflictname
sent15810261bytesreceived412bytes2432411.23bytes/sec

totalsizeis45305958speedupis2.87

Whiledoingsynchronizationwiththeremoteserver,youneedtospecifyusernameandipaddressoftheremote server.Youshouldalsospecifythedestinationdirectoryontheremoteserver.Theformatis username@machinename:path Asyouseeabove,itasksforpasswordwhiledoingrsyncfromlocaltoremoteserver. Sometimesyoudontwanttoenterthepasswordwhilebackingupfilesfromlocaltoremoteserver.Forexample,If youhaveabackupshellscript,thatcopiesfilesfromlocaltoremoteserverusingrsync,youneedtheabilitytorsync withouthavingtoenterthepassword. Todothat,setupssh password less login asweexplainedearlier.

Example5.SynchronizeFilesFromRemotetoLocal
Whenyouwanttosynchronizefilesfromremotetolocal,specifyremotepathinsourceandlocalpathintargetas shownbelow. $rsyncavzthegeekstuff@192.168.200.10:/var/lib/rpm/root/temp Password: receivingfilelist...done rpm/ rpm/Basenames . sent406bytesreceived15810230bytes2432405.54bytes/sec totalsizeis45305958speedupis2.87

Example6.RemoteshellforSynchronization
rsyncallowsyoutospecifytheremoteshellwhichyouwanttouse.Youcanusersyncsshtoenablethesecured remoteconnection. Usersyncesshtospecifywhichremoteshelltouse.Inthiscase,rsyncwillusessh. $rsyncavzesshthegeekstuff@192.168.200.10:/var/lib/rpm/root/temp Password: receivingfilelist...done rpm/ rpm/Basenames
sent406bytesreceived15810230bytes2432405.54bytes/sec totalsizeis45305958speedupis2.87

Example7.DoNotOverwritetheModifiedFilesattheDestination
Inatypicalsyncsituation,ifafileismodifiedatthedestination,wemightnotwanttooverwritethefilewiththe oldfilefromthesource. Usersyncuoptiontodoexactlythat.(i.edonotoverwriteafileatthedestination,ifitismodified).Inthe followingexample,thefilecalledBasenamesisalreadymodifiedatthedestination.So,itwillnotbeoverwritten withrsyncu. $lsl/root/temp/Basenames total39088 rwxrxrx1rootroot4096Sep211:35Basenames
$rsyncavzuthegeekstuff@192.168.200.10:/var/lib/rpm/root/temp Password: receivingfilelist...done rpm/

sent122bytesreceived505bytes114.00bytes/sec totalsizeis45305958speedupis72258.31 $lslrt total39088 rwxrxrx1rootroot4096Sep211:35Basenames

Example8.SynchronizeonlytheDirectoryTreeStructure(notthefiles)
Usersyncdoptiontosynchronizeonlydirectorytreefromsourcetothedestination.Thebelowexample, synchronizeonlydirectorytreeinrecursivemanner,notthefilesinthedirectories. $rsyncvdthegeekstuff@192.168.200.10:/var/lib/. Password: receivingfilelist...done logrotate.status CAM/ YaST2/ acpi/
sent240bytesreceived1830bytes318.46bytes/sec totalsizeis956speedupis0.46

Example9.ViewthersyncProgressduringTransfer
Whenyouusersyncforbackup,youmightwanttoknowtheprogressofthebackup.i.ehowmanyfilesarecopies, atwhatrateitiscopyingthefile,etc. rsyncprogressoptiondisplaysdetailedprogressofrsyncexecutionasshownbelow. $rsyncavzprogressthegeekstuff@192.168.200.10:/var/lib/rpm//root/temp/ Password: receivingfilelist... 19filestoconsider ./ Basenames 5357568100%14.98MB/s0:00:00(xfer#1,tocheck=17/19) Conflictname 12288100%35.09kB/s0:00:00(xfer#2,tocheck=16/19) . . . sent406bytesreceived15810211bytes2108082.27bytes/sec totalsizeis45305958speedupis2.87 Youcanalsousersnapshotutility(thatusesrsync)tobackup local linux server ,orbackup remote linux server .

Example10.DeletetheFilesCreatedattheTarget
Ifafileisnotpresentatthesource,butpresentatthetarget,youmightwanttodeletethefileatthetargetduring rsync. Inthatcase,usedeleteoptionasshownbelow.rsyncdeleteoptiondeletesfilesthatarenotthereinsource directory. #Sourceandtargetareinsync.Nowcreatingnewfileatthetarget. $>newfile.txt
$rsyncavzdeletethegeekstuff@192.168.200.10:/var/lib/rpm/.

Password: receivingfilelist...done deletingnewfile.txt ./ sent26bytesreceived390bytes48.94bytes/sec totalsizeis45305958speedupis108908.55

Targethasthenewfilecallednewfile.txt,whensynchronizewiththesourcewithdeleteoption,itremovedthefile newfile.txt

Example11.DonotCreateNewFileattheTarget
Ifyoulike,youcanupdate(Sync)onlytheexistingfilesatthetarget.Incasesourcehasnewfiles,whichisnot thereatthetarget,youcanavoidcreatingthesenewfilesatthetarget.Ifyouwantthisfeature,useexistingoption withrsynccommand. First,addanewfile.txtatthesource. [/var/lib/rpm]$>newfile.txt Next,executethersyncfromthetarget. $rsyncavzexistingroot@192.168.1.2:/var/lib/rpm/. root@192.168.1.2'spassword: receivingfilelist...done ./
sent26bytesreceived419bytes46.84bytes/sec totalsizeis88551424speedupis198991.96

Ifyouseetheaboveoutput,itdidntreceivethenewfilenewfile.txt

Example12.ViewtheChangesBetweenSourceandDestination
Thisoptionisusefultoviewthedifferenceinthefilesordirectoriesbetweensourceanddestination. Atthesource: $lsl/var/lib/rpm rwrr1rootroot53575682010062408:57Basenames rwrr1rootroot122882008052822:03Conflictname rwrr1rootroot11796482010062408:57Dirnames Atthedestination: $lsl/root/temp rwrr1rootroot12288May282008Conflictname rwrr1binbin1179648Jun2405:27Dirnames rwrr1rootroot0Sep306:39Basenames Intheaboveexample,betweenthesourceanddestination,therearetwodifferences.First,ownerandgroupofthe fileDirnamediffers.Next,sizediffersforthefileBasenames. Nowletusseehowrsyncdisplaysthisdifference.ioptiondisplaystheitemchanges. $rsyncavzithegeekstuff@192.168.200.10:/var/lib/rpm//root/temp/ Password: receivingfilelist...done >f.st....Basenames .f....og.Dirnames
sent48bytesreceived2182544bytes291012.27bytes/sec totalsizeis45305958speedupis20.76

Intheoutputitdisplayssome9lettersinfrontofthefilenameordirectorynameindicatingthechanges. Inourexample,thelettersinfrontoftheBasenames(andDirnames)saysthefollowing: >specifiesthatafileisbeingtransferredtothelocalhost. frepresentsthatitisafile. srepresentssizechangesarethere. trepresentstimestampchangesarethere. oownerchanged ggroupchanged.

Example13.IncludeandExcludePatternduringFileTransfer
rsyncallowsyoutogivethepatternyouwanttoincludeandexcludefilesordirectorieswhiledoing synchronization. $rsyncavzinclude'P*'exclude'*'thegeekstuff@192.168.200.10:/var/lib/rpm//root/temp/ Password: receivingfilelist...done ./ Packages Providename Provideversion Pubkeys
sent129bytesreceived10286798bytes2285983.78bytes/sec totalsizeis32768000speedupis3.19

Intheaboveexample,itincludesonlythefilesordirectoriesstartingwithP(usingrsyncinclude)andexcludesall otherfiles.(usingrsyncexclude*)

Example14.DoNotTransferLargeFiles
Youcantellrsyncnottotransferfilesthataregreaterthanaspecificsizeusingrsyncmaxsizeoption. $rsyncavzmaxsize='100K'thegeekstuff@192.168.200.10:/var/lib/rpm//root/temp/ Password: receivingfilelist...done ./ Conflictname Group Installtid Name Sha1header Sigmd5 Triggername
sent252bytesreceived123081bytes18974.31bytes/sec totalsizeis45305958speedupis367.35

maxsize=100Kmakesrsynctotransferonlythefilesthatarelessthanorequalto100K.YoucanindicateMfor megabytesandGforgigabytes.

Example15.TransfertheWholeFile
Oneofthemainfeatureofrsyncisthatittransfersonlythechangedblocktothedestination,insteadofsendingthe wholefile. Ifnetworkbandwidthisnotanissueforyou(butCPUis),youcantransferthewholefile,usingrsyncWoption. Thiswillspeedupthersyncprocess,asitdoesnthavetoperformthechecksumatthesourceanddestination.

#rsyncavzWthegeekstuff@192.168.200.10:/var/lib/rpm//root/temp Password: receivingfilelist...done ./ Basenames Conflictname Dirnames Filemd5s Group Installtid Name sent406bytesreceived15810211bytes2874657.64bytes/sec totalsizeis45305958speedupis2.87

AdditionalrsyncTutorials

3. Three sysadmin rules :Ifyouareasysadmin,youcant(andshouldnt)breakthesethreesysadmin rules.

Rule#1:BackupEverything(andvalidatethebackupregularly)

Experiencedsysadminknowsthatproductionsystemwillcrashsomeday,nomatterhowproactivewe are.Thebestwaytobepreparedforthatsituationistohaveavalidbackup. Ifyoudonthaveabackupofyourcriticalsystems,youshouldstartplanningforitimmediately. Whileplanningforabackup,keepthefollowingfactorsinyourmind: Whatsoftware(orcustomscript?)youwouldusetotakeabackup? Doyouhaveenoughdiskspacetokeepthebackup? Howoftenwouldyourotatethebackups? Apartfromfullbackup,doyoualsoneedregularincrementalbackup? Howwouldyouexecuteyourbackup?i.eUsingcrontaborsomeotherschedulers? Ifyoudonthaveabackupofyourcriticalsystems,stopreadingthisarticleandgetbacktowork. Startplanningforyourbackupimmediately. Awhilebackinoneoftheresearchconductedbysomegroup(dontrememberwhodidthat),I remembertheymentionedthatonly70%oftheproductionapplicationsaregettingbackedup.Out ofthose,30%ofthebackupsareinvalidorcorrupted. AssumethatSamtakesbackupofthecriticalapplicationsregularly,butdoesntvalidatehisbackup. However,Jackdoesntevenbothertotakeanybackupofhiscriticalapplications.Itmightsoundlike SamwhohasabackupisinmuchbettershapethanJackwhodoesntevenhaveabackup.Inmy opinion,bothSamandJackareinthesamesituation,asSamnevervalidatedhisbackuptomake sureitcanberestoredwhenthereisadisater. Ifyouareasysadminanddontwanttofollowthisgoldenrule#1(orliketobreakthisrule),you shouldseriouslyconsiderquittingsysadminjobandbecomeadeveloper.

Rule#2:MastertheCommandLine(andavoidtheUIifpossible)
ThereisnotasingletaskonaUnix/Linuxserver,thatyoucannotperformfromcommandline. Whiletherearesomeuserinterfaceavailabletomakesomeofthesysadmintaskeasy,youreally dontneedthemandshouldbeusingcommandlineallthetime. So,ifyouareaLinuxsysadmin,youshouldmasterthecommandline. Onanysystem,ifyouwanttobeveryfluentandproductive,youshouldmasterthecommandline. ThemaindifferencebetweenaWindowssysadminandLinuxsysadminisGUIVsCommandline. Windowssysadminarenotverycomfortablewithcommandline.Linuxsysadminshouldbevery comfortablewithcommandline. EvenwhenyouhaveaUItodocertaintask,youshouldstillprefercommandline,asyouwould understandhowaparticularserviceworks,ifyoudoitfromthecommandline.Inlotofproduction serverenvironment,sysadminstypicallyuninstallallGUIrelatedservicesandtools. IfyouareUnix/Linuxsysadminanddontwanttofollowthisrule,probablythereisadeepdesire insideyoutobecomeaWindowssysadmin.

Rule#3:AutomateEverything(andbecomelazy)
Lazysysadministhebestsysadmin. ThereisnotevenasinglesysadminthatIknowof,wholikestobreakthisrule.Thatmighthave somethingtodowiththelazypart. Takefewminutestothinkandlistoutalltheroutinetasksthatyoumightdodaily,weeklyor monthly.Onceyouhavethatlist,figureouthowyoucanautomatethose.Thebestsysadmintypically doesntliketobebusy.Hewouldratherberelaxedandletthesystemdothejobforhim. 4. User and group disk quota :Thisarticleexplainshowtosetupuserandgroupquotewithsoft limit,hardlimitandgraceperiod.Forexample,ifyouspecify2GBashardlimit,userwillnotbeable tocreatenewfilesafter2GB. 5StepstoSetupUserandGroupDiskQuotaonUNIX/Linux OnLinux,youcansetupdiskquotausingoneofthefollowingmethods: Filesystembasediskquotaallocation Userorgroupbaseddiskquotaallocation Ontheuserorgroupbasedquota,followingarethreeimportantfactorstoconsider: HardlimitForexample,ifyouspecify2GBashardlimit,userwillnotbeabletocreatenewfiles after2GB SoftlimitForexample,ifyouspecify1GBassoftlimit,userwillgetawarningmessagediskquota exceeded,oncetheyreach1GBlimit.But,theyllstillbeabletocreatenewfilesuntiltheyreachthe hardlimit GracePeriodForexample,ifyouspecify10daysasagraceperiod,afteruserreachtheirhardlimit, theywouldbeallowedadditional10daystocreatenewfiles.Inthattimeperiod,theyshouldtryto getbacktothequotalimit.

1.Enablequotacheckonfilesystem

First,youshouldspecifywhichfilesystemareallowedforquotacheck.

Modifythe/etc/fstab,andaddthekeywordusrquotaandgrpquotatothecorrespondingfilesystem thatyouwouldliketomonitor. Thefollowingexampleindicatesthatbothuserandgroupquotacheckisenabledon/home filesystem


#cat/etc/fstab LABEL=/home/homeext2defaults,usrquota,grpquota12

Reboottheserveraftertheabovechange.

2.InitialquotacheckonLinuxfilesystemusingquotacheck
Onceyouveenableddiskquotacheckonthefilesystem,collectallquotainformationinitiallyas shownbelow.
#quotacheckavug quotacheck:Scanning/dev/sda3[/home]done quotacheck:Checked5182directoriesand31566files quotacheck:Oldfilenotfound. quotacheck:Oldfilenotfound.

Intheabovecommand: a:Checkallquotaenabledfilesystem v:Verbosemode u:Checkforuserdiskquota g:Checkforgroupdiskquota Theabovecommandwillcreateaaquotafileforuserandgroupunderthefilesystemdirectoryas shownbelow.


#lsl/home/ rw1rootroot11264Jun2114:49aquota.user rw1rootroot11264Jun2114:49aquota.group

3.Assigndiskquotatoauserusingedquotacommand
Usetheedquotacommandasshownbelow,toeditthequotainformationforaspecificuser. Forexample,tochangethediskquotaforuserramesh,useedquotacommand,whichwillopenthe soft,hardlimitvaluesinaneditorasshownbelow.
#edquotaramesh Diskquotasforuserramesh(uid500): Filesystemblockssofthardinodessofthard /dev/sda3141935200168600

Oncetheedquotacommandopensthequotasettingsforthespecificuserinaeditor,youcansetthe followinglimits: softandhardlimitfordiskquotasizefortheparticularuser. softandhardlimitforthetotalnumberofinodesthatareallowedfortheparticularuser.

4.Reportthediskquotausageforusersandgroupusingrepquota
#repquota/home ***Reportforuserquotasondevice/dev/sda3 Blockgracetime:7days;Inodegracetime:7days BlocklimitsFilelimits Userusedsofthardgraceusedsofthardgrace

Usetherepquotacommandasshownbelowtoreportthediskquotausagefortheusersandgroups.

root56648800540100 nobody1448003000 ramesh141935200168600 john266040017200

5.Addquotachecktodailycronjob
Addthequotachecktothedailycronjob.Createaquotacheckfileasshownbelowunderthe /etc/cron.dailydirectory,thatwillrunthequotacheckcommandeveryday.Thiswillsendtheoutput ofthequotacheckcommandtorootemailaddress.
#cat/etc/cron.daily/quotacheck quotacheckavug

5. Troubleshoot using dmesg :Usingdmesgyoucanviewbootupmessagesthatdisplaysinformation aboutthehardwaredevicesthatthekerneldetectsduringbootprocess.Thiscanbehelpfulduring troubleshootingprocess.

TroubleshootingUsingdmesgCommandinUnix andLinux
Duringsystembootupprocess,kernelgetsloadedintothememoryanditcontrolstheentiresystem. Whenthesystembootsup,itprintsnumberofmessagesonthescreenthatdisplaysinformationaboutthehardware devicesthatthekerneldetectsduringbootprocess. Thesemessagesareavailableinkernelringbufferandwheneverthenewmessagecomestheoldmessagegets overwritten.Youcouldseeallthosemessagesafterthesystembootupusingthedmesgcommand.

1.ViewtheBootMessages
Byexecutingthedmesgcommand,youcanviewthehardwaresthataredetectedduringbootupprocessandits configurationdetails.Therearelotofusefulinformationdisplayedindmesg.Justbrowsethroughthemlinebyline andtrytounderstandwhatitmeans.Onceyouhaveanideaofthekindofmessagesitdisplays,youmightfindit helpfulfortroubleshooting,whenyouencounteranissue. #dmesg|more Bluetooth:L2CAPver2.8 eth0:noIPv6routerspresent bnx2:eth0NICCopperLinkisDown usb15.2:USBdisconnect,address5 bnx2:eth0NICCopperLinkisUp,100Mbpsfullduplex Aswediscussedearlier,youcanalsoviewhardware information using dmidecode .

2.ViewAvailableSystemMemory
Youcanalsoviewtheavailablememoryfromthedmesgmessagesasshownbelow. #dmesg|grepMemory Memory:57703772k/60817408kavailable(2011kkernelcode,1004928kreserved,915kdata,208kinit)

3.ViewEthernetLinkStatus(UP/DOWN)
Intheexamplebelow,dmesgindicatesthattheeth0linkisinactivestateduringthebootitself. #dmesg|grepeth eth0:BroadcomNetXtremeIIBCM57091000BaseT(C0)PCIExpressfoundatmem96000000,IRQ169,nodeaddr

e4:1f:13:62:ff:58 eth1:BroadcomNetXtremeIIBCM57091000BaseT(C0)PCIExpressfoundatmem98000000,IRQ114,nodeaddr e4:1f:13:62:ff:5a eth0:Linkup

4.ChangethedmesgBufferSizein/boot/configfile
Linuxallowstoyouchangethedefaultsizeofthedmesgbuffer.TheCONFIG_LOG_BUF_SHIFTparameterinthe /boot/config2.6.18194.el5file(orsimilarfileonyoursystem)canbechangedtomodifythedmesgbuffer. Thebelowvalueisinthepowerof2.So,thebuffersizeinthisexamplewouldbe262144bytes.Youcanmodifythe buffersizebasedonyourneed(SUSE/REDHAT). #grepCONFIG_LOG_BUF_SHIFT/boot/config`unamer` CONFIG_LOG_BUF_SHIFT=18

5.ClearMessagesindmesgBuffer
Sometimesyoumightwanttoclearthedmesgmessagesbeforeyournextreboot.Youcanclearthedmesgbufferas shownbelow. #dmesgc
#dmesg

6.dmesgtimestamp:DateandTimeofEachBootMessageindmesg
Bydefaultthedmesgdonthavethetimestampassociatedwiththem.HoweverLinuxprovidesawaytoseethedate andtimeforeachbootmessagesindmesginthe/var/log/kern.logfileasshownbelow. klogdserviceshouldbeenabledandconfiguredproperlytologthemessagesin/var/log/kern.logfile. #dmesg|grep"L2cache" [0.014681]CPU:L2cache:2048K
#grep"L2cache"kern.log.1 Oct1823:55:40ubuntukernel:[0.014681]CPU:L2cache:2048K

6. RPM package management examples :15examplesprovidedinthisarticleexplainseverythingyou needtoknowaboutmanagingRPMpackagesonredhatbasedsystem(includingCentOS).

RPMCommand:15ExamplestoInstall,Uninstall,Upgrade,QueryRPM Packages
Linuxsystem. RPMstandsforRedHatPackageManager.

RPMcommandisusedforinstalling,uninstalling,upgrading,querying,listing,andcheckingRPMpackagesonyour

Withrootprivilege,youcanusetherpmcommandwithappropriateoptionstomanagetheRPMsoftwarepackages. Inthisarticle,letusreview15practicalexamplesofrpmcommand. LetustakeanrpmofMysqlClientandrunthroughallourexamples.

1.InstallingaRPMpackageUsingrpmivh
RPMfilenamehaspackagename,version,releaseandarchitecturename. Forexample,IntheMySQLclient3.23.571.i386.rpmfile:

MySQLclientPackageName 3.23.57Version 1Release i386Architecture WhenyouinstallaRPM,itcheckswhetheryoursystemissuitableforthesoftwaretheRPMpackagecontains, figuresoutwheretoinstallthefileslocatedinsidetherpmpackage,installsthemonyoursystem,andaddsthat pieceofsoftwareintoitsdatabaseofinstalledRPMpackages. ThefollowingrpmcommandinstallsMysqlclientpackage. #rpmivhMySQLclient3.23.571.i386.rpm Preparing...###########################################[100%] 1:MySQLclient###########################################[100%] rpmcommandandoptions i:installapackage v:verbose h:printhashmarksasthepackagearchiveisunpacked. Youcanalsousedpkg on Debian ,pkgadd on Solaris ,depot on HPUX toinstallpackages.

2.QueryalltheRPMPackagesusingrpmqa
Youcanuserpmcommandtoqueryallthepackagesinstalledinyoursystem. #rpmqa cdrecord2.0110.7.el5 bluezlibs3.71.1 setarch2.01.1 . . qqueryoperation aqueriesallinstalledpackages Toidentifywhetheraparticularrpmpackageisinstalledonyoursystem,combinerpmandgrepcommandas shownbelow.Followingcommandcheckswhethercdrecordpackageisinstalledonyoursystem. #rpmqa|grep'cdrecord'

3.QueryaParticularRPMPackageusingrpmq
Theaboveexamplelistsallcurrentlyinstalledpackage.Afterinstallationofapackagetochecktheinstallation,you canqueryaparticularpackageandverifyasshownbelow. #rpmqMySQLclient MySQLclient3.23.571
#rpmqMySQL packageMySQLisnotinstalled

Note:Toqueryapackage,youshouldspecifytheexactpackagename.Ifthepackagenameisincorrect,thenrpm commandwillreportthatthepackageisnotinstalled.

4.QueryRPMPackagesinavariousformatusingrpmqueryformat
Rpmcommandprovidesanoptionqueryformat,whichallowsyoutogivetheheadertagnames,tolistthe packages.Enclosetheheadertagwithin{}. #rpmqaqueryformat'%{name%{version}%{release}%{size}\n' cdrecord2.0110.712324 bluezlibs3.71.15634

setarch2.01.1235563 . . #

5.WhichRPMpackagedoesafilebelongto?Userpmqf
Letussay,youhavelistoffilesandyouwouldwanttoknowwhichpackageownsallthesefiles.rpmcommandhas optionstoachievethis. Thefollowingexampleshowsthat/usr/bin/mysqlaccessfileispartoftheMySQLclient3.23.571rpm. #rpmqf/usr/bin/mysqlaccess MySQLclient3.23.571 f:filename

6.Locatedocumentationofapackagethatownsfileusingrpmqdf
Usethefollowingtoknowthelistofdocumentations,forapackagethatownsafile.Thefollowingcommand,gives thelocationofallthemanualpagesrelatedtomysqlpackage. #rpmqdf/usr/bin/mysqlaccess /usr/share/man/man1/mysql.1.gz /usr/share/man/man1/mysqlaccess.1.gz /usr/share/man/man1/mysqladmin.1.gz /usr/share/man/man1/mysqldump.1.gz /usr/share/man/man1/mysqlshow.1.gz d:refersdocumentation.

7.InformationaboutInstalledRPMPackageusingrpmqi
rpmcommandprovidesalotofinformationaboutaninstalledpacakgeusingrpmqiasshownbelow: #rpmqiMySQLclient Name:MySQLclientRelocations:(notrelocatable) Version:3.23.57Vendor:MySQLAB Release:1BuildDate:Mon09Jun200311:08:28PMCEST InstallDate:Mon06Feb201003:19:16AMPSTBuildHost:build.mysql.com Group:Applications/DatabasesSourceRPM:MySQL3.23.571.src.rpm Size:5305109License:GPL/LGPL Signature:(none) Packager:LenzGrimmer URL:http://www.mysql.com/ Summary:MySQLClient Description:ThispackagecontainsthestandardMySQLclients. IfyouhaveanRPMfilethatyouwouldliketoinstall,butwanttoknowmoreinformationaboutitbeforeinstalling, youcandothefollowing: #rpmqipMySQLclient3.23.571.i386.rpm Name:MySQLclientRelocations:(notrelocatable) Version:3.23.57Vendor:MySQLAB Release:1BuildDate:Mon09Jun200311:08:28PMCEST InstallDate:(notinstalled)BuildHost:build.mysql.com Group:Applications/DatabasesSourceRPM:MySQL3.23.571.src.rpm Size:5305109License:GPL/LGPL Signature:(none) Packager:LenzGrimmer URL:http://www.mysql.com/

Summary:MySQLClient Description:ThispackagecontainsthestandardMySQLclients.

i:viewinformationaboutanrpm p:specifyapackagename

8.ListalltheFilesinaPackageusingrpmqlp
TolistthecontentofaRPMpackage,usethefollowingcommand,whichwilllistoutthefileswithoutextracting intothelocaldirectoryfolder. $rpmqlpovpc2.1.10.rpm /usr/bin/mysqlaccess /usr/bin/mysqldata /usr/bin/mysqlperm . . /usr/bin/mysqladmin q:querytherpmfile l:listthefilesinthepackage p:specifythepackagename Youcanalsoextract files from RPM package using rpm2cpio aswediscussedearlier.

9.ListtheDependencyPackagesusingrpmqRP
Toviewthelistofpackagesonwhichthispackagedepends, #rpmqRpMySQLclient3.23.571.i386.rpm /bin/sh /usr/bin/perl

10.Findoutthestateoffilesinapackageusingrpmqsp
Thefollowingcommandistofindstate(installed,replacedornormal)forallthefilesinaRPMpackage. #rpmqspMySQLclient3.23.571.i386.rpm normal/usr/bin/msql2mysql normal/usr/bin/mysql normal/usr/bin/mysql_find_rows normal/usr/bin/mysqlaccess normal/usr/bin/mysqladmin normal/usr/bin/mysqlbinlog normal/usr/bin/mysqlcheck normal/usr/bin/mysqldump normal/usr/bin/mysqlimport normal/usr/bin/mysqlshow normal/usr/share/man/man1/mysql.1.gz normal/usr/share/man/man1/mysqlaccess.1.gz normal/usr/share/man/man1/mysqladmin.1.gz normal/usr/share/man/man1/mysqldump.1.gz normal/usr/share/man/man1/mysqlshow.1.gz

11.VerifyaParticularRPMPackageusingrpmVp
Verifyingapackagecomparesinformationabouttheinstalledfilesinthepackagewithinformationaboutthefiles takenfromthepackagemetadatastoredintherpmdatabase.Inthefollowingcommand,Visforverificationand poptionisusedtospecifyapackagenametoverify. #rpmVpMySQLclient3.23.571.i386.rpm S.5....Tc/usr/bin/msql2mysql

S.5....Tc/usr/bin/mysql S.5....Tc/usr/bin/mysql_find_rows S.5....Tc/usr/bin/mysqlaccess

Thecharacterintheaboveoutputdenotesthefollowing: SfileSizediffers MModediffers(includespermissionsandfiletype) 5MD5sumdiffers DDevicemajor/minornumbermismatch Lreadlink(2)pathmismatch UUserownershipdiffers GGroupownershipdiffers TmTimediffers

12.VerifyaPackageOwningfileusingrpmVf
Thefollowingcommandverifythepackagewhichownsthegivenfilename. #rpmVf/usr/bin/mysqlaccess S.5....Tc/usr/bin/mysql #

13.UpgradingaRPMPackageusingrpmUvh
Upgradingapackageissimilartoinstallingone,butRPMautomaticallyuninstallsexistingversionsofthepackage beforeinstallingthenewone.Ifanoldversionofthepackageisnotfound,theupgradeoptionwillstillinstallit. #rpmUvhMySQLclient3.23.571.i386.rpm Preparing...###########################################[100%] 1:MySQLclient###########################################

14.UninstallingaRPMPackageusingrpme
Toremoveaninstalledrpmpackageusingeasshownbelow.Afteruninstallation,youcanqueryusingrpmqaand verifytheuninstallation. #rpmevMySQLclient

15.VerifyingalltheRPMPackagesusingrpmVa
Thefollowingcommandverifiesalltheinstalledpackages. #rpmVa S.5....Tc/etc/issue S.5....Tc/etc/issue.net S.5....Tc/var/service/imap/ssl/seed S.5....Tc/home/httpd/html/horde/ingo/config/backends.php . . S.5....Tc/home/httpd/html/horde/ingo/config/prefs.php S.5....Tc/etc/printcap

7. 10 netstat examples :Netstatcommanddisplaysvariousnetworkrelatedinformationsuchasnetwork connections,routingtables,interfacestatistics,masqueradeconnections,multicastmembershipsetc.,

UNIX/Linux:10NetstatCommandExamples
Netstatcommanddisplaysvariousnetworkrelatedinformationsuchasnetworkconnections,routingtables, interfacestatistics,masqueradeconnections,multicastmembershipsetc., Inthisarticle,letusreview10practicalunixnetstatcommandexamples.

1.ListAllPorts(bothlisteningandnonlisteningports)
Listallportsusingnetstata #netstata|more ActiveInternetconnections(serversandestablished) ProtoRecvQSendQLocalAddressForeignAddressState tcp00localhost:30037*:*LISTEN udp00*:bootpc*:*
ActiveUNIXdomainsockets(serversandestablished) ProtoRefCntFlagsTypeStateINodePath unix2[ACC]STREAMLISTENING6135/tmp/.X11unix/X0 unix2[ACC]STREAMLISTENING5140/var/run/acpid.socket

Listalltcpportsusingnetstatat #netstatat ActiveInternetconnections(serversandestablished) ProtoRecvQSendQLocalAddressForeignAddressState tcp00localhost:30037*:*LISTEN tcp00localhost:ipp*:*LISTEN tcp00*:smtp*:*LISTEN tcp600localhost:ipp[::]:*LISTEN Listalludpportsusingnetstatau #netstatau ActiveInternetconnections(serversandestablished) ProtoRecvQSendQLocalAddressForeignAddressState udp00*:bootpc*:* udp00*:49119*:* udp00*:mdns*:*

2.ListSocketswhichareinListeningState
Listonlylisteningportsusingnetstatl #netstatl ActiveInternetconnections(onlyservers) ProtoRecvQSendQLocalAddressForeignAddressState tcp00localhost:ipp*:*LISTEN tcp600localhost:ipp[::]:*LISTEN udp00*:49119*:* ListonlylisteningTCPPortsusingnetstatlt #netstatlt ActiveInternetconnections(onlyservers) ProtoRecvQSendQLocalAddressForeignAddressState tcp00localhost:30037*:*LISTEN tcp00*:smtp*:*LISTEN tcp600localhost:ipp[::]:*LISTEN

ListonlylisteningUDPPortsusingnetstatlu #netstatlu ActiveInternetconnections(onlyservers) ProtoRecvQSendQLocalAddressForeignAddressState udp00*:49119*:* udp00*:mdns*:* ListonlythelisteningUNIXPortsusingnetstatlx #netstatlx ActiveUNIXdomainsockets(onlyservers) ProtoRefCntFlagsTypeStateINodePath unix2[ACC]STREAMLISTENING6294private/maildrop unix2[ACC]STREAMLISTENING6203public/cleanup unix2[ACC]STREAMLISTENING6302private/ifmail unix2[ACC]STREAMLISTENING6306private/bsmtp

3.Showthestatisticsforeachprotocol
Showstatisticsforallportsusingnetstats #netstats Ip: 11150totalpacketsreceived 1withinvalidaddresses 0forwarded 0incomingpacketsdiscarded 11149incomingpacketsdelivered 11635requestssentout Icmp: 0ICMPmessagesreceived 0inputICMPmessagefailed. Tcp: 582activeconnectionsopenings 2failedconnectionattempts 25connectionresetsreceived Udp: 1183packetsreceived 4packetstounknownportreceived. ..... ShowstatisticsforTCP(or)UDPportsusingnetstatst(or)su #netstatst
#netstatsu

4.DisplayPIDandprogramnamesinnetstatoutputusingnetstatp
netstatpoptioncanbecombinedwithanyothernetstatoption.ThiswilladdthePID/ProgramNametothe netstatoutput.Thisisveryusefulwhiledebuggingtoidentifywhichprogramisrunningonaparticularport. #netstatpt ActiveInternetconnections(w/oservers) ProtoRecvQSendQLocalAddressForeignAddressStatePID/Programname tcp10rameshlaptop.loc:47212192.168.185.75:wwwCLOSE_WAIT2109/firefox tcp00rameshlaptop.loc:52750lax:wwwESTABLISHED2109/firefox

5.Dontresolvehost,portandusernameinnetstatoutput
Whenyoudontwantthenameofthehost,portorusertobedisplayed,usenetstatnoption.Thiswilldisplayin

numbers,insteadofresolvingthehostname,portname,username. Thisalsospeedsuptheoutput,asnetstatisnotperforminganylookup. #netstatan Ifyoudontwantonlyanyoneofthosethreeitems(ports,orhosts,orusers)toberesolved,usefollowing commands. #netsatanumericports


#netsatanumerichosts #netsatanumericusers

6.Printnetstatinformationcontinuously
netstatwillprintinformationcontinuouslyeveryfewseconds. #netstatc ActiveInternetconnections(w/oservers) ProtoRecvQSendQLocalAddressForeignAddressState tcp00rameshlaptop.loc:36130101101181225.ama:wwwESTABLISHED tcp11rameshlaptop.loc:52564101.11.169.230:wwwCLOSING tcp00rameshlaptop.loc:43758server101101432:wwwESTABLISHED tcp11rameshlaptop.loc:42367101.101.34.101:wwwCLOSING ^C

7.FindthenonsupportiveAddressfamiliesinyoursystem
netstatverbose

Attheend,youwillhavesomethinglikethis. netstat:nosupportfor`AFIPX'onthissystem. netstat:nosupportfor`AFAX25'onthissystem. netstat:nosupportfor`AFX25'onthissystem. netstat:nosupportfor`AFNETROM'onthissystem.

8.Displaythekernelroutinginformationusingnetstatr
#netstatr KernelIProutingtable DestinationGatewayGenmaskFlagsMSSWindowirttIface 192.168.1.0*255.255.255.0U000eth2 linklocal*255.255.0.0U000eth2 default192.168.1.10.0.0.0UG000eth2

Note:Usenetstatrntodisplayroutesinnumericformatwithoutresolvingforhostnames.

9.Findoutonwhichportaprogramisrunning
#netstatap|grepssh (Notallprocessescouldbeidentified,nonownedprocessinfo willnotbeshown,youwouldhavetoberoottoseeitall.) tcp10devdb:ssh101.174.100.22:39213CLOSE_WAIT tcp10devdb:ssh101.174.100.22:57643CLOSE_WAIT

Findoutwhichprocessisusingaparticularport: #netstatan|grep':80'

10.Showthelistofnetworkinterfaces
#netstati KernelInterfacetable IfaceMTUMetRXOKRXERRRXDRPRXOVRTXOKTXERRTXDRPTXOVRFlg eth01500000000000BMU

eth2150002619600026883600BMRU lo16436040004000LRU

Displayextendedinformationontheinterfaces(similartoifconfig)usingnetstatie: #netstatie KernelInterfacetable eth0Linkencap:EthernetHWaddr00:10:40:11:11:11 UPBROADCASTMULTICASTMTU:1500Metric:1 RXpackets:0errors:0dropped:0overruns:0frame:0 TXpackets:0errors:0dropped:0overruns:0carrier:0 collisions:0txqueuelen:1000 RXbytes:0(0.0B)TXbytes:0(0.0B) Memory:f6ae0000f6b00000

8. Manage packages using apt* commands :These13practicalexamplesexplainshowtomanage packagesusingaptget,aptcache,aptfileanddpkgcommands.

HowToManagePackagesUsingaptget,aptcache,aptfileanddpkg Commands(With13PracticalExamples)
Debianbasedsystems(includingUbuntu)usesapt*commandsformanagingpackagesfromthecommandline. Inthisarticle,usingApache2installationasanexample,letusreviewhowtouseapt*commandstoview,install, remove,orupgradepackages.

1.aptcachesearch:SearchRepositoryUsingPackageName
IfyouareinstallingApache2,youmayguessthatthepackagenameisapache2.Toverifywhetheritisavalid packagename,youmaywanttosearchtherepositoryforthatparticularpackagenameasshownbelow. Thefollowingexampleshowshowtosearchtherepositoryforaspecificpackagename. $aptcachesearch^apache2$ apache2ApacheHTTPServermetapackage

2.aptcachesearch:SearchRepositoryUsingPackageDescription
Ifyoudontknowtheexactnameofthepackage,youcanstillsearchusingthepackagedescriptionasshownbelow. $aptcachesearch"ApacheHTTPServer" apache2ApacheHTTPServermetapackage apache2docApacheHTTPServerdocumentation apache2mpmeventApacheHTTPServereventdrivenmodel apache2mpmpreforkApacheHTTPServertraditionalnonthreadedmodel apache2mpmworkerApacheHTTPServerhighspeedthreadedmodel apache2.2commonApacheHTTPServercommonfiles

3.aptfilesearch:SearchRepositoryUsingaFilenamefromthePackage
Sometimesyoumayknowtheconfigurationfilename(or)theexecutablenamefromthepackagethatyouwould liketoinstall. Thefollowingexampleshowsthatapache2.conffileispartoftheapache2.2commonpackage.Searchthe repositorywithaconfigurationfilenameusingaptfilecommandasshownbelow. $aptfilesearchapache2.conf

apache2.2common:/etc/apache2/apache2.conf apache2.2common:/usr/share/doc/apache2.2common/examples/apache2/apache2.conf.gz

4.aptcacheshow:BasicInformationAboutaPackage
Followingexampledisplaysbasicinformationaboutapache2package. $aptcacheshowapache2 Package:apache2 Priority:optional Maintainer:UbuntuCoreDevelopers OriginalMaintainer:DebianApacheMaintainers Version:2.2.112ubuntu2.3 Depends:apache2mpmworker(>=2.2.112ubuntu2.3) |apache2mpmprefork(>=2.2.112ubuntu2.3) |apache2mpmevent(>=2.2.112ubuntu2.3) Filename:pool/main/a/apache2/apache2_2.2.112ubuntu2.3_all.deb Size:46350 Description:ApacheHTTPServermetapackage TheApacheSoftwareFoundation'sgoalistobuildasecure,efficientand extensibleHTTPserverasstandardscompliantopensourcesoftware. Homepage:http://httpd.apache.org/

5.aptcacheshowpkg:DetailedInformationAboutaPackage
aptcacheshowdisplaysbasicinformationaboutapackage.Useaptcacheshowpkgtodisplaydetailed
informationaboutapackageasshownbelow. $aptcacheshowpkgapache2 Package:apache2 Versions: 2.2.112ubuntu2.3(/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_jauntyupdates_main_binaryi386_Packages) (/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_jauntysecurity_main_binaryi386_Packages) DescriptionLanguage: File:/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_jauntyupdates_main_binaryi386_Packages MD5:d24f049cd70ccfc178dd8974e4b1ed01 ReverseDepends: squirrelmail,apache2 squid3cgi,apache2 phpmyadmin,apache2 maharaapache2,apache2 ipplan,apache2 Dependencies: 2.2.112ubuntu2.3apache2mpmworker(182.2.112ubuntu2.3)apache2mpmprefork(182.2.112ubuntu2.3) apache2mpmevent(22.2.112ubuntu2.3) 2.2.112ubuntu2apache2mpmworker(182.2.112ubuntu2)apache2mpmprefork(182.2.112ubuntu2)apache2 mpmevent(22.2.112ubuntu2) Provides: 2.2.112ubuntu2.3 2.2.112ubuntu2 ReverseProvides: apache2mpmitk2.2.6021build4.3 apache2mpmworker2.2.112ubuntu2.3 apache2mpmprefork2.2.112ubuntu2.3 apache2mpmprefork2.2.112ubuntu2 apache2mpmevent2.2.112ubuntu2

6.aptfilelist:ListalltheFilesLocatedInsideaPackage
Useaptfilelisttodisplayallthefileslocatedinsidetheapache2packageasshownbelow. $aptfilelistapache2|more apache2:/usr/share/bug/apache2/control apache2:/usr/share/bug/apache2/script apache2:/usr/share/doc/apache2/NEWS.Debian.gz apache2:/usr/share/doc/apache2/README.Debian.gz apache2:/usr/share/doc/apache2/changelog.Debian.gz ...

7.aptcachedepends:ListallDependentPackages
Beforeinstallation,ifyouliketoviewallthedependentpackages,useaptcachedependsasshownbelow. $aptcachedependsapache2 apache2 |Depends:apache2mpmworker |Depends:apache2mpmprefork Depends:apache2mpmevent

8.dpkgl:IsthePackageAlreadyInstalled?
Beforeinstallingapackage,youmaywanttomakesureitisnotalreadyinstalledasshownbelowusingdpkgl command. $dpkgl|grepiapache

9.aptgetinstall:InstallaPackage

Finally,installthepackageusingaptgetinstallasshownbelow. $sudoaptgetinstallapache2 [sudo]passwordforramesh:


ThefollowingNEWpackageswillbeinstalled: apache2apache2mpmworkerapache2utilsapache2.2commonlibapr1 libaprutil1libpq5 0upgraded,7newlyinstalled,0toremoveand26notupgraded.

10.dpkgl:VerifyWhetherthePackagegotSuccessfullyInstalled
Afterinstallingthepackage,usedpkgltomakesureitgotinstalledsuccessfully. $dpkgl|grepapache iiapache22.2.112ubuntu2.3ApacheHTTPServermetapackage iiapache2mpmworker2.2.112ubuntu2.3ApacheHTTPServerhighspeedthreadedmod iiapache2utils2.2.112ubuntu2.3utilityprogramsforwebservers iiapache2.2common2.2.112ubuntu2.3ApacheHTTPServercommonfiles

11.aptgetremove:DeleteaPackage
Useaptgetpurgeoraptgetremovetodeleteapackageasshownbelow. $sudoaptgetpurgeapache2
(or) $sudoaptgetremoveapache2 Thefollowingpackageswereautomaticallyinstalledandarenolongerrequired: apache2utilslinuxheaders2.6.2811libapr1apache2.2common linuxheaders2.6.2811genericapache2mpmworkerlibpq5libaprutil1

Use'aptgetautoremove'toremovethem. ThefollowingpackageswillbeREMOVED: apache2 0upgraded,0newlyinstalled,1toremoveand26notupgraded. Removingapache2...

aptgetremovewillnotdeletetheconfigurationfilesofthepackage aptgetpurgewilldeletetheconfigurationfilesofthepackage

12.aptgetuinstall:UpgradeaSpecificPackage
Thefollowingexampleshowshowtoupgradeonespecificpackage. $sudoaptgetuinstallapache2 Readingpackagelists...Done Buildingdependencytree Readingstateinformation...Done apache2isalreadythenewestversion. Thefollowingpackageswereautomaticallyinstalledandarenolongerrequired: linuxheaders2.6.2811linuxheaders2.6.2811generic Use'aptgetautoremove'toremovethem. 0upgraded,0newlyinstalled,0toremoveand26notupgraded.

13.aptgetuupgrade:UpgradeallPackages
Toupgradeallthepackagestoitslatestversion,useaptgetuupgradeasshownbelow. $sudoaptgetuupgrade Thefollowingpackageswillbeupgraded: libglib2.00libglib2.0datalibicu38libsmbclientlibwbclient0 openoffice.orgbasecoreopenoffice.orgcalcopenoffice.orgcommon openoffice.orgcoreopenoffice.orgdrawopenoffice.orgemailmerge openoffice.orggnomeopenoffice.orggtkopenoffice.orgimpress openoffice.orgmathopenoffice.orgstylehumanopenoffice.orgwriter pythonunosambacommonsmbclientttfopensymboltzdata 26upgraded,0newlyinstalled,0toremoveand0notupgraded.

9. Modprobe command examples :modprobeutilityisusedtoaddloadablemodulestotheLinuxkernel. Youcanalsoviewandremovemodulesusingmodprobecommand.

LinuxmodprobeCommandExamplestoView,Install,RemoveModules
modprobeutilityisusedtoaddloadablemodulestotheLinuxkernel.Youcanalsoviewandremove modulesusingmodprobecommand. Linuxmaintains/lib/modules/$(unamer)directoryformodulesanditsconfigurationfiles(except /etc/modprobe.confand/etc/modprobe.d). InLinuxkernel2.6,the.komodulesareusedinsteadof.ofilessincethathasadditionalinformation thatthekernelusestoloadthemodules.Theexampleinthisarticlearedonewithusingmodprobe onUbuntu.

1.ListAvailableKernelModules

modprobelwilldisplayallavailablemodulesasshownbelow.

$modprobel|less kernel/arch/x86/kernel/cpu/mcheck/mceinject.ko kernel/arch/x86/kernel/cpu/cpufreq/e_powersaver.ko kernel/arch/x86/kernel/cpu/cpufreq/p4clockmod.ko kernel/arch/x86/kernel/msr.ko kernel/arch/x86/kernel/cpuid.ko kernel/arch/x86/kernel/apm.ko kernel/arch/x86/kernel/scx200.ko kernel/arch/x86/kernel/microcode.ko kernel/arch/x86/crypto/aesi586.ko kernel/arch/x86/crypto/twofishi586.ko

2.ListCurrentlyLoadedModules
Whiletheabovemodprobecommandshowsallavailablemodules,lsmodcommandwilldisplayall modulesthatarecurrentlyloadedintheLinuxkernel.
$lsmod|less soundcore72641snd ppdev66880 snd_page_alloc91561snd_pcm psmouse561800 lp89640

3.InstallNewmodulesintoLinuxKernel
Inordertoinsertanewmoduleintothekernel,executethemodprobecommandwiththemodule name. FollowingexampleloadsvmhgfsmoduletoLinuxkernelonUbuntu.
$sudomodprobevmhgfs

Onceamoduleisloaded,verifyitusinglsmodcommandasshownbelow.
$lsmod|grepvmhgfs vmhgfs507720

Themodulefilesarewith.koextension.IfyouliketoknowthefullfilelocationofaspecificLinux kernelmodule,usemodprobecommandanddoagrepofthemodulenameasshownbelow.
$modprobe|grepvmhgfs misc/vmhgfs.ko $cd/lib/modules/2.6.3114generic/misc $lsvmhgfs* vmhgfs.ko

Note:YoucanalsouseinsmodforinstallingnewmodulesintotheLinuxkernel.

4.LoadNewModuleswiththeDifferentNametoAvoidConflicts

Consider,insomecasesyouaresupposedtoloadanewmodulebutwiththesamemodulename anothermodulegotalreadyloadedfordifferentpurposes. Ifforsomestrangereasons,themodulenameyouaretryingtoloadintothekernelisgettingused (withthesamename)byadifferentmodule,thenyoucanloadthenewmoduleusingadifferent name. Toloadamodulewithadifferentname,usethemodprobeoptionoasshownbelow.


$sudomodprobevmhgfsovm_hgfs $lsmod|grepvm_hgfs

vm_hgfs507720

5.RemovetheCurrentlyLoadedModule
IfyouveloadedamoduletoLinuxkernelforsometestingpurpose,youmightwanttounload (remove)itfromthekernel. Usemodproberoptiontounloadamodulefromthekernelasshownbelow.
modprobervmhgfs

10. Ethtool examples :Ethtoolutilityisusedtoviewandchangetheethernetdevice parameters.TheseexampleswillexplainhowyoucanmanipulateyourethernetNICcardusing ethtool. 9LinuxethtoolExamplestoManipulateEthernetCard(NICCard) Ethtoolutilityisusedtoviewandchangetheethernetdeviceparameters.

1.ListEthernetDeviceProperties

Whenyouexecuteethtoolcommandwithadevicename,itdisplaysthefollowinginformationabout theethernetdevice.
#ethtooleth0 Settingsforeth0: Supportedports:[TP] Supportedlinkmodes:10baseT/Half10baseT/Full 100baseT/Half100baseT/Full 1000baseT/Full Supportsautonegotiation:Yes Advertisedlinkmodes:10baseT/Half10baseT/Full 100baseT/Half100baseT/Full 1000baseT/Full Advertisedautonegotiation:Yes Speed:100Mb/s Duplex:Full Port:TwistedPair PHYAD:1 Transceiver:internal Autonegotiation:on SupportsWakeon:d Wakeon:d Linkdetected:yes

Thisaboveethtooloutputdisplaysethernetcardpropertiessuchasspeed,wakeon,duplexandthe linkdetectionstatus.Followingarethethreetypesofduplexesavailable. Fullduplex:Enablessendingandreceivingofpacketsatthesametime.Thismodeisusedwhenthe ethernetdeviceisconnectedtoaswitch. Halfduplex:Enableseithersendingorreceivingofpacketsatasinglepointoftime.Thismodeis usedwhentheethernetdeviceisconnectedtoahub. Autonegotiation:Ifenabled,theethernetdeviceitselfdecideswhethertouseeitherfullduplexor halfduplexbasedonthenetworktheethernetdeviceattachedto.

2.ChangeNICParameterUsingethtoolOptionsautoneg

Theaboveethtooleth0outputdisplaysthattheAutonegotiationparameterisinenabledstate.You

candisablethisusingautonegoptionintheethtoolasshownbelow.
#ifdowneth0 eth0device:BroadcomCorporationNetXtremeIIBCM5709GigabitEthernet(rev20) eth0configuration:ethbuspci0000:0b:00.0 #ethtoolseth0autonegoff #ethtooleth0 Settingsforeth0: Supportedports:[TP] Supportedlinkmodes:10baseT/Half10baseT/Full 100baseT/Half100baseT/Full 1000baseT/Full Supportsautonegotiation:Yes Advertisedlinkmodes:Notreported Advertisedautonegotiation:No Speed:Unknown!(65535) Duplex:Unknown!(255) Port:TwistedPair PHYAD:1 Transceiver:internal Autonegotiation:off SupportsWakeon:g Wakeon:g Linkdetected:no #ifupeth0

Aftertheabovechange,youcouldseethatthelinkdetectionvaluechangedtodownandauto negotiationisinoffstate.

3.ChangetheSpeedofEthernetDevice
#ethtoolseth0speed100autonegoff

Usingethtoolyoucanchangethespeedoftheethernetdevicetoworkwiththecertainnetwork devices,andthenewlyassignspeedvalueshouldbewithinthelimitedcapacity.
#ethtooleth0 Settingsforeth0: Supportedports:[TP] Supportedlinkmodes:10baseT/Half10baseT/Full 100baseT/Half100baseT/Full 1000baseT/Full Supportsautonegotiation:Yes Advertisedlinkmodes:Notreported Advertisedautonegotiation:No Speed:Unknown!(65535) Duplex:Unknown!(255) Port:TwistedPair PHYAD:1 Transceiver:internal Autonegotiation:off SupportsWakeon:g Wakeon:g

Linkdetected:no

Onceyouchangethespeedwhentheadapterisonline,itautomaticallygoesoffline,andyouneedto bringitbackonlineusingifupcommand.
#ifupeth0 eth0device:BroadcomCorporationNetXtremeIIBCM5709GigabitEthernet(rev20) eth0configuration:ethbuspci0000:0b:00.0 Checkingfornetworktimeprotocoldaemon(NTPD):running #ethtooleth0 Settingsforeth0: Supportedports:[TP] Supportedlinkmodes:10baseT/Half10baseT/Full 100baseT/Half100baseT/Full 1000baseT/Full Supportsautonegotiation:Yes Advertisedlinkmodes:Notreported Advertisedautonegotiation:No Speed:100Mb/s Duplex:Full Port:TwistedPair PHYAD:1 Transceiver:internal Autonegotiation:off SupportsWakeon:g Wakeon:g Linkdetected:yes

Asshownintheaboveoutput,thespeedchangedfrom1000Mb/sto100Mb/sandautonegotiation parameterisunset. TochangetheMaximumTransmissionUnit(MTU),refertoourifconfig examples article.

4.DisplayEthernetDriverSettings
#ethtoolieth0 driver:bnx2 version:2.0.1suse firmwareversion:1.9.3 businfo:0000:04:00.0

ethtoolioptiondisplaysdriverversion,firmwareversionandbusdetailsasshownbelow.

5.DisplayAutonegotiation,RXandTXofeth0
Viewtheautonegotiationdetailsaboutthespecificethernetdeviceasshownbelow.
#ethtoolaeth0 Pauseparametersforeth0: Autonegotiate:on RX:on TX:on

6.DisplayNetworkStatisticsofSpecificEthernetDevice
UseethtoolSoptiontodisplaythebytestransfered,received,errors,etc,asshownbelow.
#ethtoolSeth0 NICstatistics: rx_bytes:74356477841 rx_error_bytes:0

tx_bytes:110725861146 tx_error_bytes:0 rx_ucast_packets:104169941 rx_mcast_packets:138831 rx_bcast_packets:59543904 tx_ucast_packets:118118510 tx_mcast_packets:10137453 tx_bcast_packets:2221841 tx_mac_errors:0 tx_carrier_errors:0 rx_crc_errors:0 rx_align_errors:0 tx_single_collisions:0 tx_multi_collisions:0 tx_deferred:0 tx_excess_collisions:0 tx_late_collisions:0 tx_total_collisions:0 rx_fragments:0 rx_jabbers:0 rx_undersize_packets:0 rx_oversize_packets:0 rx_64_byte_packets:61154057 rx_65_to_127_byte_packets:55038726 rx_128_to_255_byte_packets:426962 rx_256_to_511_byte_packets:3573763 rx_512_to_1023_byte_packets:893173 rx_1024_to_1522_byte_packets:42765995 rx_1523_to_9022_byte_packets:0 tx_64_byte_packets:3633165 tx_65_to_127_byte_packets:51169838 tx_128_to_255_byte_packets:3812067 tx_256_to_511_byte_packets:113766 tx_512_to_1023_byte_packets:104081 tx_1024_to_1522_byte_packets:71644887 tx_1523_to_9022_byte_packets:0 rx_xon_frames:0 rx_xoff_frames:0 tx_xon_frames:0 tx_xoff_frames:0 rx_mac_ctrl_frames:0 rx_filtered_packets:14596600 rx_discards:0 rx_fw_discards:0

7.TroubleshoottheEthernetConnectionIssues
Whenthereisaproblemwiththenetworkconnection,youmightwanttocheck(orchange)the ethernetdeviceparametersexplainedintheaboveexamples,whenyouseefollowingissuesinthe outputofethtoolcommand. SpeedandDuplexvalueisshownasUnknown LinkdetectionvalueisshownasNo

Uponsuccessfulconnection,thethreeparametersmentionedabovegetsappropriatevalues.i.eSpeed isassignedwithknownvalue,DuplexbecomeeitherFull/Half,andtheLinkdetectionbecomesYes. Aftertheabovechanges,iftheLinkDetectionstillsaysNo,checkwhetherthereareanyissuesin thecablesthatrunsfromtheswitchandthesystem,youmightwanttodigintothataspectfurther. Tocaptureandanalyzepacketsfromaspecificnetworkinterface,usetcpdump utility .

8.IdentifySpecificDeviceFromMultipleDevices(BlinkLEDPortofNICCard)

Letusassumethatyouhaveamachinewithfourethernetadapters,andyouwanttoidentifythe physicalportofaparticularethernetcard.(Forexample,eth0). Useethtooloptionp,whichwillmakethecorrespondingLEDofphysicalporttoblink.


#ethtoolpeth0

9.MakeChangesPermanentAfterReboot
Ifyouvechangedanyethernetdeviceparametersusingtheethtool,itwillalldisappearafterthenext reboot,unlessyoudothefollowing. Onubuntu,youhavetomodify/etc/network/interfacesfileandaddallyourchangesasshown below.
#vim/etc/network/interfaces postupethtoolseth2speed1000duplexfullautonegoff

Theabovelineshouldbethelastlineofthefile.Thiswillchangespeed,duplexandautonegofeth2 devicepermanently. OnSUSE,modifythe/etc/sysconfig/network/ifcfgethidfileandincludeanewscriptusing POST_UP_SCRIPTvariableasshownbelow.Includethebelowlineasthelastlineinthe correspondingeth1adpaterconfigfile.


#vim/etc/sysconfig/network/ifcfgethid POST_UP_SCRIPT='eth1'

Then,createanewfilescripts/eth1asshownbelowunder/etc/sysconfig/networkdirectory.Make surethatthescripthasexecutepermissionandensurethattheethtoolutilityispresentunder/sbin directory.


#cd/etc/sysconfig/network/ #vimscripts/eth1 #!/bin/bash /sbin/ethtoolsduplexfullspeed100autonegoff

11. NFS mount using exportfs :ThisisalinuxbeginnersguidetoNFSmountusingexportfs.This explainshowtoexportafilesystemtoaremotemachineandmountitbothtemporarilyand permanently.

LinuxBeginnersGuidetoNFSMountUsing Exportfs
UsingNFS(NetworkFileSystem),youcanmountadiskpartitionofaremotemachineasifitisalocaldisk.This articleexplainshowtoexportafilesystemtoaremotemachineandmountitbothtemporarilyandpermanently.

1.ExportFileSystemtoRemoteServerusingexportfs
Toexportadirectorytoaremotemachine,dothefollowing. exportfsREMOTEIP:PATH REMOTEIPIPoftheremoteservertowhichyouwanttoexport. :delimiter PATHPathofdirectorythatyouwanttoexport.

2.MountRemoteServerFileSystemasaLocalStorage
Tomounttheremotefilesystemonthelocalserver,dothefollowing. mountREMOTEIP:PATHPATH Explanation REMOTEIPIPoftheremoteserverwhichexportedthefilesystem :delimeter PATHPathofdirectorywhichyouwanttoexport.

3.UnmountRemoteFileSystem
UmounttheremotefilesystemmountedonthelocalserverusingthenormalumountPATH.Formoreoptionrefer toumount command examples .

4.UnexporttheFileSystem
Youcanchecktheexportedfilesystemasshownbelow. #exportfs /publicdatawebserver.pq.net Tounexportthefilesystem,usetheuoptionasshownbelow. #exportfsuREMOTEIP:PATH Afterunexporting,checktomakesureitisnotavailableforNFSmountasshownbelow. #exportfs

5.MakeNFSExportPermanentAcrossSystemReboot
Exportcanbemadepermanentbyaddingthatentryinto/etc/exportsfile. #cat/etc/exports /publicdatawebserver.pq.net

6.MaketheMountPermanentAcrossReboot
mountcanbemadepermanentbyaddingthatentryinto/etc/fstabfile. #cat/etc/fstab webserver.pq.net:/publicdata/mydataext3defaults00

12. Change timezone :DependingonyourLinuxdistribution,useoneofthemethodsexplainedin thisarticletochangethetimezoneonyoursystem. HowTo:2MethodsToChangeTimeZoneinLinux

Question:WhenIinstalledtheLinuxOS,Iforgottosetthepropertimezone.HowdoI changethetimezoneonmyLinuxdistribution.IuseCentOS(RedHatLinux).But,canyouplease

explainmehowtodothisonallLinuxdistributionswithsomeclearexamples. Answer:UseoneofthefollowingmethodstochangethetimezoneonyourLinuxsystem.Oneof thesemethodsshouldworkforyoudependingontheLinuxdistributionyouareusing.

Method1:ChangeTimeZoneUsing/etc/localtimeFile
#date MonSep1722:59:24UTC2010

Forthisexample,assumethatyourcurrenttimezoneisUTCasshownbelow.Youwouldliketo changethistoPacificTime. Onsomedistributions(forexample,CentOS),thetimezoneiscontrolledby/etc/localtimefile. Deletethecurrentlocaltimefileunder/etc/directory


#cd/etc #rmlocaltime

AllUStimezonesarelocatedunderunderthe/usr/share/zoneinfo/USdirectoryasshownbelow.
#ls/usr/share/zoneinfo/US/ AlaskaArizonaEasternHawaiiMichiganPacific AleutianCentralEastIndianaIndianaStarkeMountainSamoa

Note:Forothercountrytimezones,browsethe/usr/share/zoneinfodirectory LinkthePacificfilefromtheaboveUSdirectorytothe/etc/localtimedirectoryasshownbelow.
#cd/etc #lns/usr/share/zoneinfo/US/Pacificlocaltime

NowthetimezoneonyourLinuxsystemischangedtoUSPacifictimeasshownbelow.
#date MonSep1723:10:14PDT2010

Method2:ChangeTimeZoneUsing/etc/timezoneFile
Onsomedistributions(forexample,Ubuntu),thetimezoneiscontrolledby/etc/timezonefile. Forexample,yourcurrenttimezonemightbeUSEasterntime(NewYork)asshownbelow.
#cat/etc/timezone America/New_York

TochangethistoUSPacifictime(LosAngeles),modifythe/etc/timezonefileasshownbelow.
#vim/etc/timezone America/Los_Angeles

Also,setthetimezonefromthecommandlineusingtheTZvariable.
#exportTZ=America/Los_Angeles

13. Install phpMyAdmin :phpMyAdminisawebbasedtoolwritteninPHPtomanagetheMySQL database.Apartfromviewingthetables(andotherdbobjects),youcanperformlotofDBAfunctions throughthewebbasedinterface.YoucanalsoexecuteanySQLqueryfromtheUI. HowTo:5StepstoInstallphpMyAdminonLinux

DoyouhaveaMySQLdatabaseinyourenvironment?Didyouknowthattheeasy(and mosteffective)waytomanageMySQLdatabaseisusingphpMyAdmin? phpMyAdminisawebbasedtoolwritteninPHPtomanagetheMySQLdatabase.Apartfromviewing thetables(andotherdbobjects),youcanperformlotofDBAfunctionsthroughthewebbased

interface.YoucanalsoexecuteanySQLqueryfromtheUI. ThisarticlewillprovidestepbystepinstructionsonhowtoinstallandconfigurephpMyAdminon Linuxdistributions.

1.phpMyAdminPrerequisites

MakesureyouhavePHP 5 (or above) installed .


#phpv PHP5.3.2(cli)(built:May19201003:43:49)

MakesureyouhaveMySQL 5 (or above) installed .


#mysqlV mysqlVer14.14Distrib5.1.47,forpclinuxgnu(i686)usingreadline5.1

MakesureApache is installed andrunning. PHP5Modules IfyoudonthavePHP ,IrecommendthatyouinstallPHPfromsource.Followingistheconfigure commandIexecutedwhileinstallingPHPfromsource.ThisincludesalltherequiredPHPmodules forphpMyAdmin.


./configurewithapxs2=/usr/local/apache2/bin/apxswithmysqlwithbz2withzlibenablezipenablembstring withmcrypt

IfyoudontcompilePHP5withtheaboveoptions,youllgetfollowingerrormessagefrom phpMyAdminwebinterface. GZipGZipcompressionanddecompressionrequiresfunctions(gzencode)whichareunavailableon thissystem. Bzip2Bzip2compressionanddecompressionrequiresfunctions(bzopen,bzcompress)whichare unavailableonthissystem. ZIPZipdecompressionrequiresfunctions(zip_open)whichareunavailableonthissystem. ZIPZipcompressionrequiresfunctions(gzcompress)whichareunavailableonthissystem.

2.DownloadandInstallphpmyadmininApacheDocumentRoot
IdentifyyourApachesDocumentRoot.
#grepDocumentRoot/usr/local/apache2/conf/httpd.conf DocumentRoot/usr/local/apache2/htdocs

DownloadthelatestversionofphpMyAdmin.CurrentlythestableversionofphpMyAdminis3.3.7
#cd/usr/local/apache2/htdocs #tarxvfzphpMyAdmin3.3.7alllanguages.tar.gz #mvphpMyAdmin3.3.7alllanguagesphpmyadmin

3.SecurethephpmyadminDirectoryCreatephpmyuser
CreatephpmyUnixuser.
#adduserphpmy #passwdphpmy

CheckwhichuserandgroupisusedbyApache.
#egrep'User|Group'/usr/local/apache2/conf/httpd.conf Userdaemon Groupdaemon

Modifythephpmyadmindirectorysuserownershiptophpmyuser.
#cd/usr/local/apache2/htdocs

#chownRphpmy.daemonphpmyadmin/

4.UpdatephpMyAdminconfig.incfromWizard
Youneedtosetuptheconfig.incfileproperlyforphpMyAdmintowork.Youcaneithercreateand editthisfilemanually,orusetheconfigphpMyAdmininstallersetupwizard.Irecommendthatyou usethesetupwizard,asitisverystraightforward.Todothat,youshouldcreatethefollowing dummyconfig.incwithproperpermission.
#cd/usr/local/apache2/htdocs/phpmyadmin/ #mkdirconfig #chmodo+rwconfig #cpconfig.sample.inc.phpconfig/config.inc.php #chmodo+wconfig/config.inc.php

Now,invokethephpMyAdminsetupwizardfromthebrowserusingtheURL:http://{yourip address}/phpmyadmin/setup/index.php.Thiswillshowthefollowingsetupwizard. Fig:phpMyAdminSetupWizard ClickonNewServer,whichwilldisplayfollowingserverwizard. Fig:phpMyAdminCreateNewServer Filloutfollowinginformationinthenewserverscreen.Leaveotherfieldstodefaultvalues. VerboseNameoftheServerGivesomedescriptiveservername. PasswordforConfigAuthEntertheMySQLrootpasswordhere. AuthenticationTypeThedefaultselectioniscookie.Justusethat. ClickonSavetosavetheconfiguration.Youmightseefollowingwarningmessages.Ignoreitfornow. UseSSLYoushoulduseSSLconnectionsifyourwebserversupportsit PHPextensiontouseYoushouldusemysqliforperformancereasons BlowfishsecretYoudidnthaveblowfishsecretsetandhaveenabledcookieauthentication,soakey wasautomaticallygeneratedforyou.Itisusedtoencryptcookies;youdontneedtorememberit.

5.Launchphpmyadmin

InvokephpMyAdminfromthebrowserusingtheURL:http://{yourip address}/phpmyadmin/index.php IfyouveinstalledphpMyAdminonaLinuxdesktopdistribution,youcanalsoaccessphpMyAdmin usingthelocalhostURL:http://localhost/phpmyadmin/index.php LoginwithyourMySQLrootpassword.i.euserootforphpmyadminusername.UseMySQLroots passwordforphpmyadminpassword. IfyouseetheCannotloadmcryptextension.PleasecheckyourPHPconfiguration.message,you didntcompileyourPHPwithmcrypt.Makesureyouhavelibmcryptandlibmcryptdevelpackages installedonyourLinuxbeforeyoucompilePHPwithwithmcryptoption. Youwillalsoseethemessage:Directoryconfig,whichisusedbythesetupscript,stillexistsinyour phpMyAdmindirectory.YoushouldremoveitoncephpMyAdminhasbeenconfigured. Justlikethemessagesays,removetheconfigdirectory.
#cd/usr/local/apache2/htdocs/phpmyadmin #rmrfconfig

Aftermovingtheconfigdirectory,ifyougotosetup/index.phpurl,youllseefollowingmessage.This isagoodthing,asyouvealreadyconfiguredthephpMyAdmin.

Cannotloadorsaveconfiguration.PleasecreatewebserverwritablefolderconfiginphpMyAdmin topleveldirectoryasdescribedindocumentation.Otherwiseyouwillbeonlyabletodownloador displayit. OnceyouveloggedinyoushouldbeabletomanagealltheMySQLdatabasesfromyourbrowser. 14. Setup squid to control internet access :Squidisaproxycachingserver.Youcanusesquidto controlinternetaccessatwork.ThisguidewillgiveajumpstartonhowtosetupsquidonLinuxto restrictinternetaccessinannetwork.

HowToUseSquidProxyCacheServerToControl InternetAccess
Tweet Squidisaproxycachingserver.IfyouareLinuxsysadmin,youcanusesquidtocontrolinternet accessatyourworkenvironment. ThisbeginnersguidewillgiveajumpstartonhowtosetupsquidonLinuxtorestrictinternetaccess inannetwork.

InstallSquid

Youshouldinstallthefollowingthreesquidrelatedpackagesonyoursystem. squid squidcommon squidlangpack OnDebianandUbuntu,useaptitudetoinstallsquidasshownbelow.OnCentOS,useyumtoinstall thesquidpackage.


$sudoaptitudeinstallsquid

CheckConfigurationandStartupscripts
Apartfrominstallingthesquidrelatedpackages,italsocreatesthe/etc/squid/squid.confand /etc/init.d/squidstartupscript. BydefaultSquidrunson3128port.Youcanverifythisfromthesquid.conffile.Youcanalsosetthe visible_hostnameparameterinyoursquid.conf,whichwillbeusedinerror_log.Ifyoudontdefine, squidgetsthehostnamevalueusinggethostname()function.
#vim/etc/squid/squid.conf visible_hostnameubuntuserver httpd_port3128

Note:Thehttpportnumber(3128)specifiedinthesquid.confshouldbeenteredintheproxysetting sectionintheclientbrowser.IfsquidisbuiltwithSSL,youcanusehttps_portoptioninside squid.conftodefinehttpssquid.

StartSquidandViewLogs
#servicesquidstart squidstart/running,process11743

StarttheSquidproxycachingserverasshownbelow. Squidmaintainsthreelogfiles(access.log,cache.logandstore.log)under/var/log/squiddirectory. Fromthe/var/log/squid/access.log,youcanviewwhoaccessedwhichwebsiteatwhattime.

Followingistheformatofthesquidaccess.logrecord.
timeelapsedremotehostcode/statusbytesmethodURLrfc931peerstatus/peerhost

Todisablelogginginsquid,updatethesquid.confwiththefollowinginformation.
#todisableaccess.log cache_access_log/dev/null #todisablestore.log cache_store_lognone #todisablecache.log cache_log/dev/null

SquidUsage1:RestrictAccesstoSpecificWebsites
Thisishowyoucanrestrictfolksfrombrowsingcertainwebsitewhentheyareconnectedtoyour networkusingyourproxyserver. Createafilecalledrestricted_sitesandlistallsitesthatyouwouldwanttorestricttheaccess.
#vim/etc/squid/restricted_sites www.yahoo.com mail.yahoo.com

Modifythesquid.conftoaddthefollowing.
#vim/etc/squid/squid.conf aclRestrictedSitesdstdomain"/etc/squid/restricted_sites" http_accessdenyRestrictedSites

Note:Youcanalsoconfiguresquidasatransparentproxyserver,whichwelldiscussinaseparate article.Also,refertoourearlierarticleonhowtoblockipaddressusing fail2ban andiptables.

SquidUsage2:AllowAccesstoWebsitesOnlyDuringSpecificTime

Someorganizationmightwanttoallowemployeestosurfordownloadfromtheinternetonlyduring specifictimeperiods. Thesquid.confconfigurationshownbelowwillallowinternetaccessforemployeesonlybetween 9:00AMand18:00duringweekdays.


#vim/etc/squid/squid.conf aclofficial_hourstimeMTWHF09:0018:00 http_accessdenyall http_accessallowofficial_hours

SquidUsage3:RestrictAccesstoParticularNetwork
Insteadofrestrictingspecificsites,youcanalsoprovideaccessonlytocertainnetworkandblock everythingelse.Theexamplebelow,allowsaccessonlytothe192.168.1.*internalnetwork.
#vim/etc/squid/squid.conf aclbranch_officessrc192.168.1.0/24 http_accessdenyall http_accessallowbranch_offices

ForaLinuxbasedintrusiondetectionsystem,refertoourtripwirearticle.

SquidUsage4:UseRegularExpressiontoMatchURLs
Youcanalsouseregularexpressiontoallowordenywebsites. Firstcreateablocked_sitesfileswithalistofkeywords.
#cat/etc/squid/blocked_sites soccer movie www.example.com

Modifythesquid.conftoblockanysitesthathasanyofthesekeywordsintheirurl.
#vim/etc/squid/squid.conf aclblocked_sitesurl_regexi"/etc/squid/blocked_sites" http_accessdenyblocked_sites http_accessallowall

Intheaboveexample,ioptionisusedforignoringcaseformatching.So,whileaccessingthe websites,squidwilltrytomatchtheurlwithanyofthepatternmentionedintheaboveblocked_sites fileanddeniestheaccesswhenitmatches.

SARGSquidAnalysisReportGenerator
#togeneratethereportfortoday sargreporttoday #ondailybasis sargreportdaily #onweeklybasis sargreportweekly #onmonthlybasis sargreportmonthly

DownloadandinstallSARGtogeneratesquidusagereports. Usethesargreportscommandtogeneratereportsasshownbelow.

Note:Addthesargreporttothecrontab. Thereportsgeneratedbysargarestoredunder/var/www/squidreports.Thesearehtmlreportscan youcanviewfromabrowser.


$ls/var/www/squidreports Dailyindex.hyml $ls/var/www/squidreports/Daily 2010Aug282010Aug28imagesindex.html

15. Add new swap space :Usedd,mkswapandswaponcommandstoaddswapspace.Youcan eitheruseadedicatedharddrivepartitiontoaddnewswapspace,orcreateaswapfileonan existingfilesystemanduseitasswapspace. UNIX/Linux:2WaystoAddSwapSpaceUsingdd,mkswapandswapon Tweet Question:IwouldliketoaddmoreswapspacetomyLinuxsystem.Canyouexplainwithclear examplesonhowtoincreasetheswapspace? Answer:Youcaneitheruseadedicatedharddrivepartitiontoaddnewswapspace,orcreateaswap fileonanexistingfilesystemanduseitasswapspace.

Howmuchswapspaceiscurrentlyusedbythesystem?
#freek totalusedfreesharedbufferscached Mem:3082356204370010386560509761646268

Freecommanddisplaystheswapspace.freekshowstheoutputinKB.

/+buffers/cache:3464562735900 Swap:419295604192956

Swaponcommandwithoptions,displaysthecurrentswapspaceinKB.
#swapons FilenameTypeSizeUsedPriority /dev/sda2partition419295601

Swapons,issameasthefollowing.
#cat/proc/swaps FilenameTypeSizeUsedPriority /dev/sda2partition419295601

Method1:UseaHardDrivePartitionforAdditionalSwapSpace
Ifyouhaveanadditionalharddisk,(orspaceavailableinanexistingdisk),createapartitionusing fdiskcommand.Letusassumethatthispartitioniscalled/dev/sdc1 Nowsetupthisnewlycreatedpartitionasswapareausingthemkswapcommandasshownbelow.
#mkswap/dev/sdc1

Enabletheswappartitionforusageusingswaponcommandasshownbelow.
#swapon/dev/sdc1

Tomakethisswapspacepartitionavailableevenafterthereboot,addthefollowinglinetothe /etc/fstabfile.
#cat/etc/fstab /dev/sdc1swapswapdefaults00

Verifywhetherthenewlycreatedswapareaisavailableforyouruse.
#swapons FilenameTypeSizeUsedPriority /dev/sda2partition419295601 /dev/sdc1partition104856802 #freek totalusedfreesharedbufferscached Mem:30823563022364599920520562646472 /+buffers/cache:3238362758520 Swap:524152405241524

Note:Intheoutputofswaponscommand,theTypecolumnwillsaypartitioniftheswapspaceis createdfromadiskpartition.

Method2:UseaFileforAdditionalSwapSpace

Ifyoudonthaveanyadditionaldisks,youcancreateafilesomewhereonyourfilesystem,anduse thatfileforswapspace. Thefollowingddcommandexamplecreatesaswapfilewiththenamemyswapfileunder/root directorywithasizeof1024MB(1GB).


#ddif=/dev/zeroof=/root/myswapfilebs=1Mcount=1024 1024+0recordsin 1024+0recordsout #lsl/root/myswapfile rwrr1rootroot1073741824Aug1423:47/root/myswapfile

Changethepermissionoftheswapfilesothatonlyrootcanaccessit.
#chmod600/root/myswapfile

Makethisfileasaswapfileusingmkswapcommand.

#mkswap/root/myswapfile Settingupswapspaceversion1,size=1073737kB

Enablethenewlycreatedswapfile.
#swapon/root/myswapfile

Tomakethisswapfileavailableasaswapareaevenafterthereboot,addthefollowinglinetothe /etc/fstabfile.
#cat/etc/fstab /root/myswapfileswapswapdefaults00

Verifywhetherthenewlycreatedswapareaisavailableforyouruse.
#swapons FilenameTypeSizeUsedPriority /dev/sda2partition419295601 /root/myswapfilefile104856802 #freek totalusedfreesharedbufferscached Mem:30823563022364599920520562646472 /+buffers/cache:3238362758520 Swap:524152405241524

Note:Intheoutputofswaponscommand,theTypecolumnwillsayfileiftheswapspaceis createdfromaswapfile. Ifyoudontwanttoreboottoverifywhetherthesystemtakesalltheswapspacementionedinthe /etc/fstab,youcandothefollowing,whichwilldisableandenablealltheswappartitionmentioned inthe/etc/fstab


#swapoffa #swapona

16. Install and configure snort :Snortisafreelightweightnetworkintrusiondetectionsystemfor bothUNIXandWindows.Thisarticleexplainshowtoinstallsnortfromsource,writerules,and performbasictesting.

Snort:5StepstoInstallandConfigureSnorton Linux
SnortisafreelightweightnetworkintrusiondetectionsystemforbothUNIXandWindows. Inthisarticle,letusreviewhowtoinstallsnortfromsource,writerules,andperformbasictesting.

1.DownloadandExtractSnort
Downloadthelatestsnortfreeversionfromsnort website .Extractthesnortsourcecodetothe/usr/srcdirectoryas shownbelow. #cd/usr/src
#wgetOsnort2.8.6.1.tar.gzhttp://www.snort.org/downloads/116 #tarxvzfsnort2.8.6.1.tar.gz

Note:WealsodiscussedearlieraboutTripwire(Linuxhostbasedintrusiondetectionsystem) andFail2ban(Intrusionpreventionframework)

2.InstallSnort
Beforeinstallingsnort,makesureyouhavedevpackagesoflibpcapandlibpcre. #aptcachepolicylibpcap0.8dev libpcap0.8dev: Installed:1.0.02ubuntu1 Candidate:1.0.02ubuntu1
#aptcachepolicylibpcre3dev libpcre3dev: Installed:7.83 Candidate:7.83

Followthestepsbelowtoinstallsnort. #cdsnort2.8.6.1
#./configure #make #makeinstall

3.VerifytheSnortInstallation
Verifytheinstallationasshownbelow. #snortversion
,,_*>Snort!<* o")~Version2.8.6.1(Build39) ''''ByMartinRoesch&TheSnortTeam:http://www.snort.org/snort/snortteam Copyright(C)19982010Sourcefire,Inc.,etal. UsingPCREversion:7.820080905

4.Createtherequiredfilesanddirectory
Youhavetocreatetheconfigurationfile,rulefileandthelogdirectory. Createthefollowingdirectories: #mkdir/etc/snort
#mkdir/etc/snort/rules #mkdir/var/log/snort

Createthefollowingsnort.confandicmp.rulesfiles: #cat/etc/snort/snort.conf include/etc/snort/rules/icmp.rules


#cat/etc/snort/rules/icmp.rules alerticmpanyany>anyany(msg:"ICMPPacket";sid:477;rev:3;)

TheabovebasicruledoesalertingwhenthereisanICMPpacket(ping). Followingisthestructureofthealert: <RuleActions><Protocol><SourceIPAddress><SourcePort><DirectionOperator><DestinationIPAddress> <Destination>(ruleoptions)

Table:Rulestructureandexample Structure RuleActions Protocol SourceIPAddress SourcePort DirectionOperator DestinationIP Address DestinationPort (ruleoptions)

Example alert icmp any any > any any (msg:ICMPPacket;sid:477; rev:3;)

5.Executesnort
Executesnortfromcommandline,asmentionedbelow. #snortc/etc/snort/snort.confl/var/log/snort/ TrypingingsomeIPfromyourmachine,tocheckourpingrule.Followingistheexampleofasnortalertforthis ICMPrule. #head/var/log/snort/alert [**][1:477:3]ICMPPacket[**] [Priority:0] 07/2720:41:57.230345>l/llen:0l/ltype:0x2000:0:0:0:0:0 pkttype:0x4proto:0x800len:0x64 209.85.231.102>209.85.231.104ICMPTTL:64TOS:0x0ID:0IpLen:20DgmLen:84DF Type:8Code:0ID:24905Seq:1ECHO AlertExplanation Acoupleoflinesareaddedforeachalert,whichincludesthefollowing: Messageisprintedinthefirstline. SourceIP DestinationIP Typeofpacket,andheaderinformation. Ifyouhaveadifferentinterfaceforthenetworkconnection,thenusedevioption.Inthisexamplemynetwork interfaceisppp0. #snortdevippp0c/etc/snort/snort.confl/var/log/snort/

ExecutesnortasDaemon
AddDoptiontorunsnortasadaemon. #snortDc/etc/snort/snort.confl/var/log/snort/

AdditionalSnortinformation
Defaultconfigfilewillbeavailableatsnort2.8.6.1/etc/snort.conf Defaultrulescanbedownloadedfrom:http://www.snort.org/snortrules

17. Register RHEL/OEL linux to support :IfyouhavepurchasedsupportfromOracleforyour Linux,youcanregistertooraclesupportnetwork(ULN)usingup2dateasexplainedhere.

HowtoRegisterRHEL/OELLinuxtoOracleSupport(ULN)usingup2date
Question:IhavepurchasedLinuxsupportforRHELandOELfromOraclecorporation. HowdoIregistermyLinuxsystemtoOraclesupportnetworktodownloadandupdatepackages? Canyouexplainmewithstepbystepinstruction? Answer:AfterpurchasingLinuxsupportfromOracle,youshouldregisteryourLinuxsystemwith OraclesUnbreakableLinuxNetworkusingup2dateutilityasexplainedinthisarticle.

1.Launchup2dateregisterWizard
#up2dateregister

Typethefollowingfromthecommandline,whichwillinvoketheUnbreakableLinuxNetwork Registrationwizardasshownbelow.

2.RegistertoOracleULNusingOracleCSINumber
Ifyoualreadyhaveauid/pwdtotheULNnetwork,enterithere.Ifyoudonthaveanexisting accountonULN,theuid/pwdinformationyouenterinthisstepwillbeusedtocreateanewaccount foryou. MakesuretoenteravalidCSInumber.WhenyoupurchasedtheLinuxsupportfromOracle,you wouldvereceivedaCSInumber.

3.RegisteraSystemProfileHardwareInfo

Theup2datewillautomaticallycollectthefollowinginformationaboutyoursystemandusethisto createasystemprofile. Hostname IPaddress MemorySize CPUModelandSpeed RHELorOELVersion

4.RegisteraSystemProfilePackagesInfo

Theup2datewillautomaticallycollectinformationaboutalltheinstalledpackagesandassociateit withthecorrespondingsystemprofile.laterthisinfoisusedtodeterminewhetherapackageneeds tobeupdatedornot.

5.SendProfileInformationtoOracleNetwork(ULN)

Ontheconfirmationscreen,clickonNexttosendtheprofileinformation(includinghardwareand packagesinfo)toOraclesULN. Makesureyoursystemcantalktolinux.oracle.com.Ifnot,thisstepwillfail.

6.RHEL/OELRegistrationSuccessfulwithULN

Oncetheregistrationiscompleted,youllgetthefollowingconfirmationscreen. >Add your comment

Linuxprovidesseveralpowerful

18. tftpboot setup :YoucaninstallLinuxfromnetworkusingPXEbyinstallingandconfiguring tftpbootserverasexplainedhere.


HowTo:10StepstoConfiguretftpbootServerinUNIX/Linux(ForinstallingLinuxfromNetworkusingPXE) byB AL AK RIS H NA N M ARIYAPPA N onJULY22,2010

Inthisarticle,letusdiscussabouthowtosetuptftpboot,includinginstallationof necessarypackages,andtftpbootconfigurations. TFTPbootserviceisprimarilyusedtoperformOSinstallationonaremotemachineforwhichyou donthavethephysicalaccess.InordertoperformtheOSinstallationsuccessfully,thereshouldbea waytoreboottheremoteservereitherusingwakeonlanorsomeonemanuallyrebootingitor someotherways. Inthosescenarios,youcansetupthetftpbootservicesaccordinglyandtheOSinstallationcanbe doneremotely(youneedtohavetheautoyastconfigurationfiletoautomatetheOSinstallation steps). StepbystepprocedureispresentedinthisarticlefortheSLES10SP3in64bitarchitecture.However, thesestepsareprettymuchsimilartoanyotherLinuxdistributions. Thefollowingpackagesneedstobeinstalledforthetftpbootsetup. dhcpservicespackages:dhcp3.0.77.5.20.x86_64.rpmanddhcpserver3.0.77.5.20.x86_64.rpm tftpbootpackage:tftp0.481.6.x86_64.rpm pxebootpackage:syslinux3.1120.14.26.x86_64.rpm

RequiredPackages

PackageInstallation

Installthepackagesforthedhcpserverservices:
$rpmivhdhcp3.0.77.5.20.x86_64.rpm Preparing...###########################################[100%] 1:dhcp###########################################[100%] $rpmivhdhcpserver3.0.77.5.20.x86_64.rpm Preparing...###########################################[100%] 1:dhcp###########################################[100%] $rpmivhtftp0.481.6.x86_64.rpm $rpmivhsyslinux3.1120.14.26.x86_64.rpm

Afterinstallingthesyslinuxpackage,pxelinux.0filewillbecreatedunder/usr/share/pxelinux/ directory.Thisisrequiredtoloadinstallkernelandinitrdimagesontheclientmachine. Verifythatthepackagesaresuccessfullyinstalled.


$rpmqa|grepdhcp $rpmqa|greptftp

DownloadtheappropriatetftpserverfromtherepositoryofyourrespectiveLinuxdistribution.

Stepstosetuptftpboot Step1:Create/tftpbootdirectory
#mkdir/tftpboot/

Createthetftpbootdirectoryunderrootdirectory(/)asshownbelow.

Step2:Copythepxelinuximage
PXELinuximagewillbeavailableonceyouinstalledthesyslinuxpackage.Copythisto/tftpboot pathasshownbelow.
#cp/usr/share/syslinux/pxelinux.0/tftpboot

Step3:CreatethemountpointforISOandmounttheISOimage
LetusassumethatwearegoingtoinstalltheSLES10SP3Linuxdistributiononaremoteserver.If youhavetheSUSE10SP3DVDinsertitinthedriveormounttheISOimagewhichyouhave.Here, theisoimagehasbeenmountedasfollows:
#mkdir/tftpboot/sles10_sp3 #mountoloopSLES10SP3DVDx86_64.iso/tftpboot/sles10_sp3

RefertoourearlierarticleonHow to mount and view ISO files . Copytheinitrdtothetftpbootdirectoryasshownbelow.


#cd/tftpboot/sles10_sp3/boot/x86_64/loader #cpinitrdlinux/tftpboot/

Step4:Copythevmlinuzandinitrdimagesinto/tftpboot

Step5:Createpxelinux.cfgDirectory
Createthedirectorypxelinux.cfgunder/tftpbootanddefinethepxebootdefinitionsfortheclient.
#mkdir/tftpboot/pxelinux.cfg #cat>/tftpboot/pxelinux.cfg/default defaultlinux labellinux kernellinux appendinitrd=initrdshowoptsinstmode=nfsinstall=nfs://192.168.1.101/tftpboot/sles10_sp3/

Thefollowingoptionsareusedfor, kernelspecifieswheretofindtheLinuxinstallkernelontheTFTPserver. installspecifiesbootargumentstopasstotheinstallkernel. Aspertheentriesabove,thenfsinstallmodeisusedforservinginstallRPMsandconfigurationfiles. So,havethenfssetupinthismachinewiththe/tftpbootdirectoryintheexportedlist.Youcanadd theautoyastoptionwiththeautoyastconfigurationfiletoautomatetheOSinstallationsteps otherwiseyouneedtodorunthroughtheinstallationstepsmanually.

Step6:Changetheownerandpermissionfor/tftpbootdirectory
Assignnobody:nobodyto/tftpbootdirectory.
#chownnobody:nobody/tftpboot #chmod777/tftpboot

Step7:Modify/etc/dhcpd.conf
Modifythe/etc/dhcpd.confasshownbelow.
#cat/etc/dhcpd.conf ddnsupdatestylenone; defaultleasetime14400; filename"pxelinux.0"; #IPaddressofthedhcpservernothingbutthismachine.

nextserver192.168.1.101; subnet192.168.1.0netmask255.255.255.0{ #ipdistributionrangebetween192.168.1.1to192.168.1.100 range192.168.1.1192.168.1.100; defaultleasetime10; maxleasetime10; }

Specifytheinterfacein/etc/syslinux/dhcpdtolistendhcprequestscomingfromclients.
#cat/etc/syslinux/dhcpd|grepDHCPD_INTERFACE DHCPD_INTERFACE=eth1;

Here,thismachinehastheipaddressof192.168.1.101ontheeth1device.So,specifyeth1forthe DHCPD_INTERFACEasshownabove. Onarelatednote,refertoourearlierarticleabout7 examples to configure network interface using ifconfig.

Step8:Modify/etc/xinetd.d/tftp

Modifythe/etc/xinetd.d/tftpfiletoreflectthefollowing.Bydefaultthevaluefordisableparameter isyes,pleasemakesureyoumodifyittonoandyouneedtochangetheserver_argsentrytos /tftpboot.


#cat/etc/xinetd.d/tftp servicetftp{ socket_type=dgram protocol=udp wait=yes user=root server=/usr/sbin/in.tftpd server_args=s/tftpboot disable=no }

Step9:Nochangesin/etc/xinetd.conf
Thereisnoneedtomodifytheetc/xinetd.conffile.Usethedefaultvaluesspecifiedinthexinetd.conf file.

Step10:Restartxinetd,dhcpdandnfsservices
Restarttheseservicesasshownbelow.
#/etc/init.d/xinetdrestart #/etc/init.d/dhcpdrestart #/etc/init.d/nfsserverrestart

Afterrestartingthenfsservices,youcanviewtheexporteddirectorylist(/tftpboot)bythefollowing command,
#showmounte

Finally,thetftpbootsetupisreadyandnowtheclientmachinecanbebootedafterchangingthefirst bootdeviceasnetworkintheBIOSsettings. Ifyouencounteranytftperror,youcandothetroubleshootingbyretrievingsomefilesthroughtftpd service. Retrievesomefilefromthetftpservertomakesuretftpserviceisworkingproperlyusingthetftp client.Letusthatassumethatsample.txtfileispresentunder/tftpbootdirectory.


$tftpv192.168.1.101cgetsample.txt

19. Delete all iptables rules :Whenyouarestartingtosetupiptables,youmightwanttodelete (flush)alltheexistingiptablesasshownhere.


HowtoViewandDeleteIptablesRulesListandFlush bySATH IYA MO ORT HY onJULY16,2010

Question:HowdoIviewallthecurrentiptablesrules?OnceIviewit,isthereawayto deleteallthecurrentrulesandstartfromscratch? Answer:Usetheiptableslistoptiontoview,andiptablesflushoptiontodeletealltherulesasshown below.Youshouldhaverootpermissiontoperformthisoperation.

1.View/ListAlliptablesRules
#iptableslist

Whenyouwanttocheckwhatrulesareiniptables,uselistoptionasshownbelow.

Example1:Iptableslistoutputshowingnorules
#iptableslist ChainINPUT(policyACCEPT) targetprotoptsourcedestination ChainFORWARD(policyACCEPT) targetprotoptsourcedestination ChainOUTPUT(policyACCEPT) targetprotoptsourcedestination

Theaboveoutputshowschainheaders.Asyousee,therearenorulesinit.

Example2:Iptableslistoutputshowingsomerules
#iptableslist ChainINPUT(policyACCEPT) targetprotoptsourcedestination ChainFORWARD(policyACCEPT) targetprotoptsourcedestination

Whenthereisaruletodisablepingreply,youhavetheiptableslistoutputaslikethefollowing.You canseetheruleintheOUTPUTchain.

ChainOUTPUT(policyACCEPT) targetprotoptsourcedestination DROPicmpanywhereanywhereicmpechorequest

2.DeleteiptablesRulesusingflushoption
#iptablesflush

Whenyouwanttodeletealltherules,usetheflushoptionasshownbelow. Afterdoingthis,youriptableswillbecomeempty,andtheiptableslistoutputwilllooklikewhatis shownintheexample1. Youcanalsodelete(flush)aparticulariptablechainbygivingthechainnameasanargumentas shownbelow.

#iptablesflushOUTPUT

20. Disable ping replies :Someonecanfloodthenetworkwithpingf.Ifpingreplyisdisabledas explainedherewecanavoidthisflooding.


HowToDisablePingRepliesinLinuxusingicmp_echo_ignore_all bySATH IYA MO ORT HY onJULY9,2010

Youmaywanttodisablepingrepliesformanyreasons,maybeforasecurityreason,or toavoidnetworkcongestion. SomeonecanfloodthenetworkwithpingfasshowninPingExample5inourearlierPing Tutorialarticle.Ifpingreplyisdisabledwecanavoidthisflooding.

DisablepingreplyTemporarily

Youcantemporarilydisablethepingreplyusingthefollowingmethod.
#echo"1">/proc/sys/net/ipv4/icmp_echo_ignore_all

Pleasenotethatthissettingwillbeerasedafterthereboot.Todisablepingreplypermanently(even afterthereboot),followthestepmentionedbelow. Also,toenablethepingreplyback,setthevalueto0asshownbelow.


#echo"0">/proc/sys/net/ipv4/icmp_echo_ignore_all

DisablepingreplyPermanently
net.ipv4.icmp_echo_ignore_all=1

Youcanpermanentlydisablethepingreplyusingthefollowingmethod. Step1:Editthesysctl.conffileandaddthefollowingline. Step2:Executesysctlptoenforcethissettingimmediately.


#sysctlp

Theabovecommandloadsthesysctlsettingsfromthesysctl.conffile. Afterthepingreplyisdisabledusingoneoftheabovemethod,whensomebodytriestopingyour machinetheywillendupwaitingwithoutgettingapingreplypacketevenwhenthemachineisup andrunning. 21. Block ip address using fail2ban :Fail2banisaintrusionpreventonframeworkthatscanslog filesforvariousservices(SSH,FTP ,SMTP ,Apache,etc.,)andbanstheIPthatmakestoomany passwordfailures.Italsoupdatesiptlesfirewallrulestorejecttheseipaddresses.
Fail2BanHowto:BlockIPAddressUsingFail2banandIPTables byS ELVAG ANES HA N S onJULY2,2010

Fail2banscanslogfilesforvariousservices(SSH,FTP ,SMTP ,Apache,etc.,)andbanstheIPthat makestoomanypasswordfailures.Italsoupdatesthefirewallrulestorejecttheseipaddresses. Fail2banisanintrusionpreventionframeworkwritteninthePythonprogramminglanguage. MainpurposeofFail2banistopreventbruteforceloginattacks. Also,refertoourearlierarticleonTripwire(Linuxhostbasedintrusiondetectionsystem).

InstallFail2ban
Toinstallfail2banfromsource,downloaditfromsourceforge.. UseaptgettoinstallFail2banonaDebianbasedsystemasshownbelow.
#aptgetinstallfail2ban

YoucanalsoinstallFail2banmanuallybydownloadingthefail2ban deb package .


#dpkgifail2ban_0.8.11_all.deb

Howtoconfigurefail2ban
AllFail2banconfigurationfilesarelocatedunderthe/etc/fail2bandirectory.

/etc/fail2ban/fail2ban.conf

Mainpurposeofthisfileistoconfigurefail2banlogrelateddirectives. Loglevel:Setthelogleveloutput. logtarget:Specifythelogfilepath ActionstakenbytheFail2banareloggedinthe/var/log/fail2ban.logfile.Youcanchangethe verbosityintheconffiletooneof:1ERROR,2WARN,3INFOor4DEBUG.

/etc/fail2ban/jail.conf

jail.conffilecontainsthedeclarationoftheserviceconfigurations.Thisconfigurationfileisbrokenup intodifferentcontexts.TheDEFAULTsettingsapplytoallsections. ThefollowingDEFAULTsectionofjail.confsaysthatafterfivefailedaccessattemptsfromasingleIP addresswithin600secondsor10minutes(findtime),thataddresswillbeautomaticallyblockedfor 600seconds(bantime).


[DEFAULT] ignoreip=127.0.0.1 maxretry=5 findtime=600 bantime=600

ignoreip:ThisisaspaceseparatedlistofIPaddressesthatcannotbeblockedbyfail2ban. maxretry:Maximumnumberoffailedloginattemptsbeforeahostisblockedbyfail2ban. bantime:Timeinsecondsthatahostisblockedifitwascaughtbyfail2ban(600seconds=10 minutes).

ServiceConfigurations
[ssh] enabled=true port=ssh filter=sshd logpath=/var/log/auth.log action=iptables

Bydefault,someservicesareinsertedastemplates.Followingisanexampleofthesshservices section.

enabled:Enablethefail2bancheckingforsshservice port:serviceport(referredin/etc/servicesfile) filter:Nameofthefiltertobeusedbytheservicetodetectmatches.Thisnamecorrespondstoafile namein/etc/fail2ban/filter.d;withoutthe.confextension.Forexample:filter=sshdrefersto /etc/fail2ban/filter.d/sshd.conf. logpath:Thelogfilethatfail2banchecksforfailedloginattempts. Action:Thisoptiontellsfail2banwhichactiontotakeonceafiltermatches.Thisnamecorresponds toafilenamein/etc/fail2ban/action.d/withoutthe.confextension.Forexample:action=

iptablesrefersto/etc/fail2ban/action.d/iptables.conf. Fail2banwillmonitorthe/var/log/auth.logfileforfailedaccessattempts,andifitfindsrepeated failedsshloginattemptsfromthesameIPaddressorhost,fail2banstopsfurtherloginattemptsfrom thatIPaddress/hostbyblockingitwithfail2baniptablesfirewallrule.

Fail2banFilters

Thedirectory/etc/fail2ban/filter.dcontainsregularexpressionsthatareusedtodetectbreakin attempts,passwordfailures,etc.,forvariousservices. Forexample: sshd.confFail2bansshrelatedfilters apacheauth.confFail2banapacheservicefilters Wecanalsoaddourownregularexpressiontofindunwantedaction.

Fail2banActions

Thedirectory/etc/fail2ban/action.dcontainsdifferentscriptsdefiningactionswhichwillexecute onceafiltermatches.Onlyonefilterisallowedperservice,butitispossibletospecifyseveral actions,onseparatelines. Forexample: IPtables.confblock&unblockIPaddress Mail.confSendingmailtoconfigureduser

Start/StopFail2banService
#/etc/init.d/fail2banstop #/etc/init.d/fail2banstart

AftermakingconfigurationchangesstopandstarttheFail2bandaemonasshownbelow.

22. Package management using dpkg :Ondebian,youcaninstallorremovedebpackagesusing dpkgutility.

Debian:HowtoInstallorRemoveDEBPackages Usingdpkg
bySASIKALA onJUNE18,2010

Question:Iwouldliketoknowhowtoinstall,uninstall,verifydebpackagesonDebian.Canyouexplainmewithan example? Answer:Usedpkgtoinstallandremoveadebpackageasexplainedbelow. OnDebian,dpkg(Debianpackagesystem)allowsyoutoinstallandremovethesoftwarepackages.dpkgisthe simplestwaytoinstallanduninstallapackage. DebiannowsuppliesatoolnamedApt(forAPackageTool)andaptitudetohelptheadministratorstoaddor removesoftwaremoreeasily.RefertoourearlierManage packages using aptget formoredetails.

InstallingaDebUsingdpkgi
syntax: dpkgipackagefilename

iistoinstallapackage.

ThefollowingexampleinstallstheDebianpackagefortcltool. $dpkgitcl8.4_8.4.192_amd64.deb Selectingpreviouslydeselectedpackagetcl8.4. (Readingdatabase...94692filesanddirectoriescurrentlyinstalled.) Unpackingtcl8.4(fromtcl8.4_8.4.192_amd64.deb)... Settinguptcl8.4(8.4.192)... Processingtriggersformenu... Processingtriggersformandb... Youcanverifytheinstallationofpackageusingdpkglpackagenameasshownbelow. $dpkgl|grep'tcl' iitcl8.48.4.192Tcl(theToolCommandLanguage)v8.4runt Theabovecommandshowsthattclpackageisinstalledproperly.iispecifiesstatusinstalledokinstalled.

UninstallingaDebusingdpkgr
dpkgwithroptionremovestheinstalledpackage. $dpkgrtcl8.4 (Readingdatabase...94812filesanddirectoriescurrentlyinstalled.) Removingtcl8.4... Processingtriggersformandb... Processingtriggersformenu... Nowlistthepackageandcheckthestatus. #dpkgl|grep'tcl' rctcl8.48.4.192Tcl(theToolCommandLanguage)v8.4runt rcstandsforremovedokconfigfiles.Theremoveactiondidntpurgetheconfigurationfiles.Thestatusofeach installedpackagewillbeavailablein/var/lib/dpkg/status.Statusoftcl8.4packagelookslike, Package:tcl8.4 Status:deinstallokconfigfiles Priority:optional Section:interpreters InstalledSize:3308 Thefollowingcommandisusedtopurgethepackagecompletely. $dpkgPtcl8.4 (Readingdatabase...94691filesanddirectoriescurrentlyinstalled.) Removingtcl8.4... Purgingconfigurationfilesfortcl8.4... Processingtriggersformenu... $dpkgl|grep'tcl' $ Sothepackageiscompletelyremoved,andthestatusinthe/var/lib/dpkg/statusisgivenbelow. Package:tcl8.4 Status:purgeoknotinstalled Priority:optional Section:interpreters

23. Alfresco content management system :Alfrescoisthebestopensourcecontentmanagement system.EverythingyouneedtoknowtoinstallandconfigureAlfrescoisexplainedhere.


12StepstoInstallandConfigureAlfrescoonUNIX/Linux byRAM ES H NATARAJA N onMAY24,2010

Alfrescoisthebestopensourcecontentmanagementsystem.Thishasarocksoliddocument managementfoundation,withseveralfunctionalitybuiltontopofit.Alfrescoprovideswebbased contentmanagement,collaborationplatform,ContentManagementInteroperabilityServices(CMIS), recordsmanagementandimagemanagement. Alfrescohasenterpriseeditionandfreecommunityedition.Seethedifferencebetweenthemhere.If youhaveaninhouseITteam,justgowiththeAlfrescocommunityedition.Itisstraightforwardto installandconfigureAlfresco. Inthisarticle,letusreviewhowtoinstallandconfigurealfrescocommunityeditiononUNIX/ Linuxplatformusing12easysteps.

1.InstallAlfrescoCommunityTomcatBundle
#cd~

DownloadAlfrescofromthecommunity edition download page .


#wgetOalfrescocommunitytomcat3.3.tar.gzhttp://dl.alfresco.com/release/community/build2765/alfresco communitytomcat3.3.tar.gz?dl_file=release/community/build2765/alfrescocommunitytomcat3.3.tar.gz #mkdir/opt/alfresco/ #cd/opt/alfresco/ #tarxvfz~/alfrescocommunitytomcat3.3.tar.gz

2.ModifyAlfrescoGlobalProperties

alf_dataparameteridentifiesthelocationofalfrescodatastore,whereallthedocumentswillbe stored.Makesurethisispointingtoanabsolutepathasshownbelow.Initiallythisdirectorywillnot bepresent.Thisalf_datadirectorywillbecreatedwhenwestartthealfrescoforthe1sttime.


#vi/opt/alfresco/tomcat/shared/classes/alfrescoglobal.properties dir.root=/opt/alfresco/alf_data #lsl/opt/alfresco/alf_data ls:/opt/alfresco/alf_data:Nosuchfileordirectory

3.VerifyMySQLconnectorisinstalled

Justdoublechecktomakesurethemysqlconnectorisinstalledintheproperlocation,asshown below.
#lsl/opt/alfresco/tomcat/lib/mysqlconnectorjava5.1.7bin.jar rwxrxrx1rootroot709922Jan1211:59/opt/alfresco/tomcat/lib/mysqlconnectorjava5.1.7bin.jar

4.CreatetheAlfrescoMySQLdatabases

IfyoudonthaveMySQL,installitasusingyum groupinstall ,orbasedonLAMP install article,or basedonmysql rpm article. AfterinstallingMySQL,createthealfrescodatabaseusingthedb_setup.sqlscriptasshownbelow.


#cd/opt/alfresco/extras/databases/mysql

#mysqlurootp<db_setup.sql Enterpassword: #lsl/var/lib/mysql/alfresco/ total4 rwrw1mysqlmysql54May711:25db.opt

5.VerifythatAlfrescoMySQLdatabasesgotcreated
#mysqlurootp Enterpassword: mysql>showdatabases; ++ |Database| ++ |information_schema| |alfresco| |mysql| |test| ++ 4rowsinset(0.00sec) mysql>

6.Updatethedb.urlintheglobalpropertyfiles
Updatethedb.urlparameterinthealfrescoglobal.propertiesfiletopointtolocalhost:3306asshown below.
#vi/opt/alfresco/tomcat/shared/classes/alfrescoglobal.properties db.url=jdbc:mysql://localhost:3306/alfresco

7.StartAlfrescoServer
Startthealfrescoserver.Thiswillstartthetomcatapplicationserverthatwasbundledwiththe alfresco.
#cd/opt/alfresco #./alfresco.shstart UsingCATALINA_BASE:/opt/alfresco/tomcat UsingCATALINA_HOME:/opt/alfresco/tomcat UsingCATALINA_TMPDIR:/opt/alfresco/tomcat/temp UsingJRE_HOME:/usr/java/jdk1.6.0_18

Whilethealfrescotomcatserverisstartingup,checkthe/opt/alfresco/alfresco.logforanypossible issues. Whenalfresco.shisexecutedforthe1sttime,itwilldosomedatabasesetup,andyoullseefollowing messagesinthealfresco.log(onlythe1sttime). Executingdatabasescript/opt/alfresco/tomcat/temp/Alfresco/*.sql Allexecutedstatements:/opt/alfresco/tomcat/temp/Alfresco/*.sql Appliedpatch[org.alfresco.repo.admin.patch.PatchExecuter] LookforthelineinthelogfilewhereitsaysAlfrescostarted,whichindicatesthatAlfrescowas startedsuccessfully. Followingarefewsamplelinesfromalfresco.log.
#tailf/opt/alfresco/alfresco.log 21:29:25,431INFO[org.alfresco.repo.domain.schema.SchemaBootstrap]Executingdatabasescript /opt/alfresco/tomcat/temp/Alfresco/AlfrescoSchemaMySQLInnoDBDialectUpdate3892772511531851057.sql(Copied

fromclasspath:alfresco/dbscripts/create/3.3/org.hibernate.dialect.MySQLInnoDBDialect/AlfrescoCreate3.3 RepoTables.sql). 21:29:27,245INFO[org.alfresco.repo.domain.schema.SchemaBootstrap]Allexecutedstatements: /opt/alfresco/tomcat/temp/Alfresco/AlfrescoSchemaMySQLInnoDBDialectAll_Statements4724137490855924607.sql. ===Appliedpatch=== ID:patch.dbV3.00CreateActivitiesExtras RESULT: Scriptcompleted ===================================== 21:30:03,756INFO[org.alfresco.service.descriptor.DescriptorService]AlfrescoJVMv1.6.0_21b06;maximumheapsize 910.250MB 21:30:03,756INFO[org.alfresco.service.descriptor.DescriptorService]Alfrescostarted(Community):Currentversion 3.3.0(2765)schema4009Originallyinstalledversion3.3.0(2765)schema4009

8.Verifythealf_datadirectorycreation
Whenyoustartthealfrescoforthe1sttime,itwillcreatethealfrescodatarepositoryasshown below.
#lsl/opt/alfresco/alf_data total32 drwxrxrx2rootroot4096Mar2516:26audit.contentstore drwxrxrx2rootroot4096Mar2516:26contentstore drwxrxrx2rootroot4096Mar2516:26contentstore.deleted drwxrxrx3rootroot4096Mar2516:26luceneindexes

9.VerifythatAlfrescoServerisRunning
Makesurealfrescoserverisrunningsuccessfully.Viewthealfresco.logfiletomakesurethereareno errors.
#psef|grepialf root928015116:25pts/000:00:30/usr/java/jdk1.6.0_18/bin/javaXms128mXmx512m XX:MaxPermSize=160mserverDalfresco.home=.Dcom.sun.management.jmxremote Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager Djava.util.logging.config.file=/opt/alfresco/tomcat/conf/logging.properties Djava.endorsed.dirs=/opt/alfresco/tomcat/endorsedclasspath:/opt/alfresco/tomcat/bin/bootstrap.jar Dcatalina.base=/opt/alfresco/tomcatDcatalina.home=/opt/alfresco/tomcat Djava.io.tmpdir=/opt/alfresco/tomcat/temporg.apache.catalina.startup.Bootstrapstart #tailf/opt/alfresco/alfresco.log

10.LogintoAlfrescoExplorerorAlfrescoShare
AlfrescohastwowaystoaccesstheapplicationAlfrescoExplorerandAlfrescoShare. Gotohttp://localhost:8080/alfrescotolaunchtheAlfrescoexplorer Gotohttp://localhost:8080/sharetolaunchtheAlfrescoshare Defaultalfrescoadministratoruid/pwdisadmin/admin.Changeitimmediatelyafteryoulogin.

11.Changethedefaultpasswordforthealfrescodatabase
Usethemysqlupdatecommandtochangethepasswordforthealfrescouserasshownbelow.
#mysqlurootpmysql Enterpassword: Readingtableinformationforcompletionoftableandcolumnnames YoucanturnoffthisfeaturetogetaquickerstartupwithA WelcometotheMySQLmonitor.Commandsendwith;or\g. YourMySQLconnectionidis51 Serverversion:5.0.77Sourcedistribution

Type'help;'or'\h'forhelp.Type'\c'toclearthebuffer. mysql>UPDATEuserSETpassword=PASSWORD('donttellanybody')WHEREuser='alfresco'; QueryOK,2rowsaffected(0.00sec) Rowsmatched:2Changed:2Warnings:0 mysql>

12.Modifytheconfigurationfiletoreflectthenewalfrescopassword.
Updatethedb.passwordparameterinthealfrescoglobal.propertiesfileasshownbelow.
#vi/opt/alfresco/tomcat/shared/classes/alfrescoglobal.properties db.name=alfresco db.username=alfresco db.password=donttellanybody

Afterthis,stop/startMySQLdatabaseandrestartAlfrescoTomcatserver.Asafinalstep,makesureto takeabackupofalfrescomysqldatabaseusingmysqldumpormysqlhotcopyand/opt/alfresco directory.


#servicemysqldrestart #/opt/alfresco/alfresco.shstop #/opt/alfresco/alfresco.shstart

24. Bugzilla bug tracking system :Bugzillaisthebestopensourcebugtrackingsystem.Everything youneedtoknowtoinstallandconfigureBugzillaisexplainedhere.


StepbyStepBugzillaInstallationGuideforLinux byRAM ES H NATARAJA N onMAY17,2010

Bugzillaisthebestopensourcebugtrackingsystem.Verysimpletousewithlotoffeatures.Bugzilla allowsyoutotrackthebugsandcollaboratewithdevelopersandotherteamsinyourorganization effectively. ThisisadetailedstepbystepbugzillainstallationguideforLinux.

1.VerifyPerlVersion
#perlv

Makesureyourperlversionis>=5.8.1asshownbelow.
Thisisperl,v5.8.8builtfori386linuxthreadmulti

MostLinuxdistributionscomeswithperl.Ifyoudonthaveitonyours,downloadandinstallitfrom correspondingdistributionwebsite.

2.InstallMySQLDatabase

MakesureyourMySQLversionis>=4.1.2asshownbelow.
#mysqlV mysqlVer14.12Distrib5.0.77,forredhatlinuxgnu(i686)usingreadline5.1

Ifyoudonthavemysql,installitasusingyum groupinstall ,orbasedonLAMP install article,or basedonmysql rpm article.

3.InstallApache
Ifyoualreadyhaveapacheinstalled,makesureyouareabletoaccessitbyusinghttp://{yourip address}. Ifyoudonthaveapache,installisusingyumbasedonLAMP install article,orinstall apache from source.

4.DownloadlatestBugzillatarball
#cd~

Downloadthelateststablereleasefrombugzilla download page .Extractthebugzilla*.tar.gzfileto theapachedocumentrootdirectoryasshownbelow.


#wgethttp://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla3.6.tar.gz #cd/var/www/html #tarxvfz/usr/save/bugzilla3.4.6.tar.gz

5.Executethebugzillachecksetup.pl
Bugzillachecksetup.plprogramwillverifywhetheralltherequiredperlmodulesareinstalled.This willalsodisplayalistofallmissingbugzillamodulesthatneedstobeinstalled. Youcanrunthechecksetup.plprogramasmanytimesasyoulikeuntilyouveverifiedallthe requiredperlmodulesareinstalled. Followingistheoutputof1strunofchecksetup.pl,whereishaslistedallthemissingoptionaland requiredmodules.
#cd/var/www/html/bugzilla3.4.6 #./checksetup.plcheckmodules COMMANDSTOINSTALLOPTIONALMODULES: GD:/usr/bin/perlinstallmodule.plGD Chart:/usr/bin/perlinstallmodule.plChart::Base TemplateGD:/usr/bin/perlinstallmodule.plTemplate::Plugin::GD::Image GDTextUtil:/usr/bin/perlinstallmodule.plGD::Text GDGraph:/usr/bin/perlinstallmodule.plGD::Graph XMLTwig:/usr/bin/perlinstallmodule.plXML::Twig MIMEtools:/usr/bin/perlinstallmodule.plMIME::Parser libwwwperl:/usr/bin/perlinstallmodule.plLWP::UserAgent PatchReader:/usr/bin/perlinstallmodule.plPatchReader PerlMagick:/usr/bin/perlinstallmodule.plImage::Magick perlldap:/usr/bin/perlinstallmodule.plNet::LDAP AuthenSASL:/usr/bin/perlinstallmodule.plAuthen::SASL RadiusPerl:/usr/bin/perlinstallmodule.plAuthen::Radius SOAPLite:/usr/bin/perlinstallmodule.plSOAP::Lite HTMLParser:/usr/bin/perlinstallmodule.plHTML::Parser HTMLScrubber:/usr/bin/perlinstallmodule.plHTML::Scrubber EmailMIMEAttachmentStripper:/usr/bin/perlinstallmodule.plEmail::MIME::Attachment::Stripper EmailReply:/usr/bin/perlinstallmodule.plEmail::Reply TheSchwartz:/usr/bin/perlinstallmodule.plTheSchwartz DaemonGeneric:/usr/bin/perlinstallmodule.plDaemon::Generic mod_perl:/usr/bin/perlinstallmodule.plmod_perl2

YOUMUSTRUNONEOFTHEFOLLOWINGCOMMANDS(dependingonwhichdatabaseyouuse): PostgreSQL:/usr/bin/perlinstallmodule.plDBD::Pg MySQL:/usr/bin/perlinstallmodule.plDBD::mysql Oracle:/usr/bin/perlinstallmodule.plDBD::Oracle COMMANDSTOINSTALLREQUIREDMODULES(You*must*runallthesecommandsandthenrerunchecksetup.pl): /usr/bin/perlinstallmodule.plCGI /usr/bin/perlinstallmodule.plDigest::SHA /usr/bin/perlinstallmodule.plDate::Format /usr/bin/perlinstallmodule.plDateTime /usr/bin/perlinstallmodule.plDateTime::TimeZone /usr/bin/perlinstallmodule.plTemplate /usr/bin/perlinstallmodule.plEmail::Send /usr/bin/perlinstallmodule.plEmail::MIME /usr/bin/perlinstallmodule.plEmail::MIME::Encodings /usr/bin/perlinstallmodule.plEmail::MIME::Modifier /usr/bin/perlinstallmodule.plURI Toattemptanautomaticinstallofeveryrequiredandoptionalmodulewithonecommand,do: /usr/bin/perlinstallmodule.plall

6.Executebugzillainstallmodule.pl
Assuggestedbytheoutputofthechecksetup.pl,youcanexecutetheinstallmodule.pltoinstallall bugzillarequiredandoptionalperlmodules.
#/usr/bin/perlinstallmodule.plall

Pleasereviewtheoutputoftheaboveinstallmodule.pltomakesureeverythinggotinstallproperly. Thereisapossibilitythatsomeofthemodulesfailedtoinstall(maybebecausesomerequiredOS packagesweremissing). Executethechecksetup.pltoverifywhetherallthemodulesgotinstalledproperly. Followingistheoutputof2ndrunofthechecksetup.pl:


#./checksetup.plcheckmodules COMMANDSTOINSTALLOPTIONALMODULES: GD:/usr/bin/perlinstallmodule.plGD Chart:/usr/bin/perlinstallmodule.plChart::Base TemplateGD:/usr/bin/perlinstallmodule.plTemplate::Plugin::GD::Image GDTextUtil:/usr/bin/perlinstallmodule.plGD::Text GDGraph:/usr/bin/perlinstallmodule.plGD::Graph XMLTwig:/usr/bin/perlinstallmodule.plXML::Twig PerlMagick:/usr/bin/perlinstallmodule.plImage::Magick SOAPLite:/usr/bin/perlinstallmodule.plSOAP::Lite mod_perl:/usr/bin/perlinstallmodule.plmod_perl2 YOUMUSTRUNONEOFTHEFOLLOWINGCOMMANDS(dependingonwhichdatabase youuse): PostgreSQL:/usr/bin/perlinstallmodule.plDBD::Pg

MySQL:/usr/bin/perlinstallmodule.plDBD::mysql Oracle:/usr/bin/perlinstallmodule.plDBD::Oracle

7.InstallmissingPerlModules
Asweseefromtheabovechecksetup.ploutput,someoftheoptionalmodulesandrequiredmodule installedwasnotcompletedwhenwerantheinstallmodule.pl. So,wehavetoinstallthemissingmodulesmanuallyonebyonetofigureouttheissuesandfixit onebyone. RefertotheTroubleshootingSectionattheendforlistofalltheissuesthatIfacedwhileinstalling theperlmodulesrequiredforbugzilla(alongwiththesolutiononhowtofixthoseissues).

8.Finalchecksetup.plcheckmodulesverification

Executechecksetup.plcheckmodulesagainasshownbelowasfinalverificationtomakesureallthe modulesgotinstalledsuccessfully.
#./checksetup.plcheckmodules *ThisisBugzilla3.4.6onperl5.8.8 *RunningonLinux2.6.18164.el5PAE#1SMPThuSep304:10:44EDT2009 Checkingperlmodules... CheckingforCGI.pm(v3.21)ok:foundv3.49 CheckingforDigestSHA(any)ok:foundv5.48 CheckingforTimeDate(v2.21)ok:foundv2.24 CheckingforDateTime(v0.28)ok:foundv0.55 CheckingforDateTimeTimeZone(v0.71)ok:foundv1.17 CheckingforDBI(v1.41)ok:foundv1.52 CheckingforTemplateToolkit(v2.22)ok:foundv2.22 CheckingforEmailSend(v2.00)ok:foundv2.198 CheckingforEmailMIME(v1.861)ok:foundv1.903 CheckingforEmailMIMEEncodings(v1.313)ok:foundv1.313 CheckingforEmailMIMEModifier(v1.442)ok:foundv1.903 CheckingforURI(any)ok:foundv1.54 CheckingavailableperlDBDmodules... CheckingforDBDPg(v1.45)notfound CheckingforDBDmysql(v4.00)ok:foundv4.013 CheckingforDBDOracle(v1.19)notfound ThefollowingPerlmodulesareoptional: CheckingforGD(v1.20)ok:foundv2.44 CheckingforChart(v1.0)ok:foundv2.4.1 CheckingforTemplateGD(any)ok:foundv1.56 CheckingforGDTextUtil(any)ok:foundv0.86 CheckingforGDGraph(any)ok:foundv1.44 CheckingforXMLTwig(any)ok:foundv3.34 CheckingforMIMEtools(v5.406)ok:foundv5.427 Checkingforlibwwwperl(any)ok:foundv5.834 CheckingforPatchReader(v0.9.4)ok:foundv0.9.5 CheckingforPerlMagick(any)ok:foundv6.2.8 Checkingforperlldap(any)ok:foundv0.4001 CheckingforAuthenSASL(any)ok:foundv2.1401 CheckingforRadiusPerl(any)ok:foundv0.17 CheckingforSOAPLite(v0.710.06)ok:foundv0.711

CheckingforHTMLParser(v3.40)ok:foundv3.65 CheckingforHTMLScrubber(any)ok:foundv0.08 CheckingforEmailMIMEAttachmentStripper(any)ok:foundv1.316 CheckingforEmailReply(any)ok:foundv1.202 CheckingforTheSchwartz(any)ok:foundv1.10 CheckingforDaemonGeneric(any)ok:foundv0.61 Checkingformod_perl(v1.999022)ok:foundv2.000004

9.Createlocalconfigfileusingchecksetup.pl
Executechecksetup.plwithoutanyargument,whichwillcreatealocalconfigfileinthecurrent directory.Thelocalconfigfilecontainsthekeyconfigurationparametersusedbythebugzilla(for example,mysqldbusernameandpassword).
#./checksetup.pl Reading./localconfig... ThisversionofBugzillacontainssomevariablesthatyoumaywantto changeandadapttoyourlocalsettings.Pleaseeditthefile ./localconfigandrerunchecksetup.pl. Thefollowingvariablesarenewto./localconfigsinceyoulastran checksetup.pl:create_htaccess,webservergroup,db_driver,db_host,db_name,db_user,db_pass,db_port,db_sock, db_check,index_html,cvsbin,interdiffbin,diffpath,site_wide_secret

10.Modifythelocalconfigfile.
TheonlythingyouneedtomodifythelocalconfigfileisMySQLdatabasedbpasswordbychanging the$db_passvariableasshownbelow.
#vi./localconfig $db_pass='Bugs4All';

11.Modify/etc/my.cnftoincreasebugzillaattachmentsize
Setthemax_allowed_packetto4Minthe/etc/my.cnftoincreasebugzillaattachmentsize.
#cat/etc/my.cnf [mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql #Defaulttousingoldpasswordformatforcompatibilitywithmysql3.x #clients(thoseusingthemysqlclient10compatibilitypackage). old_passwords=1 #Disablingsymboliclinksisrecommendedtopreventassortedsecurityrisks; #todoso,uncommentthisline: #symboliclinks=0 #Allowpacketsupto4MB max_allowed_packet=4M [mysqld_safe] logerror=/var/log/mysqld.log pidfile=/var/run/mysqld/mysqld.pid

Restartthemysqldafterthischange.
#servicemysqldrestart

12.Createbugsmysqluser
Addbugzillauser(bugs)tothemysqldatabaseasshownbelow.
#mysqlurootp mysql>GRANTSELECT,INSERT, UPDATE,DELETE,INDEX,ALTER,CREATE,LOCKTABLES, CREATETEMPORARYTABLES,DROP ,REFERENCESONbugs.* TObugs@localhostIDENTIFIEDBY'Bugs4All'; mysql>FLUSHPRIVILEGES;

13.Createthebugzilladatabase
Executethechecksetup.pl(withoutanyarguments)againtocreatethemysqlbugzilladatabase. Sincethelocalconfigfilealreadyexist,thesecondtimewhenyouexecutethechecksetup.pl,itwill createthemysqldatabasebasedontheinformationfromlocalconfigfile.
#./checksetup.pl Creatingdatabasebugs... BuildingSchemaobjectfromdatabase... Addingnewtablebz_schema... InitializingthenewSchemastorage... Addingnewtableattach_data... Addingnewtableattachments... Addingnewtablebug_group_map... Addingnewtablebug_see_also... Addingnewtablebug_severity... Addingnewtablebug_status... Insertingvaluesintothe'priority'table: Insertingvaluesintothe'bug_status'table: Insertingvaluesintothe'rep_platform'table: Creating./datadirectory... Creating./data/attachmentsdirectory... Creating./data/duplicatesdirectory... Addingforeignkey:attachments.bug_id>bugs.bug_id... Addingforeignkey:attachments.submitter_id>profiles.userid... Addingforeignkey:bug_group_map.bug_id>bugs.bug_id...

14.Createbugzillaadministratoraccount.
Attheendofthe./checksetup.plexecution,itwilldetectthatyoudonthaveanadminsitrator accountandrequestyoutoenteradministrationlogininformationasshownbelow.
Lookslikewedon'thaveanadministratorsetupyet.Eitherthisis yourfirsttimeusingBugzilla,oryouradministrator'sprivileges mighthaveaccidentallybeendeleted. Entertheemailaddressoftheadministrator:ramesh@thegeekstuff.com Entertherealnameoftheadministrator:RameshNatarajan Enterapasswordfortheadministratoraccount:NotRealPwd Pleaseretypethepasswordtoverify:welcome

ramesh@thegeekstuff.comisnowsetupasanadministrator. Creatingdefaultclassification'Unclassified'... Creatinginitialdummyproduct'TestProduct'... NowthatyouhaveinstalledBugzilla,youshouldvisitthe'Parameters' page(linkedinthefooteroftheAdministratoraccount)toensureit issetupasyouwishthisincludessettingthe'urlbase'optionto thecorrectURL.

15.Configureapacheformod_perl
Renamethebugzilladirectory.(i.eremovetheversionnumberinit)
#cd/var/www/html #mvbugzilla3.4.6/bugzilla

Addthefollowingtwolinestohttpd.conf
#tail2/etc/httpd/conf/httpd.conf PerlSwitchesI/var/www/html/bugzillaI/var/www/html/bugzilla/libwT PerlConfigRequire/var/www/html/bugzilla/mod_perl.pl

VerifytheGroupinhttpd.confmatchesthewebservergroupinlocalconfig
#cd/var/www/html/bugzilla/ #grepwebservergrouplocalconfig $webservergroup='apache'; #grepGroup/etc/httpd/conf/httpd.conf Groupapache

16.Finalchecksetup.plexecution
Executethechecksetup.plagain.
#./checksetup.pl Reading./localconfig... Removingexistingcompiledtemplates... Precompilingtemplates...done. Fixingfilepermissions... NowthatyouhaveinstalledBugzilla,youshouldvisitthe'Parameters' page(linkedinthefooteroftheAdministratoraccount)toensureit issetupasyouwishthisincludessettingthe'urlbase'optionto thecorrectURL.

17.Logintobugzillaandcompleteonetimesetup.
Starttheapache,gotohttp://{youripaddress}/bugzillaandloginusingtheadministratoraccount youcreatedabove. FromthebugzillaUI,atthefooter>Administration>Parameters>RequiredSettingssection> Filloutfollowinginformation: maintainer:ramesh@thegeekstuff.com urlbase:http://{youripaddress}/ Note:Dependingonyoursetup,goto>UserAuthentication>andyoumightwanttochange requiredloginandemailregexpparameter.

TroubleshootingBugzillaInstallIssues Issue1:DBD::mysqlmodulefailed
TheDBD:mysqlperlmodulefailedwiththemysql.h:Nosuchfileordirectoryerrormessageas shownbelow.
#/usr/bin/perlinstallmodule.plDBD::mysql dbdimp.h:22:49:error:mysql.h:Nosuchfileordirectory dbdimp.h:23:45:error:mysqld_error.h:Nosuchfileordirectory dbdimp.h:25:49:error:errmsg.h:Nosuchfileordirectory Infileincludedfromdbdimp.c:20: dbdimp.h:144:error:expectedspecifierqualifierlistbeforeMYSQL dbdimp.h:236:error:expectedspecifierqualifierlistbeforeMYSQL_RES

Solution1:installmysqldevel
Errormessagemysql.h:Nosuchfileordirectoryisbecausemysqldevelpackagewasmissingas shownbelow.
#rpmqa|grepimysql MySQLpython1.2.11 mysql5.0.774.el5_4.2 mysqlconnectorodbc3.51.26r11271.el5 mysqlserver5.0.774.el5_4.2 libdbidbdmysql0.8.1a1.2.2 perlDBDMySQL3.00072.el5

Installthemysqldevelpackageasshownbelow.
#yuminstallmysqldevel #rpmqa|grepi"mysqldevel" mysqldevel5.0.774.el5_4.2

DBD::mysqlinstallationwillgothroughwithoutanyissuesnow.
#/usr/bin/perlinstallmodule.plDBD::mysql

Issue2:GDfailedwithmissinggdlibconfig/libgd
InstallingGDmodulefailedwiththefollowingerrormessage.
#/usr/bin/perlinstallmodule.plGD **UNRECOVERABLEERROR** Couldnotfindgdlibconfiginthesearchpath.Pleaseinstalllibgd2.0.28orhigher. Ifyouwanttotrytocompileanyway,pleasererunthisscriptwiththeoptionignore_missing_gd. Runningmaketest Makehadsomeproblems,maybeinterrupted?Won'ttest Runningmakeinstall Makehadsomeproblems,maybeinterrupted?Won'tinstall

Solution2:Installgddevelpackage
Installlibgd(i.egddevelpackage)asshownbelowtofixtheGDmoduleissue.
#yuminstallgddevel #rpmqa|grepgd gd2.0.339.4.el5_4.2 gddevel2.0.339.4.el5_4.2

GDgotinstalledwithoutanyissuesafterinsingallinggddevelpackage.

#/usr/bin/perlinstallmodule.plGD

Issue3:TwigFailedwithexpat.herror
Twigmodulefailedtoinstallwiththeerrormessageexpat.h:Nosuchfileordirectoryasshown below.
#/usr/bin/perlinstallmodule.plXML::Twig Expat.xs:12:19:error:expat.h:Nosuchfileordirectory Expat.xs:60:error:expectedspecifierqualifierlistbeforeXML_Parser

Solution3:InstallexpatandexpatdevelforTwig
Installexpatandexpatdevelpackageasshownbelow.
#yuminstallexpat #yuminstallexpatdevel

NowinstallTwigwithoutanyissues.
#/usr/bin/perlinstallmodule.plXML::Twig

Issue4:Image::Magickfailedtoinstall
Image::Magickinstallationfailedwithmagick/MagickCore.h:Nosuchfileordirectoryerror messageasshownbelow.
#/usr/bin/perlinstallmodule.plImage::Magick Note(probablyharmless):NolibraryfoundforlMagickCore Magick.xs:64:31:error:magick/MagickCore.h:Nosuchfileordirectory Magick.xs:171:error:expectedspecifierqualifierlistbeforeMagickRealType Magick.xs:192:error:expectedspecifierqualifierlistbeforeImageInfo Magick.xs:214:error:MagickNoiseOptionsundeclaredhere(notinafunction) Magick.xs:214:warning:missinginitializer

Solution4:Image::Magickfailedtoinstall
MakesurefollowingImageMagicrelatedpackagesarepresent.
#rpmqa|grepiImage ImageMagick6.2.8.04.el5_1.1 ImageMagickc++devel6.2.8.04.el5_1.1 ImageMagickdevel6.2.8.04.el5_1.1 ImageMagickc++6.2.8.04.el5_1.1 ImageMagickperl6.2.8.04.el5_1.1

Inmycase,ImageMagicdevelwasmissing.So,installeditasshownbelow.Afterthat,Image::Magick perlmodulegotinstalledsuccessfully.
#yuminstallImageMagickdevel #/usr/bin/perlinstallmodule.plImage::Magick

Issue5:SOAP::Litefailedtoinstall
SOAP::LitemodulefailedtoinstallwithCannotlocateversion.pmin@INCmessageasshown below.
#/usr/bin/perlinstallmodule.plSOAP::Lite Failedtest'useSOAP::Lite;'att/SOAP/Data.tline5. Triedtouse'SOAP::Lite'. Error:Can'tlocateversion.pmin@INC

Solution5:Installversion.pmrequiredforSOAP::Lite
Installedversion.pmasshownbelow.Afterthis,SOAP::Litegotinstalledwithoutanyissue.
#perlMCPANe'installversion' #/usr/bin/perlinstallmodule.plSOAP::Lite

Issue6(andSolution6):mod_perlwasmissing
Dontinstallmod_perlusing/usr/bin/perlinstallmodule.plmod_perl2.Insetad,useyumtoinstall mod_perlasshownbelow.
#yuminstallmod_perl

Issue7:Apachestartfailed
StartingapachefailedwithCannotlocateTemplate/Config.pmin@INCerrormessage.
#servicehttpdrestart Stoppinghttpd:[OK] Startinghttpd:Syntaxerroronline994of/etc/httpd/conf/httpd.conf: Can'tlocateTemplate/Config.pmin@INC

Solution7:InstallTemplateToolKitasshownbelow
InstallTemplateToolkittofixtheaboveapacheerrormessage
#cpan cpan>i/TemplateToolkit/ DistributionA/AB/ABEL/EidolonDriverTemplateToolkit0.01.tar.gz DistributionA/AB/ABW/TemplateToolkit1.07.tar.gz DistributionA/AB/ABW/TemplateToolkit2.22.tar.gz DistributionI/IN/INGY/TemplateToolkitSimple0.03.tar.gz 4itemsfound cpan>installA/AB/ABW/TemplateToolkit2.22.tar.gz

Issue8:Apachestartfailedagain
StartingapachefailedwithCannotlocateDateTime/Locale.pmin@INCerrormessage.
#servicehttpdrestart Stoppinghttpd:[OK] Startinghttpd:Syntaxerroronline994of/etc/httpd/conf/httpd.conf: Can'tlocateDateTime/Locale.pmin@INC

Solution8:InstallDateTime/Locale.pmasshownbelow
InstallDateTime/Locale.pmtofixtheaboveapacheerrormessage
#cpan cpan>installDateTime:Locale

Also,inyourapacheerror_logifyouseeDigest/SHA.pmissue,youshouldinstallitasshownbelow.
#tailf/etc/httpd/logs/error_log Can'tlocateDigest/SHA.pmin@INC(@INCcontains: #cpan cpan>installDigest::SHA

25.

Rpm, deb, dpot and msi packages :Thisarticleexplainshowtoviewandextractfilesfrom

variouspackagetypesusedbydifferentLinux/UNIXdistributions.
HowtoViewandExtractFilesfromrpm,deb,depotandmsiPackages bySA SIKA LA onAPRIL19,2010

Question:HowdoIvieworextractthefilesthatarebundledinsidethepackagesofvarious operatingsystem.Forexample,Iwouldliketoknowhowtoview(andextract)thecontentofarpm, ordeb,ordepot,ormsifile. Answer:Youcanusetoolslikerpm,rpm2cpio,ar,dpkg,tar,swlist,swcopy,lessmsiasexplained below.

1.RPMpackageinRedhat/CentOS/Fedora
ListingthefilesfromaRPMpackageusingrpmqlp
$rpmqlpovpc2.1.10.rpm /usr/src/ovpc/5.10.0 /usr/src/ovpc/ovpc2.1.10/examples /usr/src/ovpc/ovpc2.1.10/examples/bin /usr/src/ovpc/ovpc2.1.10/examples/lib /usr/src/ovpc/ovpc2.1.10/examples/test . . . /usr/src/ovpc/ovpc2.1.10/pcs

RPMstandsforRedHatpackagemanager.Thefollowingexampleshowshowtoviewthefiles availableinaRPMpackagewithoutextractingorinstallingtherpmpackage.

Explanationofthecommand:rpmqlpovpc2.1.10.rpm rpmcommand qquerytherpmfile llistthefilesinthepackage pspecifythepackagename

ExtractingthefilesfromaRPMpackageusingrpm2cpioandcpio
$rpm2cpioovpc2.1.10.rpm|cpioidmv ./usr/src/ovpc/5.10.0 ./usr/src/ovpc/ovpc2.1.10/examples ./usr/src/ovpc/ovpc2.1.10/examples/bin ./usr/src/ovpc/ovpc2.1.10/examples/lib ./usr/src/ovpc/ovpc2.1.10/examples/test . . . ./usr/src/ovpc/ovpc2.1.10/pcs $ls. usr

RPMisasortofacpioarchive.First,converttherpmtocpioarchiveusingrpm2cpiocommand. Next,usecpiocommandtoextractthefilesfromthearchiveasshownbelow.

2.DebpackageinDebian

debistheextensionofDebiansoftwarepackageformat.*.debisalsousedinotherdistributionsthat

arebasedonDebian.(forexample:Ubuntuuses*.deb)

Listingthefilesfromadebianpackageusingdpkgc
dpkgisthepackagemanagerfordebian.Sousingdpkgcommandyoucanlistandextractthe packages,asshownbelow. Toviewthecontentof*.debfile:
$dpkgcovpc_1.06.943_i386.deb drxrxrxroot/root02010022510:54./ drxrxrxroot/root02010022510:54./ovpc/ drxrxrxroot/root02010022510:54./ovpc/pkg/ drxrxrxroot/root02010022510:54./ovpc/pkg/lib/ drxrxrxroot/root02010022510:48./ovpc/pkg/lib/header/ rxrxrxroot/root1302009102917:06./ovpc/pkg/lib/header/libov.so . . . rxrxrxroot/root1312009102917:06./ovpc/pkg/etc/conf drxrxrxroot/root02010022510:54./ovpc/pkg/etc/conf/log.conf

Extractingthefilesfromadebianpackageusingdpkgx
Usedpkgxtoextractthefilesfromadebpackageasshownbelow.
$dpkgxovpc_1.06.943_i386.deb/tmp/ov $ls/tmp/ov ovpc

DEBfilesareararchives,whichalwayscontainsthethreefilesdebianbinary,control.tar.gz,and data.tar.gz.Wecanusearcommandandtarcommandtoextractandviewthefilesfromthedeb package,asshownbelow. First,extractthecontentof*.debarchivefileusingarcommand.


$arvxovpc_1.06.943_i386.deb xdebianbinary xcontrol.tar.gz xdata.tar.gz $

Next,extractthecontentofdata.tar.gzfileasshownbelow.
$tarxvzfdata.tar.gz ./ ./ovpc/ ./ovpc/pkg/ ./ovpc/pkg/lib/ ./ovpc/pkg/lib/header/ ./ovpc/pkg/lib/header/libov.so . . ./ovpc/pkg/etc/conf ./ovpc/pkg/etc/conf/log.con

3.DepotpackageinHPUX

Listingthefilesfromadepotpackageusingtarandswlist
DEPOTfileisaHPUXSoftwareDistributorCatalogDepotfile.HPUXdepotsarejustatarfile,with someadditionalinformationasshownbelow.

$tartfovcsw_3672.depot OcswServer/MGR/etc/ OcswServer/MGR/etc/opt/ OcswServer/MGR/etc/opt/OV/ OcswServer/MGR/etc/opt/OV/share/ OcswServer/MGR/etc/opt/OV/share/conf/ OcswServer/MGR/etc/opt/OV/share/conf/OpC/ OcswServer/MGR/etc/opt/OV/share/conf/OpC/opcctrlovw/

swlistisaHPUXcommandwhichisusedtodisplaytheinformationaboutthesoftware.Viewthe contentofthedepotpackageasshownbelowusingswlistcommand.
$swlistlfiles/root/ovcsw_3672.depot #Initializing... #Contactingtarget"osgsw"... # #Target:osgsw:/root/ovcsw_3672.depot # #OcswServer8.50.000OcswServerproduct #OcswServer.MGR9.00.140OcsServerOvw /etc /etc/opt /etc/opt/OV /etc/opt/OV/share /etc/opt/OV/share/conf /etc/opt/OV/share/conf/OpC

Extractingthefilesfromadepotpackageusingswcopy
Swcopycommandcopiesormergessoftware_selectionsfromasoftwaresourcetooneormore softwaredepottarget_selections.Usinguncompressoptioninswcopy,youcanextractthefilesfroma depotsoftwarepackage.
$swcopyxuncompress_files=truexenforce_dependencies=falses/root/ovcsw_3672.depot\*@/root/extracted/ $ls/root/extracted MGRcatalogosmsw.log $

Sincedepotfilestarfiles,youcanextractusingnormaltarextractionasshownbelow.
$tarxvffilename

26. Backup using rsnapshot :Youcanbackupeitheralocalhostorremotehostusingrsnapshot rsyncutility.rsnapshotusesthecombinationofrsyncandhardlinkstomaintainfullbackupand incrementalbackups.Onceyouvesetupandconfiguredrsnapshot,thereisabsolutelyno maintenanceinvolvedinit.rsnapshotwillautomaticallytakecareofdeletingandrotatingtheold backups.


HowToBackupRemoteLinuxHostUsingrsnapshotrsyncUtility byRAM ES H NATARAJA N onSEPTEMBER16,2009

Inthepreviousarticlewereviewedhowtobackup local unix host usingrsnapshotutility. Inthisarticle,letusreviewhowtobackupremoteLinuxhostusingthisutility.

1.SetupKeyBasedAuthentication
Asweveexplainedearliersetupthekeybasedauthenticationasexplainedeitherinsshkeygen and sshcopyidarticleoropenSSHarticle.
[root@localhost]#sshkeygen [root@localhost]#sshcopyidi~/.ssh/id_rsa.pubremotehost

2.Verifythepasswordlessloginbetweenservers
Logintotheremotehostfromlocalhostwithoutenteringthepassword.
[root@localhost]#sshremotehost Lastlogin:SunMar1516:45:402009fromlocalhost [root@remotehost]#

3.ConfigurersnapshotandspecifyRemoteHostBackupDirectories
Defineyourremotehostdestinationbackupdirectoriesin/etc/rsnapshot.confasshownbelow.In thisexample, root@remotehost:/etcSourcedirectoryontheremotehostthatshouldbebackedup.i.eremote backupdestinationdirectory. remotehostbackup/destinationdirectorywherethebackupoftheremotehostwillbestored. Pleasenotethatthisdirectorywillbecreatedunderlocalhost/.snapshots/{internal.n}/directoryas showninthelaststep.
#vi/etc/rsnapshot.conf backuproot@remotehost:/etc/remotehostbackup/exclude=mtab,exclude=core

4.TestrsnapshotConfiguration
PerformconfigurationtesttomakesurersnapshotissetupproperlyandreadytoperformLinuxrsync backup.
#rsnapshotconfigtest SyntaxOK

5.AddCrontabEntryforrsnapshot
Onceyouveverifiedthatthersynchourlyanddailybackupconfigurationsaresetupproperlyinthe rsnapshotcwrsyncutility,itistimetosetthispuppyupinthecrontabasshownbelow.
#crontabe 0*/4***/usr/local/bin/rsnapshothourly 3023***/usr/local/bin/rsnapshotdaily

CheckoutLinux crontab examples articletounderstandhowtosetupandconfigurecrontab.

6.Manuallytesttheremotehostbackuponce
[root@localhost]#/usr/local/bin/rsnapshothourly [root@localhost]#lsl/.snapshots/hourly.0/ total8 drwxrxrx3rootroot4096Jul2204:19remotehostbackup drwxrxrx3rootroot4096Jul1305:07localhost

[root@localhost]#lsl/.snapshots/hourly.0/remotehostbackup/ total4 drwxrxrx93rootroot4096Jul2203:36etc

TroubleshootingTips
Problem:rsnapshotfailedwithERROR:/usr/bin/rsyncreturned20asshownbelow.
[root@localhost]#/usr/local/bin/rsnapshothourly rsyncerror:receivedSIGINT,SIGTERM,orSIGHUP(code20)atrsync.c(260) [receiver=2.6.8] rsnapshotencounteredanerror!Theprogramwasinvokedwiththeseoptions: /usr/local/bin/rsnapshothourly ERROR:/usr/bin/rsyncreturned20whileprocessingcopyman@192.168.2.2:/etc/

Solution:Thistypicallyhappenswhentheuserswhoisperformingthersnapshot(rsync)doesnthave accesstotheremotedirectorythatyouaretryingtobackup.Makesuretheremotehostbackup directoryhasappropriatepermissionfortheuserwhoistryingtoexecutethersnapshot. 27. Create Linux user :Thisarticleexplainshowtocreateuserswithdefaultconfiguration,create userswithcustomconfiguration,createusersinteractively,andcreatingusersinbulk.


TheUltimateGuidetoCreateUsersinLinux/Unix byRAM ES H NATARAJA N onJUNE24,2009

CreatingusersinLinuxorUnixsystemisaroutinetaskforsystemadministrators. Sometimesyoumaycreateasingleuserwithdefaultconfiguration,orcreateasingleuserwith customconfiguration,orcreateseveralusersatsametimeusingsomebulkusercreationmethod. Inthisarticle,letusreviewhowtocreateLinuxusersin4differentmethodsusinguseradd, adduserandnewuserscommandwithpracticalexamples.

Method1:LinuxuseraddCommandCreateUserWithDefault Configurations
Thisisafundamentallowleveltoolforusercreation.Tocreateuserwithdefaultconfigurations useuseraddasshownbelow.
Syntax:#useraddLOGINNAME

Whilecreatingusersasmentionedabove,allthedefaultoptionswillbetakenexceptgroupid.To viewthedefaultoptionsgivethefollowingcommandwiththeoptionD.
$useraddD GROUP=1001 HOME=/home INACTIVE=1 EXPIRE= SHELL=/bin/sh SKEL=/etc/skel CREATE_MAIL_SPOOL=no

GROUP:Thisistheonlyoptionwhichwillnotbetakenasdefault.Becauseifyoudontspecifyn optionagroupwithsamenameastheuserwillbecreatedandtheuserwillbeaddedtothatgroup.

Toavoidthatandtomaketheuserasthememberofthedefaultgroupyouneedtogivetheoption n. HOME:Thisisthedefaultpathprefixforthehomedirectory.Nowthehomedirectorywillbecreated as/home/USERNAME. INACTIVE:1bydefaultdisablesthefeatureofdisablingtheaccountoncetheuserpasswordhas expired.Tochangethisbehavioryouneedtogiveapositivenumberwhichmeansifthepassword getsexpiredafterthegivennumberofdaystheuseraccountwillbedisabled. EXPIRE:Thedateonwhichtheuseraccountwillbedisabled. SHELL:Usersloginshell. SKEL:Contentsoftheskeldirectorywillbecopiedtotheusershomedirectory. CREATE_MAIL_SPOOL:Accordingtothevaluecreatesordoesnotcreatethemailspool.

Example1:Creatinguserwithallthedefaultoptions,andwithhisowngroup.
#useraddramesh #passwdramesh Changingpasswordforuserramesh. NewUNIXpassword: RetypenewUNIXpassword: passwd:allauthenticationtokensupdatedsuccessfully. #grepramesh/etc/passwd ramesh:x:500:500::/home/ramesh:/bin/bash #grepramesh/etc/group ramesh:x:500: [Note:defaultuseraddcommandcreatedrameshasusernameandgroup]

Followingexamplecreatesuserrameshwithgroupramesh.UseLinuxpasswdcommandtochange thepasswordfortheuserimmediatelyafterusercreation.

Example2:Creatinganuserwithallthedefaultoptions,andwiththedefaultgroup.
#useraddnsathiya #grepsathiya/etc/passwd sathiya:x:511:100::/home/sathiya:/bin/bash #grepsathiya/etc/group [Note:Norowsreturned,asgroupsathiyawasnotcreated] #grep100/etc/group users:x:100: [Note:useraddncommandcreatedusersathiyawithdefaultgroupid100] #passwdsathiya Changingpasswordforusersathiya. NewUNIXpassword: RetypenewUNIXpassword: passwd:allauthenticationtokensupdatedsuccessfully. [Note:Alwayssetthepasswordimmediatelyafterusercreation]

Example3:Editingthedefaultoptionsusedbyuseradd.
Thefollowingexampleshowshowtochangethedefaultshellfrom/bin/bashto/bin/kshduring

usercreation.
Syntax:#useraddDshell=<SHELLNAME> #useraddD GROUP=100 HOME=/home INACTIVE=1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel [Note:Thedefaultshellis/bin/bash] #useraddDs/bin/ksh #useraddD GROUP=100 HOME=/home INACTIVE=1 EXPIRE= SHELL=/bin/ksh SKEL=/etc/skel [Note:Nowthedefaultshellchangedto/bin/ksh] #adduserpriya #greppriya/etc/passwd priya:x:512:512::/home/priya:/bin/ksh [Note:Newusersaregettingcreatedwith/bin/ksh] #useraddDs/bin/bash [Note:Setitbackto/bin/bash,astheaboveisonlyfortestingpurpose]

Method2:LinuxuseraddCommandCreateUsersWithCustom Configurations
Insteadofacceptingthedefaultvalues(forexample,group,shelletc.)thatisgivenbytheuseradd commandasshownintheabovemethod,youcanspecifycustomvaluesinthecommandlineas parameterstotheuseraddcommand.
Syntax:#useradds<SHELL>md<HomeDir>g<Group>UserName

sSHELL:Loginshellfortheuser. m:Createusershomedirectoryifitdoesnotexist. dHomeDir:Homedirectoryoftheuser. gGroup:Groupnameornumberoftheuser. UserName:Loginidoftheuser.

Example4:CrateLinuxUserwithCustomConfigurationsUsinguseraddCommand
Thefollowingexamplecreatesanaccount(lebron)withhomedirectory/home/king,defaultshellas /bin/cshandwithcommentLeBronJames.
#useradds/bin/cshmd/home/kingc"LeBronJames"grootlebron

#greplebron/etc/passwd lebron:x:513:0:LeBronJames:/home/king:/bin/csh

Note:Youcangivethepasswordusingpoption,whichshouldbeencryptedpassword.Oryoucan usethepasswdcommandtochangethepasswordoftheuser.

Method3:LinuxadduserCommandCreateUsersInteractively
Syntax:#adduserUSERNAME

Thesearethefriendliertoolstothelowleveluseradd.BydefaultitchoosestheDebianpolicyformat forUIDandGID.Averysimplewayofcreatinguserinthecommandlineinteractivelyisusing addusercommand.

Example5:CreatinganUserInteractivelyWithadduserCommand
#adduserspidey Addinguser`spidey'... Addingnewgroup`spidey'(1007)... Addingnewuser`spidey'(1007)withgroup`spidey'... Creatinghomedirectory`/home/spidey'... Copyingfilesfrom`/etc/skel'... EnternewUNIXpassword: RetypenewUNIXpassword: passwd:passwordupdatedsuccessfully Changingtheuserinformationforspidey Enterthenewvalue,orpressENTERforthedefault FullName[]:PeterParker RoomNumber[]: WorkPhone[]: HomePhone[]: Other[]: Istheinformationcorrect?[y/N]y

Method4:LinuxnewusersCommandCreatingbulkusers

Sometimesyoumaywanttotocreatemultipleusersatthesametime.Usinganyoneoftheabove3 methodsforbulkusercreationcanbeverytediousandtimeconsuming.Fortunately,Linuxoffersa waytouploadusersusingnewuserscommand.Thiscanalsobeexecutedinbatchmodeasitcannot askanyinput.


#newusersFILENAME

Thisfileformatissameasthepasswordfile.
loginname:password:uid:gid:comment:home_dir:shell

Example6:CreatingLargeNumberofUsersUsingnewusersCommand
IfSimpsonfamilydecidestojoinyourorganizationandneedaccesstoyourLinuxserver,youcan createaccountforallofthemtogetherusingnewuserscommandasshownbelow.
#cathomerfamily.txt homer:HcZ600a9:1008:1000:HomerSimpson:/home/homer:/bin/bash marge:1enz733N:1009:1000:MargeSimpson:/home/marge:/bin/csh bart:1y5eJr8K:1010:1000:BartSimpson:/home/bart:/bin/ksh lisa:VGz638i9:1011:1000:LisaSimpson:/home/lisa:/bin/sh maggie:5lj3YGQo:1012:1000:MaggieSimpson:/home/maggie:/bin/bash

Note:Whilespecifyingpasswordsforusers,pleasefollowthepassword best practices including the 84 password rule thatwediscussedawhileback. NowcreateaccountsforSimpsonsfamilytogetherusingthenewuserscommandasshownbelow.


#newusershomerfamily.txt

28. Mount and view ISO file :ISOfilesaretypicallyusedtodistributetheoperatingsystem.Most ofthelinuxoperatingsystemthatyoudownloadwillbeonISOformat.Thisexplainshowtoview andmountanyISOfilebothasregularuseandasrootuser.


HowToMountandViewISOFileasRootandRegularUserinLinux byRAM ES H NATARAJA N onJUNE22,2009

ISOstandsforInternationalOrganizationforStandardization,whichhasdefinedthe formatforadiskimage.Insimpletermsisofileisadiskimage. ISOfilesaretypicallyusedtodistributetheoperatingsystem.Mostofthelinuxoperatingsystemthat youdownloadwillbeonISOformat. IfyouhavedownloadedanLinuxISOfileyoutypicallyburnitontoaCDorDVDasISOimage.Once youveburnedtheISOimageinaCDorDVD,youcanbootthesystemtoinstalltheLinuxOS. Butsometimes,youmayjustwanttomounttheISOfileandviewthecontentwithoutburningitto CDorDVD.InthisarticleletusreviewhowtoMount&Viewisofileasrootandregularuserin LinuxOperatingsystem.

1.HowtomountisofileswithoutwritingittoCD/DVD?

Ifyouhavedownloadeda*.isofilefromawebsite(forexample,anyLinuxOSdistribution),youcan viewthecontentoftheisofilewithoutwritingasanisotoaCDorDVDasexplainedbelow usingmountoloop..Pleasenotethataloopdeviceisapseudodevicewhichwillmakeanisofile accessibletotheuserablockdevice.


Syntax:#mountISOFILEMOUNTPOINToloop $su #mkdir/tmp/mnt #mountoloop/downloads/ubuntu9.04desktopi386.iso/tmp/mnt #cd/tmp/mnt #lsl

Formountingyouneedtobeloggedinasrootoryoushouldhavesudopermission.Readbelowto findouthowtomountisofileasregularnonrootuser.

2.Howtomountorviewanisofileasanonrootuser?

Anonrootusercanalsomountafile,evenwithoutsudopermission.Usingmidnightcommanderyou canmounttheisofile.Actually,itisreallynotmountingthefile.Butyoucanviewtheisofilecontent

justlikeviewingsomeotherfiles.RefertoourpreviousarticlethatexplainsaboutLinux mc midnight commander .

Stepstoviewisofileinmidnightcommander:

1. Openmidnightcommand(mc). 2. NavigatetothepathwhereISOfileexist. 3. Clickontheisofile,itwillenterintotheisofileaslikeanormaldirectoryandnowyouwillbe seeingthecontentofthefile. 4. Toviewthenormalfileorthefileoftheiso,Press<F3>whenyourcursorisonthefile.

3.Howtosolvetheissueisoisnotablockdeviceerror?
Whilemountinganisofileyoumaygetthefollowingerror:
mount:file.isoisnotablockdevice(maybetry`oloop'?)

Problem:
#mount/downloads/Fedora11i386DVD.iso/tmp/mnt mount:/downloads/Fedora11i386DVD.isoisnotablockdevice(maybetry`oloop'?)

Solution:Asitissuggestedbythemountcommand,usetheoloopastheoption.
#mount/downloads/Fedora11i386DVD.iso/tmp/mntoloop

4.Howtoupdatethecontentofanisofile?
ISOfilecontentcannotbeupdatedoncetheISOfileiscreated.Onlywaytodoasofnowis,

Stepstoupdatetheisofile.

1. Extractallthefilesfromtheiso. 2. Updatethecontent.i.eAddorremoveanyindividualfilesinsidetheisofile. 3. Createanotherisowiththeupdatedfiles.

5.Extractingfilesfromtheisofileasrootuser?

Mounttheisofileasrootuser,andnavigatetothedirectorytocopytherequiredfilesfromiso.

Stepstomountandextracttheisofileasrootuser.
1. Mounttheisofileasrootuser.
#mount/downloads/debian501i386DVD1.iso/tmp/mntoloop

2. Navigatetothemounteddirectory.
#cd/tmp/mnt

3. Copytherequiredfiles.
#cpsomefileinsideiso/home/test

6.Extractingfilesfromtheisofileasnormaluser?
Viewthecontentofthefileasnonrootuserinmidnight commander ,andthencopyitusing midnightcommandercommandsorusingshellcommands.

Stepstoextractthecontentfromisofileasnonrootuser.
1. 2. 3. 4.

openmc. Navigatetothedirectorywheretheisofileislocated. Selecttheisofileandpressentertoviewthecontentoftheisofile. Whenyouareinsidetheisofile,youwillbeabletoviewthecontentsofit.Tocopyaparticularfile fromtheisofileyoucanusetheshellcommandsinshellpromptas.


$cpsomefileinsideiso/tmp/mnt

5. Youcanalsodothiscopyusingthemccommands. 29. Manage password expiration and aging :Linuxchagecommandcanbeusedtoperformseveral practicalpasswordagingactivitiesincludinghowtoforceuserstochangetheirpassword.

7ExamplestoManageLinuxPasswordExpirationandAgingUsingchage byD HI NE SHKUM AR MA NI KA NNA N onAPRIL23,2009

Bestpracticerecommendsthatuserskeepchangingthepasswordsataregularinterval.Buttypically developersandotherusersofLinuxsystemwontchangethepasswordunlesstheyareforcedto changetheirpassword. Itsthesystemadministratorsresponsibilitytofindawaytoforcedeveloperstochangetheir password.Forcinguserstochangetheirpasswordwithagunontheirheadisnotanoption!.While mostsecurityconscioussysadminsmaybeeventemptedtodothat. InthisarticleletusreviewhowyoucanuseLinuxchagecommandtoperformseveralpractical passwordagingactivitiesincludinghowtoforceuserstochangetheirpassword. Ondebian,youcaninstallchagebyexecutingthefollowingcommand:


#aptgetinstallchage

PhotoCourtesy:mattblaze

Note:Itisveryeasytomakeatypoonthiscommand.Insteadofchageyoumayenduptypingitas change.Pleaserememberchagestandsforchangeage.i.echagecommandabbreviationissimilar tochmod,chownetc.,

1.Listthepasswordanditsrelateddetailsforanuser
Syntax:chagelistusername(or)chagelusername $chagelistdhinesh Lastpasswordchange:Apr01,2009 Passwordexpires:never Passwordinactive:never Accountexpires:never Minimumnumberofdaysbetweenpasswordchange:0 Maximumnumberofdaysbetweenpasswordchange:99999 Numberofdaysofwarningbeforepasswordexpires:7

Asshownbelow,anyusercanexecutethechagecommandforhimselftoidentifywhenhis passwordisabouttoexpire.

Ifuserdhineshtriestoexecutethesamecommandforuserramesh,hellgetthefollowingpermission deniedmessage.
$chagelistramesh chage:permissiondenied

Note:However,arootusercanexecutechagecommandforanyuseraccount. WhenuserdhineshchangeshispasswordonApr23rd2009,itwillupdatetheLastpassword changevalueasshownbelow. Pleaserefertoourearlierarticle:Best Practices and Ultimate Guide For Creating Super Strong

Password,whichwillhelpyoutofollowthebestpracticeswhilechangingpasswordforyouraccount.
$date ThuApr2300:15:20PDT2009 $passwddhinesh EnternewUNIXpassword: RetypenewUNIXpassword: passwd:passwordupdatedsuccessfully $chagelistdhinesh Lastpasswordchange:Apr23,2009 Passwordexpires:never Passwordinactive:never Accountexpires:never Minimumnumberofdaysbetweenpasswordchange:0 Maximumnumberofdaysbetweenpasswordchange:99999 Numberofdaysofwarningbeforepasswordexpires:7

2.SetPasswordExpiryDateforanuserusingchageoptionM
Rootuser(systemadministrators)cansetthepasswordexpirydateforanyuser.Inthefollowing example,userdhineshpasswordissettoexpire10daysfromthelastpasswordchange. PleasenotethatoptionMwillupdatebothPasswordexpiresandMaximumnumberofdays betweenpasswordchangeentriesasshownbelow.
Syntax:#chageMnumberofdaysusername #chageM10dhinesh #chagelistdhinesh Lastpasswordchange:Apr23,2009 Passwordexpires:May03,2009 Passwordinactive:never Accountexpires:never Minimumnumberofdaysbetweenpasswordchange:0 Maximumnumberofdaysbetweenpasswordchange:10 Numberofdaysofwarningbeforepasswordexpires:7

3.PasswordExpiryWarningmessageduringlogin
Bydefaultthenumberofdaysofwarningbeforepasswordexpiresissetto7.So,intheabove example,whentheuserdhineshtriestologinonApr30,2009hellgetthefollowingmessage.
$sshdhinesh@testingserver dhinesh@testingserver'spassword: Warning:yourpasswordwillexpirein3days

4.UserForcedtoChangePasswordafterExpiryDate
Ifthepasswordexpirydatereachesanduserdoesntchangetheirpassword,thesystemwillforcethe usertochangethepasswordbeforetheloginasshownbelow.
$sshdhinesh@testingserver dhinesh@testingserver'spassword: Youarerequiredtochangeyourpasswordimmediately(passwordaged) WARNING:Yourpasswordhasexpired.

Youmustchangeyourpasswordnowandloginagain! Changingpasswordfordhinesh (current)UNIXpassword: EnternewUNIXpassword: RetypenewUNIXpassword:

5.SettheAccountExpiryDateforanUser
YoucanalsousechagecommandtosettheaccountexpirydateasshownbelowusingoptionE.The dategivenbelowisinYYYYMMDDformat.ThiswillupdatetheAccountexpiresvalueasshown below.
#chageE"20090531"dhinesh #chageldhinesh Lastpasswordchange:Apr23,2009 Passwordexpires:May03,2009 Passwordinactive:never Accountexpires:May31,2009 Minimumnumberofdaysbetweenpasswordchange:0 Maximumnumberofdaysbetweenpasswordchange:10 Numberofdaysofwarningbeforepasswordexpires:7

6.ForcetheuseraccounttobelockedafterXnumberofinactivitydays
Typicallyifthepasswordisexpired,usersareforcedtochangeitduringtheirnextlogin.Youcanalso setanadditionalcondition,whereafterthepasswordisexpired,iftheusernevertriedtologinfor10 days,youcanautomaticallylocktheiraccountusingoptionIasshownbelow.Inthisexample,the Passwordinactivedateissetto10daysfromthePasswordexpiresvalue. Onceanaccountislocked,onlysystemadministratorswillbeabletounlockit.
#chageI10dhinesh #chageldhinesh Lastpasswordchange:Apr23,2009 Passwordexpires:May03,2009 Passwordinactive:May13,2009 Accountexpires:May31,2009 Minimumnumberofdaysbetweenpasswordchange:0 Maximumnumberofdaysbetweenpasswordchange:10 Numberofdaysofwarningbeforepasswordexpires:7

7.Howtodisablepasswordagingforanuseraccount
Toturnoffthepasswordexpirationforanuseraccount,setthefollowing: m0willsettheminimumnumberofdaysbetweenpasswordchangeto0 M99999willsetthemaximumnumberofdaysbetweenpasswordchangeto99999 I1(numberminusone)willsetthePasswordinactivetonever E1(numberminusone)willsetAccountexpirestonever.
#chagem0M99999I1E1dhinesh #chagelistdhinesh Lastpasswordchange:Apr23,2009 Passwordexpires:never Passwordinactive:never

Accountexpires:never Minimumnumberofdaysbetweenpasswordchange:0 Maximumnumberofdaysbetweenpasswordchange:99999 Numberofdaysofwarningbeforepasswordexpires:7

ThisarticlewaswrittenbyDhineshkumarManikannan.Heisworkingat bk Systems (p) Ltd ,and interestedincontributingtotheopensource.TheGeekStuffwelcomesyourtipsand guest articles 30. ifconfig examples :Interfaceconfiguratorcommandifconfigisusedtoinitializethenetwork interfaceandtoenableordisabletheinterfacesasshowninthese7examples.
Ifconfig:7ExamplesToConfigureNetworkInterface byRAM ES H NATARAJA N onMARCH9,2009

ThisarticleiswrittenbyLakshmananG Ifconfigcommandisusedtoconfigurenetworkinterfaces.ifconfigstandsforinterfaceconfigurator. Ifconfigiswidelyusedtoinitializethenetworkinterfaceandtoenableordisabletheinterfaces. Inthisarticle,letusreview7commonusagesofifconfigcommand.

Photocourtesyofnew1mproved

1.ViewNetworkSettingsofanEthernetAdapter
#ifconfigeth0 eth0Linkencap:EthernetHWaddr00:2D:32:3E:39:3B inetaddr:192.168.2.2Bcast:192.168.2.255Mask:255.255.255.0 inet6addr:fe80::21d:92ff:fede:499b/64Scope:Link UPBROADCASTRUNNINGMULTICASTMTU:1500Metric:1 RXpackets:977839669errors:0dropped:1990overruns:0frame:0 TXpackets:1116825094errors:8dropped:0overruns:0carrier:0 collisions:0txqueuelen:1000 RXbytes:2694625909(2.5GiB)TXbytes:4106931617(3.8GiB) Interrupt:185Baseaddress:0xdc00

Ifconfig,wheninvokedwithnoargumentswilldisplayallthedetailsofcurrentlyactiveinterfaces.If yougivetheinterfacenameasanargument,thedetailsofthatspecificinterfacewillbedisplayed.

2.DisplayDetailsofAllinterfacesIncludingDisabledInterfaces
#ifconfiga

3.DisableanInterface
#ifconfigeth0down

4.EnableanInterface
#ifconfigeth0up

5.AssignipaddresstoanInterface
#ifconfigeth0192.168.2.2

Assign192.168.2.2astheIPaddressfortheinterfaceeth0. ChangeSubnetmaskoftheinterfaceeth0.

#ifconfigeth0netmask255.255.255.0

ChangeBroadcastaddressoftheinterfaceeth0.
#ifconfigeth0broadcast192.168.2.255

Assignipaddress,netmaskandbroadcastatthesametimetointerfaceeht0.
#ifconfigeth0192.168.2.2netmask255.255.255.0broadcast192.168.2.255

6.ChangeMTU
ThiswillchangetheMaximumtransmissionunit(MTU)toXX.MTUisthemaximumnumberof octetstheinterfaceisabletohandleinonetransaction.ForEthernettheMaximumtransmissionunit bydefaultis1500.
#ifconfigeth0mtuXX

7.Promiscuousmode
Bydefaultwhenanetworkcardreceivesapacket,itcheckswhetherthepacketbelongstoitself.If not,theinterfacecardnormallydropsthepacket.Butinpromiscuousmode,thecarddoesntdrop thepacket.Instead,itwillacceptallthepacketswhichflowsthroughthenetworkcard. Superuserprivilegeisrequiredtosetaninterfaceinpromiscuousmode.Mostnetworkmonitortools usethepromiscuousmodetocapturethepacketsandtoanalyzethenetworktraffic. Followingwillputtheinterfaceinpromiscuousmode.
#ifconfigeth0promisc

Followingwillputtheinterfaceinnormalmode.
#ifconfigeth0promisc

31. Oracle db startup an sthudown :EverysysadminshouldknowsomebasicDBAoperations.This explainshowtoshutdownandstarttheoracledatabase.


OracleDatabaseStartupandShutdownProcedure byRAM ES H NATARAJA N onJANUARY26,2009

PhotocourtesyofRob Shenk

ForaDBA,startingupandshuttingdownoforacledatabaseisaroutineandbasicoperation. SometimesLinuxadministratororprogrammermayendupdoingsomebasicDBAoperationson developmentdatabase.So,itisimportantfornonDBAstounderstandsomebasicdatabase administrationactivities. Inthisarticle,letusreviewhowtostartandstopanoracledatabase.

HowToStartupOracleDatabase
1.Logintothesystemwithoracleusername
Typicaloracleinstallationwillhaveoracleasusernameanddbaasgroup.OnLinux,dosutooracle asshownbelow.

$suoracle

2.Connecttooraclesysdba
MakesureORACLE_SIDandORACLE_HOMEaresetproperlyasshownbelow.
$env|grepORA ORACLE_SID=DEVDB ORACLE_HOME=/u01/app/oracle/product/10.2.0

Youcanconnectusingeither/assysdbaoranoracleaccountthathasDBAprivilege.
$sqlplus'/assysdba' SQL*Plus:Release10.2.0.3.0ProductiononSunJan1811:11:282009 Copyright(c)1982,2006,Oracle.AllRightsReserved. Connectedto: OracleDatabase10gEnterpriseEditionRelease10.2.0.3.0Production WiththePartitioningandDataMiningoptions SQL>

3.StartOracleDatabase
ThedefaultSPFILE(serverparameterfile)islocatedunder$ORACLE_HOME/dbs.Oraclewilluse thisSPFILEduringstartup,ifyoudontspecifyPFILE. Oraclewilllookfortheparameterfileinthefollowingorderunder$ORACLE_HOME/dbs.Ifanyone ofthemexist,itwillusethatparticularparameterfile. 1. spfile$ORACLE_SID.ora 2. spfile.ora 3. init$ORACLE_SID.ora TypestartupattheSQLcommandprompttostartupthedatabaseasshownbelow.
SQL>startup ORACLEinstancestarted. TotalSystemGlobalArea812529152bytes FixedSize2264280bytes VariableSize960781800bytes DatabaseBuffers54654432bytes RedoBuffers3498640bytes Databasemounted. Databaseopened. SQL>

IfyouwanttostartupOraclewithPFILE,passitasaparameterasshownbelow.
SQL>STARTUPPFILE=/u01/app/oracle/product/10.2.0/dbs/init.ora

Followingthreemethodsareavailabletoshutdowntheoracledatabase: 1. NormalShutdown 2. ShutdownImmediate 3. ShutdownAbort

HowToShutdownOracleDatabase

1.NormalShutdown
Duringnormalshutdown,beforetheoracledatabaseisshutdown,oraclewillwaitforallactiveusers todisconnecttheirsessions.Astheparametername(normal)suggest,usethisoptiontoshutdown thedatabaseundernormalconditions.
SQL>shutdown Databaseclosed. Databasedismounted. ORACLEinstanceshutdown. SQL>

2.ShutdownImmediate
Duringimmediateshutdown,beforetheoracledatabaseisshutdown,oraclewillrollbackactive transactionanddisconnectallactiveusers.Usethisoptionwhenthereisaproblemwithyour databaseandyoudonthaveenoughtimetorequestuserstologoff.
SQL>shutdownimmediate; Databaseclosed. Databasedismounted. ORACLEinstanceshutdown. SQL>

3.ShutdownAbort
Duringshutdownabort,beforetheoracledatabaseisshutdown,allusersessionswillbeterminated immediately.Uncomittedtransactionswillnotberolledback.Usethisoptiononlyduringemergency situationswhentheshutdownandshutdownimmediatedoesntwork.
$sqlplus'/assysdba' SQL*Plus:Release10.2.0.3.0ProductiononSunJan1811:11:332009 Copyright(c)1982,2006,Oracle.AllRightsReserved. Connectedtoanidleinstance. SQL>shutdownabort ORACLEinstanceshutdown. SQL>

32. PostgreSQL install and configure :SimilartomySQL,postgreSQLisveryfamousandfeature packedfreeandopensourcedatabase.Thisisajumpstartguidetoinstallandconfigurepostgresql fromsourceonLinux.


9StepstoInstallandConfigurePostgreSQLfromSourceonLinux byRAM ES H NATARAJA N onAPRIL9,2009

SimilartomySQL,postgreSQLisveryfamousandfeaturepackedfreeandopensourcedatabase. EarlierwevediscussedseveralinstallationsincludingLAMP stack installation ,Apache2 installation from source ,PHP5 installation from source andmySQL installation . Inthisarticle,letusreviewhowtoinstallpostgreSQLdatabaseonLinuxfromsourcecode.

Step1:DownloadpostgreSQLsourcecode

FromthepostgreSQL download site ,choosethemirror site thatislocatedinyourcountry.


#wgethttp://wwwmaster.postgresql.org/redir/198/f/source/v8.3.7/postgresql8.3.7.tar.gz

Step2:InstallpostgreSQL
#tarxvfzpostgresql8.3.7.tar.gz #cdpostgresql8.3.7 #./configure checkingforsgmlspl...no configure:creating./config.status config.status:creatingGNUmakefile config.status:creatingsrc/Makefile.global config.status:creatingsrc/include/pg_config.h config.status:creatingsrc/interfaces/ecpg/include/ecpg_config.h config.status:linking./src/backend/port/tas/dummy.stosrc/backend/port/tas.s config.status:linking./src/backend/port/dynloader/linux.ctosrc/backend/port/dynloader.c config.status:linking./src/backend/port/sysv_sema.ctosrc/backend/port/pg_sema.c config.status:linking./src/backend/port/sysv_shmem.ctosrc/backend/port/pg_shmem.c config.status:linking./src/backend/port/dynloader/linux.htosrc/include/dynloader.h config.status:linking./src/include/port/linux.htosrc/include/pg_config_os.h config.status:linking./src/makefiles/Makefile.linuxtosrc/Makefile.port #make make[3]:Leavingdirectory`/usr/save/postgresql8.3.7/contrib/spi' rmrf./testtablespace mkdir./testtablespace make[2]:Leavingdirectory`/usr/save/postgresql8.3.7/src/test/regress' make[1]:Leavingdirectory`/usr/save/postgresql8.3.7/src' makeCconfigall make[1]:Enteringdirectory`/usr/save/postgresql8.3.7/config' make[1]:Nothingtobedonefor`all'. make[1]:Leavingdirectory`/usr/save/postgresql8.3.7/config' AllofPostgreSQLsuccessfullymade.Readytoinstall. #makeinstall makeCtest/regressinstall make[2]:Enteringdirectory`/usr/save/postgresql8.3.7/src/test/regress' /bin/sh../../../config/installshcpg_regress'/usr/local/pgsql/lib/pgxs/src/test/regress/pg_regress' make[2]:Leavingdirectory`/usr/save/postgresql8.3.7/src/test/regress' make[1]:Leavingdirectory`/usr/save/postgresql8.3.7/src' makeCconfiginstall make[1]:Enteringdirectory`/usr/save/postgresql8.3.7/config' mkdirp/usr/local/pgsql/lib/pgxs/config /bin/sh../config/installshcm755./installsh'/usr/local/pgsql/lib/pgxs/config/installsh' /bin/sh../config/installshcm755./mkinstalldirs'/usr/local/pgsql/lib/pgxs/config/mkinstalldirs' make[1]:Leavingdirectory`/usr/save/postgresql8.3.7/config' PostgreSQLinstallationcomplete.

PostgreSQL./configureoptions Followingarevariousoptionsthatcanbepassedtothe./configure: prefix=PREFIXinstallarchitectureindependentfilesinPREFIX.Defaultinstallationlocationis /usr/local/pgsql enableintegerdatetimesenable64bitintegerdate/timesupport

enablenls[=LANGUAGES]enableNativeLanguageSupport disableshareddonotbuildsharedlibraries disablerpathdonotembedsharedlibrarysearchpathinexecutables disablespinlocksdonotusespinlocks enabledebugbuildwithdebuggingsymbols(g) enableprofilingbuildwithprofilingenabled enabledtracebuildwithDTracesupport enabledependturnonautomaticdependencytracking enablecassertenableassertionchecks(fordebugging) enablethreadsafetymakeclientlibrariesthreadsafe enablethreadsafetyforceforcethreadsafetydespitethreadtestfailure disablelargefileomitsupportforlargefiles withdocdir=DIRinstallthedocumentationinDIR[PREFIX/doc] withoutdocdirdonotinstallthedocumentation withincludes=DIRSlookforadditionalheaderfilesinDIRS withlibraries=DIRSlookforadditionallibrariesinDIRS withlibs=DIRSalternativespellingofwithlibraries withpgport=PORTNUMchangedefaultportnumber[5432] withtclbuildTclmodules(PL/Tcl) withtclconfig=DIRtclConfig.shisinDIR withperlbuildPerlmodules(PL/Perl) withpythonbuildPythonmodules(PL/Python) withgssapibuildwithGSSAPIsupport withkrb5buildwithKerberos5support withkrbsrvnam=NAMEdefaultserviceprincipalnameinKerberos[postgres] withpambuildwithPAMsupport withldapbuildwithLDAPsupport withbonjourbuildwithBonjoursupport withopensslbuildwithOpenSSLsupport withoutreadlinedonotuseGNUReadlinenorBSDLibeditforediting withlibeditpreferredpreferBSDLibeditoverGNUReadline withosspuuiduseOSSPUUIDlibrarywhenbuildingcontrib/uuidossp withlibxmlbuildwithXMLsupport withlibxsltuseXSLTsupportwhenbuildingcontrib/xml2 withsystemtzdata=DIRusesystemtimezonedatainDIR withoutzlibdonotuseZlib withgnuldassumetheCcompilerusesGNUld[default=no] PostgreSQLInstallationIssue1: Youmayencounterthefollowingerrormessagewhileperforming./configureduringpostgreSQL installation.
#./configure checkingforlreadline...no checkingforledit...no configure:error:readlinelibrarynotfound Ifyouhavereadlinealreadyinstalled,seeconfig.logfordetailsonthe

failure.Itispossiblethecompilerisn'tlookingintheproperdirectory. Usewithoutreadlinetodisablereadlinesupport.

PostgreSQLInstallationSolution1: Installthereadlinedevelandlibtermcapdeveltosolvetheaboveissue.
#rpmivhlibtermcapdevel2.0.846.1.i386.rpmreadlinedevel5.11.1.i386.rpm warning:libtermcapdevel2.0.846.1.i386.rpm:HeaderV3DSAsignature:NOKEY,keyID1e5e0159 Preparing...###########################################[100%] 1:libtermcapdevel###########################################[50%] 2:readlinedevel###########################################[100%]

Step3:VerifythepostgreSQLdirectorystructure
Aftertheinstallation,makesurebin,doc,include,lib,manandsharedirectoriesarecreatedunder thedefault/usr/local/pgsqldirectoryasshownbelow.
#lsl/usr/local/pgsql/ total24 drwxrxrx2rootroot4096Apr823:25bin drwxrxrx3rootroot4096Apr823:25doc drwxrxrx6rootroot4096Apr823:25include drwxrxrx3rootroot4096Apr823:25lib drwxrxrx4rootroot4096Apr823:25man drwxrxrx5rootroot4096Apr823:25share

Step4:CreatepostgreSQLuseraccount
#adduserpostgres #passwdpostgres Changingpasswordforuserpostgres. NewUNIXpassword: RetypenewUNIXpassword: passwd:allauthenticationtokensupdatedsuccessfully.

Step5:CreatepostgreSQLdatadirectory
Createthepostgresdatadirectoryandmakepostgresuserastheowner.
#mkdir/usr/local/pgsql/data #chownpostgres:postgres/usr/local/pgsql/data #lsld/usr/local/pgsql/data drwxrxrx2postgrespostgres4096Apr823:26/usr/local/pgsql/data

Step6:InitializepostgreSQLdatadirectory
BeforeyoucanstartcreatinganypostgreSQLdatabase,theemptydatadirectorycreatedintheabove stepshouldbeinitializedusingtheinitdbcommandasshownbelow.
#supostgres #/usr/local/pgsql/bin/initdbD/usr/local/pgsql/data/ Thefilesbelongingtothisdatabasesystemwillbeownedbyuserpostgres Thisusermustalsoowntheserverprocess. Thedatabaseclusterwillbeinitializedwithlocaleen_US.UTF8. ThedefaultdatabaseencodinghasaccordinglybeensettoUTF8. Thedefaulttextsearchconfigurationwillbesetto"english".

fixingpermissionsonexistingdirectory/usr/local/pgsql/data...ok creatingsubdirectories...ok selectingdefaultmax_connections...100 selectingdefaultshared_buffers/max_fsm_pages...32MB/204800 creatingconfigurationfiles...ok creatingtemplate1databasein/usr/local/pgsql/data/base/1...ok initializingpg_authid...ok initializingdependencies...ok creatingsystemviews...ok loadingsystemobjects'descriptions...ok creatingconversions...ok creatingdictionaries...ok settingprivilegesonbuiltinobjects...ok creatinginformationschema...ok vacuumingdatabasetemplate1...ok copyingtemplate1totemplate0...ok copyingtemplate1topostgres...ok WARNING:enabling"trust"authenticationforlocalconnections Youcanchangethisbyeditingpg_hba.conforusingtheAoptionthe nexttimeyouruninitdb. Success.Youcannowstartthedatabaseserverusing: /usr/local/pgsql/bin/postgresD/usr/local/pgsql/data or /usr/local/pgsql/bin/pg_ctlD/usr/local/pgsql/datallogfilestart

Step7:ValidatethepostgreSQLdatadirectory
MakesureallpostgresDBconfigurationfiles(Forexample,postgresql.conf)arecreatedunderthe datadirectoryasshownbelow.
$lsl/usr/local/pgsql/data total64 drwx5postgrespostgres4096Apr823:29base drwx2postgrespostgres4096Apr823:29global drwx2postgrespostgres4096Apr823:29pg_clog rw1postgrespostgres3429Apr823:29pg_hba.conf rw1postgrespostgres1460Apr823:29pg_ident.conf drwx4postgrespostgres4096Apr823:29pg_multixact drwx2postgrespostgres4096Apr823:29pg_subtrans drwx2postgrespostgres4096Apr823:29pg_tblspc drwx2postgrespostgres4096Apr823:29pg_twophase rw1postgrespostgres4Apr823:29PG_VERSION drwx3postgrespostgres4096Apr823:29pg_xlog rw1postgrespostgres16592Apr823:29postgresql.conf

Step8:StartpostgreSQLdatabase
UsethepostgrespostmastercommandtostartthepostgreSQLserverinthebackgroundasshown below.
$/usr/local/pgsql/bin/postmasterD/usr/local/pgsql/data>logfile2>&1& [1]2222

$catlogfile LOG:databasesystemwasshutdownat2009040823:29:50PDT LOG:autovacuumlauncherstarted LOG:databasesystemisreadytoacceptconnections

Step9:CreatepostgreSQLDBandtesttheinstallation
Createatestdatabaseandconnecttoittomakesuretheinstallationwassuccessfulasshownbelow. Onceyoustartusingthedatabase,takebackupsfrequentlyasmentionedinhow to backup and restore PostgreSQL article.
$/usr/local/pgsql/bin/createdbtest $/usr/local/pgsql/bin/psqltest Welcometopsql8.3.7,thePostgreSQLinteractiveterminal. Type:\copyrightfordistributionterms \hforhelpwithSQLcommands \?forhelpwithpsqlcommands \gorterminatewithsemicolontoexecutequery \qtoquit test=#

33. Magic SysRq key :HaveyouwonderedwhattheSysRqkeyonyourkeyboarddoes.Hereisone useforit.YoucansafelyrebootLinuxusingthemagicSysRqkeyasexplainedhere.


SafeRebootOfLinuxUsingMagicSysRqKey byRAM ES H NATARAJA N onDECEMBER11,2008

ThisisaguestpostwrittenbyLakshmananG. Ifyouareworkingonkerneldevelopment,ordevicedrivers,orrunningacodethatcouldcause kernelpanic,SysRqkeywillbeveryvaluable.ThemagicSysRqkeyisakeycombinationintheLinux kernelwhichallowstheusertoperformvariouslowlevelcommandsregardlessofthesystemsstate. Itisoftenusedtorecoverfromfreezes,ortorebootacomputerwithoutcorruptingthefilesystem. ThekeycombinationconsistsofAlt+SysRq+commandkey.InmanysystemstheSysRqkeyisthe printscreenkey. First,youneedtoenabletheSysRqkey,asshownbelow.


echo"1">/proc/sys/kernel/sysrq

PhotocourtesyofKCIvey

ListofSysRqCommandKeys

FollowingarethecommandkeysavailableforAlt+SysRq+commandkey. kKillsalltheprocessrunningonthecurrentvirtualconsole. sThiswillattempttosyncallthemountedfilesystem. bImmediatelyrebootthesystem,withoutunmountingpartitionsorsyncing. eSendsSIGTERMtoallprocessexceptinit. mOutputcurrentmemoryinformationtotheconsole.

iSendtheSIGKILLsignaltoallprocessesexceptinit rSwitchthekeyboardfromrawmode(themodeusedbyprogramssuchasX11),toXLATEmode. ssyncallmountedfilesystem. tOutputalistofcurrenttasksandtheirinformationtotheconsole. uRemountallmountedfilesystemsinreadonlymode. oShutdownthesystemimmediately. pPrintthecurrentregistersandflagstotheconsole. 09Setstheconsoleloglevel,controllingwhichkernelmessageswillbeprintedtoyourconsole. fWillcalloom_killtokillprocesswhichtakesmorememory. hUsedtodisplaythehelp.Butanyotherkeysthantheabovelistedwillprinthelp. Wecanalsodothisbyechoingthekeystothe/proc/sysrqtriggerfile.Forexample,toreboota systemyoucanperformthefollowing.
echo"b">/proc/sysrqtrigger

PerformaSaferebootofLinuxusingMagicSysRqKey
ToperformasaferebootofaLinuxcomputerwhichhangsup,dothefollowing.Thiswillavoidthe fsckduringthenextrebooting.i.ePressAlt+SysRq+letterhighlightedbelow. unRaw(takecontrolofkeyboardbackfromX11, tErminate(sendSIGTERMtoallprocesses,allowingthemtoterminategracefully), kIll(sendSIGILLtoallprocesses,forcingthemtoterminateimmediately), Sync(flushdatatodisk), Unmount(remountallfilesystemsreadonly), reBoot. ThisarticlewaswrittenbyLakshmananG.Heisworkingin bk Systems (p) Ltd ,andinterestedin contributingtotheopensource.TheGeekStuffwelcomesyourtipsand guest articles 34. Wakeonlan Tutorial :UsingWakeonlanWOL,youcanturnontheremoteserverswhereyou donthavephysicalaccesstopressthepowerbutton.
WOLWakeonlanGuide:TurnOnServersRemotelyWithoutPhysicalAccess byRAM ES H NATARAJA N onNOVEMBER27,2008

PhotocourtesyofJamison Judd ThisisaguestpostwrittenbySathiyaMoorthy. Wakeonlan(wol)enablesyoutoswitchONremoteserverswithoutphysicallyaccessingit. WakeonlansendsmagicpacketstowakeonLANenabledethernetadaptersandmotherboardsto switchonremotecomputers. Bymistake,whenyoushutdownasysteminsteadofrebooting,youcanuseWakeonlantopoweron theserverremotely.Also,Ifyouhaveaserverthatdontneedtobeupandrunning247,youcan turnoffandturnontheserverremotelyanytimeyouwant. ThisarticlegivesabriefoverviewofWakeOnLANandinstructionstosetupWakeonlanfeature.

OverviewofWakeOnLAN
YoucanuseWakeonlanwhenamachineisconnectedtoLAN,andyouknowtheMACaddressofthat machine. YourNICshouldsupportwakeonlanfeature,anditshouldbeenabledbeforethe shutdown.Inmostcases,bydefaultwakeonlanisenabledontheNIC. Youneedtosendthemagicpacketfromanothermachinewhichisconnectedtothesamenetwork( LAN).Youneedrootaccesstosendmagicpacket.wakeonlanpackageshouldbeinstalledonthe machine. Whenthesystemcrashesbecauseofpowerfailure,forthefirsttimeyoucannotswitchonyour machineusingthisfacility.Butafterthefirstfirstbootyoucanusewakeonlantoturniton,ifthe servergetsshutdownforsomereason. WakeonLanisalsoreferredaswol.

CheckwhetherwolissupportedontheNIC

ExecutethefollowingethtoolcommandintheserverwhichyouwanttoswitchONfromaremote place.
#ethtooleth0 Settingsforeth0: Supportedports:[TPMII] Supportedlinkmodes:10baseT/Half10baseT/Full 100baseT/Half100baseT/Full Supportsautonegotiation:Yes Advertisedlinkmodes:10baseT/Half10baseT/Full 100baseT/Half100baseT/Full Advertisedautonegotiation:Yes Speed:100Mb/s Duplex:Full Port:MII PHYAD:1 Transceiver:internal Autonegotiation:on SupportsWakeon:pumbg[Note:checkwhetherflaggispresent] Wakeon:g[Note:gmeanenabled.dmeansdisabled] Currentmessagelevel:0x00000001(1) Linkdetected:yes

IfSupportsWakeonisg,thenthesupportforwolfeatureisenabledontheNICcard.

EnablingwoloptionontheEthernetCard
#ethtoolseth0wolg

BydefaulttheWakeonwillbesettoginmostofthemachines.Ifnot,useethtooltosetthegflagto thewoloptionoftheNICcardasshownbelow. Note:Youshouldexecuteethtoolasroot,elseyoumaygetfollowingerrormessage.


$/sbin/ethtooleth0 Settingsforeth0: Cannotgetdevicesettings:Operationnotpermitted Cannotgetwakeonlansettings:Operationnotpermitted Currentmessagelevel:0x000000ff(255) Cannotgetlinkstatus:Operationnotpermitted

Installwakeonlanpackageonadifferentmachine
Installthewakeonlanpackageinthemachinefromwhereyouneedtosendthemagicpacketto

switchonyourserver.
#aptgetinstallwakeonlan

35.

List hardware spec using lshw :ls+hw=lshw,whichliststhehardwarespecsofyoursystem.

HowToGetHardwareSpecsofYourSystemUsinglshwHardwareLister byRAM ES H NATARAJA N onDECEMBER22,2008

ThisisaguestpostwrittenbySathiyaMoorthy. lshw(HardwareLister)commandgivesacomprehensivereportaboutallhardwareinyoursystem. Thisdisplaysdetailedinformationaboutmanufacturer,serialnumberofthesystem,motherboard, CPU,RAM,PCIcards,disks,networkcardetc., Usinglshw,youcangetinformationaboutthehardwarewithouttouchingascrewdrivertoopenthe serverchassis.Thisisalsoveryhelpfulwhentheserverislocatedinaremotedatacenter,whereyou donthavephysicalaccesstotheserver. Inourpreviousarticle,wediscussedabouthowtodisplayhardwareinformationonlinux usingdmidecode command .Inthisarticle,letusreviewhowtoviewthehardwarespecifications usinglshwcommand.

Photocourtesyofviagallery.com

Downloadlshw

DownloadthelatestversionoflshwfromHardware Lister website .Extractthesourcecodetothe /usr/srcasshownbelow.


#cd/usr/src #wgethttp://ezix.org/software/files/lshwB.02.13.tar.gz #gzipdlshwB.02.13.tar.gz #tarxvflshwB.02.13.tar

Note:Toinstalltheprecompiledversion,downloaditfromHardware Lister website .

Installlshw
#make

Installlshwasshownbelow.Thiswillinstalllshwinthe/usr/sbindirectory.
#makeinstall makeCsrcinstall make[1]:Enteringdirectory`/usr/src/lshwB.02.13/src' makeCcoreall make[2]:Enteringdirectory`/usr/src/lshwB.02.13/src/core' make[2]:Nothingtobedonefor`all'. make[2]:Leavingdirectory`/usr/src/lshwB.02.13/src/core' g++L./core/gWl,asneededolshwlshw.ollshwlresolv installpdm0755///usr/sbin installpm0755lshw///usr/sbin installpdm0755///usr/share/man/man1 installpm0644lshw.1///usr/share/man/man1

installpdm0755///usr/share/lshw installpm0644pci.idsusb.idsoui.txtmanuf.txt///usr/share/lshw make[1]:Leavingdirectory`/usr/src/lshwB.02.13/src'

lshwOutputLayout
Whenexecutinglshwwithoutoption,youwillgetdetailedinformationonthehardware configurationofthemachineintextformat.Followingisthestructureoflshwoutput.
systeminformation motherboardinformation cpuinformation cache,logicalcpu memory capacity,totalsize,individualbankinformation pcislotinformation ideslotinformation diskinformation totalsize,partition, usbslotinformation network

Followingisthepartialoutputoflshwcommand.
#lshw|head localhost description:RackMountChassis product:PowerEdge2850 vendor:DellComputerCorporation serial:1234567 width:32bits capabilities:smbios2.3dmi2.3smp1.4smp configuration:boot=normalchassis=rackmountcpus=2uuid=12345 *core description:Motherboard

Note:lshwmustberunasroottogetafullreport.lshwwilldisplaypartialreportwithawarning messageasshownbelowwhenyouexecuteitfromanonrootuser.
jsmith@localhost~>/usr/sbin/lshw WARNING:youshouldrunthisprogramassuperuser.

lshwClasses
Togetinformationaboutaspecifichardware,youcanuseclassoption.Followingclassescanbe usedwiththeclassoptioninthelshwcommand.
address bridge bus communication disk display generic input memory multimedia network

power printer processor storage system tape volume

GetInformationabouttheDisksusinglshw
Theexamplebelowwilldisplayalltheinformationaboutthedisksonthesystem.Thisindicatesthat the/dev/sdaisaSCSIDisk,RAID1configurationwithatotalcapacityof68G.
#lshwclassdisk *disk description:SCSIDisk product:LD0RAID169G vendor:MegaRAID physicalid:2.0.0 businfo:scsi@0:2.0.0 logicalname:/dev/sda version:516A size:68GiB(73GB) capabilities:partitionedpartitioned:dos configuration:ansiversion=2signature=000e1213

GetInformationaboutPhysicalMemory(RAM)oftheSystem
Pleasenotethatonlypartialoutputisshownbelow.
#lshwclassmemory *memory description:SystemMemory size:512MB capacity:2GB *bank:8 description:DIMMSynchronous[empty] *bank:9 description:DIMMSynchronous size:512MB width:32bits

GenerateCompactHardwareReportUsinglshw
Bydefaultlshwcommandgeneratesmultipagedetailedreport.Togenerateacompactreportuse shortoptionasshownbelow.Onlypartialoutputisshownbelow.
#lshwshort H/WpathDeviceClassDescription ======================================================= systemPowerEdge2850 /0bus12345 /0/0memory64KiBBIOS /0/400processorIntel(R)Xeon(TM)CPU3.40GHz /0/400/700memory16KiBL1cache /0/400/701memory1MiBL2cache /0/400/702memoryL3cache

/0/400/1.1processorLogicalCPU /0/1000memory4GiBSystemMemory /0/1000/0memory1GiBDIMMSynchronous400MHz(2.5ns) /0/1000/1memory1GiBDIMMSynchronous400MHz(2.5ns) /0/100/6/0/4eth2network82546EBGigabitEthernetController(Copper) /0/100/6/0/4.1eth3network82546EBGigabitEthernetController(Copper) /0/100/6/0.2bridge6700PXHPCIExpresstoPCIBridgeB /0/100/6/0.2/2busThorLightPulseFibreChannelHostAdapter /0/100/1ebridge82801PCIBridge /0/100/1e/ddisplayRadeonRV100QY[Radeon7000/VE]

GenerateHTMLorXMLHardwareReportUsinglshw
YoucangenerateaHTMLorXMLoutputfromthelshwcommanddirectlyasshownbelow.
#lshwhtml>hwinfo.html #lshwxml>hwinfo.xml

ThisarticlewaswrittenbySathiyaMoorthy,developerof enterprise postgres query analyser ,an efficienttoolforparsingpostgresqllogtogeneratehtmlreport,whichcanbeusedforfinetuningthe postgressettings,andsqlqueries.TheGeekStuffwelcomesyourtipsand guest articles . 36. View hardware spec using dmidecode :dmidecodecommandreadsthesystemDMItableto displayhardwareandBIOSinformationoftheserver.Apartfromgettingcurrentconfigurationofthe system,youcanalsogetinformationaboutmaximumsupportedconfigurationofthesystemusing dmidecode.Forexample,dmidecodegivesboththecurrentRAMonthesystemandthemaximum RAMsupportedbythesystem.
HowToGetHardwareInformationOnLinuxUsingdmidecodeCommand byRAM ES H NATARAJA N onNOVEMBER10,2008

PhotocourtesyofB Naveen Kumar dmidecodecommandreadsthesystemDMItabletodisplayhardwareandBIOSinformationofthe server.Apartfromgettingcurrentconfigurationofthesystem,youcanalsogetinformationabout maximumsupportedconfigurationofthesystemusingdmidecode.Forexample,dmidecodegives boththecurrentRAMonthesystemandthemaximumRAMsupportedbythesystem. Thisarticleprovidesanoverviewofthedmidecodeandfewpracticalexamplesonhowtouse dmidecodecommand.

1.Overviewofdmidecode

Distributed Management Task Force maintainstheDMI specification andSMBIOS specification .The outputofthedmidecodecontainsseveralrecordsfromtheDMI(DesktopManagementinterface) table. FollowingistherecordformatofthedmidecodeoutputoftheDMItable.
RecordHeader:Handle{recordid},DMItype{dmitypeid},{recordsize}bytes RecordValue:{multilinerecordvalue}

recordid:UniqueidentifierforeveryrecordintheDMItable. dmitypeid:Typeoftherecord.i.eBIOS,Memoryetc.,

recordsize:SizeoftherecordintheDMItable. multilinerecordvalues:MultilinerecordvalueforthatspecificDMItype. Sampleoutputofdmidecodecommand:


#dmidecode|head15 #dmidecode2.9 SMBIOS2.3present. 56structuresoccupying1977bytes. Tableat0x000FB320. Handle0xDA00,DMItype218,11bytes OEMspecificType HeaderandData: DA0B00DAB0001703082800 Handle0x0000,DMItype0,20bytes BIOSInformation Vendor:DellComputerCorporation Version:A07 ReleaseDate:01/13/2004

GetthetotalnumberofrecordsintheDMItableasshownbelow:
#dmidecode|grep^Handle|wcl 56 (or) #dmidecode|grepstructures 56structuresoccupying1977bytes.

2.DMITypes
DMITypeidwillgiveinformationaboutaparticularhardwarecomponentofyoursystem.Following commandwithtypeid4willgettheinformationaboutCPUofthesystem.
#dmidecodet4 #dmidecode2.9 SMBIOS2.3present. Handle0x0400,DMItype4,35bytes ProcessorInformation SocketDesignation:Processor1 Type:CentralProcessor Family:Xeon Manufacturer:Intel ID:290F0000FFFBEBBF Signature:Type0,Family15,Model2,Stepping9 Flags: FPU(Floatingpointunitonchip) VME(Virtualmodeextension) DE(Debuggingextension) PSE(Pagesizeextension) TSC(Timestampcounter) MSR(Modelspecificregisters)

FollowingarethedifferentDMItypesavailable.
TypeInformation 0BIOS 1System 2BaseBoard 3Chassis 4Processor 5MemoryController 6MemoryModule 7Cache 8PortConnector 9SystemSlots 10OnBoardDevices 11OEMStrings 12SystemConfigurationOptions 13BIOSLanguage 14GroupAssociations 15SystemEventLog 16PhysicalMemoryArray 17MemoryDevice 1832bitMemoryError 19MemoryArrayMappedAddress 20MemoryDeviceMappedAddress 21BuiltinPointingDevice 22PortableBattery 23SystemReset 24HardwareSecurity 25SystemPowerControls 26VoltageProbe 27CoolingDevice 28TemperatureProbe 29ElectricalCurrentProbe 30OutofbandRemoteAccess 31BootIntegrityServices 32SystemBoot 3364bitMemoryError 34ManagementDevice 35ManagementDeviceComponent 36ManagementDeviceThresholdData 37MemoryChannel 38IPMIDevice 39PowerSupply

Insteadoftype_id,youcanalsopassthekeywordtothetoptionofthedmidecodecommand. Followingaretheavailablekeywords.
KeywordTypes bios0,13 system1,12,15,23,32 baseboard2,10 chassis3

processor4 memory5,6,16,17 cache7 connector8 slot9

Forexample,togetallthesystembaseboardrelatedinformationexecutethefollowingcommand, whichwilldisplaythetype_id2and10
#dmidecodetbaseboard #dmidecode2.9 SMBIOS2.3present. Handle0x0200,DMItype2,9bytes BaseBoardInformation Manufacturer:DellComputerCorporation ProductName:123456 Version:A05 SerialNumber:..CN123456789098. Handle0x0A00,DMItype10,14bytes OnBoardDevice1Information Type:SCSIController Status:Enabled Description:LSILogic53C1030Ultra320SCSI OnBoardDevice2Information Type:SCSIController Status:Enabled Description:LSILogic53C1030Ultra320SCSI OnBoardDevice3Information Type:Video Status:Enabled Description:ATIRageXLPCIVideo OnBoardDevice4Information Type:Ethernet Status:Enabled Description:BroadcomGigabitEthernet1 OnBoardDevice5Information Type:Ethernet Status:Enabled Description:BroadcomGigabitEthernet2

3.GetPhysicalMemory(RAM)informationusingdmidecode
WhatisthemaximumRAMsupportedbythesystem?Inthisexample,thissystemcansupport maximum8GBofRAM.
#dmidecodet16 #dmidecode2.9 SMBIOS2.3present. Handle0x1000,DMItype16,15bytes PhysicalMemoryArray Location:SystemBoardOrMotherboard Use:SystemMemory

ErrorCorrectionType:MultibitECC MaximumCapacity:8GB ErrorInformationHandle:NotProvided NumberOfDevices:4

HowmuchmemorycanIexpandto?From/proc/meminfoyoucanfindoutthetotalcurrent memoryofyoursystemasshownbelow.
#grepMemTotal/proc/meminfo MemTotal:1034644kB

Inthisexample,thesystemhas1GBofRAM.Isthis1x1GB(or)2x512MB(or)4x256MB?This canbefiguredoutbypassingthetypeid17tothedmidecodecommandasshownbelow.Pleasenote intheexamplebelow,ifyouhavetoexpandupto8GBofmaximumRAM,youneedtoremovethe existing512MBfromslot1and2,anduse2GBRAMonallthe4memoryslots.


#dmidecodet17 #dmidecode2.9 SMBIOS2.3present. Handle0x1100,DMItype17,23bytes MemoryDevice ArrayHandle:0x1000 ErrorInformationHandle:NotProvided TotalWidth:72bits DataWidth:64bits Size:512MB[Note:Slot1has512MBRAM] FormFactor:DIMM Set:1 Locator:DIMM_1A BankLocator:NotSpecified Type:DDR TypeDetail:Synchronous Speed:266MHz(3.8ns) Handle0x1101,DMItype17,23bytes MemoryDevice ArrayHandle:0x1000 ErrorInformationHandle:NotProvided TotalWidth:72bits DataWidth:64bits Size:512MB[Note:Slot2has512MBRAM] FormFactor:DIMM Set:1 Locator:DIMM_1B BankLocator:NotSpecified Type:DDR TypeDetail:Synchronous Speed:266MHz(3.8ns) Handle0x1102,DMItype17,23bytes MemoryDevice

ArrayHandle:0x1000 ErrorInformationHandle:NotProvided TotalWidth:72bits DataWidth:64bits Size:NoModuleInstalled[Note:Slot3isempty] FormFactor:DIMM Set:2 Locator:DIMM_2A BankLocator:NotSpecified Type:DDR TypeDetail:Synchronous Speed:266MHz(3.8ns) Handle0x1103,DMItype17,23bytes MemoryDevice ArrayHandle:0x1000 ErrorInformationHandle:NotProvided TotalWidth:72bits DataWidth:64bits Size:NoModuleInstalled[Note:Slot4isempty] FormFactor:DIMM Set:2 Locator:DIMM_2B BankLocator:NotSpecified Type:DDR TypeDetail:Synchronous Speed:266MHz(3.8ns)

4.GetBIOSinformationusingdmidecode
#dmidecodetbios #dmidecode2.9 SMBIOS2.3present. Handle0x0000,DMItype0,20bytes BIOSInformation Vendor:DellComputerCorporation Version:A07 ReleaseDate:01/13/2004 Address:0xF0000 RuntimeSize:64kB ROMSize:4096kB Characteristics: ISAissupported PCIissupported PNPissupported BIOSisupgradeable BIOSshadowingisallowed ESCDsupportisavailable BootfromCDissupported Selectablebootissupported EDDissupported

JapanesefloppyforToshiba1.2MBissupported(int13h) 5.25"/360KBfloppyservicesaresupported(int13h) 5.25"/1.2MBfloppyservicesaresupported(int13h) 3.5"/720KBfloppyservicesaresupported(int13h) 8042keyboardservicesaresupported(int9h) Serialservicesaresupported(int14h) CGA/monovideoservicesaresupported(int10h) ACPIissupported USBlegacyissupported LS120bootissupported BIOSbootspecificationissupported Functionkeyinitiatednetworkbootissupported Handle0x0D00,DMItype13,22bytes BIOSLanguageInformation InstallableLanguages:1 en|US|iso88591 CurrentlyInstalledLanguage:en|US|iso88591

5.ViewManufacturer,ModelandSerialnumberoftheequipmentusingdmidecode
Youcangetinformationaboutthemake,modelandserialnumberoftheequipmentasshownbelow:
#dmidecodetsystem #dmidecode2.9 SMBIOS2.3present. Handle0x0100,DMItype1,25bytes SystemInformation Manufacturer:DellComputerCorporation ProductName:PowerEdge1750 Version:NotSpecified SerialNumber:1234567 UUID:4123454C41231123812312345603431 WakeupType:PowerSwitch Handle0x0C00,DMItype12,5bytes SystemConfigurationOptions Option1:NVRAM_CLR:ClearusersettableNVRAMareasandsetdefaults Option2:PASSWD:Closetoenablepassword Handle0x2000,DMItype32,11bytes SystemBootInformation Status:Noerrorsdetected

37. Use the support effectively :Companiesspendlotofcashonsupportmainlyfortworeasons:1) Togethelpfromvendorstofixcriticalproductionissues2)Tokeepuptodatewiththelatestversion ofthesoftwareandsecuritypatchesreleasedbythevendors.Inthisarticle,Ivegiven10practical tipsforDBAs,sysadminsanddeveloperstousetheirhardwareandsoftwaresupporteffectively.

10TipstoUseYourHardwareandSoftware VendorSupportEffectively
byRAMESHNATARAJAN onSEPTEMBER29,2008 Photocourtesyofwraithtdk
Companiespurchasesupportformostoftheirenterprisehardwares(servers,switches,routers,firewallsetc.,)and softwares(databases,OS,applications,frameworksetc.,).Theyspendlotofcashonsupportmainlyfortwo reasons:1)Togethelpfromvendorstofixcriticalproductionissues2)Tokeepuptodatewiththelatestversionof thesoftwareandsecuritypatchesreleasedbythevendors.Inthisarticle,Ivegiven10practicaltipsforDBAs, sysadminsanddeveloperstousetheirhardwareandsoftwaresupporteffectively.

1.UsetheKnowledgeBase
Mostvendorshavededicatedsupportwebsiteincludingaseparateknowledgebasesectionwithlotofwhitepapers, bestpracticedocuments,troubleshootingtipsandtricks.Usetheknowledgebasesectionofsupportwebsitetolearn andexpandyourknowledge.Mostofthetime,thebestpossiblesolutiontosolveaspecificproblemcanbefound fromtheknowledgebaseorforumofyourvendorsupportwebsite.Forexample,whenyouhaveanissuesettingup AutomaticStorageManagementduringOracle11ginstallation,Oraclessupportwebsitemetalink,willgiveyou appropriatesolutionthansearchingGoogle.

2.Usesupportwebsitetocreateticket
Insteadofcallingthesupportoverphone,usetheirwebsitetocreateaticket.Itis noteasytoexplaincomplextechnicalissueindetailtothesupportpersonover phone.Evenwhenyoutaketimetoexplaintheissueindetailoverphone,theymay stillmisslotofdetailsorwritetheissuedescriptionlittledifferently.Thiswillcause unnecessarydelay,asyouvetoexplaintheproblemagaintothesupportengineer whowillbeassignedtotheticket.Ifyoucreatetheticketyourselffromtheir website,youcanuploadallthesupportingmaterialsandcopy/pastetheerror message.Afteryoucreateaticketfromtheirwebsite,callthesupporttofollowupandmakesureanengineeris gettingassignedtoitimmediately.Iftheydonthaveasupportwebsite,askthemwhetheryoucancreateaticketby sendinganemail.

3.Explaintheissueindetail
Provideasmuchasinformationpossibleintheticketdescription.Dontassumethat thesupportengineerwillunderstandtheissuejustbylookingattheerrormessage youveprovided.Providingasmuchasinformationupfrontintheticketwillhelp youavoidlotofwastedtimegoingbackandforthexplainingtheissuesindetailto thesupport.Provideaclearstepbystepinstructionsonhowtoreproducetheissue.

4.Dosomeresearchanddebuggingbeforesubmittingthe ticket
Beforecreatingaticket,performsomebasicdebuggingtoeliminatesomeofthecommonissues.Attachrelatedlog filesanddebuggingoutputtotheticket.Ifyouveworkedwithyourvendorbefore,youllhaveagoodideaofallthe basiclogfilesandtestingtheymayaskyoutoperform.Dontwaitforthemtoaskthesamethingagain.Goahead

anddothosebasictestingyourselfandattachallthelogfilestotheticket.

5.Dontwastetimewithfirstlevelofsupport
Dealingwithfirstlevelofsupportiswasteoftimeforcomplexissues.Ifyouvedone#2,#3and#4mentioned aboveproperly,callthesupportanddemandthemtoescalateittothesecondlevelofsupport.Iftheydontrespond properly,escalatetheissuethroughvendorsaccountmanagerassignedtoyourcompany.

6.Usesupportforyourresearchproject
Dontjustcallsupportonlyforproductionissues.Callthemevenforyourresearchproject.Forexample,ifyouare performingaprototypeofanewsoftwarethatwasreleasedbyyourvendor,callthesupporttogettheirhelpwhen yougetstuck.Whenyouaretestingtheirnewbleedingedgesoftware,thatwasreleasedrecently,mostofthe vendorswillevenassignadedicatedresourcetohelpyouresolvetheissue,astheywanttofixalltheissuesintheir newsoftwareassoonasposible.

7.Setupyoursupportprofile
Anytimeyoucreateaticket,youmayhavetorepeatedlyentersomebasicinformationrelatedtoyouraccountand environment.Mostofthesupportsitehastheabilitytosetupaprofilewithallthebasicinformation,whichyoucan usewhenyouarecreatingaticket.Thiswillspeeduptheticketcreationprocess.

8.Setupsupportaccessforadmins
MakesureallyourDBAs,sysadminsandseniordevelopershaveaccesstothesupportwebsite.Ifyouaretheonly personwhohasaccesstosupportwebsite,identifyanotherbackupresourceforyouandmakesuretheyknowhow toaccessthesupportwebsitetocreateaticket,whenyouarenotavailable.Also,createaseparatesupportaccess documentwithvendorssupporttelephonenumber,youraccountnumber,supportwebsiteURLandputitina sharedareawherealladminscanaccessit.

9.Subscribetosecurityalert
ItisveryimportantforDBAs,sysadmins,andseniordeveloperstosubscribetothesecurityalertsfromthesupport website.Ifthereareanycriticalsecurityupdatesthataffectsyourhardwareandsoftware,itshouldbeimmediately testedontestenvironmentandmovedtoproduction.Ihaveseenadminswhoreceivethesecurityalerts,butdont readthoseemailsconsistently.Itisveryimportanttoactonsecurityalertsfromyourvendorsimmediately.

10.Getofficialdocumentationanddiagnosticstools
Usesupporttogetofficialdocumentationforyourhardwareandsoftware.Callyourvendorsupportandaskfor diagnosticstoolsandbestpracticedocumentsformaintainingyourhardwareandsoftware.Mostofushatetoread documentation.Butexperienceddevelopersandadminsunderstandthatreadingofficialdocumentationof hardwareandsoftwarewillgivethemindepthunderstandingabouttheproduct.

Doyouusesupportfromyourhardwareandsoftwarevendors?Ifyouhaveanytips,pleaseleaveacomment. Ifyoulikedthisarticle,pleasebookmarkitondeliciousandstumbleit.

38. Install/Upgrade LAMP using Yum :InstallingLAMPstackusingyumisagoodoptionfor beginnerswhodontfeelcomfortableinstallingfromsource.Also,InstallingLAMPstackusingyumis

agoodchoice,ifyouwanttokeepthingssimpleandjustusethedefaultconfiguration.
HowToInstallOrUpgradeLAMP:Linux,Apache,MySQLandPHPStackUsingYum byRAM ES H NATARAJA N onSEPTEMBER15,2008

PreviouslywediscussedabouthowtoinstallApache andPHPfromsource.Installing LAMPstackfromsourcewillgiveyoufullcontroltoconfiguredifferentparameters. InstallingLAMPstackusingyumisveryeasyandtakesonlyminutes.Thisisagoodoptionfor beginnerswhodontfeelcomfortableinstallingfromsource.Also,InstallingLAMPstackusingyumis agoodchoice,ifyouwanttokeepthingssimpleandjustusethedefaultconfiguration.

1.InstallApacheusingYum
#rpmqa|grephttpd [Note:Iftheabovecommanddidnotreturnanything, installapacheasshownbelow] #yuminstallhttpd

VerifythatApachegotinstalledsuccessfully
#rpmqa|grepihttp httpdtools2.2.91.fc9.i386 httpd2.2.91.fc9.i386

Enablehttpdservicetostartautomaticallyduringsystemstartupusingchkconfig.StarttheApache asshownbelow.
#chkconfighttpdon #servicehttpdstart Startinghttpd:[OK]

2.UpgradeApacheusingYum
IfyouveselectedwebserverpackageduringLinuxinstallation,Apacheisalreadyinstalledonyour Linux.Inwhichcase,youcanupgradeApachetothelatestversionasshownbelow. CheckwhetherApacheisalreadyinstalled.
#rpmqa|grepihttp httpdtools2.2.83.i386 httpd2.2.83.i386 [Note:ThisindicatesthatApache2.2.8versionisinstalledalready] #yumcheckupdatehttpd Loadedplugins:refreshpackagekit httpd.i3862.2.91.fc9updates [Note:ThisindicatesthatthelatestApacheversion2.2.9 isavailableforupgrade]

CheckwhetherlatestversionofApacheisavailableforinstallationusingyum.

UpgradeApachetolatestversionusingyum.
#yumupdatehttpd

Outputoftheyumupdatehttpdcommand:
Loadedplugins:refreshpackagekit SettingupUpdateProcess

ResolvingDependencies >Runningtransactioncheck >Packagehttpd.i3860:2.2.91.fc9settobeupdated >ProcessingDependency:httpdtools=2.2.91.fc9forpackage:httpd >Runningtransactioncheck >Packagehttpdtools.i3860:2.2.91.fc9settobeupdated >FinishedDependencyResolution DependenciesResolved =============================================================== ============== PackageArchVersionRepositorySize =============================================================== ============== Updating: httpdi3862.2.91.fc9updates975k httpdtoolsi3862.2.91.fc9updates69k TransactionSummary =============================================================== ============== Install0Package(s) Update2Package(s) Remove0Package(s) Totaldownloadsize:1.0M Isthisok[y/N]:y DownloadingPackages: (1/2):httpdtools2.2.91.fc9.i386.rpm|69kB00:00 (2/2):httpd2.2.91.fc9.i386.rpm|975kB00:00 Runningrpm_check_debug RunningTransactionTest FinishedTransactionTest TransactionTestSucceeded RunningTransaction Updating:httpdtools[1/4] Updating:httpd[2/4] Cleanup:httpd[3/4] Cleanup:httpdtools[4/4] Updated:httpd.i3860:2.2.91.fc9httpdtools.i3860:2.2.91.fc9 Complete!

VerifywhethertheApachegotupgradedsuccessfully.
#rpmqa|grepihttp

httpdtools2.2.91.fc9.i386 httpd2.2.91.fc9.i386 [Note:ThisindicatesthatApachewasupgradedto2.2.9successfully]

3.InstallMySQLusingYum

Yumisverysmarttoidentifyallthedependenciesandinstallthoseautomatically.Forexample,while

installingmysqlserverusingyum,italsoautomaticallyinstallsthedependedmysqllibs,perlDBI, mysql,perlDBDMySQLpackagesasshownbelow.
#yuminstallmysqlserver

Outputofyuminstallmysqlservercommand:
Loadedplugins:refreshpackagekit SettingupInstallProcess Parsingpackageinstallarguments ResolvingDependencies >Runningtransactioncheck >Packagemysqlserver.i3860:5.0.51a1.fc9settobeupdated >ProcessingDependency:libmysqlclient_r.so.15formysqlserver >ProcessingDependency:libmysqlclient.so.15formysqlserver >ProcessingDependency:perlDBIforpackage:mysqlserver >ProcessingDependency:mysql=5.0.51a1.fc9forpackage:mysqlserver >ProcessingDependency:libmysqlclient.so.15forpackage:mysqlserver >ProcessingDependency:perl(DBI)forpackage:mysqlserver >ProcessingDependency:perlDBDMySQLforpackage:mysqlserver >ProcessingDependency:libmysqlclient_r.so.15forpackage:mysqlserver >Runningtransactioncheck >Packagemysql.i3860:5.0.51a1.fc9settobeupdated >Packagemysqllibs.i3860:5.0.51a1.fc9settobeupdated >PackageperlDBDMySQL.i3860:4.0058.fc9settobeupdated >PackageperlDBI.i3860:1.6071.fc9settobeupdated >FinishedDependencyResolution DependenciesResolved =============================================================== ============== PackageArchVersionRepositorySize =============================================================== ============== Installing: mysqlserveri3865.0.51a1.fc9fedora9.8M Installingfordependencies: mysqli3865.0.51a1.fc9fedora2.9M mysqllibsi3865.0.51a1.fc9fedora1.5M perlDBDMySQLi3864.0058.fc9fedora165k perlDBIi3861.6071.fc9updates776k TransactionSummary =============================================================== ============== Install5Package(s) Update0Package(s) Remove0Package(s) Totaldownloadsize:15M Isthisok[y/N]:y DownloadingPackages: (1/5):perlDBDMySQL4.0058.fc9.i386.rpm|165kB00:00

(2/5):perlDBI1.6071.fc9.i386.rpm|776kB00:00 (3/5):mysqllibs5.0.51a1.fc9.i386.rpm|1.5MB00:00 (4/5):mysql5.0.51a1.fc9.i386.rpm|2.9MB00:00 (5/5):mysqlserver5.0.51a1.fc9.i386.rpm|9.8MB00:01 Runningrpm_check_debug RunningTransactionTest FinishedTransactionTest TransactionTestSucceeded RunningTransaction Installing:mysqllibs[1/5] Installing:perlDBI[2/5] Installing:mysql[3/5] Installing:perlDBDMySQL[4/5] Installing:mysqlserver[5/5] Installed:mysqlserver.i3860:5.0.51a1.fc9 DependencyInstalled: mysql.i3860:5.0.51a1.fc9mysqllibs.i3860:5.0.51a1.fc9 perlDBDMySQL.i3860:4.0058.fc9perlDBI.i3860:1.6071.fc9 Complete!

VerifywhetherMySQLgotinstalledproperly.
#rpmqa|grepimysql phpmysql5.2.62.fc9.i386 mysqllibs5.0.51a1.fc9.i386 mysqlserver5.0.51a1.fc9.i386 perlDBDMySQL4.0058.fc9.i386 mysql5.0.51a1.fc9.i386 #mysqlV

mysqlVer14.12Distrib5.0.51a,forredhatlinuxgnu(i386)usingreadline5.0

ConfigureMySQLtostartautomaticallyduringsystemstartup.
#chkconfigmysqldon #servicemysqldstart

StartMySQLservice. Thefirsttimewhenyoustartmysqld,itwillgiveadditionalinformationmessageindicatingto performpostinstallconfigurationasshownbelow.


InitializingMySQLdatabase: InstallingMySQLsystemtables...OK Fillinghelptables...OK Tostartmysqldatboottimeyouhavetocopy supportfiles/mysql.servertotherightplaceforyoursystem PLEASEREMEMBERTOSETAPASSWORDFORTHEMySQLrootUSER! Todoso,starttheserver,thenissuethefollowingcommands: /usr/bin/mysqladminurootpassword'newpassword' /usr/bin/mysqladminuroothdevdbpassword'newpassword' Alternativelyyoucanrun:/usr/bin/mysql_secure_installation

whichwillalsogiveyoutheoptionofremovingthetest databasesandanonymoususercreatedbydefault.Thisis highlyrecommendedforproductionservers. Seethemanualformoreinstructions. YoucanstarttheMySQLdaemonwith: cd/usr;/usr/bin/mysqld_safe& YoucantesttheMySQLdaemonwithmysqltestrun.pl cdmysqltest;perlmysqltestrun.pl Pleasereportanyproblemswiththe/usr/bin/mysqlbugscript! ThelatestinformationaboutMySQLisavailableonthewebat http://www.mysql.com SupportMySQLbybuyingsupport/licensesathttp://shop.mysql.com StartingMySQL:[OK]

4.PerformMySQLpostinstallationactivities
Afterthemysqlinstallation,youcanlogintomysqlrootaccountwithoutprovidinganypasswordas shownbelow.
#mysqluroot WelcometotheMySQLmonitor.Commandsendwith;or\g. YourMySQLconnectionidis2 Serverversion:5.0.51aSourcedistribution Type'help;'or'\h'forhelp.Type'\c'toclearthebuffer. mysql>

Tofixthisproblem,youneedtoassignapasswordtomysqlrootaccountasshownbelow.Execute mysql_secure_installationscript,whichperformsthefollowingactivities: Assigntherootpassword Removetheanonymoususer Disallowrootloginfromremotemachines Removethedefaultsampletestdatabase


#/usr/bin/mysql_secure_installation

Outputofmysql_secure_installationscript:
NOTE:RUNNINGALLPARTSOFTHISSCRIPTISRECOMMENDEDFORALLMySQL SERVERSINPRODUCTIONUSE!PLEASEREADEACHSTEPCAREFULLY! InordertologintoMySQLtosecureit,we'llneedthecurrent passwordfortherootuser.Ifyou'vejustinstalledMySQL,and youhaven'tsettherootpasswordyet,thepasswordwillbeblank, soyoushouldjustpressenterhere. Entercurrentpasswordforroot(enterfornone): OK,successfullyusedpassword,movingon... SettingtherootpasswordensuresthatnobodycanlogintotheMySQL rootuserwithouttheproperauthorisation.

Setrootpassword?[Y/n]Y Newpassword:[Note:Enterthemysqlrootpasswordhere] Reenternewpassword: Passwordupdatedsuccessfully! Reloadingprivilegetables.. ...Success! Bydefault,aMySQLinstallationhasananonymoususer,allowinganyone tologintoMySQLwithouthavingtohaveauseraccountcreatedfor them.Thisisintendedonlyfortesting,andtomaketheinstallation goabitsmoother.Youshouldremovethembeforemovingintoa productionenvironment. Removeanonymoususers?[Y/n]Y ...Success! Normally,rootshouldonlybeallowedtoconnectfrom'localhost'.This ensuresthatsomeonecannotguessattherootpasswordfromthenetwork. Disallowrootloginremotely?[Y/n]Y ...Success! Bydefault,MySQLcomeswithadatabasenamed'test'thatanyonecan access.Thisisalsointendedonlyfortesting,andshouldberemoved beforemovingintoaproductionenvironment. Removetestdatabaseandaccesstoit?[Y/n]Y Droppingtestdatabase... ...Success! Removingprivilegesontestdatabase... ...Success! Reloadingtheprivilegetableswillensurethatallchangesmadesofar willtakeeffectimmediately. Reloadprivilegetablesnow?[Y/n]Y ...Success! Cleaningup... Alldone!Ifyou'vecompletedalloftheabovesteps,yourMySQL installationshouldnowbesecure. ThanksforusingMySQL!

VerifytheMySQLpostinstallactivities:
#mysqluroot ERROR1045(28000):Accessdeniedforuser'root'@'localhost'(usingpassword:NO) [Note:rootaccesswithoutpasswordisdenied] #mysqlurootp Enterpassword:

WelcometotheMySQLmonitor.Commandsendwith;or\g. YourMySQLconnectionidis13 Serverversion:5.0.51aSourcedistribution Type'help;'or'\h'forhelp.Type'\c'toclearthebuffer. mysql>showdatabases; ++ |Database| ++ |information_schema| |mysql| ++ 2rowsinset(0.00sec) [Note:testdatabaseisremoved]

5.UpgradeMySQLusingYum
CheckwhetherMySQLisalreadyinstalled.
#rpmqa|grepimysql

CheckwhetheralatestversionofMySQLisavailableforinstallationusingyum.
#yumcheckupdatemysqlserver #yumupdatemysqlserver #yuminstallphp

UpgradeMySQLtolatestversionusingyum.

6.InstallPHPusingYum
Outputofyuminstallphp:
Loadedplugins:refreshpackagekit SettingupInstallProcess Parsingpackageinstallarguments ResolvingDependencies >Runningtransactioncheck >Packagephp.i3860:5.2.62.fc9settobeupdated >ProcessingDependency:phpcommon=5.2.62.fc9forpackage:php >ProcessingDependency:phpcli=5.2.62.fc9forpackage:php >Runningtransactioncheck >Packagephpcommon.i3860:5.2.62.fc9settobeupdated >Packagephpcli.i3860:5.2.62.fc9settobeupdated >FinishedDependencyResolution DependenciesResolved =============================================================== ============== PackageArchVersionRepositorySize =============================================================== ============== Installing: phpi3865.2.62.fc9updates1.2M Installingfordependencies: phpclii3865.2.62.fc9updates2.3M phpcommoni3865.2.62.fc9updates228k TransactionSummary

=============================================================== ============== Install3Package(s) Update0Package(s) Remove0Package(s) Totaldownloadsize:3.8M Isthisok[y/N]:y DownloadingPackages: (1/3):phpcommon5.2.62.fc9.i386.rpm|228kB00:00 (2/3):php5.2.62.fc9.i386.rpm|1.2MB00:00 (3/3):phpcli5.2.62.fc9.i386.rpm|2.3MB00:00 Runningrpm_check_debug RunningTransactionTest FinishedTransactionTest TransactionTestSucceeded RunningTransaction Installing:phpcommon[1/3] Installing:phpcli[2/3] Installing:php[3/3] Installed:php.i3860:5.2.62.fc9 DependencyInstalled:phpcli.i3860:5.2.62.fc9phpcommon.i3860:5.2.62.fc9 Complete!

Verifythatphpgotinstalledsuccessfully.
#rpmqa|grepiphp phpcli5.2.62.fc9.i386 php5.2.62.fc9.i386 phpcommon5.2.62.fc9.i386

InstallMySQLmoduleforPHP .
#yumsearchphpmysql Loadedplugins:refreshpackagekit ===========Matched:phpmysql============= phpmysql.i386:AmoduleforPHPapplicationsthatuseMySQLdatabases #yuminstallphpmysql

Outputofyuminstallphpmysql:
Loadedplugins:refreshpackagekit SettingupInstallProcess Parsingpackageinstallarguments ResolvingDependencies >Runningtransactioncheck >Packagephpmysql.i3860:5.2.62.fc9settobeupdated >ProcessingDependency:phppdoforpackage:phpmysql >Runningtransactioncheck >Packagephppdo.i3860:5.2.62.fc9settobeupdated >FinishedDependencyResolution DependenciesResolved

=============================================================== ============== PackageArchVersionRepositorySize =============================================================== ============== Installing: phpmysqli3865.2.62.fc9updates81k Installingfordependencies: phppdoi3865.2.62.fc9updates62k TransactionSummary =============================================================== ============== Install2Package(s) Update0Package(s) Remove0Package(s) Totaldownloadsize:143k Isthisok[y/N]:y DownloadingPackages: (1/2):phppdo5.2.62.fc9.i386.rpm|62kB00:00 (2/2):phpmysql5.2.62.fc9.i386.rpm|81kB00:00 Runningrpm_check_debug RunningTransactionTest FinishedTransactionTest TransactionTestSucceeded RunningTransaction Installing:phppdo[1/2] Installing:phpmysql[2/2] Installed:phpmysql.i3860:5.2.62.fc9 DependencyInstalled:phppdo.i3860:5.2.62.fc9 Complete!

IfyouneedadditionalPHPmodules,installthemusingyumasshownbelow.
#yuminstallphpcommonphpmbstringphpmcryptphpdevelphpxmlphpgd

7.UpgradePHPusingYum
#rpmqa|grepiphp

CheckwhetherPHPisinstalled. CheckwhetheralatestversionofPHPisavailableforinstallationusingyum.
#yumcheckupdatephp #yumupdatephp

UpgradePHPtothelatestversionusingyum. UpgradeanyadditionalPHPmodulesthatyouveinstalledusingyum.
#yumcheckupdatephpcommonphpmbstringphpmcryptphpdevelphpxmlphpgd #yumupdatephpcommonphpmbstringphpmcryptphpdevelphpxmlphpgd

VerifythePHPinstallationbycreatingatest.phpfileasshownbelow.
#cat/var/www/html/test.php <?phpinfo();?>

Invokethetest.phpfromthebrowserhttp://{lampserverip}/test.php,whichwilldisplayallPHP configurationinformationandtheinstalledmodules. Ifyoulikedthisarticle,pleasebookmarkitondel.icio.usandStumbleit. 39. Template to track your hardware assests :Ifyouaremanagingmorethanoneequipmentin yourorganization,itisveryimportanttodocumentandtrackALLinformationabouttheservers effectively.Inthisarticle,Ihavelisted36attributesthatneedstobetrackedforyourequipments, withanexplanationonwhyitneedstobetracked.Ihavealsoprovidedaspreadsheettemplatewith thesefieldsthatwillgiveyouajumpstart.
36ItemsToCaptureForPracticalHardwareAssetTracking byRAM ES H NATARAJA N onAUGUST18,2008

Ifyouaremanagingmorethanoneequipmentinyourorganization,itisveryimportant todocumentandtrackALLinformationabouttheserverseffectively.Inthisarticle,Ihavelisted36 attributesthatneedstobetrackedforyourequipments,withanexplanationonwhyitneedstobe tracked.Ihavealsoprovidedaspreadsheettemplatewiththesefieldsthatwillgiveyouajumpstart. Beforegettingintothedetailsofwhatneedstobetracked,letuslookatfewreasonsonwhyyou shoulddocumentALLyourequipments. IdentifyingWhatneedstobetrackedisfarmoreimportantthanHowyouaretrackingit.Dontget trappedintoresearchingthebestavailableassettrackingsoftware.Keepitsimpleanduseaspread sheetfortracking.Onceyouhavedocumentedeverything,lateryoucanalwaysfindasoftwareand exportthisdatatoit. Sysadminshatestodocumentanything.Theywouldratherspendtimeexploringcoolnew technologythandocumentingtheircurrenthardwareandenvironment.But,aseasonedsysadmin knowsthatspendingtimetodocumentthedetailsabouttheequipemnts,isgoingtosavelotoftime inthefuture,whenthereisaproblem. Neverassumeanything.Whenitcomestodocumentation,themoredetailsyoucanaddisbetter. Dontcreatedocumentbecauseyourbossisinsistingonit.Instead,createthedocumentbecauseyou trulybelieveitwilladdvaluetoyouandyourteam.Ifyoudocumentwithoutunderstandingor believingthepurpose,youwillessentiallyleaveoutlotofcriticaldetails,whichwilleventuallymake thedocumentworthless. OnceyouvecapturedtheattributesmentionedbelowforALLyourservers,switches,firewallsand otherequipments,youcanusethismasterlisttotrackanyfutureenterprisewide implementation/changes.Fore.g.Ifyouarerollingoutanewbackupstrategythroughoutyour enterprise,addanewcolumncalledbackupandmarkitasYesorNo,totrackwhetherthatspecific actionhasbeenimplementedonthatparticularequipment. Ihavearrangedthe36itemsinto9differentgroupsandprovidedasamplevaluenexttothefield namewithinparenthesis.Thesefieldsandgroupingsarejustguidelines.Ifrequired,modifythis accordinglytotrackadditionalattributesspecifictoyourenvironment.

Equipment Detail

(1)Description(ProductionCRMDBServer)Thisfieldshouldexplainthepurposeofthis equipment.EvenanonITpersonshouldbeabletoidentifythisequipmentbasedonthisdescription. (2)HostName(prodcrmdbsrv)TherealhostnameoftheequipmentasdefinedattheOSlevel. (3)Department(Sales)Whichdepartmentdoesthisequipmentbelongto? (4)Manufacturer(DELL)Manufactureroftheequipment.

(5)Model(PowerEdge2950)Modeloftheequipment. (6)Status(Active)Thecurrentstatusoftheequipment.Usethisfieldtoidentifywhetherthe equipmentisinoneofthefollowingstate: ActiveCurrentlyinuse RetiredOldequipment,notgettingusedanymore AvailableOld/Newequipment,readyandavailableforusage (7)Category(Server)Iprimarilyusethistotrackthetypeofequipment.Thevalueinthisfield couldbeoneofthefollowingdependingtheequipment: Server Switch PowerCircuit Router Firewalletc.

Tag/Serial#

Fortrackingpurpose,differentvendorsusedifferentnamesfortheserialnumbers.i.eSerialNumber, PartNumber,AssetNumber,ServiceTag,ExpressCodeetc.Fore.g.DELLtrackstheirequipment usingServiceTagandExpresscode.So,ifmajorityoftheequipmentsinyourorganizationareDELL, itmakesensetohaveseparatecolumnsforServiceTagandExpressCode. (8)SerialNumber (9)PartNumber (10)ServiceTAG (11)ExpressCode (12)CompanyAssetTAGEveryorganizationmayhavetheirownwayoftrackingthesystemusing barcodeorcustomassettrackingnumber.Usethisfieldtotracktheequipmentusingthecode assignedbyyourcompany

Location

(13)PhysicalLocation(LosAngeles)Usethisfieldtospecifythephysicallocationoftheserver.If youhavemultipledatacenterindifferentcities,usethecitynametotrackit. (14)Cage/Room#Thecageorroomnumberwherethisequipmentislocated. (15)Rack#Iftherearemultipleracksinsideyourdatacenter,specifytherack#wherethe equipmentislocated.Ifyourrackdoesnthaveanynumbers,createyourownnumberingschemefor therack. (16)RackPositionThisindicatestheexactlocationoftheserverwithintherack.fore.g.the serverlocatedatthebottomoftherackhastherackpositionof#1andtheoneaboveis#2.

Network

(17)PrivateIP(192.168.100.1)Specifytheinternalipaddressoftheequipment. (18)PublicIPSpecifytheexternalipaddressoftheequipment. (19)NIC(GB1,Slot1/Port1) Trackingthisinformationisveryhelpful,whensomeoneaccidentallypullsacablefromtheserver(If thisneverhappenedtoyou,itisonlyamatteroftimebeforeithappens).Usingthisfieldvalue,you willknowexactlywheretopluginthecable.Iftheserverhasmorethanonenetworkconnection, specifyalltheNICsusingacommaseparatedvalue. Inthisexample(GB1,Slot1/Port1),theserverhastwoethernetcablesconnected.Firstone connectedtotheonboardNICmarkedasGB1.SecondoneconnectedtothePort#1ontheNIC card,insertedtothePCISlot#1. Evenwhentheserverhasonlyoneethernetcableconnected,specifytheport#towhichitis

connected.Fore.g.MostoftheDELLserverscomeswithtwoonboardNIClabeledasGB1andGB2. So,youshouldknowtowhichNICyouveconnectedyourethernetcable. (20)Switch/Port(Switch1/Port10,Switch4/Port15)UsingtheNICfieldabove,youvetrackedthe exactportwhereoneendoftheethernetcableisconnectedontheserver.Now,youshouldtrack wheretheotherendofthecableisconnectedto.Inthisexamplethecableconnectedtotheserveron theGB1isconnectedtothePort10onSwitch1.ThecableconnectedtotheserveronPort#1ofPCI Slot#1isconnectedtothePort15onSwitch4. (21)NagiosMonitored?(Yes)Usethisfieldtoindicatewhetherthisequipmentisgetting monitoredthroughanymonitoringsoftware.

Storage

OS Detail

(22)SAN/NASConnected?(Yes)Usethisfieldtotrackwhetheraparticularserverisconnectedto anexternalstorage. (23)TotalDriveCount(4)Thisindicatesthetotalnumberofinternaldrivesontheserver.This cancomeveryhandyforcapacitymanagement.fore.g.Someofthedellserverscomesonlywith6 slotsforinternalharddrives.Inthisexample,justbylookingatthedocument,weknowthatthere are4diskdrivesintheserversandyouhaveroomtoadd2morediskdrives. (24)OS(Linux)UsethisfieldtotracktheOSthatisrunningontheequipment.Fore.g.Linux, Windows,CiscoIOSetc. (25)OSVersion(RedHatEnterpriseLinuxASrelease4(NahantUpdate5))Theexactversionof theOS.

Warranty

Purchase & Lease

(26)WarrentyStartDate (27)WarrentyEndDate (28)DateofPurchaseIfyouhavepurchasedtheequipment,filloutthedateofpurchaseandthe price. (29)PurchasePrice (30)LeaseBeginDateIfyouhaveleasedtheequipment,filloutalltheleasedetails. (31)LeaseExpiryDate (32)LeasingCompanyThecompanywhoownstheleaseonthisequipment. (33)BuyOutOption($1)Isthisadollaronebuyout(or)FairMarketValuepurchase?Thiswill giveyouanideaonwhethertostartplanningforanewequipmentaftertheleaseexpirydateorto keeptheexistingequipment. (34)MonthlyLeasePayment

Additional Information

(35)URLIfthisisawebserver,givetheURLtoaccessthewebapplicationrunningonthesystem. Ifthisisaswitchorrouter,specifytheadminURL. (36)NotesEnteradditionalnotesabouttheequipmentthatdoesntfitunderanyoftheabove fields.Itmaybeverytemptingtoaddusernameandpasswordfieldstothisspreadsheet.Forsecurity reasons,neverusethisspreadsheettostoretherootoradministratorpasswordoftheequipment. Asset Tracking Excel Template 1.0 Thisexceltemplatecontainsallthe36fieldsmentionedaboveto giveyouajumpstartontrackingequipmentsinyourenterprise.Ifyouconvertthisspreadsheetto otherformatsusedbydifferenttools,sendittomeandIlladdithereandgivecredittoyou.Ihope youfindthisarticlehelpful.Forwardthistoappropriatepersoninyourorganizationwhomaybenefit fromthisarticlebytrackingtheequipmentseffectively.Also,IfyouthinkIvemissedanyattributeto

trackintheabovelist,pleaseletmeknow. Ifyoulikedthisarticle,pleasebookmarkitondel.icio.us,DiggandStumbleusingthelinkprovided belowunderWhatNext?section. 40. Disable SELinux :IfyoudontunderstandhowSELinuxworksandthefundamentaldetailson howtoconfigureit,keepingitenabledwillcauselotofissues.Untilyouunderstandthe implementationdetailsofSELinuxyoumaywanttodisableittoavoidsomeunnecessaryissuesas explainedhere.
4EffectiveMethodstoDisableSELinuxTemporarilyorPermanently byRAM ES H NATARAJA N onJUNE1,2009

OnsomeoftheLinuxdistributionSELinuxisenabledbydefault,whichmaycausesome unwantedissues,ifyoudontunderstandhowSELinuxworksandthefundamentaldetailsonhowto configureit.IstronglyrecommendthatyouunderstandSELinuxandimplementitonyour environment.But,untilyouunderstandtheimplementationdetailsofSELinuxyoumaywantto disableittoavoidsomeunnecessaryissues. TodisableSELinuxyoucanuseanyoneofthe4differentmethodsmentionedinthisarticle. TheSELinuxwillenforcesecuritypoliciesincludingthemandatoryaccesscontrolsdefinedbytheUS DepartmentofDefenceusingtheLinuxSecurityModule(LSM)definedintheLinuxKernel.Every filesandprocessinthesystemwillbetaggedwithspecificlabelsthatwillbeusedbytheSELinux. YoucanuselsZandviewthoselabelsasshownbelow.
#lsZ/etc/ rwrrrootrootsystem_u:object_r:etc_t:s0a2ps.cfg rwrrrootrootsystem_u:object_r:adjtime_t:s0adjtime rwrrrootrootsystem_u:object_r:etc_aliases_t:s0aliases drwxrxrootrootsystem_u:object_r:auditd_etc_t:s0audit drwxrxrxrootrootsystem_u:object_r:etc_runtime_t:s0blkid drwxrxrxrootrootsystem_u:object_r:bluetooth_conf_t:s0bluetooth drwxrootrootsystem_u:object_r:system_cron_spool_t:s0cron.d rwrwrrootdisksystem_u:object_r:amanda_dumpdates_t:s0dumpdates

Method1:DisableSELinuxTemporarily
#cat/selinux/enforce 1 #echo0>/selinux/enforce #cat/selinux/enforce

TodisableSELinuxtemporarilyyouhavetomodifythe/selinux/enforcefileasshownbelow.Please notethatthissettingwillbegoneaftertherebootofthesystem.

YoucanalsousesetenforcecommandasshownbelowtodisableSELinux.Possibleparametersto setenforcecommandsare:Enforcing,Permissive,1(enable)or0(disable).
#setenforce0

Method2:DisableSELinuxPermanently
TodisabletheSELinuxpermanently,modifythe/etc/selinux/configandsettheSELINUX=disabled asshownbelow.Oneyoumakeanychangestothe/etc/selinux/config,reboottheserverforthe changestobeconsidered.
#cat/etc/selinux/config SELINUX=disabled SELINUXTYPE=targeted SETLOCALDEFS=0

FollowingarethepossiblevaluesfortheSELINUXvariableinthe/etc/selinux/configfile enforcingTheSecurityPolicyisalwaysEncoforced permissiveThisjustsimulatestheenforcingpolicybyonlyprintingwarningmessagesandnotreally enforcingtheSELinux.ThisisgoodtofirstseehowSELinuxworksandlaterfigureoutwhatpolicies shouldbeenforced. disabledCompletelydisableSELinux FollowingarethepossiblevaluesforSELINUXTYPEvariableinthe/etc/selinux/configfile.This indicatesthetypeofpoliciesthatcanbeusedfortheSELinux. targetedThispolicywillprotectedonlyspecifictargetednetworkdaemons. strictThisisformaximumSELinuxprotection.

Method3:DisableSELinuxfromtheGrubBootLoader

Ifyoucantlocate/etc/selinux/configfileonyoursystem,youcanpassdisableSELinuxbypassingit asparametertotheGrubBootLoaderasshownbelow.
#cat/boot/grub/grub.conf default=0 timeout=5 splashimage=(hd0,0)/boot/grub/splash.xpm.gz hiddenmenu titleEnterpriseLinuxEnterpriseLinuxServer(2.6.1892.el5PAE) root(hd0,0) kernel/boot/vmlinuz2.6.1892.el5PAEroroot=LABEL=/rhgbquietselinux=0 initrd/boot/initrd2.6.1892.el5PAE.img titleEnterpriseLinuxEnterpriseLinuxServer(2.6.1892.el5) root(hd0,0) kernel/boot/vmlinuz2.6.1892.el5roroot=LABEL=/rhgbquietselinux=0 initrd/boot/initrd2.6.1892.el5.img

Method4:DisableOnlyaSpecificServiceinSELinuxHTTP/Apache
IfyouarenotinterestedindisabilitythewholeSELinux,youcanalsodisableSELinuxonlyfora specificservice.Forexample,dodisableSELinuxforHTTP/Apacheservice,modify thehttpd_disable_transvariableinthe/etc/selinux/targeted/booleansfile. Setthehttpd_disable_transvariableto1asshownbelow.

#grephttpd/etc/selinux/targeted/booleans httpd_builtin_scripting=1 httpd_disable_trans=1 httpd_enable_cgi=1 httpd_enable_homedirs=1 httpd_ssi_exec=1 httpd_tty_comm=0 httpd_unified=1

SetSELinuxbooleanvalueusingsetseboolcommandasshownbelow.MakesuretorestarttheHTTP serviceafterthischange.
#setseboolhttpd_disable_trans1 #servicehttpdrestart

41. Install PHP5 from source :ThisisastepbystepguidetoinstallPHP5fromsourceonUNIX environment.


InstructionGuidetoInstallPHP5fromSourceonLinux byRAM ES H NATARAJA N onJULY31,2008

AllLinuxdistributionscomeswithPHP .However,itisrecommendedtodownloadlatest PHPsourcecode,compileandinstallonLinux.ThiswillmakeiteasiertoupgradePHPonan ongoingbasisimmediatelyafteranewpatchorreleaseisavailablefordownloadfromPHP .This articleexplainshowtoinstallPHP5fromsourceonLinux. Apachewebservershouldalreadybeinstalled.RefertomypreviouspostonHow to install Apache 2 on Linux .IfyouareplanningtousePHPwithMySQL,youshouldhaveMySQLalreadyinstalled.I wroteaboutHow to install MySQL on Linux .

1.Prerequisites

2.DownloadPHP

DownloadthelatestsourcecodefromPHP Download page.Currentstablereleaseis5.2.6.Movethe sourceto/usr/local/srcandextractisasshownbelow.


#bzip2dphp5.2.6.tar.bz2 #tarxvfphp5.2.6.tar

3.InstallPHP

ViewallconfigurationoptionsavailableforPHPusing./configurehelp(twohypheninfrontof help).Themostcommonlyusedoptionisprefix={installdirname}toinstallPHPonauser defineddirectory.


#cdphp5.2.6 #./configurehelp

Inthefollowingexample,PHPwillbecompiledandinstalledunderthedefaultlocation /usr/local/libwithApacheconfigurationandMySQLsupport.
#./configurewithapxs2=/usr/local/apache2/bin/apxswithmysql #make #makeinstall #cpphp.inidist/usr/local/lib/php.ini

4.Configurehttpd.confforPHP
<FilesMatch"\.ph(p[26]?|tml)$">

Modifythe/usr/local/apache2/conf/httpd.conftoaddthefollowing:

SetHandlerapplication/xhttpdphp </FilesMatch>

Makesurethehttpd.confhasthefollowinglinethatwillgetautomaticallyinsertedduringthePHP installationprocess.
LoadModulephp5_modulemodules/libphp5.so

Restarttheapacheasshownbelow:
#/usr/local/bin/apache2/apachectlrestart

5.VerifyPHPInstallation
Createatest.phpunder/usr/local/apache2/htdocswiththefollowingcontent
#vitest.php <?phpphpinfo();?>

Gotohttp://localhost/test.php,whichwillshowadetailedinformationaboutallthePHP configurationoptionsandPHPmodulesinstalledonthesystem.

6.Troubleshootingduringinstallation

Error1:configure:error:xml2confignotfound: Whileperformingthe./configureduringPHPinstallation,youmaygetthefollowingerror:
#./configurewithapxs2=/usr/local/apache2/bin/apxswithmysql Configuringextensions checkingwhethertoenableLIBXMLsupport...yes checkinglibxml2installdir...no checkingforxml2configpath... configure:error:xml2confignotfound.Pleasecheckyourlibxml2installation.

Installthelibxml2develandzlibdevelasshownbelowtothefixthisissue.
#rpmivh/home/downloads/linuxiso/libxml2devel2.6.262.1.2.0.1.i386.rpm/home/downloads/linuxiso/zlibdevel 1.2.33.i386.rpm Preparing...###########################################[100%] 1:zlibdevel###########################################[50%] 2:libxml2devel###########################################[100%]

Error2:configure:error:CannotfindMySQLheaderfiles. Whileperformingthe./configureduringPHPinstallation,youmaygetthefollowingerror:
#./configurewithapxs2=/usr/local/apache2/bin/apxswithmysql checkingforMySQLUNIXsocketlocation.../var/lib/mysql/mysql.sock configure:error:CannotfindMySQLheaderfilesunderyes. NotethattheMySQLclientlibraryisnotbundledanymore!

InstalltheMySQLdevelcommunitypackageasshownbelowtofixthisissue.
#rpmivh/home/downloads/MySQLdevelcommunity5.1.250.rhel5.i386.rpm Preparing...###########################################[100%] 1:MySQLdevelcommunity###########################################[100%]

42. Install MySQL from source :ThisisastepbystepguidetoinstallMySQLfromsourceonUNIX environment.


HowtoInstallMySQLonLinux byRAM ES H NATARAJA N onJULY6,2008

MostoftheLinuxdistrocomeswithMySQL.IfyouwantuseMySQL,myrecommendationisthat youdownloadthelatestversionofMySQLandinstallityourself.Lateryoucanupgradeittothe latestversionwhenitbecomesavailable.Inthisarticle,Iwillexplainhowtoinstallthelatestfree

communityeditionofMySQLonLinuxplatform.

1.DownloadthelateststablerelaseofMySQL
DownloadmySQLfrommysql.com.PleasedownloadthecommunityeditionofMySQLforyour appropriateLinuxplatform.IdownloadedtheRedHatEnterpriseLinux5RPM(x86).Makesureto downloadMySQLServer,ClientandHeadersandlibrariesfromthedownloadpage. MySQLclientcommunity5.1.250.rhel5.i386.rpm MySQLservercommunity5.1.250.rhel5.i386.rpm MySQLdevelcommunity5.1.250.rhel5.i386.rpm

2.RemovetheexistingdefaultMySQLthatcamewiththeLinuxdistro
[localhost]#rpmqa|grepimysql mysql5.0.222.1.0.1 mysqlclient103.23.584.RHEL4.1 [localhost]#rpmemysqlnodeps warning:/etc/my.cnfsavedas/etc/my.cnf.rpmsave [localhost]#rpmemysqlclient10

DonotperformthisonansystemwheretheMySQLdatabaseisgettingusedbysomeapplication.

3.InstallthedownloadedMySQLpackage
InstalltheMySQLServerandClientpackagesasshownbelow.
[localhost]#rpmivhMySQLservercommunity5.1.250.rhel5.i386.rpmMySQLclientcommunity5.1.25 0.rhel5.i386.rpm Preparing...###########################################[100%] 1:MySQLclientcommunity###########################################[50%] 2:MySQLservercommunity###########################################[100%]

ThiswillalsodisplaythefollowingoutputandstarttheMySQLdaemonautomatically.
PLEASEREMEMBERTOSETAPASSWORDFORTHEMySQLrootUSER! Todoso,starttheserver,thenissuethefollowingcommands: /usr/bin/mysqladminurootpassword'newpassword' /usr/bin/mysqladminuroothmedica2password'newpassword' Alternativelyyoucanrun: /usr/bin/mysql_secure_installation whichwillalsogiveyoutheoptionofremovingthetest databasesandanonymoususercreatedbydefault.Thisis stronglyrecommendedforproductionservers. Seethemanualformoreinstructions. Pleasereportanyproblemswiththe/usr/bin/mysqlbugscript! ThelatestinformationaboutMySQLisavailableathttp://www.mysql.com/ SupportMySQLbybuyingsupport/licensesfromhttp://shop.mysql.com/ StartingMySQL.[OK] Givingmysqld2secondstostart

InstalltheHeaderandLibrariesthatarepartoftheMySQLdevelpackages.
[localhost]#rpmivhMySQLdevelcommunity5.1.250.rhel5.i386.rpm Preparing...###########################################[100%] 1:MySQLdevelcommunity###########################################[100%]

Note:WhenIwascompilingPHPwithMySQLoptionfromsourceontheLinuxsystem,itfailedwith thefollowingerror.InstallingtheMySQLdevelcommunitypackagefixedthisproblemininstalling PHPfromsource.

configure:error:CannotfindMySQLheaderfilesunderyes. NotethattheMySQLclientlibraryisnotbundledanymore!

4.PerformpostinstallsecurityactivitiesonMySQL.
Atabareminimumyoushouldsetapasswordfortherootuserasshownbelow:
[localuser]#/usr/bin/mysqladminurootpassword'My2Secure$Password'

Thebestoptionistorunthemysql_secure_installationscriptthatwilltakecareofallthetypical securityrelateditemsontheMySQLasshownbelow.Onahighlevelthisdoesthefollowingitems: Changetherootpassword Removetheanonymoususer Disallowrootloginfromremotemachines Removethedefaultsampletestdatabase


[localhost]#/usr/bin/mysql_secure_installation NOTE:RUNNINGALLPARTSOFTHISSCRIPTISRECOMMENDEDFORALLMySQL SERVERSINPRODUCTIONUSE!PLEASEREADEACHSTEPCAREFULLY! InordertologintoMySQLtosecureit,we'llneedthecurrent passwordfortherootuser.Ifyou'vejustinstalledMySQL,and youhaven'tsettherootpasswordyet,thepasswordwillbeblank, soyoushouldjustpressenterhere. Entercurrentpasswordforroot(enterfornone): OK,successfullyusedpassword,movingon... SettingtherootpasswordensuresthatnobodycanlogintotheMySQL rootuserwithouttheproperauthorisation. Youalreadyhavearootpasswordset,soyoucansafelyanswer'n'. Changetherootpassword?[Y/n]Y Newpassword: Reenternewpassword: Passwordupdatedsuccessfully! Reloadingprivilegetables.. ...Success! Bydefault,aMySQLinstallationhasananonymoususer,allowinganyone tologintoMySQLwithouthavingtohaveauseraccountcreatedfor them.Thisisintendedonlyfortesting,andtomaketheinstallation goabitsmoother.Youshouldremovethembeforemovingintoa productionenvironment. Removeanonymoususers?[Y/n]Y ...Success! Normally,rootshouldonlybeallowedtoconnectfrom'localhost'.This ensuresthatsomeonecannotguessattherootpasswordfromthenetwork. Disallowrootloginremotely?[Y/n]Y ...Success! Bydefault,MySQLcomeswithadatabasenamed'test'thatanyonecan access.Thisisalsointendedonlyfortesting,andshouldberemoved beforemovingintoaproductionenvironment. Removetestdatabaseandaccesstoit?[Y/n]Y Droppingtestdatabase... ...Success! Removingprivilegesontestdatabase...

...Success! Reloadingtheprivilegetableswillensurethatallchangesmadesofar willtakeeffectimmediately. Reloadprivilegetablesnow?[Y/n]Y ...Success! Cleaningup... Alldone!Ifyou'vecompletedalloftheabovesteps,yourMySQL installationshouldnowbesecure. ThanksforusingMySQL!

5.VerifytheMySQLinstallation:
YoucanchecktheMySQLinstalledversionbyperformingmysqlVasshownbelow:
[localhost]#mysqlV mysqlVer14.14Distrib5.1.25rc,forredhatlinuxgnu(i686)usingreadline5.1

ConnecttotheMySQLdatabaseusingtherootuserandmakesuretheconnectionissuccessfull.
[localhost]#mysqlurootp Enterpassword: WelcometotheMySQLmonitor.Commandsendwith;or\g. YourMySQLconnectionidis13 Serverversion:5.1.25rccommunityMySQLCommunityServer(GPL) Type'help;'or'\h'forhelp.Type'\c'toclearthebuffer. mysql>

FollowsthestepsbelowtostopandstartMySQL
[localhost]#servicemysqlstatus MySQLrunning(12588)[OK] [localhost]#servicemysqlstop ShuttingdownMySQL.[OK] [localhost]#servicemysqlstart StartingMySQL.[OK]

43. Launch Linux clients on windows :IfyouareusingSSHclienttoconnecttoLinuxserverfrom yourWindowslaptop,sometimesitmaybenecessarytolaunchUIapplicationontheremoteLinux server,buttodisplaytheUIonthewindowslaptop.CygwincanbeusedtoinstallsoftwareonLinux fromWindowsandlaunchLinuxXclientsoftwareonWindows.


LaunchsoftwareinstallersonLinuxfromWindowsusingCygwin byRAM ES H NATARAJA N onJUNE18,2008

IfyouareusingSSHclienttoconnecttoLinuxserverfromyourWindowslaptop,sometimesitmay benecessarytolaunchUIapplicationontheremoteLinuxserver,buttodisplaytheUIonthe windowslaptop.Followingaretwotypicalreasonstoperformthisactivity: 1. InstallsoftwareonLinuxfromWindows:TolaunchaUIbasedinstallertoinstallsoftwareon remoteLinuxserverfromwindowslaptop.Fore.g.ADBAmightwanttoinstalltheOracleonthe LinuxserverwhereonlytheSSHconnectiontotheremoteserverisavailableandnottheconsole. 2. LaunchLinuxXclientsoftwareonWindows:TolaunchXClientsoftware(fore.g.xclock)located

onyourremoteLinuxservertotheWindowslaptop. Cygwincanbeusedtoperformtheaboveactivities.Following15stepsexplainshowtoinstall CygwinandlaunchsoftwareinstallersonLinuxfromWindows.GotoCygwinanddownloadthe setup.exe.Launchthesetup.exeontheWindowsandfollowthestepsmentionedbelow. 1.WelcomeScreen.ClicknextontheCygwininstallationwelcomescreen. 2. Chooseadownloadsource.SelecttheInstallfrominternetoption 3.ChooseInstallationdirectory.IselectedC:\cygwinasshownbelow.Thisisthelocationwhere theCygwinsoftwarewillbeinstalledontheWindows. 4.SelectLocalPackageInstalldirectory.Thisisthedirectorywheretheinstallationfileswillbe downloadedandstored. 5.SelectConnectionType.Ifyouareconnectedtointernetviaproxy,entertheinformation.Ifnot, selectDirectConnection. 6.Chooseadownloadsite.Youcaneitherchooseadownloadsitethatisclosertoyouorleavethe defaultselection. 7. DownloadProgress.Thisscreenwilldisplaytheprogressofthedownload. 8. SelectPackagestoinstall.Irecommendthatyouleavethedefaultselectionhere. 9. InstallationProgress.Thisscreenwilldisplaytheprogressoftheinstallation. 10. InstallationCompletion. 11.StarttheCygwinBashShellonWindows.Clickoncygwinicononthedesktop(or)Clickon Start>AllPrograms>Cygwin>CygwinBashshell,whichwilldisplaytheCygwinBashShell window. 12.StarttheXServeronWindows.FromtheCygwinBashShell,typestartxtostarttheXServeras shownbelow.OncetheXServerisstarted,leavethiswindowopenanddonotcloseit. 13.Xtermwindow:startxfromtheabovestepwillopenanewxtermwindowautomaticallyas shownbelow. 14.SSHtotheremoteLinuxhostfromtheXtermwindowasshownbelow.Pleasenotethatyou shouldpasstheYparametertossh.YparameterenablestrustedX11forwarding.
jsmith@windowslaptop~ $sshYljsmithremotehost<Thisisfromthextermonwindowslaptop> jsmith@remotehost'spassword: Warning:Noxauthdata;usingfakeauthenticationdataforX11forwarding. Lastlogin:ThuJun1222:36:042008from192.168.1.102 /usr/bin/xauth:creatingnewauthorityfile/home/jsmith/.Xauthority [remotehost]$xclock&<Notethatyouarestartingxclockonremotelinuxserver> [1]12593 [remotehost]$

15.xclockonwindowslaptop.FromtheLinuxhost,launchthexclocksoftwareasshownabove, whichwilldisplaythexclockonthewindowslaptopasshownbelow. UsethesamemethodexplainedabovetolaunchanysoftwareinstalleronLinux(fore.g.Oracle databaseinstaller)andgetitdisplayedontheWindowslaptop.

HelpmespreadthenewsaboutTheGeekStuff.

Pleaseleaveyourcommentsandfeedbackregardingthisarticle.Ifyoulikethispost,Iwouldreally appreciateifyoucansubscribetoRSSfeedandspreadthewordaroundaboutTheGeekStuffblog byaddingittodel.icio.usorDiggthroughthelinkbelow.

44. IPCS :IPCallowstheprocessestocommunicatewitheachanother.Theprocesscanalso communicatebyhavingafileaccessibletoboththeprocesses.Processescanopen,andread/write thefile,whichrequireslotofI/Ooperationthatconsumestime.ThisexplainsdifferenttypesofIPCS andprovides10IPCScommandexamples.

10IPCSCommandExamples(WithIPC Introduction)
bySASIKALA onAUGUST12,2010
IPCstandsforInterprocessCommunication. Thistechniqueallowstheprocessestocommunicatewitheachanother. Sinceeachprocesshasitsownaddressspaceanduniqueuserspace,howdoestheprocesscommunicateeach other? TheanswerisKernel,theheartoftheLinuxoperatingsystemthathasaccesstothewholememory.Sowecan requestthekerneltoallocatethespacewhichcanbeusedtocommunicatebetweenprocesses. Theprocesscanalsocommunicatebyhavingafileaccessibletoboththeprocesses.Processescanopen,and read/writethefile,whichrequireslotofI/Ooperationthatconsumestime.

DifferentTypesofIPCS
TherearevariousIPCswhichallowsaprocesstocommunicatewithanotherprocesses,eitherinthesamecomputer ordifferentcomputerinthesamenetwork. PipesProvidesawayforprocessestocommunicatewitheachanotherbyexchangingmessages.Namedpipes provideawayforprocessesrunningondifferentcomputersystemstocommunicateoverthenetwork. SharedMemoryProcessescanexchangevaluesinthesharedmemory.Oneprocesswillcreateaportionof memorywhichotherprocesscanaccess. MessageQueueItisastructuredandorderedlistofmemorysegmentswhereprocessesstoreorretrievedata.

SemaphoresProvidesasynchronizingmechanismforprocessesthatareaccessingthesameresource.Nodatais
passedwithasemaphore;itsimplycoordinatesaccesstosharedresources.

10IPCSCommandExample
ipcsisaUNIX/Linuxcommand,whichisusedtolisttheinformationabouttheinterprocesscommunicationipcs commandprovidesareportonSystemVIPCS(Messagequeue,Semaphore,andSharedmemory).

IPCSExample1:ListalltheIPCfacility
ipcscommandwithaoptionlistsalltheIPCfacilitieswhichhasreadaccessforthecurrentprocess.Itprovides detailsaboutmessagequeue,semaphoreandsharedmemory. #ipcsa
SharedMemorySegments keyshmidownerpermsbytesnattchstatus 0xc616cc441056800768oracle66040960 0x0103f577323158020root6649661 0x0000270f325713925root66612

SemaphoreArrays keysemidownerpermsnsems 0x0103eefd0root6641 0x0103eefe32769root6641 0x4b0d45141094844418oracle660204 MessageQueues keymsqidownerpermsusedbytesmessages 0x000005a432768root64400

AlltheIPCfacilityhasuniquekeyandidentifier,whichisusedtoidentifyanIPCfacility.

IPCSExample2:ListalltheMessageQueue
ipcswithoptionq,listsonlymessagequeuesforwhichthecurrentprocesshasreadaccess. $ipcsq
MessageQueues keymsqidownerpermsusedbytesmessages 0x000005a432768root64400

IPCSExample3.ListalltheSemaphores
ipcssoptionisusedtolisttheaccessiblesemaphores. #ipcss
SemaphoreArrays keysemidownerpermsnsems 0x0103eefd0root6641 0x0103eefe32769root6641 0x4b0d45141094844418oracle660204

IPCSExample4.ListalltheSharedMemory
ipcsmoptionwithipcscommandliststhesharedmemories. #ipcsm
SharedMemorySegments keyshmidownerpermsbytesnattchstatus 0xc616cc441056800768oracle66040960 0x0103f577323158020root6649661 0x0000270f325713925root66612

IPCSExample5.DetailedinformationaboutanIPCfacility
ipcsioptionprovidesdetailedinformationaboutanipcfacility. #ipcsqi32768
MessageQueuemsqid=32768 uid=0gid=0cuid=0cgid=0mode=0644 cbytes=0qbytes=65536qnum=0lspid=0lrpid=0 send_time=Notset rcv_time=Notset change_time=ThuAug513:30:222010

Optioniwithqprovidesinformationaboutaparticularmessagequeue.Optioniwithsprovidessemaphore details.Optioniwithmprovidesdetailsaboutasharedmemory.

IPCSExample6.ListstheLimitsforIPCfacility
ipcsloptiongivesthesystemlimitsforeachipcfacility. #ipcsml
SharedMemoryLimits maxnumberofsegments=4096 maxsegsize(kbytes)=67108864 maxtotalsharedmemory(kbytes)=17179869184 minsegsize(bytes)=1

Theabovecommandgivesthelimitsforsharedmemory.lcanbecombinedwithqandstoviewthelimitsfor messagequeueandsemaphoresrespectively. SingleoptionlgivesthelimitsforallthreeIPCfacilities. #ipcsl

IPCSExample7.ListCreatorandOwnerDetailsforIPCFacility
ipcscoptionlistscreatoruseridandgroupidandowneruseridandgroupid.Thisoptioncanbecombinedwithm, sandqtoviewthecreatordetailsforspecificIPCfacility. #ipcsmc
SharedMemorySegmentCreators/Owners shmidpermscuidcgiduidgid 1056800768660oracleoinstalloracleoinstall 323158020664rootrootrootroot 325713925666rootrootrootroot

IPCSExample8.ProcessidsthataccessedIPCfacilityrecently
ipcspoptiondisplayscreatorid,andprocessidwhichaccessedthecorrespondingipcfacilityveryrecently. #ipcsmp
SharedMemoryCreator/Lastop shmidownercpidlpid 1056800768oracle167645389 323158020root23542354 325713925root2066620668

palsocanbecombinedwithm,sorq.

IPCSExample9.LastAccessedTime
ipcstoptiondisplayslastoperationtimeineachipcfacility.Thisoptioncanalsobecombinedwithm,sorqto printforspecifictypeofipcfacility.Formessagequeue,toptiondisplayslastsentandreceivetime,forshared memoryitdisplayslastattached(portionofmemory)anddetachedtimestampandforsemaphoreitdisplayslast operationandchangedtimedetails. #ipcsst
SemaphoreOperation/ChangeTimes semidownerlastoplastchanged 0rootThuAug512:46:522010TueJul1310:39:412010 32769rootThuAug511:59:102010TueJul1310:39:412010 1094844418oracleThuAug513:52:592010ThuAug513:52:592010

IPCSExample10.Statusofcurrentusage
ipcswithucommanddisplayscurrentusageforalltheIPCfacility.Thisoptioncanbecombinedwithaspecific

optiontodisplaythestatusforaparticularIPCfacility. #ipcsu
SharedMemoryStatus segmentsallocated30 pagesallocated102 pagesresident77 pagesswapped0 Swapperformance:0attempts0successes SemaphoreStatus usedarrays=49 allocatedsemaphores=252 Messages:Status allocatedqueues=1 usedheaders=0 usedspace=0bytes

45. Logical Volume Manager :UsingLVMwecancreatelogicalpartitionsthatcanspanacrossone ormorephysicalharddrives.YoucancreateandmanageLVMusingvgcreate,lvcreate,andlvextend lvm2commandsasshownhere.


HowToCreateLVMUsingvgcreate,lvcreate,andlvextendlvm2Commands byB AL AK RIS H NA N M ARIYAPPA N onAUGUST5,2010

LVMstandsforLogicalVolumeManager. WithLVM,wecancreatelogicalpartitionsthatcanspanacrossoneormorephysicalharddrives. First,theharddrivesaredividedintophysicalvolumes,thenthosephysicalvolumesarecombined togethertocreatethevolumegroupandfinallythelogicalvolumesarecreatedfromvolumegroup. TheLVMcommandslistedinthisarticleareusedunderUbuntuDistribution.But,itisthesamefor otherLinuxdistributions. Beforewestart,installthelvm2packageasshownbelow.


$sudoaptgetintalllvm2

TocreateaLVM,weneedtorunthroughthefollowingsteps. SelectthephysicalstoragedevicesforLVM CreatetheVolumeGroupfromPhysicalVolumes CreateLogicalVolumesfromVolumeGroup

SelectthePhysicalStorageDevicesforLVMUsepvcreate,pvscan,pvdisplay Commands
$sudopvcreate/dev/sda6/dev/sda7 Physicalvolume"/dev/sda6"successfullycreated Physicalvolume"/dev/sda7"successfullycreated

Inthisstep,weneedtochoosethephysicalvolumesthatwillbeusedtocreatetheLVM.Wecan createthephysicalvolumesusingpvcreatecommandasshownbelow.

Asshownabovetwophysicalvolumesarecreated/dev/sda6and/dev/sda7. Ifthephysicalvolumesarealreadycreated,youcanviewthemusingthepvscancommandasshown below.


$sudopvscan PV/dev/sda6lvm2[1.86GB] PV/dev/sda7lvm2[1.86GB] Total:2[3.72GB]/inuse:0[0]/innoVG:2[3.72GB]

Youcanviewthelistofphysicalvolumeswithattributeslikesize,physicalextentsize,totalphysical extentsize,thefreespace,etc.,usingpvdisplaycommandasshownbelow.
$sudopvdisplay Physicalvolume PVName/dev/sda6 VGName PVSize1.86GB/notusable2.12MB Allocatableyes PESize(KByte)4096 TotalPE476 FreePE456 AllocatedPE20 PVUUIDm67TXfEY6w6LuXNNB6kU4Lwnk8NjjZfv Physicalvolume PVName/dev/sda7 VGName PVSize1.86GB/notusable2.12MB Allocatableyes PESize(KByte)4096 TotalPE476 FreePE476 AllocatedPE0 PVUUIDb031x06rejBcBubE2CeCXGjObu0Boo0x

Note:PEPhysicalExtentsarenothingbutequalsizedchunks.Thedefaultsizeofextentis4MB.

CreatetheVolumeGroupUsevgcreate,vgdisplayCommands

Volumegroupsarenothingbutapoolofstoragethatconsistsofoneormorephysicalvolumes.Once youcreatethephysicalvolume,youcancreatethevolumegroup(VG)fromthesephysicalvolumes (PV). Inthisexample,thevolumegroupvol_grp1iscreatedfromthetwophysicalvolumesasshown below.


$sudovgcreatevol_grp1/dev/sda6/dev/sda7 Volumegroup"vol_grp1"successfullycreated

LVMprocessesthestorageintermsofextents.Wecanalsochangetheextentsize(fromthedefault size4MB)usingsflag. vgdisplaycommandliststhecreatedvolumegroups.


$sudovgdisplay Volumegroup VGNamevol_grp1 SystemID Formatlvm2 MetadataAreas2

MetadataSequenceNo1 VGAccessread/write VGStatusresizable MAXLV0 CurLV0 OpenLV0 MaxPV0 CurPV2 ActPV2 VGSize3.72GB PESize4.00MB TotalPE952 AllocPE/Size0/0 FreePE/Size952/3.72GB VGUUIDKk1ufBrT15bSWe5270KDfZshUXFUYBvR

LVMCreate:CreateLogicalVolumesUselvcreate,lvdisplaycommand
Now,everythingisreadytocreatethelogicalvolumesfromthevolumegroups.lvcreatecommand createsthelogicalvolumewiththesizeof80MB.
$sudolvcreatel20nlogical_vol1vol_grp1 Logicalvolume"logical_vol1"created

Uselvdisplaycommandasshownbelow,toviewtheavailablelogicalvolumeswithitsattributes.
$sudolvdisplay Logicalvolume LVName/dev/vol_grp1/logical_vol1 VGNamevol_grp1 LVUUIDap8sZ2WqE16401KupmDbnO2P7gx1HwtQ LVWriteAccessread/write LVStatusavailable #open0 LVSize80.00MB CurrentLE20 Segments1 Allocationinherit Readaheadsectorsauto currentlysetto256 Blockdevice252:0

Aftercreatingtheappropriatefilesystemonthelogicalvolumes,itbecomesreadytouseforthe storagepurpose.
$sudomkfs.ext3/dev/vol_grp1/logical_vol1

LVMresize:ChangethesizeofthelogicalvolumesUselvextendCommand
Wecanextendthesizeofthelogicalvolumesaftercreatingitbyusinglvextendutilityasshown below.Thechangesthesizeofthelogicalvolumefrom80MBto100MB.
$sudolvextendL100/dev/vol_grp1/logical_vol1 Extendinglogicalvolumelogical_vol1to100.00MB Logicalvolumelogical_vol1successfullyresized

Wecanalsoaddadditionalsizetoaspecificlogicalvolumeasshownbelow.
$sudolvextendL+100/dev/vol_grp1/logical_vol1 Extendinglogicalvolumelogical_vol1to200.00MB

Logicalvolumelogical_vol1successfullyresized

46. 15 Tcpdump examples :tcpdumpisanetworkpacketanalyzer.tcpdumpallowsustosavethe packetsthatarecaptured,sothatwecanuseitforfutureanalysis.Thesavedfilecanbeviewedby thesametcpdumpcommand.Wecanalsouseopensourcesoftwarelikewiresharktoreadthe tcpdumppcapfiles.


PacketAnalyzer:15TCPDUMPCommandExamples bySA SIKA LA onAUGUST25,2010

tcpdumpcommandisalsocalledaspacketanalyzer. tcpdumpcommandwillworkonmostflavorsofunixoperatingsystem.tcpdumpallowsustosave thepacketsthatarecaptured,sothatwecanuseitforfutureanalysis.Thesavedfilecanbeviewed bythesametcpdumpcommand.Wecanalsouseopensourcesoftwarelikewiresharktoreadthe tcpdumppcapfiles. Inthistcpdumptutorial,letusdiscusssomepracticalexamplesonhowtousethetcpdump command.

1.Capturepacketsfromaparticularethernetinterfaceusingtcpdumpi

Whenyouexecutetcpdumpcommandwithoutanyoption,itwillcaptureallthepacketsflowing throughalltheinterfaces.ioptionwithtcpdumpcommand,allowsyoutofilteronaparticular ethernetinterface.


$tcpdumpieth1 14:59:26.608728IPxx.domain.netbcp.net.52497>valh4.lell.net.ssh:.ack540win16554 14:59:26.610602IPresolver.lell.net.domain>valh4.lell.net.24151:42781/0/0(73) 14:59:26.611262IPvalh4.lell.net.38527>resolver.lell.net.domain:26364+PTR?244.207.104.10.inaddr.arpa.(45)

Inthisexample,tcpdumpcapturedallthepacketsflowsintheinterfaceeth1anddisplaysinthe standardoutput. Note:Editcaputilityisusedtoselectorremovespecificpacketsfromdumpfileandtranslatethem intoagivenformat.

2.CaptureonlyNnumberofpacketsusingtcpdumpc

Whenyouexecutetcpdumpcommanditgivespacketsuntilyoucancelthetcpdumpcommand.Using coptionyoucanspecifythenumberofpacketstocapture.
$tcpdumpc2ieth0 listeningoneth0,linktypeEN10MB(Ethernet),capturesize96bytes 14:38:38.184913IPvalh4.lell.net.ssh>yy.domain.innetbcp.net.11006:P1457255642:1457255758(116)ack 1561463966win63652 14:38:38.690919IPvalh4.lell.net.ssh>yy.domain.innetbcp.net.11006:P116:232(116)ack1win63652 2packetscaptured 13packetsreceivedbyfilter 0packetsdroppedbykernel

Theabovetcpdumpcommandcapturedonly2packetsfrominterfaceeth0. Note: Mergecap and TShark :Mergecapisapacketdumpcombiningtool,whichwillcombine multipledumpsintoasingledumpfile.Tsharkisapowerfultooltocapturenetworkpackets,which canbeusedtoanalyzethenetworktraffic.Itcomeswithwiresharknetworkanalyzerdistribution.

3.DisplayCapturedPacketsinASCIIusingtcpdumpA
ThefollowingtcpdumpsyntaxprintsthepacketinASCII.
$tcpdumpAieth0

tcpdump:verboseoutputsuppressed,usevorvvforfullprotocoldecode listeningoneth0,linktypeEN10MB(Ethernet),capturesize96bytes 14:34:50.913995IPvalh4.lell.net.ssh>yy.domain.innetbcp.net.11006:P1457239478:1457239594(116)ack 1561461262win63652 E.....@.@..]..i...9...*.V ...]...P ....h....E...>{..U=...g. ......G..7\+KA....A...L. 14:34:51.423640IPvalh4.lell.net.ssh>yy.domain.innetbcp.net.11006:P116:232(116)ack1win63652 E.....@.@..\..i...9...*.V ..*]...P ....h....7......X..!....Im.S.g.u:*..O&....^#Ba... E..(R.@.|.....9...i.*...]...V ..*P ..OWp........

Note:Ifconfigcommandisusedtoconfigurenetworkinterfaces

4.DisplayCapturedPacketsinHEXandASCIIusingtcpdumpXX
Someusersmightwanttoanalysethepacketsinhexvalues.tcpdumpprovidesawaytoprintpackets inbothASCIIandHEXformat.
$tcpdumpXXieth0 18:52:54.859697IPzz.domain.innetbcp.net.63897>valh4.lell.net.ssh:.ack232win16511 0x0000:0050569c35a30019bb1c0c0008004500.PV .5.........E. 0x0010:0028042a40007906c89c10b5aaf60f9a.(.*@.y......... 0x0020:69c4f999001657db6e08c712ea2e5010i.....W.n.....P . 0x0030:407fc9760000000000000000@..v........ 18:52:54.877713IP10.0.0.0>allsystems.mcast.net:igmpqueryv3[maxresptime1s] 0x0000:0050569c35a300000000000008004600.PV .5.........F. 0x0010:00240000000001023ad30a000000e000.$......:....... 0x0020:0001940400001101ebfe000000000300................ 0x0030:000000000000000000000000............

5.Capturethepacketsandwriteintoafileusingtcpdumpw
tcpdumpallowsyoutosavethepacketstoafile,andlateryoucanusethepacketfileforfurther analysis.
$tcpdumpw08232010.pcapieth0 tcpdump:listeningoneth0,linktypeEN10MB(Ethernet),capturesize96bytes 32packetscaptured 32packetsreceivedbyfilter 0packetsdroppedbykernel

woptionwritesthepacketsintoagivenfile.Thefileextensionshouldbe.pcap,whichcanberead byanynetworkprotocol analyzer.

6.Readingthepacketsfromasavedfileusingtcpdumpr

Youcanreadthecapturedpcapfileandviewthepacketsforanalysis,asshownbelow.
$tcpdumpttttrdata.pcap 2010082221:35:26.57179300:50:56:9c:69:38(ouiUnknown)>Broadcast,ethertypeUnknown(0xcafe),length74: 0x0000:0200000affff0000ffff0c003c000000............<... 0x0010:00000000010000803e9e290000000000........>.)..... 0x0020:00000000ffffffffad00996b06000050...........k...P 0x0030:569c6938000000008e070000V .i8........ 2010082221:35:26.571797IPvalh4.lell.net.ssh>zz.domain.innetbcp.net.50570:P800464396:800464448(52)ack 203316566win71 2010082221:35:26.571800IPvalh4.lell.net.ssh>zz.domain.innetbcp.net.50570:P52:168(116)ack1win71 2010082221:35:26.584865IPvalh5.lell.net.ssh>11.154.12.255.netbiosns:NBTUDPPACKET(137):QUERY; REQUEST;BROADC

7.CapturepacketswithIPaddressusingtcpdumpn
Inalltheaboveexamples,itprintspacketswiththeDNSaddress,butnottheipaddress.The followingexamplecapturesthepacketsanditwilldisplaytheIPaddressofthemachinesinvolved.
$tcpdumpnieth0 15:01:35.170763IP10.0.19.121.52497>11.154.12.121.ssh:P105:157(52)ack18060win16549 15:01:35.170776IP11.154.12.121.ssh>10.0.19.121.52497:P23988:24136(148)ack157win113 15:01:35.170894IP11.154.12.121.ssh>10.0.19.121.52497:P24136:24380(244)ack157win113

8.Capturepacketswithproperreadabletimestampusingtcpdumptttt
$tcpdumpnttttieth0 2010082215:10:39.162830IP10.0.19.121.52497>11.154.12.121.ssh:.ack49800win16390 2010082215:10:39.162833IP10.0.19.121.52497>11.154.12.121.ssh:.ack50288win16660 2010082215:10:39.162867IP10.0.19.121.52497>11.154.12.121.ssh:.ack50584win16586

9.ReadpacketslongerthanNbytes
Youcanreceiveonlythepacketsgreaterthannnumberofbytesusingafiltergreaterthrough tcpdumpcommand
$tcpdumpwg_1024.pcapgreater1024

10.Receiveonlythepacketsofaspecificprotocoltype
Youcanreceivethepacketsbasedontheprotocoltype.Youcanspecifyoneoftheseprotocols fddi,tr,wlan,ip,ip6,arp,rarp,decnet,tcpandudp.Thefollowingexamplecapturesonlyarppackets flowingthroughtheeth0interface.
$tcpdumpieth0arp tcpdump:verboseoutputsuppressed,usevorvvforfullprotocoldecode listeningoneth0,linktypeEN10MB(Ethernet),capturesize96bytes 19:41:52.809642arpwhohasvalh5.lell.nettellvalh9.lell.net 19:41:52.863689arpwhohas11.154.12.1tellvalh6.lell.net 19:41:53.024769arpwhohas11.154.12.1tellvalh7.lell.net

11.ReadpacketslesserthanNbytes
Youcanreceiveonlythepacketslesserthannnumberofbytesusingafilterlessthroughtcpdump command
$tcpdumpwl_1024.pcapless1024

12.Receivepacketsflowsonaparticularportusingtcpdumpport
Ifyouwanttoknowallthepacketsreceivedbyaparticularportonamachine,youcanusetcpdump commandasshownbelow.
$tcpdumpieth0port22 19:44:44.934459IPvalh4.lell.net.ssh>zz.domain.innetbcp.net.63897:P18932:19096(164)ack105win71 19:44:44.934533IPvalh4.lell.net.ssh>zz.domain.innetbcp.net.63897:P19096:19260(164)ack105win71 19:44:44.934612IPvalh4.lell.net.ssh>zz.domain.innetbcp.net.63897:P19260:19424(164)ack105win71

13.CapturepacketsforparticulardestinationIPandPort
ThepacketswillhavesourceanddestinationIPandportnumbers.Usingtcpdumpwecanapply filtersonsourceordestinationIPandportnumber.Thefollowingcommandcapturespacketsflows ineth0,withaparticulardestinationipandportnumber22.
$tcpdumpwxpackets.pcapieth0dst10.181.140.216andport22

14.CaptureTCPcommunicationpacketsbetweentwohosts
Iftwodifferentprocessfromtwodifferentmachinesarecommunicatingthroughtcpprotocol,wecan capturethosepacketsusingtcpdumpasshownbelow.
$tcpdumpwcomm.pcapieth0dst16.181.170.246andport22

Youcanopenthefilecomm.pcapusinganynetworkprotocolanalyzertooltodebuganypotential issues.

15.tcpdumpFilterPacketsCaptureallthepacketsotherthanarpandrarp

Intcpdumpcommand,youcangiveand,orandnotconditiontofilterthepacketsaccordingly.
$tcpdumpieth0notarpandnotrarp 20:33:15.479278IPresolver.lell.net.domain>valh4.lell.net.64639:269291/0/0(73) 20:33:15.479890IPvalh4.lell.net.16053>resolver.lell.net.domain:56556+PTR?255.107.154.15.inaddr.arpa.(45) 20:33:15.480197IPvalh4.lell.net.ssh>zz.domain.innetbcp.net.63897:P540:1504(964)ack1win96 20:33:15.487118IPzz.domain.innetbcp.net.63897>valh4.lell.net.ssh:.ack540win16486 20:33:15.668599IP10.0.0.0>allsystems.mcast.net:igmpqueryv3[maxresptime1s]

47. Manage partition using fdisk :Usingfdiskyoucancreateamaximumoffourprimarypartition, deleteanexistingpartition,orchangeexistingpartition.Usingfidskyouareallowedtocreatea maximumoffourprimarypartition,andanynumberoflogicalpartitions,basedonthesizeofthe disk.


7LinuxfdiskCommandExamplestoManageHardDiskPartition byB AL AK RIS H NA N M ARIYAPPA N onSEPTEMBER14,2010

OnLinuxdistributions,fdiskisthebesttoolto managediskpartitions.fdiskisatextbasedutility. Usingfdiskyoucancreateanewpartition,deleteanexisting partition,orchangeexistingpartition. Usingfidskyouareallowedtocreateamaximumoffourprimary partition,andanynumberoflogicalpartitions,basedonthesizeof thedisk. Keepinmindthatanysinglepartitionrequiresaminimumsizeof 40MB. Inthisarticle,letusreviewhowtousefdiskcommandusing practicalexamples. Warning:Dontdelete,modify,oraddpartition,ifyoudontknow whatyouaredoing.Youwillloseyourdata!

1.ViewAllExistingDiskPartitionsUsingfdiskl

Beforeyoucreateanewpartition,ormodifyanexistingpartition, youmightwanttoviewallavailablepartitioninthesystem. Usefdiskltoviewallavailablepartitionsasshownbelow.


#fdiskl Disk/dev/sda:80.0GB,80026361856bytes 255heads,63sectors/track,9729cylinders Units=cylindersof16065*512=8225280bytes Diskidentifier:0xf6edf6ed DeviceBootStartEndBlocksIdSystem /dev/sda11195915735636cW95FAT32(LBA) /dev/sda21960528326700030fW95Ext'd(LBA) /dev/sda35284652810000462+7HPFS/NTFS

/dev/sda46529972925712032+cW95FAT32(LBA) /dev/sda5*19602661563875283Linux /dev/sda626622904195186683Linux /dev/sda729053147195186683Linux /dev/sda83148326493977182Linuxswap/Solaris /dev/sda93265528316217586bW95FAT32

Theabovewilllistpartitionsfromalltheconnectedharddisks.Whenyouhavemorethanonedisk onthesystem,thepartitionslistareorderedbythedevices/devname.Forexample,/dev/sda, /dev/sdb,/dev/sdcandsoon.

2.ViewPartitionsofaSpecificHardDiskusingfdiskl/dev/sd{a}
Toviewallpartitionsofthe/dev/sdaharddisk,dothefollowing.
#fdiskl/dev/sda

ViewallfdiskCommandsUsingfdiskCommandm
Usefdiskcommandm,toviewallavailablefdiskcommandsasshownbelow.
#fdisk/dev/sda Thenumberofcylindersforthisdiskissetto9729. Thereisnothingwrongwiththat,butthisislargerthan1024, andcouldincertainsetupscauseproblemswith: 1)softwarethatrunsatboottime(e.g.,oldversionsofLILO) 2)bootingandpartitioningsoftwarefromotherOSs (e.g.,DOSFDISK,OS/2FDISK) Command(mforhelp):m Commandaction atoggleabootableflag beditbsddisklabel ctogglethedoscompatibilityflag ddeleteapartition llistknownpartitiontypes mprintthismenu naddanewpartition ocreateanewemptyDOSpartitiontable pprintthepartitiontable qquitwithoutsavingchanges screateanewemptySundisklabel tchangeapartition'ssystemid uchangedisplay/entryunits vverifythepartitiontable wwritetabletodiskandexit xextrafunctionality(expertsonly)

3.DeleteaHardDiskPartitionUsingfdiskCommandd
Letusassumethatyouliketocombineseveralpartitions(forexample,/dev/sda6,/dev/sda7and /dev/sda8)intoasinglediskpartition.Todothis,youshouldfirstdeleteallthoseindividual partitions,asshownbelow.
#fdisk/dev/sda Thenumberofcylindersforthisdiskissetto9729. Thereisnothingwrongwiththat,butthisislargerthan1024,

andcouldincertainsetupscauseproblemswith: 1)softwarethatrunsatboottime(e.g.,oldversionsofLILO) 2)bootingandpartitioningsoftwarefromotherOSs (e.g.,DOSFDISK,OS/2FDISK) Command(mforhelp):p Disk/dev/sda:80.0GB,80026361856bytes 255heads,63sectors/track,9729cylinders Units=cylindersof16065*512=8225280bytes Diskidentifier:0xf6edf6ed DeviceBootStartEndBlocksIdSystem /dev/sda11195915735636cW95FAT32(LBA) /dev/sda21960528326700030fW95Ext'd(LBA) /dev/sda35284652810000462+7HPFS/NTFS /dev/sda46529972925712032+cW95FAT32(LBA) /dev/sda5*19602661563875283Linux /dev/sda626622904195186683Linux /dev/sda729053147195186683Linux /dev/sda83148326493977182Linuxswap/Solaris /dev/sda93265528316217586bW95FAT32 Command(mforhelp):d Partitionnumber(19):8 Command(mforhelp):d Partitionnumber(18):7 Command(mforhelp):d Partitionnumber(17):6 Command(mforhelp):w Thepartitiontablehasbeenaltered! Callingioctl()torereadpartitiontable. WARNING:Rereadingthepartitiontablefailedwitherror16:Deviceorresourcebusy. Thekernelstillusestheoldtable.Thenewtablewillbeusedat thenextrebootorafteryourunpartprobe(8)orkpartx(8) Syncingdisks.

4.CreateaNewDiskPartitionwithSpecificSizeUsingfdiskCommandn
Onceyouvedeletedalltheexistingpartitions,youcancreateanewpartitionusingallavailable spaceasshownbelow.
#fdisk/dev/sda Thenumberofcylindersforthisdiskissetto9729. Thereisnothingwrongwiththat,butthisislargerthan1024, andcouldincertainsetupscauseproblemswith: 1)softwarethatrunsatboottime(e.g.,oldversionsofLILO) 2)bootingandpartitioningsoftwarefromotherOSs

(e.g.,DOSFDISK,OS/2FDISK) Command(mforhelp):n Firstcylinder(26625283,default2662): Usingdefaultvalue2662 Lastcylinder,+cylindersor+size{K,M,G}(26623264,default3264): Usingdefaultvalue3264

Intheaboveexample,fdiskncommandisusedtocreatenewpartitionwiththespecificsize.While creatinganewpartition,itexpectsfollowingtwoinputs. Startingcylindernumberofthepartitiontobecreate(Firstcylinder). Sizeofthepartition(or)thelastcylindernumber(Lastcylinder,+cylindersor+size). Pleasekeepinmindthatyoushouldissuethefdiskwritecommand(w)afteranymodifications.


Command(mforhelp):w Thepartitiontablehasbeenaltered! Callingioctl()torereadpartitiontable. WARNING:Rereadingthepartitiontablefailedwitherror16:Deviceorresourcebusy. Thekernelstillusestheoldtable.Thenewtablewillbeusedat thenextrebootorafteryourunpartprobe(8)orkpartx(8) Syncingdisks.

Afterthepartitioniscreated,formatitusingthemkfs command asshownbelow.


#mkfs.ext3/dev/sda7

5.ViewtheSizeofanexistingPartitionUsingfdisks
Asshownbelow,fdisksdisplaysthesizeofthepartitioninblocks.
#fdisks/dev/sda7 4843566

Theaboveoutputcorrespondstoabout4900MB.

6.ToggletheBootFlagofaPartitionUsingfdiskCommanda
Fdiskcommanddisplaysthebootflagofeachpartition.Whenyouwanttodisableorenabletheboot flagonthecorrespondingpartition,dothefollowing. Ifyoudontknowwhyareyouaredoingthis,youllmessupyoursystem.
#fdisk/dev/sda Thenumberofcylindersforthisdiskissetto9729. Thereisnothingwrongwiththat,butthisislargerthan1024, andcouldincertainsetupscauseproblemswith: 1)softwarethatrunsatboottime(e.g.,oldversionsofLILO) 2)bootingandpartitioningsoftwarefromotherOSs (e.g.,DOSFDISK,OS/2FDISK) Command(mforhelp):p Disk/dev/sda:80.0GB,80026361856bytes 255heads,63sectors/track,9729cylinders Units=cylindersof16065*512=8225280bytes Diskidentifier:0xf6edf6ed DeviceBootStartEndBlocksIdSystem

/dev/sda11195915735636cW95FAT32(LBA) /dev/sda21960528326700030fW95Ext'd(LBA) /dev/sda35284652810000462+7HPFS/NTFS /dev/sda46529972925712032+cW95FAT32(LBA) /dev/sda5*19602661563875283Linux /dev/sda63265528316217586bW95FAT32 /dev/sda726623264484356683Linux Partitiontableentriesarenotindiskorder Command(mforhelp):a Partitionnumber(17):5 Command(mforhelp):p Disk/dev/sda:80.0GB,80026361856bytes 255heads,63sectors/track,9729cylinders Units=cylindersof16065*512=8225280bytes Diskidentifier:0xf6edf6ed DeviceBootStartEndBlocksIdSystem /dev/sda11195915735636cW95FAT32(LBA) /dev/sda21960528326700030fW95Ext'd(LBA) /dev/sda35284652810000462+7HPFS/NTFS /dev/sda46529972925712032+cW95FAT32(LBA) /dev/sda519602661563875283Linux /dev/sda63265528316217586bW95FAT32 /dev/sda726623264484356683Linux Partitiontableentriesarenotindiskorder Command(mforhelp):

Asseenabove,thebootflagisdisabledonthepartition/dev/sda5.

7.FixPartitionTableOrderUsingfdiskExpertCommandf
Whenyoudeletealogicalpartition,andrecreateitagain,youmightseethepartitionoutoforder issue.i.ePartitiontableentriesarenotindiskordererrormessage. Forexample,whenyoudeletethreelogicalpartitions(sda6,sda7andsda8),andcreateanew partition,youmightexpectthenewpartitionnametobesda6.But,thesystemmightvecreatedthe newpartitionassda7.Thisisbecause,afterthepartitionsaredeleted,sda9partitionhasbeenmoved assda6andthefreespaceismovedtotheend. Tofixthispartitionorderissue,andassignsda6tothenewlycreatedpartition,executetheexpert commandfasshownbelow.
$fdisk/dev/sda Thenumberofcylindersforthisdiskissetto9729. Thereisnothingwrongwiththat,butthisislargerthan1024, andcouldincertainsetupscauseproblemswith: 1)softwarethatrunsatboottime(e.g.,oldversionsofLILO) 2)bootingandpartitioningsoftwarefromotherOSs (e.g.,DOSFDISK,OS/2FDISK)

Command(mforhelp):p Disk/dev/sda:80.0GB,80026361856bytes 255heads,63sectors/track,9729cylinders Units=cylindersof16065*512=8225280bytes Diskidentifier:0xf6edf6ed DeviceBootStartEndBlocksIdSystem /dev/sda11195915735636cW95FAT32(LBA) /dev/sda21960528326700030fW95Ext'd(LBA) /dev/sda35284652810000462+7HPFS/NTFS /dev/sda46529972925712032+cW95FAT32(LBA) /dev/sda5*19602661563875283Linux /dev/sda63265528316217586bW95FAT32 /dev/sda726623264484356683Linux Partitiontableentriesarenotindiskorder Command(mforhelp):x Expertcommand(mforhelp):f Done. Expertcommand(mforhelp):w Thepartitiontablehasbeenaltered! Callingioctl()torereadpartitiontable. WARNING:Rereadingthepartitiontablefailedwitherror16:Deviceorresourcebusy. Thekernelstillusestheoldtable.Thenewtablewillbeusedat thenextrebootorafteryourunpartprobe(8)orkpartx(8) Syncingdisks.

Oncethepartitiontableorderisfixed,youllnotgetthePartitiontableentriesarenotindiskorder errormessageanymore.
#fdiskl Disk/dev/sda:80.0GB,80026361856bytes 255heads,63sectors/track,9729cylinders Units=cylindersof16065*512=8225280bytes Diskidentifier:0xf6edf6ed DeviceBootStartEndBlocksIdSystem /dev/sda11195915735636cW95FAT32(LBA) /dev/sda21960528326700030fW95Ext'd(LBA) /dev/sda35284652810000462+7HPFS/NTFS /dev/sda46529972925712032+cW95FAT32(LBA) /dev/sda5*19602661563875283Linux /dev/sda626623264484356683Linux /dev/sda73265528316217586bW95FAT32

48. VMWare fundamentals :Atsomepointeverysysadminshoulddealwithvirtualization. VMWareisaverypopularchoisetovirtualizeyourserverenvironment.Thisarticlewillprovidethe fundamentalinformationforyoutogetajumpstartonVMWare.


VMwareVirtualizationFundamentalsVMwareServerandVMwareESXi byRAM ES H NATARAJA N onJUNE2,2010

WearestartinganewseriesofarticlesonVMwarethatwillhelpyouinstall,configure andmaintainVMwareenvironments. InthisfirstpartoftheVMwareseries,letusdiscussthefundamentalconceptsofvirtualizationand reviewtheVMwarevirtualizationimplementationoptions. Followingarefewreasonswhyyoumightwanttothinkaboutvirtualizationforyourenvironment. Runmultipleoperationsystemsononeserver.Forexample,insteadofhavingdevelopmentserver andQAserver,youcanrunbothdevelopmentandQAonasingleserver. YoucanhavemultipleflavoursofOSononeserver.Forexample,youcanrun2LinuxOS,1Windows OSonasingleserver. MultipleOSrunningontheserversharesthehardwareresourcesamongthem.Forexample,CPU, RAM,networkdevicesaresharedamongdevelopmentserverandQAserverrunningonthesame hardware. Allocatehardwareresourcestodifferentapplicationsbasedontheutilization.Forexample,ifyou have8GBofRAMontheserver,youcanassignlessRAMtoonevirtualmachine(2GBto developmentserver)andmoreRAM(6GBtoQAserver)toanothervirtualmachinethatisrunning onthatserver Highavailabilityandbusinesscontinuity.IfVMwareisimplementedproperly,youcanmigratea virtualmachinefromoneservertoanotherserverquicklywithoutanydowntime. Thisreducestheoperationalcostandpowerconsumption.Forexample,insteadofbuyingand runningtwoservers,youwillbeusingonlyoneserverandrunbothdevelopmentandQAonit. Onahighlevel,therearetwowaysforyoutogetstartedonthevirtualizationusingVMware products.BothoftheseareavailableforfreefromVMware.

1.VMwareServer

VMwareServerrunsontopofanexistinghostoperatingsystem(eitherLinuxorWindows).Thisisa goodoptiontogetstarted,asyoucanuseanyoftheexistinghardwarealongwithitsOS.VMware serveralsosupport64bithostandguestoperatingsystem.YoualsogetVMwareInfrastructureweb accessmanagementinterfaceandVirtualMachineconsole. Fig:VirtualMachinerunningontopofVMwareServer VMwareESXiisbasedonthehypervisorarchitecture.VMwareESXirunsdirectlyonthehardware withouttheneedofanyhostoperatingsystem,whichmakesisextremelyeffectiveintermsof performance.ThisisthebestoptiontoimplementVMwareforproductionusage. Fig:VirtualMachinerunningontopofVMwareESXi FollowingaresomeofthekeyfeaturesofVMwareESXi: Memorycompression,overcommitmentanddeduplication. builtinhighavailablewithNICteamingandHBAmultipathing. IntelligentCPUvirtualization

2.VMwareESXi

Highlycompatiblewithvariousservershardware,storageandOS. AdvancedsecuritywithVMSafe,VMKernelprotectionandencryption. Easymanagementusingvsphereclient,vCenterserverandcommandlineinterface 49. Rotate the logs automatically :Manginglogfilesisanimportatpartofsysadminlife.logrotate makeiteasybyallowingyoutosetupautomaticalogrotationbasedonseveralconfigurations.Using logrotateyoucanalsoconfigureittoexecutecustomshellscriptsimmediatelyafterlogrotation.

HowTo:TheUltimateLogrotateCommand Tutorialwith10Examples
byBALAKRISHNANMARIYAPPAN onJULY14,2010
ManaginglogfileseffectivelyisanessentialtaskforLinuxsysadmin. Inthisarticle,letusdiscusshowtoperformfollowinglogfileoperationsusingUNIXlogrotateutility. Rotatethelogfilewhenfilesizereachesaspecificsize Continuetowritetheloginformationtothenewlycreatedfileafterrotatingtheoldlogfile Compresstherotatedlogfiles Specifycompressionoptionfortherotatedlogfiles Rotatetheoldlogfileswiththedateinthefilename Executecustomshellscriptsimmediatelyafterlogrotation Removeolderrotatedlogfiles

1.LogrotateConfigurationfiles
Followingarethekeyfilesthatyoushouldbeawareofforlogrotatetoworkproperly. /usr/sbin/logrotateThelogrotatecommanditself. /etc/cron.daily/logrotateThisshellscriptexecutesthelogrotatecommandeveryday. $cat/etc/cron.daily/logrotate #!/bin/sh
/usr/sbin/logrotate/etc/logrotate.conf EXITVALUE=$? if[$EXITVALUE!=0];then /usr/bin/loggertlogrotate"ALERTexitedabnormallywith[$EXITVALUE]" fi exit0

/etc/logrotate.confLogrotationconfigurationforallthelogfilesarespecifiedinthisfile. $cat/etc/logrotate.conf weekly rotate4 create include/etc/logrotate.d /var/log/wtmp{ monthly minsize1M

create0664rootutmp rotate1 }

/etc/logrotate.dWhenindividualpackagesareinstalledonthesystem,theydropthelogrotationconfiguration informationinthisdirectory.Forexample,yumlogrotateconfigurationinformationisshownbelow. $cat/etc/logrotate.d/yum /var/log/yum.log{ missingok notifempty size30k yearly create0600rootroot }

2.Logrotatesizeoption:Rotatethelogfilewhenfilesizereachesaspecificlimit
Ifyouwanttorotatealogfile(forexample,/tmp/output.log)forevery1KB,createthelogrotate.confasshown below. $catlogrotate.conf /tmp/output.log{ size1k create700balabala rotate4 } Thislogrotateconfigurationhasfollowingthreeoptions: size1klogrotaterunsonlyifthefilesizeisequalto(orgreaterthan)thissize. createrotatetheoriginalfileandcreatethenewfilewithspecifiedpermission,userandgroup. rotatelimitsthenumberoflogfilerotation.So,thiswouldkeeponlytherecent4rotatedlogfiles. Beforethelogrotation,followingisthesizeoftheoutput.log: $lsl/tmp/output.log rwrr1balabala258682010060921:19/tmp/output.log Now,runthelogrotatecommandasshownbelow.Optionsspecifiesthefilenametowritethelogrotatestatus. $logrotates/var/log/logstatuslogrotate.conf Note:wheneveryouneedoflogrotationforsomefiles,preparethelogrotateconfigurationandrunthelogroate commandmanually. Afterthelogrotation,followingisthesizeoftheoutput.log: $lsl/tmp/output* rwrr1balabala258682010060921:20output.log.1 rwx1balabala02010060921:20output.log Eventuallythiswillkeepfollowingsetupofrotatedlogfiles. output.log.4. output.log.3 output.log.2 output.log.1 output.log Pleaserememberthatafterthelogrotation,thelogfilecorrespondstotheservicewouldstillpointtorotatedfile (output.log.1)andkeepsonwritinginit.Youcanusetheabovemethod,ifyouwanttorotate theapacheaccess_logorerror_logevery5MB.

Ideally,youshouldmodifythe/etc/logrotate.conftospecifythelogrotateinformationforaspecificlogfile. Also,ifyouarehavinghugelogfiles,youcanuse:10 Awesome Examples for Viewing Huge Log Files in Unix

3.Logrotatecopytruncateoption:Continuetowritetheloginformationinthenewly createdfileafterrotatingtheoldlogfile.
$catlogrotate.conf /tmp/output.log{ size1k copytruncate rotate4 }

copytruncateinstructlogrotatetocreatesthecopyoftheoriginalfile(i.erotatetheoriginallogfile)andtruncates theoriginalfiletozerobytesize.Thishelpstherespectiveservicethatbelongstothatlogfilecanwritetothe properfile. Whilemanipulatinglogfiles,youmightfindthesed substitute ,sed delete tipshelpful.

4.Logrotatecompressoption:Compresstherotatedlogfiles
Ifyouusethecompressoptionasshownbelow,therotatedfileswillbecompressedwithgziputility. $catlogrotate.conf /tmp/output.log{ size1k copytruncate create700balabala rotate4 compress } Outputofcompressedlogfile: $ls/tmp/output* output.log.1.gzoutput.log

5.Logrotatedateextoption:Rotatetheoldlogfilewithdateinthelogfilename
$catlogrotate.conf /tmp/output.log{ size1k copytruncate create700balabala dateext rotate4 compress }

Aftertheaboveconfiguration,youllnoticethedateintherotatedlogfileasshownbelow. $lslrt/tmp/output* rwrr1balabala89802010060922:10output.log20100609.gz rwxrwxrwx1balabala02010060922:11output.log Thiswouldworkonlyonceinaday.Becausewhenittriestorotatenexttimeonthesameday,earlierrotatedfile willbehavingthesamefilename.So,thelogrotatewontbesuccessfulafterthefirstrunonthesameday. Typicallyyoumightusetailftoviewtheoutputofthelogfileinrealtime.Youcanevencombine multiple tail f outputanddisplayitonsingleterminal.

6.Logrotatemonthly,daily,weeklyoption:Rotatethelogfileweekly/daily/monthly
Fordoingtherotationmonthlyonce,

$catlogrotate.conf /tmp/output.log{ monthly copytruncate rotate4 compress }

Addtheweeklykeywordasshownbelowforweeklylogrotation. $catlogrotate.conf /tmp/output.log{ weekly copytruncate rotate4 compress } Addthedailykeywordasshownbelowforeverydaylogrotation.Youcanalsorotatelogshourly. $catlogrotate.conf /tmp/output.log{ daily copytruncate rotate4 compress }

7.Logrotatepostrotateendscriptoption:Runcustomshellscriptsimmediatelyafter logrotation
Logrotateallowsyoutorunyourowncustomshellscriptsafteritcompletesthelogfilerotation.Thefollowing configurationindicatesthatitwillexecutemyscript.shafterthelogrotation. $catlogrotate.conf /tmp/output.log{ size1k copytruncate rotate4 compress postrotate /home/bala/myscript.sh endscript }

8.Logrotatemaxageoption:Removeolderrotatedlogfiles
Logrotateautomaticallyremovestherotatedfilesafteraspecificnumberofdays.Thefollowingexampleindicates thattherotatedlogfileswouldberemovedafter100days. $catlogrotate.conf /tmp/output.log{ size1k copytruncate rotate4 compress maxage100 }

9.Logrotatemissingokoption:Dontreturnerrorifthelogfileismissing
Youcanignoretheerrormessagewhentheactualfileisnotavailablebyusingthisoptionasshownbelow. $catlogrotate.conf /tmp/output.log{ size1k copytruncate rotate4 compress missingok }

10.Logrotatecompresscmdandcompressextoption:Sspecifycompressioncommand forthelogfilerotation
$catlogrotate.conf /tmp/output.log{ size1k copytruncate create compress compresscmd/bin/bzip2 compressext.bz2 rotate4 }

Followingcompressionoptionsarespecifiedabove: compressIndicatesthatcompressionshouldbedone. compresscmdSpecifywhattypeofcompressioncommandshouldbeused.Forexample:/bin/bzip2 compressextSpecifytheextensionontherotatedlogfile.Withoutthisoption,therotatedfilewouldhavethe defaultextensionas.gz.So,ifyouusebzip2compressioncmd,specifytheextensionas.bz2asshownintheabove example.

50. Passwordless SSH login setup :Usingsshkeygenandsshcopyidyoucansetuppasswordless logintoremoteLinuxserver.sshkeygencreatesthepublicandprivatekeys.sshcopyidcopiesthe localhostspublickeytotheremotehostsauthorized_keysfile. 3StepstoPerformSSHLoginWithoutPasswordUsingsshkeygen&sshcopyid

YoucanlogintoaremoteLinuxserverwithoutenteringpasswordin3simplestepsusingssky keygenandsshcopyidasexplainedinthisarticle. sshkeygencreatesthepublicandprivatekeys.sshcopyidcopiesthelocalhostspublickeytothe remotehostsauthorized_keysfile.sshcopyidalsoassignsproperpermissiontotheremotehosts home,~/.ssh,and~/.ssh/authorized_keys. Thisarticlealsoexplains3minorannoyancesofusingsshcopyidandhowtousesshcopyidalong

withsshagent.

Step1:Createpublicandprivatekeysusingsshkeygenonlocalhost
jsmith@localhost$[Note:Youareonlocalhosthere] jsmith@localhost$sshkeygen Generatingpublic/privatersakeypair. Enterfileinwhichtosavethekey(/home/jsmith/.ssh/id_rsa):[Enterkey] Enterpassphrase(emptyfornopassphrase):[Pressenterkey] Entersamepassphraseagain:[Pessenterkey] Youridentificationhasbeensavedin/home/jsmith/.ssh/id_rsa. Yourpublickeyhasbeensavedin/home/jsmith/.ssh/id_rsa.pub. Thekeyfingerprintis: 33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9jsmith@localhost

Step2:Copythepublickeytoremotehostusingsshcopyid
jsmith@localhost$sshcopyidi~/.ssh/id_rsa.pubremotehost jsmith@remotehost'spassword: Nowtryloggingintothemachine,with"ssh'remotehost'",andcheckin: .ssh/authorized_keys tomakesurewehaven'taddedextrakeysthatyouweren'texpecting.

Note:sshcopyidappendsthekeystotheremotehosts.ssh/authorized_key.

Step3:Logintoremotehostwithoutenteringthepassword
jsmith@localhost$sshremotehost Lastlogin:SunNov1617:22:332008from192.168.1.2 [Note:SSHdidnotaskforpassword.] jsmith@remotehost$[Note:Youareonremotehosthere]

Theabove3simplestepsshouldgetthejobdoneinmostcases. WealsodiscussedearlierindetailaboutperformingSSHandSCPfromopenSSH to openSSH without enteringpassword. IfyouareusingSSH2,wediscussedearlieraboutperformingSSHandSCPwithoutpassword fromSSH2 to SSH2 ,fromOpenSSH to SSH2 andfromSSH2 to OpenSSH .

Usingsshcopyidalongwiththesshadd/sshagent
jsmith@localhost$sshcopyidiremotehost /usr/bin/sshcopyid:ERROR:Noidentitiesfound

WhennovalueispassedfortheoptioniandIf~/.ssh/identity.pubisnotavailable,sshcopyidwill displaythefollowingerrormessage.

Ifyouhaveloadedkeystothesshagentusingthesshadd,thensshcopyidwillgetthekeysfrom thesshagenttocopytotheremotehost.i.e,itcopiesthekeysprovidedbysshaddLcommandtothe remotehost,whenyoudontpassoptionitothesshcopyid.


jsmith@localhost$sshagent$SHELL jsmith@localhost$sshaddL Theagenthasnoidentities.

jsmith@localhost$sshadd Identityadded:/home/jsmith/.ssh/id_rsa(/home/jsmith/.ssh/id_rsa) jsmith@localhost$sshaddL sshrsaAAAAB3NzaC1yc2EAAAABIwAAAQEAsJIEILxftj8aSxMa3d8t6JvM79DyBV aHrtPhTYpq7kIEMUNzApnyxsHpH1tQ/Ow==/home/jsmith/.ssh/id_rsa jsmith@localhost$sshcopyidiremotehost jsmith@remotehost'spassword: Nowtryloggingintothemachine,with"ssh'remotehost'",andcheckin: .ssh/authorized_keys tomakesurewehaven'taddedextrakeysthatyouweren'texpecting. [Note:ThishasaddedthekeydisplayedbysshaddL]

ThreeMinorAnnoyancesofsshcopyid

Followingarefewminorannoyancesofthesshcopyid. 1. Defaultpublickey:sshcopyiduses~/.ssh/identity.pubasthedefaultpublickeyfile(i.ewhenno valueispassedtooptioni).Instead,Iwishitusesid_dsa.pub,orid_rsa.pub,oridentity.pubas defaultkeys.i.eIfanyoneofthemexist,itshouldcopythattotheremotehost.Iftwoorthreeof themexist,itshouldcopyidentity.pubasdefault. 2. Theagenthasnoidentities:WhenthesshagentisrunningandthesshaddLreturnsTheagent hasnoidentities(i.enokeysareaddedtothesshagent),thesshcopyidwillstillcopythemessage Theagenthasnoidentitiestotheremotehostsauthorized_keysentry. 3. Duplicateentryinauthorized_keys:Iwishsshcopyidvalidatesduplicateentryontheremote hostsauthorized_keys.Ifyouexecutesshcopyidmultipletimesonthelocalhost,itwillkeep appendingthesamekeyontheremotehostsauthorized_keysfilewithoutcheckingforduplicates. Evenwithduplicateentrieseverythingworksasexpected.But,Iwouldliketohavemy authorized_keysfileclutterfree. Ifyoulikethisarticle,pleasebookmarkitonDeliciousandStumbleit.