Saturday, November 13, 2010

How to convert from ext3 to ext2 file system?

■ Requirement : How to convert from ext3 to ext2 file system
■ OS Environment : Linux[RHEL, Centos]
■ Application: tune3fs
■ Assumption : FS is on /dev/hda and mounted on /home
■ Implementation Steps : 

1. Unmount file-system : 

$umount /dev/hda1

2. Now change the file system type to ext2 by typing the following command :

$ tune2fs -O ^has_journal /dev/hda1

3. Verify that there are no error:

$e2fsck -y /dev/hda1

4. Mount the file system to original mount point (for example /home or /mnt):

mount -t ext2 /dev/hda1 /home

5. Go to mount point and remove .journal file

$ rm -f .journal

How to convert ext2 to ext3 file system?

■ Requirement : How to convert ext2 to ext3 file system
■ OS Environment : Linux[RHEL, Centos]
■ Application: tune2fs
■ Implementation Steps : 

       The ext2 or second extended filesystem is a file system for the Linux kernel, and the ext3 is a journaled file system. The ext3’s main advantage over ext2 is journaling which improves reliability and eliminates the need to check the file system after an unclean shutdown. Journaling process file system log convert file system during disk, if any problem arise it will be reconstructed it will be done by tune2fs tune to ext3 file system,While the power failure occur, Journalism File system restore pre-crash data store on the disk. It will also restore unsaved data.

1. unmount hda1 and tune it by journel like :

2.  Enable journalling : 

$ tune2fs -c 0 -i 30 -j /dev/hda1

3. then mount it.

NOTE :
c : number of mounts after which the filesystem will be checked by e2fsck. If it's is 0 or -1, the number of times the filesystem is mounted will be disregarded by e2fsck and the kernel
i : Adjust the maximal time between two filesystem checks. Use it with c option.


Wednesday, November 10, 2010

How to enable swap space on xen VPS?

■ Requirement : Enable swap space on xen VPS
■ OS Environment : Linux[RHEL, Centos]
■ Application:mkswap
■ Implementation Steps : 

dd if=/dev/zero of=/swap bs=1024 count=1048576
$ mkswap /swap
$ chmod 0600 /swap

Edit /etc/fstab & put following entry :

/swap swap swap defaults,noatime 0 0

$swapon -a
$ free -m

Tuesday, November 9, 2010

Why I did encounter error " ftp: connect: Connection refused" ?

■  Error  : "ftp: connect: Connection refused"
■ OS Environment : Linux[RHEL, Centos]
■ Application: pure-ftpd, iptables
■ Resolution : 

    If you get this type of error message, please check the server's firewall first. I have faced this error message during connecting to the FTP server. In my case, passive ports ranges were not enabled in the FTP and iptables firewall.

PassivePortRange 30000 50000

Add the above line in the ftp configuration file,

Enable them in the iptables like :

iptables -A INPUT -p tcp --destination-port 30000:50000 -j ACCEPT
iptables -A OUTPUT -p tcp --source-port 30000:50000 -j ACCEPT

Execute following commands 

$service iptables save
$ service iptables restart
$ /etc/init.d/pure-ftpd restart

       Another important point is that you may connect to the server through "active mode [server will connect to the client]" through the FTP client(like filezilla). Just enable the option a the FTP client and retry to connect.

Monday, November 8, 2010

How to stop core file generation in the server from php?

■ Requirement : stop core file generation in the server from php
■ OS Environment : Linux[RHEL, Centos]
■ Application: ulimit
■ Implementation Steps : 

          A core file records memory image of running process.when a php process is killed, apache creates core files under your account.These core files take too much of space on server.There is no harm on deleting these files.You can get rid off these core files by modifying the httpd start up file.

Edit /usr/sbin/httpd and make ulimit like below :

ulimit -c 0 



eth0 errors +WARNINGS packets is + outside range

■ Error : eth0 error "WARNINGS: packets is outside range"
■ OS Environment : Linux[RHEL, Centos]
■ Application: ethtool
■ Symptom  :

  Following messages had been received from munin monitoring service :

eth0 errors
WARNINGs: packets is 1.52 (outside range [:1]).

■  Investigation : 
            My basic concept is, either eth0 is being overloaded or isn't compatible with kernel or OS. So, I checked the settings of the eth0 and RX(receive) and TX(transmit) packet errors and I found that there is error at RX. It looks like below :

$ethtool eth0
[...]
RX packets:162432463 errors:3770202 dropped:0 overruns:0
frame:3770202
TX packets:258975594 errors:0 dropped:0 overruns:0 carrier:0
[....]

You can use other commands to check the continuous traffic statistics of the card like :

$ watch -n 1 cat /proc/net/dev
$ sar -n DEV|more
$ netstat -plan --interfaces=eth0

I contacted the owner of the server and he assured me that the maximum speed of the NIC is 1GB/sec.

■ Resolution :

Increased speed to 1 Gbs. 

$ethtool -s eth0 speed 1000 duplex full

Sunday, November 7, 2010

How to access the webalizer from the outside of the cpanel?

■ Requirement : How to access the webalizer from the outside of the cpanel
■ OS Environment : Linux[RHEL, Centos]
■ Application:cpanel
■ Assumption : domain is domain.com
■ Implementation Steps : 

$ /scripts/whoowns domain.com
domain
$  cd ~domain
$ cd public_html/
$ pwd
/home/domian/public_html
$ ln -s /home/domian/tmp/webalizer stats
$ chown domain. stats
$ chmod 755 ~domain/tmp -R

Now access http://domain.com/stats

Thursday, November 4, 2010

How to change admin password in the table of the mysql database?

■ Requirement : How to change admin password in the table of the mysql database
■ OS Environment : Linux[RHEL, Centos]
■ Application: mysql
■ Implementation Steps : 


mysql> update agb_book_auth set password=MD5("newwpass") where username="admin";

Where table agb_book_auth contains admin and password attributes.

OR :

mysql> update wp_users set user_pass = 'b15a2021cb835426552c5d8599d5c7ab' where user_login = 'admin';
mysql> flush privileges;


Plesk configuration files path + linux?

■ Requirement :  Location of plex configuration files
■ OS Environment : Linux[RHEL, Centos]
■ Application:plex
■ Implementation Steps : 

Here are the paths :

Plesk Config & Binary file

Linux :

===========================================================
# Plesk tree
PRODUCT_ROOT_D - /usr/local/psa
==================================================
# Directory of SysV-like Plesk initscripts
PRODUCT_RC_D - /etc/init.d

/etc/psa/psa.conf // common config file
/etc/psa/.psa.shadow // admin password file
/var/log // common log file
/etc/local/psa/admin/logs //plesk log file
================================================

# Directory for config files
PRODUCT_ETC_D - /usr/local/psa/etc
================================================

# Virtual hosts directory
HTTPD_VHOSTS_D - /var/www/vhosts
/var/www/vhosts//anon_ftp , cgi-bin, conf, error_docs , httpdocs, httpsdocs , pd , private , statistics-->/logs(domain logs), subdomains , web

Domain based httpd.conf file:- /var/www/vhosts/
conf/httpd.include
Doc root : /var/www/vhosts/
/httpdocs
===============================================

# Apache configuration files directory
HTTPD_CONF_D - /etc/httpd/conf/httpd.conf //server based
/var/www/vhosts/
conf/httpd.include // domain based
------------------------------------------------------------------------------------------------------------
# Apache include files directory
HTTPD_INCLUDE_D - /etc/httpd/conf.d/mailman.conf , perl.conf, python.conf , webalizer.conf, zz010_psa_httpd.conf, fcgid.conf, manual.conf , php.conf, ssl.conf, welcome.conf
------------------------------------------------------------------------------------------------------------
# Apache binary files directory
HTTPD_BIN_D - /usr/bin
--------------------------------------------------------------------------------------------------------------
#Apache log files directory
HTTPD_LOG_D - /var/log/httpd
-----------------------------------------------------------------------------------------------------------
#apache startup script
HTTPD_SERVICE httpd
/etc/init.d/httpd [start|stop|restart|status]


================================================

# Qmail directory
QMAIL_ROOT_D /var/qmail

# Location of qmail maildirs
QMAIL_MAILNAMES_D /var/qmail/mailnames/
/var/qmail/mailnames/
/mail a/c/Maildir/new,cur,tmp
# Path to rblsmtpd
RBLSMTPD /usr/sbin/rblsmtpd

# Courier-IMAP
COURIER_IMAP_ROOT_D /

/etc/init.d/qmail [status,start,stop,restart] //service control

================================================
# Proftpd
FTPD_CONF /etc/proftpd.conf
FTPD_CONF_INC /etc/proftpd.include
FTPD_BIN_D /usr/bin
FTPD_VAR_D /var/run/proftpd
FTPD_SCOREBOARD /var/run/proftpd/scoreboard

Log file :- /var/log/xferlog
Service control :- /etc/init.d/proftpd [start,stop,status,restart]
================================================
# Bind
NAMED_RUN_ROOT_D /var/named/run-root/etc/named.conf
/var/named/run-root/var/
// db record

Service control :- /etc/init.d/named [status,start,stop,restart]
log:- /var/log/messages
===============================================

# Webalizer
WEB_STAT /usr/bin/webalizer
===============================================
# Logrotate
LOGROTATE /usr/local/psa/logrotate/sbin/logrotate
===============================================
# MySQL
MYSQL_VAR_D /var/lib/mysql
MYSQL_BIN_D /usr/bin

Service control:- /etc/rc.d/init.d /mysqld [start,stop,restart,status]
log :- /var/log/messages
===============================================
# PostgreSQL
PGSQL_DATA_D /var/lib/pgsql/data
PGSQL_BIN_D /usr/bin
===============================================
# Backups directory
DUMP_D /var/lib/psa/dumps
===============================================
# Mailman directories
MAILMAN_ROOT_D /usr/lib/mailman
MAILMAN_VAR_D /var/lib/mailman
===============================================
# Python binary
PYTHON_BIN /usr/bin/python2.3

# Tomcat root directory
CATALINA_HOME /usr/share/tomcat5

# DrWeb
DRWEB_ROOT_D /opt/drweb
DRWEB_ETC_D /etc/drweb

# GnuPG binary
GPG_BIN /usr/bin/gpg

# Tar binary
TAR_BIN /bin/tar
===============================================
# Curl certificates
CURL_CA_BUNDLE_FILE /usr/share/curl/curl-ca-bundle.crt
=========================================================
# AWStats
AWSTATS_ETC_D /etc/awstats
AWSTATS_BIN_D /var/www/cgi-bin/awstats
AWSTATS_TOOLS_D /usr/share/awstats
AWSTATS_DOC_D /var/www/html/awstats
===============================================
# openssl binary
OPENSSL_BIN /usr/bin/openssl

LIB_SSL_PATH /lib/libssl.so
LIB_CRYPTO_PATH /lib/libcrypto.so

CLIENT_PHP_BIN /usr/local/psa/bin/php-cli
--------------------------------------------------------------------------------------------------
Psa Spammasion:-
/usr/local/psa/admin/bin/spamd --status
--stop
--start
--------------------------------------------------------------------------------------------------


How to delete file using inode number?

■ Requirement : How to delete file using inode number
■ OS Environment : Linux[RHEL, Centos]
■ Application: find, inode
■ Implementation Steps : 

To view the inode number :

$ ls -il

Assume indoe is 782263 :

Delete file which has inode  782263 :

$ find . -inum 782263 -exec rm -f {} \;




Wednesday, November 3, 2010

How to setup loop device?

■ Requirement : How to setup loop device?
■ OS Environment : Linux[RHEL, Centos]
■ Implementation Steps : 

         In Unix-like operating systems, a loop device, vnd (vnode disk), or lofi (loopback file interface) is a pseudo-device that makes a file accessible as a block device.


$losetup /dev/loop0 example.img
$ mount /dev/loop0 /home/you/dir


     The second command mounts the device on the directory /home/you/dir. The overall effect of executing these two commands is that the content of the file is used as a file system rooted at the mount point.

The mount utility is usually capable of handling the entire procedure:

mount -o loop example.img /home/you/dir

a fatal error or timeout occurred while processing this directive while accessing cpanel

■ Error : a fatal error or timeout occurred while processing this directive during accessing  cpanel
■ OS Environment : Linux[RHEL, Centos]
■ Symptom : 

Just check the cpanel log file and you'll get the clue from there. I got following messages :

$  tail -f /usr/local/cpanel/logs/error_log

[2010-11-03 15:16:46 -0700] warn [branding::include] Encountered error in branding::include: Branding::include(index.html) failed: can't write into /home/j279259/.cpanel/nvdata.cache: Disk quota exceeded at /usr/local/cpanel/Cpanel/NVData.pm line 60

■ Solution :

Increased disk space


How to use strace command in linux?

■ Requirement : strace usage
■ OS Environment : Linux[RHEL, Centos]
■ Application: strace 
■ Implementation Steps :  

             strace is a useful diagnostic, instructional, and debugging tool. System administrators, diagnosticians and trouble-shooters will find it invaluable for solving problems with programs for which the source is not readily available since they do not need to be recompiled in order to trace them.

Arguments and returned value :

Each line in the trace contains the system call name, followed by its arguments in parentheses and its return value. An example from stracing the command ''cat /dev/null'' is:

open("/dev/null", O_RDONLY) = 3

Errors (typically a return value of -1) have the errno symbol and error string appended.

open("/foo/bar", O_RDONLY) = -1 ENOENT (No such file or directory)


Examples :

strace -s ls
strace -o output_file ls
strace -o outputfile -d ls
strace -e expr

like
strace -e trace=set
strace -e trace=open
strace -e trace=read
strace -e trace=file
strace -e trace=process
strace -e trace=network
strace -e trace=signal
strace -e trace=ipc
strace -e trace=desc //descriptors
strace -e read=set

For example, to see all input activity on file descriptors 3 and 5 use
-e read=3,5
For example, to see all output activity on file descriptors 3 and 5 use
-e write=3,5

-p pid //Attach to the process with the process ID pid and begin tracing

example : strace -e trace=network -p 4009

-u username //Run command with the user ID , group ID , and supplementary groups of username
===============

Special Use :

==================
1. Find out which config files a program reads on startup :-

strace php 2>&1 | grep php.ini
strace -e open php 2>&1 | grep php.ini

2. Why does this program not open my file?

$ strace -e open,access 2>&1 | grep your-filename

Look for an open() or access() syscall that fails

3. What is that process doing RIGHT NOW?

Ever had a process suddenly hog lots of CPU? Or had a process seem to be hanging?

strace -p 15427

4. What is taking time?

strace -c -p 11084

5. Can't I connect to that server?

strace -e poll,select,connect,recvfrom,sendto nc www.yahoo.com 80
================

Note :

-------------------------
ps -e -o pcpu,cpu,nice,state,cputime,args --sort pcpu | sed '/^ 0.0 /d' //
List processes by % cpu usage

ps -C firefox-bin -L -o pid,tid,pcpu,state //
List all threads for a particular process

watch -n.1 'cat /proc/interrupts' //
Watch changeable data continuously
--------------------------

How to view binary file in linux?

Guys,

Ans :

====
hexdump /bin/ps //in hexadecimal format
od /bin/ps //in octal format
strings /bin/ps //in human readable
====

check :)

What's the exact path of system call functions in linux?

■ Requirement : What's the exact path of system call functions in linux?
■ OS Environment : Linux[RHEL, Centos]
■ Solution  : 
            Where are the system call fuctions stored : /usr/src/linux/kernel/sys_call.S many of the system calls can be found in /usr/src/linux/kernel/sys.c Some system calls, like fork, have their own source file (e.g., kernel/fork.c).


How to load new shared libraries on linux?

■ Requirement : How to load new shared libraries on linux
■ OS Environment : Linux[RHEL, Centos]
■ Assumption : adding pgsql libs
■ Implementation Steps : 

1. As root, edit file /etc/ld.so.conf. Add a line like /usr/local/pgsql/lib
2. Then run command :

$  /sbin/ldconfig

3.In a bash shell, type :

$ export LD_LIBRARY_PATH=/usr/local/pgsql/lib

4. In a csh shell, type

$ setenv LD_LIBRARY_PATH /usr/local/pgsql/lib

Monday, November 1, 2010

How to install tcpwrapper on linux server?

Guys,

Ans : yum install tcpd

Or From sources :

#Download (HTTP): http://files.ichilton.co.uk/nfs/tcp_wrappers_7.6.tar.gz
#Download (FTP): ftp://ftp.porcupine.org/pub/security/tcp_wrappers_7.6.tar.gz
Download MD5 sum: e6fa25f71226d090f34de3f6b122fb5a

#Additional Downloads
Required Patch (Fixes some build issues and adds building a shared library): http://www.linuxfromscratch.org/patches/blfs/svn/tcp_wrappers-7.6-shared_lib_plus_plus-1.patch


Installation of TCP Wrapper

Install TCP Wrapper with the following commands:

patch -Np1 -i ../tcp_wrappers-7.6-shared_lib_plus_plus-1.patch &&
sed -i -e "s,^extern char \*malloc();,/* & */," scaffold.c &&
make REAL_DAEMON_DIR=/usr/sbin STYLE=-DPROCESS_OPTIONS linux

This package does not come with a test suite.

Now, as the root user:

make install

Note : sed -i -e ... scaffold.c: This command removes an obsolete C declaration which causes the build to fail if using GCC >= 3.4.x.

that's it :)

Secure Linux Using TCP Wrappers or Protect the daemons using TCP wrappers on Linux??

Guys,

TCP Wrappers can be used to GRANT or DENY access to various services on your machine to the outside network or other machines on the same network. It does this by using simple Access List Rules which are included in the two files /etc/hosts.allow and /etc/hosts.deny .

Let us consider this scenario: A remote machine remote_mc trying to connect to your local machine local_mc using ssh.

When the request from the remote_mc is received by the tcp wrapped service (SSH in this case), it takes the following basic steps:

1. It checks the /etc/hosts.allow file and applies the first rule specified for that service. If it finds a matching rule , it allows the connection. If no rule is found, it moves on to step 2.

2. It checks the /etc/hosts.deny file and if a matching rule is found, it deny's the connection.

Points to remember

Rules in hosts.allow takes precedence over rules in hosts.deny . Which means if a matching rule is found in hosts.allow file, the remote_mc is allowed access to the service even if there is a matching deny rule in hosts.deny file.
You can have only one rule per service in hosts.allow and hosts.deny file.
If there are no matching rules in either of the files or if the files don't exist, then the remote_mc is allowed access to the service.
Any changes to hosts.allow and hosts.deny file takes immediate effect.

Rule Syntax
The syntax for both hosts.allow and hosts.deny file takes the following form:

daemon : client [:option1:option2:...]

Where daemon can be a combination of ssh daemon, ftp daemon, portmap daemon and so on. Basically any service which has support for libwrap.a library compiled into it is a good candidate for utilizing the services of TCP Wrappers.

client is a comma separated list of hostnames, host IP addresses, special patterns or special wildcards which identify the hosts effected by that rule.

options is an optional action like say sending mail to the administrator when this rule is matched, log to a particular file and so on. It can be a colon separated list of actions too.

Examples of using TCP Wrappers

I want to allow SSH access to hosts in a particular domain say xyz.com and deny access to all the others. I enter the following rule in the hosts.allow file.

sshd : .xyz.com

... and in the hosts.deny file I include the rule:

sshd : ALL

The next rule denys FTP access to all the hosts in the abc.co.in domain as well as hosts in the 192.168.1.0 network.

#FILE: /etc/hosts.deny
vsftpd : 192.168.1. , .abc.co.in : spawn /bin/echo `/bin/date` access denied >> /var/log/vsftpd.log : deny

The backslash (\) in the above rule is used to break the line and prevents the failure of the rule due to length.

spawn and deny are options. Spawn launches a shell command as a child process. In the above rule, spawn logs a message to the vsftpd log file each time the rule matches. deny is optional if you are including this rule in the hosts.deny file.

Note: The last line in the files hosts.allow and hosts.deny must be a new line character. Or else the rule will fail.
For example, you can use spawn option to send mail to the admin when ever a deny rule is matched.

Wildcards :-

You can use wildcards in the client section of the rule to broadly classify a set of hosts. These are the valid wildcards that can be used.

ALL - Matches everything
LOCAL - Matches any host that does not contain a dot (.) like localhost.
KNOWN - Matches any host where the hostname and host addresses are known or where the user is known.
UNKNOWN - Matches any host where the hostname or host address are unknown or where the user is unknown.
PARANOID - Matches any host where the hostname does not match the host address.
Patterns

You can also use patterns in the client section of the rule . Some examples are as follows:

ALL : .xyz.com

Matches all hosts in the xyz.com domain . Note the dot (.) at the beginning.

ALL : 123.12.

Matches all the hosts in the 123.12.0.0 network. Note the dot (.) in the end of the rule.

ALL : 192.168.0.1/255.255.255.0

IP address/Netmask can be used in the rule.

ALL : *.xyz.com

Asterisk * matches entire groups of hostnames or IP addresses.

sshd : /etc/sshd.deny

If the client list begins with a slash (/), it is treated as a filename. In the above rule, TCP wrappers looks up the file sshd.deny for all SSH connections.

sshd : ALL EXCEPT 192.168.0.15

If the above rule is included in the /etc/hosts.deny file, then it will allow ssh connection for only the machine with the IP address 192.168.0.15 and block all other connections. Here EXCEPT is an operator.

Note: If you want to restrict use of NFS and NIS then you may include a rule for portmap . Because NFS and NIS depend on portmap for their successful working. In addition, changes to portmap rules may not take effect immediately.

Suppose I want to log all connections made to SSH with a priority of emergency. See my previous post to know more on logging. I could do the following:

sshd : .xyz.com : severity emerg

Note: You can use the options allow or deny to allow or restrict on a per client basis in either of the files hosts.allow and hosts.deny

in.telnetd : 192.168.5.5 : deny
in.telnetd : 192.168.5.6 : allow

Shell Commands :-


As mentioned above, you can couple the rules to certain shell commands by using the following two options.

spawn - This option launches a shell command as a child process. For example, look at the following rule:

sshd : 192.168.5.5 : spawn /bin/echo `/bin/date` from %h >> /var/log/ssh.log : deny

Each time the rule is satisfied, the current date and the clients hostname %h is appended to the ssh.log file.

twist - This is an option which replaces the request with the specified command. For example, if you want to send to the client trying to connect using ssh to your machine, that they are prohibited from accessing SSH, you can use this option.

sshd : client1.xyz.com : twist /bin/echo "You are prohibited from accessing this service!!" : deny

When using spawn and twist, you can use a set of expressions. They are as follows :
%a — The client's IP address.
%A — The server's IP address.
%c — Supplies a variety of client information, such as the username and hostname, or the username and IP address.
%d — The daemon process name.
%h — The client's hostname (or IP address, if the hostname is unavailable).
%H — The server's hostname (or IP address, if the hostname is unavailable).
%n — The client's hostname. If unavailable, unknown is printed. If the client's hostname and host address do not match, paranoid is printed.
%N — The server's hostname. If unavailable, unknown is printed. If the server's hostname and host address do not match, paranoid is printed.
%p — The daemon process ID.
%s — Various types of server information, such as the daemon process and the host or IP address of the server.
%u — The client's username. If unavailable, unknown is printed.

Try :)