UNIX Random Tips - sorry Linux Tips is what I really meant
Make dated backup files easy with a profile update
in /home/user/.bash_profile add:
TIME=$(date +%Y%m%d%H%M%S)
export TIME
of course change the date and time stamp to whatever format you prefer
then to backup a file with the timestamp just use:
cp /path/to/file /path/to/backup/filename.$TIME
and file will be saved with the timestamp provided you have sourced your .bash_profile or logged in again.
or even better use tar gzip:
TIME=$(date +%Y%m%d%H%M)
tarfile=bak/named-$TIME.tgz
tar zcvf $tarfile /path/to/filesandfolders
Test logrotate
logrotate -f /etc/logrotate.conf
Establish ssh tunnel to vncserver
ssh -L 5901:vncserver:5901 server
vncviewer localhost:5901 should result in tunneled connection to vncserver
Push ssh into background and do not execute remote command:
ssh -Nf vncserver 5901:vncserver:5901
Kill vncserver with: vncserver -kill :1
Setting SGID and Sticky permissions so that the group ownership on all files created in a directory will be set the the group owner and so that one user cannot remove another's files with:
chmod 3770 /path/to/folder
Check if a service is SELinux aware
semanage fcontext -l |grep <service i.e. samba>
check for booleans:
getsebool -a |grep <service>
set booleans:
setsebool -P <boolean> on|off for example setsebool -P samba_enable_home_dirs on
ls -ZR /path # determine security context of directory or file
Service status - service --status-all
chkconfig --list
Useful man pages
man -k proxy |grep selinux
man -k http |grep selinux
makewhatis &
Check if service is libwrapped with TCP Wrappers
ldd `which <service>` |grep libwrap or ldd ${which <service>} |grep libwrap
strings `which <service>` |grep hosts or strings ${which <service>} |grep hosts
Remount a filesystem that has locks
fuser -km /mountpount #kill active sessions and locks
umount /mountpoint #unmount (alternatively unmount the device with umount /dev/...)
mount -a # to remount
SSH Tunneling Example
on the shellserver run:
ssh -v -L 1110:popserver:110 shellserver
nc localhost 1110
connects to popserver on port 100 via localhost 1110 to secure transmission to your pop server
Reverse SSH Tunnel Example
add the following to ~/.ssh/config
Host remoteserver #i.e. linux server at home
Hostname ip.of.rem.server
RemoteForward 2222 localhost:22
User pvalentino
ssh remoteserver
ping anotherserver #this helps keep the connection active
you are now connected to the linux server in the office through the firewall with a secure shell
Determine disk used versus available on Linux:
df -Pkl |grep -v shm|awk ' { used += $3/1024/1024 } END { printf("%d Gb total used", used)}'
df -Pkl |grep -v shm|awk ' { avail += $2/1024/1024 } END { printf("%d Gb total avail", avail)}'
edit the grep -v command to exclude any directories that you don't want included i.e. grep -v 'shm backup' would exclude any directories with names including shm or backup. if that syntax doesn't work try adding a second grep -v as |grep -v shm|grep -v backup|.... also omit the "l" in df -Pkl for AIX
Sort user accounts are on server - getent passwd |sort -t ":" -k 3 -g
Speedier sftp transfer at the expense of security:
sftp -oCipher=blowfish-cbc host:/path
Format a swap partition:
mkswap /dev/sda5
in fstab add /dev/sda5 swap swap defaults 0 0
swapon -a
or via a file:
dd if=/dev/zero of=/swapfile bs=1M count=1024
in fstab add /swapfile swap swap defaults 0 0
mkswap /swapfile 1024
swapon -a
Create a large 2GB file for test purposes:
dd if=/dev/zero of=largefile bs=1M count=2048
Rsync example:
client initiated
rsync -av -e ssh server1:/usr/local/cvsroot/ /usr/local/cvsroot >> /tmp/cvs_rsync_log
server initiated
rsync -av -e ssh /usr/local/cvsroot/ server1:/usr/local/cvsroot >> /tmp/cvs_rsync_log
Pattern replace for multiple files example:
to replace pattern server with pattern server-tst in all files containing .properties in the current directory and below:
for i in `find . -name *.properties*`$i | sed -e 's/server/server-tst/' > $i.1 | mv -f $i.1 $i; done
Mail Attachments:
mutt -s "Subject" -a picture.jpg user@mydomain.com
Count Files in a Directory recursively:
find YOURDIR -type f ¦ wc -l
Install Kernel Source and headers on Ubuntu:
use sudo passwd to give root a password and enable shell login
su -
apt-get install build-essential linux-headers-`uname -r`
remove comments and blank lines with:
grep -v "^#" /etc/squid/squid.conf | sed -e '/^$/d'
change uid example:
lgroupmod -g 712 groupname
usermod -u 712 -U username
Create users with specific uid and groupid:
To create an oracle user (only required on an Oracle server):
groupadd -g 502 oinstall ; useradd –m -u 500 -g oinstall oracle ; echo "password" |passwd --stdin oracle
To create a standard user:
groupadd -g 701 [groupname] ; useradd -m -u 701 -g [groupname] [username] ; echo "password"|passwd --stdin [username]
CHANGE UID's and ownership of files on entire fs:
find / -mount -user UID -print | xargs chown newowner
This variation changes the group ownership:
find / -mount -group GID -print | xargs chgrp newgroup
Find files modified more than x days ago:
find / -mount -mtime +3
Find faulty permissions find / \( -nouser -o -nogroup \) # files and directories with no matching user or group in passwd
find / -type f -perm 002 #files writable by other group
find / -type d -perm -2 #directories writable by other
Fixing Duplicate RPM's:
rpm -qa --queryformat "%{NAME}-%{VERSION}-%{ARCH} \\n" | grep <packagename> | sortthen remove the one not needed - may need to fix the packagename a little for it to work....
rpm -e bluez-libs-2.10-i386
rpm -e bluez-libs-2.10-x86_64may needs to be changes to:
rpm -e bluez-libs-2.10-2.i386
rpm -e bluez-libs-2.10-2.x86_64
Install megaraid driver from SRPM example:
Install megaraid driver
download driver from
http://www-304.ibm.com/jct01004c/systems/support/supportsite.wss/license?filename=system_
x/lsi_dd_megasas_00.00.03.06_rhel4_32-64.tgz&root=/systems/support/&brandind=5000008
sftp the drivers over to server and extract them with tar zxvf *.tgz
go to SRPM folder and install with
rpm -ivh *.rpmcd to /usr/src/redhat
export BUILD_KERNEL="2.6.9-55.ELsmp" #2.6.9-55.ELsmp is result of uname -rrpmbuild -bb SPECS/megaraid_sas.specr
pm -ivh /RPMS/x86_64/lsi-megaraid_sas-smp-00.00.03.06_2.6.9_55.EL-0.x86_64.rpm
rpm -ivh /RPMS/x86_64/lsi-megaraid_sas-smp-debuginfo-00.00.03.06_2.6.9_55.EL-0.x86_64.rpm
Copy or Cut and Paste in VIM
Cut and Paste:
- Place the cursor at the beginning of the block you want to CUT.
- Mark it with md
- Go to the end of the block.
- Cut it with d'd
- Go to the new location that you want to PASTE the text.
- Enter P (shift-p).
Copy and Paste:
- Place the cursor at the beginning of the block you want to COPY.
- Mark it with my
- Go to the end of the block.
- Copy it with y'y
- Go to the new location that you want to paste the text.
- Press P (shift-p).
Replace one character with another for an entire file:
cat <filename> | tr \" \' > <outfilename> # will replace all " with ' in <filename> and output to <outfilename>
Finding Services on my network i.e. Servers running MySQL:
nmap -sV -p 3306 192.168.1-254 > MySQLhosts.out
nmap options -sS #synchronous scan TCP
-sU #UDP scan
-sR #RPC/portmap
-A #OS and version detection
-v #verbose
-P0 #suppress pretest ping
-p #port
will locate all servers running mysql on default port 3306 on the class C 192.168.1.x network
Just open the MySQLhosts.out file to find hosts that are not in closed state
Find files that are filling up disk space:
cd to dir that is filling up
du -sk * | sort -nr | more
list files and directories in order of space they occupy
Updating Kernel parameters on Linux:
Edit /etc/sysctl.conf for example:
kernel.sysrq = 0
kernel.shmmax = 2147483648
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.shmmin = 1
kernel.shmseg = 10
kernel.sem = 250 32000 100 128
fs.file-max = 104032
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_fin_timeout = 15
net.core.rmem_default = 1048576
net.core.rmem_max = 16777216
net.core.wmem_default = 262144
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
Run
sysctl -p # this loads the parameters from changes made to sysctl.conf
ipcs -l # lists the parameters
Set date and time:
date MMDDhhmm.ss
Crontab:
* * * * * command to be executed
- - - - -
| | | | |
| | | | +----- day of week (0 - 6) (Sunday=0)
| | | +------- month (1 - 12)
| | +--------- day of month (1 - 31)
| +----------- hour (0 - 23)
+------------- min (0 - 59)
Changing linux prompt in profile
in ~/.bash_profile add:
PS1="\[\033[1;32m\]\u@\[\033[1;33m\]\h \[\033[1;34m\]\${PWD} $\[\033[0m\] "
What is my ip? /sbin/ifconfig or /sbin/ip addr
What is my mac? /sbin/ip maddr