Sunday, June 21, 2009
Tuesday, June 16, 2009
Sunday, June 14, 2009
Saturday, June 13, 2009
Friday, June 12, 2009
Thursday, June 11, 2009
Tuesday, June 9, 2009
virtual ip addressing
You can use the virtual IP address either within the same IP address range or on a different one. To add a virtual IP address, add where is a number after the name of the network interface. For example, ifconfig eth0:0 10.0.0.10 adds the address 10.0.0.10 as a virtual IP address to eth0 . The number after the colon must be unique, so you can add a second virtual IP address with ifconfig eth0:1 10.0.0.20 , and so on.
Monday, June 8, 2009
killall command
we can use killall to terminate processes that have a specific file open at that time by just mentioning the file name. Some of the most useful options for killall are listed here:
-i : This option puts killall in interactive mode. You’ll have to confirm before any process is killed.
-r : This option allows you to work with regular expressions. This is useful because you won’t have to enter the exact process name.
-u : This option kills only processes that a specific user owns. Useful if you need to terminate everything a user is doing right now.
EX:-
if you need to terminate all http processes, use regular expressions as in the following command:
killall -r http
For example, if you want to kill all processes that a user has currently opened, use the following command:
killall -u username
it is mainly used to kill a process and all its children
ex:- killall pid
-i : This option puts killall in interactive mode. You’ll have to confirm before any process is killed.
-r : This option allows you to work with regular expressions. This is useful because you won’t have to enter the exact process name.
-u : This option kills only processes that a specific user owns. Useful if you need to terminate everything a user is doing right now.
EX:-
if you need to terminate all http processes, use regular expressions as in the following command:
killall -r http
For example, if you want to kill all processes that a user has currently opened, use the following command:
killall -u username
it is mainly used to kill a process and all its children
ex:- killall pid
vipw & pwck
As an administrator, you can manually edit /etc/passwd and /etc/shadow . If you intend to do this use vipw instead. This tailored version of the Vi editor is specifically designed for editing these critical files. Any error can have serious consequences, such as no one being able to log in. Therefore, if you make manual changes to any of these files, you should check their integrity
Besides vipw, another way to do this is to use the pwck command, which you can run without any options to see whether there are any problems you need to fix.
Besides vipw, another way to do this is to use the pwck command, which you can run without any options to see whether there are any problems you need to fix.
find all files that a particular user owns ?:
find / -user username
we can also use find to search for files that have a specific group as their owner. For instance, the following command would search for all files that are owned by the group admin
find / -group admin
we can also use find to search for files that have a specific group as their owner. For instance, the following command would search for all files that are owned by the group admin
find / -group admin
how to write the contents of an optical disk to an ISO file ?
assuming that your optical disk is available via the /dev/cdrom device:
dd if=/dev/cdrom of=/mycd.iso bs=4096
mount -o loop /mycd.iso /mnt
dd if=/dev/cdrom of=/mycd.iso bs=4096
mount -o loop /mycd.iso /mnt
/etc/groups
stores the group information.
The first field in this file is reserved for the name of the group.
The second field stores the password for the group (an ! signifies that no password is allowed for this group). You can see that most groups have an x in the password field, and this refers to the /etc/gshadow file where you can store the encrypted passwords.
the third field provides a unique group id.
last field provides the members of this group.
The first field in this file is reserved for the name of the group.
The second field stores the password for the group (an ! signifies that no password is allowed for this group). You can see that most groups have an x in the password field, and this refers to the /etc/gshadow file where you can store the encrypted passwords.
the third field provides a unique group id.
last field provides the members of this group.
linux partition types
linux partition types
83 (Linux): This is the native Linux partition type. You can use it for any Linux filesystem.
82 (Linux swap): Use this partition type for Linux swap partitions.
8e (Linux LVM): Use this partition type for working with LVM logical volumes
5 (Extended): Use this for extended partitions.
cat /proc/partitions
contains all the list of partitions kernel knows about.
83 (Linux): This is the native Linux partition type. You can use it for any Linux filesystem.
82 (Linux swap): Use this partition type for Linux swap partitions.
8e (Linux LVM): Use this partition type for working with LVM logical volumes
5 (Extended): Use this for extended partitions.
cat /proc/partitions
contains all the list of partitions kernel knows about.
udev device names
udev device names
-----------------
If you need to address the device itself, they will not do. Modern Linux distributions have an alternative. This alternative is created by the udev process, which is started on all modern Linux distributions automatically.
udev is the process that detects device changes on the hardware bus and is responsible for creating device names.
Not only does it create the device names /dev/sdb and so on, but for each storage device it also creates a unique device name in the directory /dev/disk.
the udev device names are all symbolic links, and shows you what device these links are referring to, see ls -RL /dev/disk
-----------------
If you need to address the device itself, they will not do. Modern Linux distributions have an alternative. This alternative is created by the udev process, which is started on all modern Linux distributions automatically.
udev is the process that detects device changes on the hardware bus and is responsible for creating device names.
Not only does it create the device names /dev/sdb and so on, but for each storage device it also creates a unique device name in the directory /dev/disk.
the udev device names are all symbolic links, and shows you what device these links are referring to, see ls -RL /dev/disk
journaling
The journal is used to track changes. This concerns changes to files and changes to metadata as well. The goal of using a journal is to make sure that transactions are processed properly. This is especially the case for situations involving a power outage. In those cases, the file system will check the journal when it comes back up again, and depending on the journaling style that is configured, do a rollback of the original data or a check on the data that was open while the computer crashed. Using a journal is essential on large file systems where lots of files get written to.
When using journaling, you can specify three different journaling modes for the file system. All of these are specified as options while mounting the file system, which allows you to use different journaling modes on different file systems.
1) data=ordered option
mount -o data=ordered /dev/sda3 /data
When using this option, only metadata is journaled, and barriers are enabled by default. This way, data is forced to be written to hard disk as fast as possible, which reduces chances of things going wrong. This journaling mode uses the optimal balance between performance and data security.
In case you want the best possible performance, use the data=writeback option. This option only journals metadata, but does not guarantee data integrity. This means that based on the information in the journal, when your computer crashes, the file system can try to repair the data but may fail, in which case you will end up with the old data after a system crash. At least it guarantees fast recovery after a system crash, and for many environments, that is good enough.
3) data=journal
If you want the best guarantees for your data, use the data=journal option. When using this option, data and metadata are journaled. This ensures the best data integrity, but gives bad performance because all data has to be written twice—first to the journal, and then to the disk when it is committed to disk. If you need this journaling option, you should always make sure that the journal is written to a dedicated disk. Every file system has options to accomplish that.
When using journaling, you can specify three different journaling modes for the file system. All of these are specified as options while mounting the file system, which allows you to use different journaling modes on different file systems.
1) data=ordered option
mount -o data=ordered /dev/sda3 /data
When using this option, only metadata is journaled, and barriers are enabled by default. This way, data is forced to be written to hard disk as fast as possible, which reduces chances of things going wrong. This journaling mode uses the optimal balance between performance and data security.
In case you want the best possible performance, use the data=writeback option. This option only journals metadata, but does not guarantee data integrity. This means that based on the information in the journal, when your computer crashes, the file system can try to repair the data but may fail, in which case you will end up with the old data after a system crash. At least it guarantees fast recovery after a system crash, and for many environments, that is good enough.
3) data=journal
If you want the best guarantees for your data, use the data=journal option. When using this option, data and metadata are journaled. This ensures the best data integrity, but gives bad performance because all data has to be written twice—first to the journal, and then to the disk when it is committed to disk. If you need this journaling option, you should always make sure that the journal is written to a dedicated disk. Every file system has options to accomplish that.
Sunday, June 7, 2009
iptable examples
1) iptable rule to accept ssh
iptables -A INPUT -p tcp -i eth0 --dport 22 -m state --state NEW -j ACCEPT
2) iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
3)iptables -A INPUT -j LOG --log-prefix "FAIL!"
iptables -A INPUT -p tcp -i eth0 --dport 22 -m state --state NEW -j ACCEPT
2) iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
3)iptables -A INPUT -j LOG --log-prefix "FAIL!"
Saturday, June 6, 2009
Friday, June 5, 2009
awk examples
awk examples:-
the global structure of an awk command is as follows:-
awk '/pattern/{action}' filename
displaying lines that contain a given pattern with awk
user@ubuntu:~$ awk '/root/' /etc/passwd
root:x:0:0:root:/root:/bin/bash
user@ubuntu:~$ awk '/root/{print $1}' /etc/passwd
root:x:0:0:root:/root:/bin/bash
the global structure of an awk command is as follows:-
awk '/pattern/{action}' filename
displaying lines that contain a given pattern with awk
user@ubuntu:~$ awk '/root/' /etc/passwd
root:x:0:0:root:/root:/bin/bash
user@ubuntu:~$ awk '/root/{print $1}' /etc/passwd
root:x:0:0:root:/root:/bin/bash
sed examples
sed action [files]
sed -e action1 -e action2 [files]
sed -f scriptfile [files]
actions specified on the command line are almost always enclosed in single quotes to prevent shell interpretation of special characters
Ex:-
cat demofile | sed 's/foo/bar/'
's/foo/bar/g' ---> global substitution
a range of line numbers can be specified
ex:- 1,10s/foo/bar/ 40,$s/foo/bar/
$ means last line in the file
deleting lines:-
11,20d - delete the second 10 lines of input
/hopscotch/d - delete all lines with the word hopscotch
sed '/foo/d' samplefile
sed '99,$!d' samplefile
deleting blank lines:-
sed '/^$/d'
----------------------------------------------------
executable sed script:-
#!/bin/sed -f
s/mvirtue/THe author of this course/
/grumpy/d
----------------------------------------------------
sed examples:-
1) showing the first 2 lines with sed & quiting
user@ubuntu:~$ sed 2q /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
2) sed -n /bash/p /etc/passwd
this command finds all the matching lines in /etc/passwd containing the text bash
/bash/ specifies the text you are looking for.
-p means to print
-n is used to suppress automatic printing of pattern space. Without this option, you would see every matching line twice
eamples
sed -n /^bash/p /etc/passwd
sed -n /./p /etc/passwd
sed -n /\./p /etc/passwd
sed -n /me\/le/p /etc/passwd
who am i | sed 's/ .* / /'
3) sed s/John/myname/g employee.txt
will search for the string John in the file employee.txt and replace it with myname
ex:-
sed ‘s/us.archive.ubuntu.com/mirrors.kernel.org/g’ /etc/apt/sources.list
4) grep == sed -n '/pattern/p'
grep -v == sed -n '/pattern/!p'
sed -e action1 -e action2 [files]
sed -f scriptfile [files]
actions specified on the command line are almost always enclosed in single quotes to prevent shell interpretation of special characters
Ex:-
cat demofile | sed 's/foo/bar/'
's/foo/bar/g' ---> global substitution
a range of line numbers can be specified
ex:- 1,10s/foo/bar/ 40,$s/foo/bar/
$ means last line in the file
deleting lines:-
11,20d - delete the second 10 lines of input
/hopscotch/d - delete all lines with the word hopscotch
sed '/foo/d' samplefile
sed '99,$!d' samplefile
deleting blank lines:-
sed '/^$/d'
----------------------------------------------------
executable sed script:-
#!/bin/sed -f
s/mvirtue/THe author of this course/
/grumpy/d
----------------------------------------------------
sed examples:-
1) showing the first 2 lines with sed & quiting
user@ubuntu:~$ sed 2q /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
2) sed -n /bash/p /etc/passwd
this command finds all the matching lines in /etc/passwd containing the text bash
/bash/ specifies the text you are looking for.
-p means to print
-n is used to suppress automatic printing of pattern space. Without this option, you would see every matching line twice
eamples
sed -n /^bash/p /etc/passwd
sed -n /./p /etc/passwd
sed -n /\./p /etc/passwd
sed -n /me\/le/p /etc/passwd
who am i | sed 's/ .* / /'
3) sed s/John/myname/g employee.txt
will search for the string John in the file employee.txt and replace it with myname
ex:-
sed ‘s/us.archive.ubuntu.com/mirrors.kernel.org/g’ /etc/apt/sources.list
4) grep == sed -n '/pattern/p'
grep -v == sed -n '/pattern/!p'
how to get the inode number of a particular file ?
ls -il /etc/hosts
8906880 -rw-r--r-- 1 root root 265 2009-03-23 13:46 /etc/hosts
user@ubuntu:~$ sudo debugfs /dev/sda1
debugfs 1.40.8 (13-Mar-2008)
debugfs: stat <8906880>
Inode: 8906880 Type: regular Mode: 0644 Flags: 0x0 Generation: 781546731
User: 0 Group: 0 Size: 265
File ACL: 0 Directory ACL: 0
Links: 1 Blockcount: 8
Fragment: Address: 0 Number: 0 Size: 0
ctime: 0x49c74578 -- Mon Mar 23 13:46:56 2009
atime: 0x4a28c163 -- Fri Jun 5 12:25:31 2009
mtime: 0x49c74578 -- Mon Mar 23 13:46:56 2009
BLOCKS:
(0):35631176
TOTAL: 1
8906880 -rw-r--r-- 1 root root 265 2009-03-23 13:46 /etc/hosts
user@ubuntu:~$ sudo debugfs /dev/sda1
debugfs 1.40.8 (13-Mar-2008)
debugfs: stat <8906880>
Inode: 8906880 Type: regular Mode: 0644 Flags: 0x0 Generation: 781546731
User: 0 Group: 0 Size: 265
File ACL: 0 Directory ACL: 0
Links: 1 Blockcount: 8
Fragment: Address: 0 Number: 0 Size: 0
ctime: 0x49c74578 -- Mon Mar 23 13:46:56 2009
atime: 0x4a28c163 -- Fri Jun 5 12:25:31 2009
mtime: 0x49c74578 -- Mon Mar 23 13:46:56 2009
BLOCKS:
(0):35631176
TOTAL: 1
Thursday, June 4, 2009
The tar command trick
suppose we have a directory containing 2 sub directories from-stuff
and to-stuff, from-stuff contains an entire tree of files , symbolic links and so forth. something that is difficult to mirror precisely using a recursive cp. in order to mirror the entire tree beneath from-stuff to to-stuff , we could use the commands:
cd from-stuff
tar cf - . | (cd ../to-stuff; tar xvf -)
source:- Running Linux
Grant edwards
The '-' is in the spot where tar expects to see the filename of the archive to be created/read. Using '-' for a filename tells tar to write the archive to stdout (or stdin when an archive is
being read) instead of a "regular" named file.
One would hope that would be explained on tar's man/info page, but it isn't -- the man/info page only explains options in their "standard" notation like this:
tar c -f -
That said, specifying '-' to use stdout/stdin is a bit redundant since that's the default. The example line would work just as well like this:
tar c . | (cd ../to-stuff; tar xv)
Or this
tar c . | tar xv -C ../to-stuff
But I don't really see why "cp -a" won't work. It handles links, device files, permissions, etc.
kiaaze
Code: tar c . | (cd ../to-stuff; tar xv)
works too, since tar uses standard output/input by default.
robert heller
Depends on the version of tar. For stock commercial UNIX tar, the default is still the tape drive. It appears that GNU Tar defaults to stdin/stdout. Traditionally, tar reads/writes to the tape drive and some versions might still do so by default. If you don't know what version of tar you are using, adding '-f -' will ALWAYS work, even if it is redundant. It certainly does not hurt.
rainer krienke
the problem with this tar-trick is that if you suppose that from-stuff is not just a small directory but say eg 1TByte in size with million of files in it.
Tar of course works but if anything goes wrong in such a tar run, (perhaps the to-stuff filesystem gets full or some files are modified during the run of tar that might take hours for a huge from-stuff dir, then all you can do is to start from scratch i.e. copy all files again.
In such situations its better to use rsync because rsync does only synchronize i.e. copy files that are different in from-stuff and to-stuff. Even if you stop rsync in the middle of its work and start it again it won't copy all files again like tar would, it would only copy those files not already in to-stuff. If you modify a file in from-stuff and start rsync again it will find this file and copy only this one instead of the whole TerraByte of data. Actually rsync is even better. if only a some bytes of one file in from-stuff changed it will transfer only those bytes that changed and insert them into the already existing file in to-stuff. This is important if you eg copy many data across a slow network link.
The command also preserves symlinks, permissions and ownership and using appropiate options also hard links and in its basic form that does all this its really simple:
rsync -av from-stuff to-stuff
thats all. Call it for the first time it will copy all files and directories. Call it a second time it will only copy files that have changed in from-stuff since the last run.
and to-stuff, from-stuff contains an entire tree of files , symbolic links and so forth. something that is difficult to mirror precisely using a recursive cp. in order to mirror the entire tree beneath from-stuff to to-stuff , we could use the commands:
cd from-stuff
tar cf - . | (cd ../to-stuff; tar xvf -)
source:- Running Linux
Grant edwards
The '-' is in the spot where tar expects to see the filename of the archive to be created/read. Using '-' for a filename tells tar to write the archive to stdout (or stdin when an archive is
being read) instead of a "regular" named file.
One would hope that would be explained on tar's man/info page, but it isn't -- the man/info page only explains options in their "standard" notation like this:
tar c -f -
That said, specifying '-' to use stdout/stdin is a bit redundant since that's the default. The example line would work just as well like this:
tar c . | (cd ../to-stuff; tar xv)
Or this
tar c . | tar xv -C ../to-stuff
But I don't really see why "cp -a" won't work. It handles links, device files, permissions, etc.
kiaaze
Code: tar c . | (cd ../to-stuff; tar xv)
works too, since tar uses standard output/input by default.
robert heller
Depends on the version of tar. For stock commercial UNIX tar, the default is still the tape drive. It appears that GNU Tar defaults to stdin/stdout. Traditionally, tar reads/writes to the tape drive and some versions might still do so by default. If you don't know what version of tar you are using, adding '-f -' will ALWAYS work, even if it is redundant. It certainly does not hurt.
rainer krienke
the problem with this tar-trick is that if you suppose that from-stuff is not just a small directory but say eg 1TByte in size with million of files in it.
Tar of course works but if anything goes wrong in such a tar run, (perhaps the to-stuff filesystem gets full or some files are modified during the run of tar that might take hours for a huge from-stuff dir, then all you can do is to start from scratch i.e. copy all files again.
In such situations its better to use rsync because rsync does only synchronize i.e. copy files that are different in from-stuff and to-stuff. Even if you stop rsync in the middle of its work and start it again it won't copy all files again like tar would, it would only copy those files not already in to-stuff. If you modify a file in from-stuff and start rsync again it will find this file and copy only this one instead of the whole TerraByte of data. Actually rsync is even better. if only a some bytes of one file in from-stuff changed it will transfer only those bytes that changed and insert them into the already existing file in to-stuff. This is important if you eg copy many data across a slow network link.
The command also preserves symlinks, permissions and ownership and using appropiate options also hard links and in its basic form that does all this its really simple:
rsync -av from-stuff to-stuff
thats all. Call it for the first time it will copy all files and directories. Call it a second time it will only copy files that have changed in from-stuff since the last run.
how to change ssh port
1) vi /etc/ssh/ssh_config
change the entry port 22 to port 1900 (or any other non privileged port no:)
:wq
2) restart the ssh service
sudo /etc/init.d/ssh restart
3) ssh -p 1900 localhost
NB:- warning untested
change the entry port 22 to port 1900 (or any other non privileged port no:)
:wq
2) restart the ssh service
sudo /etc/init.d/ssh restart
3) ssh -p 1900 localhost
NB:- warning untested
Wednesday, June 3, 2009
Tuesday, June 2, 2009
Monday, June 1, 2009
Subscribe to:
Comments (Atom)