Tuesday, August 23, 2016

Check for network ports

  • netstat -nat 
  • netstat -tunlp 
  • netstat -nlpu|grep snmp

Wednesday, October 21, 2015

Changing a specific value in a file using sed

/bin/sed -i.bak -e 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config

Friday, October 09, 2015

Disable IPv6 on Linux

Sometime you may want to disable IPV6 on your Linux server. 

To check if IPV6 is running on your system
Run the following command.
#ifconfig  - This is show the ipv4 and ipv6 address

To disable ipv6
vi /etc/sysctl.conf

 Add the following lines at the bottom of the config file
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
 

After saving the file, run the following command to apply the new changes.

#sysctl -p

To confirm the changes are applied, run the command
#ifconfig - This should not show ipv6 address any more
 

Monday, June 15, 2015

Securing Linux


Stop all unwanted services
#chkconfig --list |grep '3:on'

#chkconfig cups off
#chkconfig postfix off
#chkconfig atd off
#chkconfig ip6tables off
#chkconfig lvm2-monitor off
#chkconfig mdmonitor off
#chkconfig rpcidmapd off
#chkconfig nfslock off
#chkconfig mcelogd off
#chkconfig xinetd off
#chkconfig inetd off

Remove all unwanted packages
#rpm -e

Disable Root login
#vi /etc/ssh/sshd_config
PermitRootLogin no
#service sshd restart

Create a service account with Sudo Access

  • Create a service account
#useradd
#passwd
(provide a strong password)

  • Provide Sudo Access to service account _ In this case i have given all root access
#visudo
lbadmin ALL=(ALL)       ALL


Disable alt+ctrl+del key switch for reboot

#vi "/etc/init/control-alt-delete.conf"

Hash both the lines
#start on control-alt-delete
#exec /sbin/shutdown -r now "Control-Alt-Delete pressed"

Allow ssh access only from specific subnets or IP address

#vi /etc/hosts.allow
sshd:


#vi /etc/hosts.deny
sshd: ALL

 Restrict access to server for specific subnet.

# Generated by iptables-save v1.4.7 on Fri Jun 12 15:39:00 2015
*filter
:INPUT ACCEPT [75:5272]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [68:5268]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A OUTPUT -p udp --dport 123 -j ACCEPT
-A INPUT -p udp --sport 123 -j ACCEPT
-A OUTPUT -p tcp --dport 123 -j ACCEPT
-A INPUT -p tcp --sport 123 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Set IP tables to start at reboot
#chkconfig iptables on

Apply the new IP table rules by running command
#service iptables start

Check all accounts have password set to them. No account should be without password less loging
grep -v ':x:' /etc/passwd

Tuesday, March 17, 2015

Cannot initiate the connection to 80:80 (0.0.0.80)

When running apt-get update command, if you receive the below mentioned error

W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/trusty-backports/restricted/i18n/Translation-en_US  Cannot initiate the connection to 80:80 (0.0.0.80). - connect (22: Invalid argument)

Edit the following file
vi /etc/apt/apt.conf

Hash out the following entry
#Acquire::http::Proxy "ProxyIP:ProxyPort";


Now try #apt-get update, this should update the repository informaiton

Tuesday, February 24, 2015

View database output in tabular format

mysql -u root -p 
 
mysql>\P less -S

Monday, February 16, 2015

Windows 8 and Windows 2012 rebooting issue on Proxmox VM

When you boot any VM and try to install Windows 8 or Windows 2012, the VMs will go into a continuous reboot. This is due to the missing CPU flag settings.

To fix this issue modify the VM configuration file of the VM

cd /etc/pve/qemu-server
vi 106.conf  ( Assuming 106.conf is the VM on which you are installing Win8 or Win2012)

balloon: 1024
bootdisk: ide0
cores: 2
args: -cpu qemu64,+sep,+cx16,+lahf_lm
ide0: PROXMOX6_VMVOL:106/vm-106-disk-1.qcow2,format=qcow2,size=32G
ide2: ISO:iso/Windows_8.1_x64.iso,media=cdrom,size=5227698K
memory: 2048
name: OPSI-Windows8
net0: virtio=DA:3B:63:57:3C:6F,bridge=vmbr0,tag=103
ostype: other
sockets: 1


Tuesday, November 11, 2014

Single liner to ping a subnet from command line

for ip in 192.168.10.{1,2,3..254};do ping -c 1 $ip;done

Tuesday, January 28, 2014

Shell - List number of lines once the search pattern matches

awk '/PATTERN/ {for(i=1; i<=5; i++) {getline; print}}' filename

The above command will search the key word "PATTERN" once it is matched, it will print the below 5 lines after the search string from the text file.

Wednesday, November 20, 2013

Server Provisioning / De-provisioning on Proxmox using Shell Script.

 Here is my attempt to simplify server provisioning / De-provisioning on Proxmox using shell script. Hope you find it useful.

****************************************************************************
#!/bin/bash

echo " Proxmox OpenVZ Server Provisioning Tool"
echo ""
echo " Please select from the below choices"
echo ""
echo " 1. KVM Server Instance Provisioning"
echo " 2. KVM Server Instance Decommissioning"
echo ""
read -p "Please enter you numerical choice: " choice

echo $choice

if [ "$choice" -lt 1 ] || [ "$choice" -gt 2 ]; then
                        echo "Wrong choice selection - Existing the program - Please try again"
                        exit
                if [ "$choice" -eq 1 ]; then
                        echo " Initiating Server Provisioning Procedure"
                elif [ "$choice" -eq 2 ]; then
                        echo " Initiating Server Decommissioning Procedure"

                fi

fi

case $choice in
1)
##### SECTION FOR TOTAL NUMBER OF SERVER AND OPERATING SYSTEM SELECTION #####
echo "Enter the number of servers needed (1-5)"
echo ""
read -p "Please enter the numerical value: " kvmsrvno
if [ "$kvmsrvno" -le 0 ] || [ "$kvmsrvno" -gt 5 ]
        then
                echo "Please try again by entering a valid number between (1-6)"
                exit
        else
                echo "Enter the number corresponding to the operating system 1.Windows2012 2.Windows2008R2 3.WindowsXP 4.Windows7 5.RedHat6 6.CentOS6"
                read -p "Please enter the numerical value: " kvmselection
    if [ "$kvmselection" -le 0 ] || [ "$kvmselection" -gt 6 ]
        then
                echo "Please try again by entering a valid number between 1,2,3,4,5 or 6"
        exit
    fi
fi
#echo "The operating system selected is $kvmselection"

############################################################fngetvmid() {
        pvesh get /cluster/resources --type vm |grep -i vmid |sort -n |awk '{print $3}' > /mnt/pve/ISO/automation_scripts/allocated_vmid
while read avail_vmid
do
                grep -x $avail_vmid /mnt/pve/ISO/automation_scripts/allocated_vmid > /dev/null
        if [ `echo $?` -ne 0 ]
        then
                VMID=$avail_vmid
                echo $VMID
                exit
        fi
done <  /mnt/pve/ISO/automation_scripts/vmidlist
}
#vm_id=$(fngetvmid)

##############################################################

fngetkvmhostname() {
case $kvmselection in
  1)
        hostname=Win2012-$vm_id;
        clntmpt=128;;
  2)
        hostname=Win2008R2-$vm_id;
        clntmpt=125;;
  3)
        hostname=WindowsXP-$vm_id;
        clntmpt=126;;
  4)
        hostname=Windows7-$vm_id;
        clntmpt=127;;
  5)
        hostname=Redhat6-$vm_id;
        clntmpt=123;;
  6)
        hostname=CentOS6-$vm_id;
        clntmpt=116;;
 esac
}

##################################################################
count=1
while [ "$count" -le "$kvmsrvno" ]
    do
        #ip_addr=$(fngetip)
        vm_id=$(fngetvmid)
        fngetkvmhostname
        pvesh create /nodes/`hostname`/qemu/$clntmpt/clone --newid $vm_id --full --name=$hostname #--pool="$poolname"
                #echo $ip_addr >> /mnt/pve/ISO/automation_scripts/allocated_list
        echo "#################################################################"
        count=`expr $count + 1`
        done;
break;;

2)
        echo "KVM Server Decommissioning Initiated"
        echo ""
        echo "Please specify the VMIDs of the instances to be decommissioned (Use comma separated values)"
        echo ""
        read -p "Please enter the numerical value: " delvid

        IFS=","
        for vmid in $delvid
        do
        #v_delip=`grep -i IP_ADDRESS /etc/vz/conf/$vmid.conf |sed -r 's/[^\"]*([\"][^\"]*[\"][,]?)[^\"]*/\1 /g' | sed "s/\"//g"`
        #delip=sed
        qm stop $vmid
        qm destroy $vmid
        #sed -i "s/$delip//g" "/opt/automation_scripts/allocated_list"
        #sed -i '/^$/d' "/opt/automation_scripts/allocated_list"
        echo "#################################################################"
        done;
break;;
esac

********************************************************************

Monday, August 05, 2013

Time and date setting in CentOS


View the current time and the timezone setting on the server by running the below command
#date

Steps to change the timezone settings.

 Make a backup of the current localtime file
#mv /etc/localtime /etc/localtime.bak

Create a new zone file setting using the below command. (Below example for India)
#ln -s /usr/share/zoneinfo/Asia/Calcutta /etc/localtime


Manually Set Data and Time using the following command
date -s "13 Feb 2015 10:30:00"


Wednesday, June 19, 2013

Configuring snmp on debian server

Configuring Debian Server to respond to snmp query

#dpkg --list |grep snmp
ii  libnet-snmp-perl                     5.2.0-4                        Script SNMP connections
ii  libsnmp-base                         5.4.3~dfsg-2                   SNMP (Simple Network Management Protocol) MIBs and documentation
ii  libsnmp15                            5.4.3~dfsg-2                   SNMP (Simple Network Management Protocol) library
ii  snmp                                 5.4.3~dfsg-2                   SNMP (Simple Network Management Protocol) applications
ii  snmpd                                5.4.3~dfsg-2                   SNMP (Simple Network Management Protocol) agents

Setting public as community string.

rocommunity public
##       sec.name     source           community
##       ========     ======           =========
com2sec  local       localhost        craz33guy
com2sec  network_1   172.22.6.0/24    craz33guy
#com2sec  network_2   192.168.2.0/24   craz33guy

##       Access.group.name   sec.model        sec.name
##       =================  =========         ========
group    MyROGroup_1        v1                local
group    MyROGroup_1        v1                network_1
group    MyROGroup_2        v2c               network_2

##   MIB.view.name     incl/excl  MIB.subtree  mask
##   ==============   =========  ===========  ====
view all-mibs         included   .1           80

##      MIB
##      group.name   context sec.model sec.level prefix read     write  notif
##      ==========   ======= ========= ========= ====== ====     =====  =====
access  MyROGroup_1  ""       v1       noauth    exact  all-mibs none   none
access  MyROGroup_2  ""       v2c      noauth    exact  all-mibs none   none

############################################################################

Adding custom scripts to be monitored using SNMP

Sample check_keepalived Script
-------------------------------------
#!/bin/bash
count=`ps -ef |grep -c keepalived`
if [ $count -lt 4 ]; then
        echo "1"
else
        echo "0"
fi

------------------------------------



Copy the script to /bin/check_keepalived.sh
#chmod 777 /bin/check_keepalived.sh

Add the following line in snmpd.conf file
exec keepalive /bin/sh /bin/check_keepalived.sh

#service snmpd restart

Test if the script is executable using snmp and showing desired results 
From the SNMP server run this command. This will execute all the Snmp custom scripts and show the output.
snmpwalk -v2c -c craz33guy 172.21.6.64 NET-SNMP-EXTEND-MIB::nsExtendObjects

To execute a specific Script from the bunch of custom scripts.
snmpwalk -v2c -c craz33guy 172.21.6.64 1.3.6.1.4.1.8072.1.3.2.4.1

 More details on the custom OID are explained in the below link
http://www.oidview.com/mibs/8072/NET-SNMP-EXTEND-MIB.html 
http://www.net-snmp.org/wiki/index.php/Tut:Extending_snmpd_using_shell_scripts
 ===========================
rocommunity testcomm
##       sec.name     source           community
##       ========     ======           =========
com2sec  local       localhost          testcomm
com2sec  network_1   172.21.10.33/32    testcomm
#com2sec  network_1   10.0.0.207/32      testcomm

##       Access.group.name   sec.model        sec.name
##       =================  =========         ========
group    MyROGroup_1        v1                local
group    MyROGroup_2        v2c               network_1

##   MIB.view.name     incl/excl  MIB.subtree  mask
##   ==============   =========  ===========  ====
view all-mibs         included   .1           80

##      MIB
##      group.name   context sec.model sec.level prefix read     write  notif
##      ==========   ======= ========= ========= ====== ====     =====  =====
access  MyROGroup_1  ""       v1       noauth    exact  all-mibs none   none
access  MyROGroup_2  ""       v2c       noauth    exact  all-mibs none   none
=================================


Tuesday, May 07, 2013

Check if the Linux Operating System is 32 Bit or 64 Bit

Run the below commands to check if the operating system is 32Bit or 64Bit.


  1. uname -a
  2. getconf WORD_BIT
  3. file /usr/bin/file
The above command will show if the operating system bit size

Thursday, December 15, 2011

Recover files deleted in linux

If any files accidentally deleted and needs to be recovered. First look in lost+found folder.
If not found follow the below steps.

Mount the filesystem in read only to avoid any rewrites on the disk block
# mount -o remount ro /dev/sdx /mntpoint.

If the partition is a root filesystem - Boot the server in single user mode
# init 1

To recover a text file you can use grep command to recover the contents. For this you need to know any uniq word from the deleted file - Preferably the start of the file.
grep -a -B2 -A1000 'uniq_word' /dev/sdx > /tmp/filerecovered.txt

It means 2lines before the uniq_word found and 1000lines after the uniq_word found from the filesystem and save the content into filerecovered file. (ensure the destination folder is read-write mode.
===================
Recover other types of files

Use package foremost There is an excellent article published in howtoforge portal.




Friday, December 09, 2011

check the disk space availablity

Script to check the disk space and mail if the disk space availablity is below the warning or critical thresholds

### Variable declaration ####
WARN=75
CRITICAL=77
ADMINI_LABS="useremailaccount"


#### Collecting Disk space information #####
df -h |grep -vE 'tmpfs|Filesystem|cdrom'|awk '{print $5 " " $6}' > /tmp/disksize

while read output; do
diskusage=$(echo $output|awk '{print $1}' |cut -d% -f1 )
filesystem=$(echo $output |awk '{print $2}' )
if [ $diskusage -ge $WARN ] && [ $diskusage -le $CRITICAL ]; then
mail -s"WARNING: $(hostname) : Running out of space $filesystem $diskusage" $ADMIN_ILABS
elif [ $diskusage -ge $CRITICAL ]; then
mail -s "CRITICAL: $(hostname) : Running out of space $filesystem $diskusage" $ADMIN_ILABS
fi
done < /tmp/disksize

## File Clean up ##
rm -f /tmp/disksize

Tuesday, November 08, 2011

Using CURL to get secure website information.

Create cookie jar for the URL login

curl -k --cookie-jar cjar --output /dev/null \
https://IPADDR/login

Passing the login credits to the site for fetching the information.
curl -k --cookie cjar --cookie-jar cjar \
--data 'username=USERNAME' \
--data 'password=PWD' \
--data 'form=login' \
--data 'action:Login=Login' \
--location \
--output /tmp/loginresutl.html \
https://IPADDR/login

Get the Secure Ironport information using the curl command using the cookie jar.
curl -l --cookie cjar \
--output /tmp/ironport_system_status.html \
https://IPADDR/monitor/reports/system_status

Tuesday, October 18, 2011

Configuring & Managing DELL PERC array controller from Linux Operating System

MegaRAID Cli
-----------------
http://www.thegeekstuff.com/2009/05/dell-tutorial-create-raid-using-perc-6i-integrated-bios-configuration-utility/
http://tools.rapidsoft.de/perc/perc-cheat-sheet.html

Download
http://www.lsi.com/downloads/Public/Obsolete/Obsolete%20Common%20Files/dr_linux_2.20.4.6_as40.zip

HP Array Controller card configuration from Linux
---------------------------------------------------
http://www.datadisk.co.uk/html_docs/redhat/hpacucli.htm

---------------------------
View Enclosure Details
MegaCli -EncInfo -aALL

View Array Controller on Server
MegaCli -AdpAllInfo -aAll

View Physical disk attached to the Array Controller
MegaCli -PDList -aAll
---------------------------

View Types of RAID Supported by Array Controller Card.
MegaCli -AdpAllInfo -aAll|grep RAID

Create RAID 1 / 5 from MegaRAID Cli
MegaCli -CfgLdAdd -r1 [8:2, 8:3] -a0
8 = Enclosure Device ID Number - Can find it out from PDList information
2 & 3 = Disk Slot Number - Can find it out from PDList information
a0 - Adapter Number

MegaCli -CfgLdAdd -r5 [8:2, 8:3, 8:4] -a0
Raid 5 Creation
--------------------------------
View Virtual Device Information.
MegaCli -LDInfo -Lall -aALL
---------------------------------

Set disk state to offline
MegaCli -PDOffline -PhysDrv [8:3] -a0

MegaCli -PDList -aAll |egrep 'Enclosure|Slot|Firmware'
Enclosure Device ID: 8
Slot Number: 3
Firmware state: Offline
---------------------------------

Set disk state to online
MegaCli -PDonline -PhysDrv [8:3] -a0

MegaCli -PDList -aAll |egrep 'Enclosure|Slot|Firmware'
Enclosure Device ID: 8
Slot Number: 3
Firmware state: Offlin
-------------------------------

Mark Disk as missing
MegaCli -PDMarkMissing -PhysDrv [8:3] -a0

Prepare disk for removal
MegaCli -PdPrpRmv -PhysDrv [8:3] -a0

Replace Missing physical disk
MegaCli -PdReplaceMissing -PhysDrv [8:3] -ArrayN -rowN -aN

Rebuild the newly added disk
MegaCli -PDRbld -Start -PhysDrv [8:3] -aN

Check rebuild /start/stop/status rebuild on the server.
MegaCli -PDRbld -Start -PhysDrv [E:S] -aN
MegaCli -PDRbld -Stop -PhysDrv [E:S] -aN
MegaCli -PDRbld -ShowProg -PhysDrv [E:S] -aN

Thursday, September 29, 2011

Friday, August 19, 2011

View smbuser on the samba-share

Samba - List the smbuser added to the samba share.

pdbedit -L = This will list all the smbuser added using smbpasswd -a command
pdbedit -Lv = This will extended view of the smbuser list.

Thursday, July 28, 2011

Configuring ISCSI targets and initiators.

ISCSI Server installation and Configuration.

ISCSI (Internet Small Computer System Interface) - (IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks
iscsi targets should be raw disk or block file only.


ISCSI Target - Server from where the ISCSI disk space is shared.
ISCSI Initator - Clients on which the ISCSI targets are mounted.

SERVER / TARGET side Configuration
====================

Package requirments
----------------------
yum install scsi-target-utils.i386
yum install openssl-devel.i386

/etc/init.d/tgtd start

Creating iscsi lun
=============
tgtadm --lld iscsi --op new --mode target --tid 1 -T iqn.2011-04.com.mxmail:storage.disk2.mxmail.com
tgtadm --lld iscsi --op show --mode target

Attaching storage to the LUN
----------------------------
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /iscsifile

or for physical disk
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /dev/sdb
tgtadm --lld iscsi --op show --mode target

Securing the iscsi targets
===================

IP based restriction
------------------
tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL #Allowing all IP on the network to access Target ID1
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 192.168.2.10 #Allowing specific IP access to Target ID1
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 192.168.2.0/24 #Allowing specific IP subnet to Target ID1

User based restriction
---------------------
tgtadm --lld iscsi --op new --mode account --user user1 --password password1 #Creation of User account
tgtadm --lld iscsi --op bind --mode account --tid 1 --user fujita #Adding User account to the target ID1
tgtadm --lld iscsi --op unbind --mode account --tid 1 --user fujita #Removing User account to the target ID1

-------------------------------------------------------------------------------------
To make the configuration persistent across add the above lines into /etc/rc.local file
--------------------------------------------------------------------------------------



INITIATOR side Configuration
=====================

yum install iscsi-initiator-utils-6.2.0.865-0.8.el5
yum install lsscsi-0.17-3.el5
service iscsi start
chkconfig iscsi on

Running discovery of the iscsi server.
iscsiadm --mode discovery --type sendtargets --portal 192.168.10.10 (Target Server IP)
Should list an output like this: 192.168.10.10:3260,1 iqn.2011-04.com.mxmail:storage.disk2.mxmail.com

vi /etc/iscsi/initiatorname.iscsi
add this value - InitiatorName=iqn.2011-04.com.mxmail:storage.disk2.mxmail.com

iscsiadm -m node
Will show all the iscsi devices.

#lsscsi (Command to display the mapped iscsi disks)
[0:0:0:0] disk VMware Virtual disk 1.0 /dev/sda
[9:0:0:0] storage IET Controler 0001 - #LUN Controller
[9:0:0:1] disk IET VIRTUAL-DISK 0001 /dev/sdb #Virtual Disk mapped to /dev/sdb

#fdisk -l /dev/sdb
Disk /dev/sdb: 3221 MB, 3221225472 bytes
100 heads, 62 sectors/track, 1014 cylinders
Units = cylinders of 6200 * 512 = 3174400 bytes

Disk /dev/sdb doesn't contain a valid partition table

All configuration files for iscsi is stored in /var/lib/iscsi/



Procedure to delete a LUN from ISCSI Server

Disable the connection from client ISCSI targets and Logging out of the portal session,
iscsiadm --mode discovery --type sendtargets --portal 192.168.1.1 (List the portal sessions)

iscsiadm --m node -T iqn.2013-08.com.iscsi:storage.proxmox_vm.mllab.net  --portal 192.168.1.1:3260 -u ( Will log out from the portal sessions)

iscsiadm -m node -o delete -T iqn.2013-08.com.iscsi:storage.proxmox_vm.mllab.net  --portal 192.168.1.1:3260 (Delete the portal connections)

Remove the Target from the ISCSI server side

Below listed are the steps to be followed for deleting a LUN from the ISCSI server.
Assumptions for this example,

The ISCSI server has multiple LUN configured. Each LUN is using one logical Unit(disk/slice/folder/blockdevice)


Unbind the IP Address from the Access List before deleting the logical unit.
tgtadm --lld iscsi --op unbind --mode target --tid 3 -I 192.168.1.0/24
tgtadm --lld iscsi --op unbind --mode target --tid 3 -I 172.22.1.0/24


Delete the Logincal Unit (Device/Folder/Slice) that is mapped to the LUN
tgtadm --lld iscsi --op delete --mode logicalunit --tid 3 --lun 1


Look for any active sessions connected to the LUN.
tgtadm --lld iscsi --op show --mode target
  I_T nexus information:
        I_T nexus: 10
            Initiator: iqn.1998-01.com.vmware:esxi1-4805d107
            Connection: 0
                IP Address: 192.168.1.2
        I_T nexus: 13
            Initiator: iqn.1998-01.com.vmware:esxi3-4716f412
            Connection: 0
                IP Address: 192.168.1.4
        I_T nexus: 15
            Initiator: iqn.1998-01.com.vmware:esxi5-31cd0643
            Connection: 0
                IP Address: 192.168.1.6

In this case there are 3 Sessions connected to the LUN (Connection ID 10, 13 and 15)

Disconnect each of the sessions before deleting the LUN.
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 10
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 13
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 15


Delete the LUN ID 3
tgtadm --lld iscsi --op delete --mode target --tid 3


View to confirm the target LUN is deleted.
tgtadm --lld iscsi --op show --mode target

Tuesday, May 31, 2011

Script to populate mails to mail accounts with an attachment and contents in body.

Shell Script for populating mails to mail users - For testing reasons.

while read username
do
for i in {1..25}
do
mutt -s "sample mail $i" -a /root/attachment.log -- $username"@mltech.com" < mailbody.template
done
done < useraccount

useraccount file will contain mail accounts.
mailbody.template file will contain mail body content.
attachment.log file is the attachment file.

Oneliner script for user account & password creation in linux

You need to have root user privileges to run some of the commands in the script needs.

user=openuser;for i in {1..50};do useradd $user$i;pd=abc;echo $user$i$pd |passwd --stdin $user$i;done

This will create user names openuser1, 2 till 50 with password "openuser1abc, openuser2abc, etc.,"

Tuesday, March 15, 2011

DOS - Batch programming - Accept command input for batch programm

hello.bat file content
@echo welcome %1 %2 %3 %4 boy

Execution.
hello one two three four

output will be
C:\Documents and Settings\retheesh\Desktop>hello one two three four (Input parameters)
welcome one two three four boy

Friday, March 04, 2011

perl oneliners

perl -p -i -e 's/oldstring/newstring/g' filename.
This will change the oldstring to newstring in the file.



Perl oneliner to install modules. (Note should have internet access and should have CPAN configuration done)


perl -MCPAN -e 'install HTML::Template'
                 OR

cpan -i 'install HTML::Template'



SED one Liner

Tuesday, November 02, 2010

XOR operation for Parity Caluclation

Sample XOR operation that will be used for recovering data during parity regeneration

A
B
C
0 XOR 0->0
0 XOR 1->1
1 XOR 0->1
1 XOR 1->0

Tuesday, October 26, 2010

Get date information from commands.

Get the Date output.
===============
$ date +%d -- Date
26
$ date +%D -- Date format
10/26/10
$ date +%m -- Month
10
$ date +%b -- Month
Oct
$ date +%M -- Minutes
45
$ date +%W -- Week of the year
43
$ date +%w -- Week of the day
2
$ date +%Y -- Year
2010
$ date +%y -- Year (last 2 digits)
10
$ date +%n -- New line
$ date +%l -- hour (0..12)
4
$ date +%k -- hour (0..23)
16
$ date +%N -- nano seconds
855022663
$ date +%T -- time format
16:48:14
-----------------------------------
$ set `date`
$ echo $1
Tue
$ echo $2
Oct
$ echo $3
26
$ echo $4
16:52:45
$ echo $5
IST
$ echo $6
2010
$ echo $# -- Total number of command variables.
6
-----------------------------------------------
date |cut -d" " -f1 # Replace f1 to f2,3,4,5,6 to get the values.
Tue
-------------------------
You can run a loop to check the day and run some commands according using case loop.

case `date |cut -d" " -f1` in
Mon) commands ;;
Tue) commands ;;
Wed) commands ;;
...
esac

Monday, October 25, 2010

Check top CPU or Memory utilisation process.

Find Processes that uses maximum processor utilisation
#ps -eo pid,ppid,pcpu,rss,cmd --sort pcpu

Find Processes that uses maximum Memory utilisation
#ps -eo pid,ppid,pcpu,rss,cmd --sort rss

Kill multiple jobs OR Kill all jobs of a particular user

# Create a list of specific jobs of a user
ps -ef |grep [username]|grep [jobname eg. telnet]|awk '{print $2}' > /tmp/fileout
while read userpid; do kill -9 $userpid;done < /tmp/fileout

Wednesday, September 08, 2010

Modify FreeNas configuration file

Editing of FreeNAS configure file is not possible from the FreeNAS shell.
To modify the configuration - Eg., /etc/fstab on FreeNAS

share /etc directory using NFS / CIFS share - ( Make sure its not a read only share)
mount /etc share on linux partition.
Use vi tool to modify the configuration file and save the configuration.

:) done.

Tuesday, September 07, 2010

perl module checks & installation

[root@mail ~]# instmodsh
Available commands are:
l - List all installed modules
m - Select a module
q - Quit the program

perldoc perlmodlib - Will display all modules that are installed along with the standard perl packages
perldoc perllocal - Will display all additional modules that were installed.


-----------------------
To install perl modules - (Make sure your system is connected to internet)
perl -MCPAN -e shell
cpan> o conf - will display the configurations
cpan> o conf init - Will reinitiate the configuration.
cpan> install Bundle::cpan --- Sample command to install modules.



Tuesday, August 17, 2010

Change Solaris Server hostname

Change the hostname in the following files:

/etc/nodename
/etc/hostname.*interface
/etc/inet/hosts
/etc/inet/ipnodes

Wednesday, August 04, 2010

Reverse proxy configuration on Apache

Apache Server side configuration.

mod_proxy_html installation reference link http://ubuntuforums.org/showthread.php?t=350836

wget http://apache.webthing.com/mod_proxy_html/mod_proxy_html.tgz
tar -xvzf mod_proxy_html.tgz
cd mod_proxy_html
-----------------------
apt-get install apache2-prefork-dev
apt-get install libxml2-dev
ln -s /usr/include/libxml2/libxml /usr/include/libxml
apxs2 -i -c mod_proxy_html.c
------------------------------------------

Modules for proxy settings
--------------------------------
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadFile /usr/lib/libxml2.so.2
-----------------------------------------------------------------------------

NameVirtualHost *:443
NameVirtualHost *:80

ServerName linuxmediaserver.mlmail.net
DocumentRoot /var/www/
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
ProxyRequests Off
Order deny,allow
Allow from all
ProxyPass / http://server.domain.com/
ProxyPassReverse / http://server.domain.com/

ServerName linuxmediaserver.mlmail.net
DocumentRoot /var/www/
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/mycert.pem #---------------> Generated certificate
ProxyRequests Off
Order deny,allow
Allow from all
ProxyPass / http://server.domain.com/
ProxyPassReverse / http://server.domain.com/

Monday, July 26, 2010

Apache Bench test

Apache bench test can be done to find the apache server performance.
We can run multiple simultaneous connections to the apache server and check the server response time.

Download apace bench marker from the below site.
http://www.filewatcher.com/m/ApacheBench-0.62.tar.gz.61627.0.0.html


Install Apache Bench mark -
wget ftp://ftp.eenet.ee/pub/cpan/authors/id/A/AD/ADIRAJ/ApacheBench-0.62.tar.gz
mv ApacheBench-0.62.tar.gz to /opt

tar -zxvf ApacheBench-0.62.tar.gz
cd /opt/ApacheBench-0.62
perl Makefile.PL
make
make test (requires Term::ReadKey for execute() test)
make install

Now AB is installed you can run the testing from command.
ab -n 10000 -c 5 http://(servername)/index.html

-n requests Number of requests to perform
-c concurrency Number of multiple requests to make

Result
=====
This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright 2006 The Apache Software Foundation, http://www.apache.org/

Benchmarking xxx.xxx.xxx.xxx (be patient)
Completed 1000 requests
Completed 2000 requests
Completed 3000 requests
Completed 4000 requests
Completed 5000 requests
Completed 6000 requests
Completed 7000 requests
Completed 8000 requests
Completed 9000 requests
Finished 10000 requests


Server Software: Apache/2.2.10
Server Hostname:
Server Port: 80

Document Path: /index.html
Document Length: 197 bytes

Concurrency Level: 10
Time taken for tests: 6.98762 seconds
Complete requests: 10000
Failed requests: 0
Write errors: 0
Total transferred: 4440000 bytes
HTML transferred: 1970000 bytes
Requests per second: 1639.68 [#/sec] (mean)
Time per request: 6.099 [ms] (mean)
Time per request: 0.610 [ms] (mean, across all concurrent requests)
Transfer rate: 710.80 [Kbytes/sec] received

=========

Sunday, June 27, 2010

Powering ON or OFF system using wake on LAN

http://www.tjansson.dk/?p=83
http://www.raymond.cc/blog/archives/2007/10/21/how-to-remotely-turn-on-computer-from-lan-and-wan/

Tuesday, June 08, 2010

how to get LDAP query output of more than 1000 objects

You can always change the LDAP query output from 1000 to the number of your choice on AD using ntdsutil.exe feature. - Caution - this is not the recommended option as this will increase the maxpagefilesize on your server which can be a server performance overload.
===============================

C:\WINDOWS\system32\ntdsutil.exe: ldap policies
ldap policy: connections
server connections: connect to server lab15cust5
Binding to lab15cust5 ...
Connected to lab15cust5 using credentials of locally logged on user.
server connections: q
ldap policy: show values
MaxPageSize 2000
ldap policy: set maxpagesize to 3000
ldap policy: show values
Policy Current(New)
MaxPageSize 2000(3000)
ldap policy: commit changes
ldap policy: show values
Policy Current(New)
MaxPageSize 3000
ldap policy: q

=====================================
Other way of getting more than 1000 results without modifying the maxpagefilesize is by using -E option along with Paged Results option.
ldapsearch -E pr=100/noprompt -H ldap://xxx.xxx.xxx.xxx -x -b "dc=doman,dc=com" -D "domain\username" -W
This will show all the ldap search results even if there is max of 1000 search output results.

Monday, April 26, 2010

process status - Linux

ps auxf -- Will give the processes and child processes information in hierarchical order (grpahically)
ps -p [id]-- Process info based on JobID
ps auU [username] -- All process run by a specific user

Thursday, March 18, 2010

Converstion of second timestamp to date timestamp

Some of the login information is saved on the second time stamp. This will need to be converted into a format that your system can understand.

[root@mail ~]# date;date +%s
Fri Mar 19 10:40:32 IST 2010
1268975432

To convert the second back to IST format

[root@mail ~]# date -d '1970-01-01 1268975432 sec GMT'
Fri Mar 19 10:40:32 IST 2010

[root@mail ~]# date -d@1268975432
Fri Mar 19 10:40:32 IST 2010

=================================

Thursday, March 04, 2010

Setting up of SVN and WebSVN.

Procedure to create a SVN
---------------------------

Package requirement:
================
  • subversion.i386 1.6.5-1 installed
  • subversion-devel.i386 1.6.5-1 installed
  • subversion-perl.i386 1.6.5-1 installed
  • subversion-python.i386 1.6.5-1 installed


Creation of SVN Directory and initialization of SVN
SVN directory location is /srv/svn/repos
  • mkdir /srv/svn/repos
  • svnadmin create --fs-type fsfs /srv/svn/repos
Import the initial code into SVN
  • svn import -m "Initial import" project1 file:///home/project1code
Configure SVN to view changes using WebSVN.

Download a copy of WebSVN on the server
  • http://websvn.tigris.org/servlets/ProjectDocumentList;jsessionid=24F17B3F5279F7DE3BB39F064A2C4A03

Copy the the extracted websvn to /var/www/html/webSVN
  • cp /var/www/html/webSVN/include/distconfig.php to /var/www/html/webSVN/include/config.php
  • modify /var/www/html/webSVN/include/config.php
$config->setDiffPath('/usr/bin/');
$config->setSedPath('/bin/');
$config->setTarPath('/bin/');
$config->setGZipPath('/bin/');
$config->setZipPath('/usr/bin/');
$config->parentPath('/srv/svn/repos'); -------- > Path of your repository
$config->addTemplatePath($locwebsvnreal.'/templates/calm/');
$config->addTemplatePath($locwebsvnreal.'/templates/BlueGrey/');
$config->addTemplatePath($locwebsvnreal.'/templates/Elegant/');
$config->setTemplatePath($locwebsvnreal.'/templates/BlueGrey/');

Now from your web-browser access http://servername/webSVN - this should give you access to your svn thru web interface

Friday, October 30, 2009