Category: Linux

  • How to install ImunifyAV+

    ImunifyAV+ is an anti-malware software for Cpanel/Plesk servers. This is paid version of ImunifyAV.

    To install ImunifyAV+, run

    If you have a key-based license

    wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh -O imav-deploy.sh
    bash imav-deploy.sh --key YOUR_KEY
    

    If you have an IP-based license for ImunifyAV+, use IPL as the license key

    wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh -O imav-deploy.sh
    bash imav-deploy.sh --key IPL 
    

    See ImunifyAV

  • How to Auto restart elasticsearch with monit

    monit is a program used to monitor processes and restart them if they failed. If your server don’t have monit installed, see install instructions at Install Monit on Ubuntu or Install Monit on CentOS

    To restart elasticsearch on failure, create a file

    vi /etc/monit/conf-enabled/elasticsearch.conf 
    

    Add the following content to the file

    check process elasticsearch with pidfile "/var/run/elasticsearch/elasticsearch.pid"
       start program = "/bin/systemctl start elasticsearch"
       stop  program = "/bin/systemctl stop elasticsearch"
    

    Reload monit with

    monit reload
    

    To check the status of monit, run

    monit status
    

    Example

    root@sok:~# monit status
    Monit 5.26.0 uptime: 8m
    
    Process 'elasticsearch'
      status                       OK
      monitoring status            Monitored
      monitoring mode              active
      on reboot                    start
      pid                          366866
      parent pid                   1
      uid                          115
      effective uid                115
      gid                          118
      uptime                       6m
      threads                      60
      children                     1
      cpu                          -
      cpu total                    -
      memory                       58.0% [2.2 GB]
      memory total                 58.2% [2.2 GB]
      security attribute           unconfined
      disk read                    0 B/s [97.5 MB total]
      disk write                   0 B/s [2.3 MB total]
      data collected               Mon, 09 Aug 2021 10:07:22
    
    System 'sok.guest'
      status                       OK
      monitoring status            Monitored
      monitoring mode              active
      on reboot                    start
      load average                 [0.02] [0.18] [0.47]
      cpu                          4.4%us 1.4%sy 0.1%wa
      memory usage                 3.1 GB [81.7%]
      swap usage                   774.5 MB [18.9%]
      uptime                       3d 22h 39m
      boot time                    Thu, 05 Aug 2021 11:28:16
      data collected               Mon, 09 Aug 2021 10:07:22
    
    root@sok:~# 
    

    To see other ways of restarting ElasticSearch, see How to auto restart ElasticSearh service on failure

    Back to monit

  • imunify get list of all infected files

    imunify store data in SQLite database. To see a list of malware infected files, start sqllite with

    sqlite3 /var/imunify360/imunify360.db
    

    Data is stored in table malware_hits.

    To find the schema of the table, run

    .schema malware_hits
    

    We only want to orig_file column from the table, so run the SQL command

    select orig_file from malware_hits;
    

    Delete all past scan results

    If you need to clean all past scan results, then first stop imunify

    systemctl stop imunify-antivirus
    

    Start sqlite

    sqlite3 /var/imunify360/imunify360.db
    

    Delete data from the tables

    DELETE FROM malware_history;
    DELETE FROM malware_hits;
    DELETE FROM malware_scans;
    

    Exit from sqlite command prompt and start imunify

    systemctl start imunify-antivirus
    
  • Temperature

    To find CPU Temperature, run command sensors

    sensors
    

    Example

    boby@sok-01:~$ sensors
    k10temp-pci-00c3
    Adapter: PCI adapter
    Vcore:       925.00 mV 
    Vsoc:          1.06 V  
    Tctl:         +36.2°C  
    Tdie:         +36.2°C  
    Icore:         4.00 A  
    Isoc:          1.75 A  
    
    boby@sok-01:~$ 
    

    To find the temperature of NVIDIA graphics card, run

    /usr/bin/nvidia-smi -q -d temperature
    

    Example

    boby@sok-01:~$ /usr/bin/nvidia-smi -q -d temperature
    
    ==============NVSMI LOG==============
    
    Timestamp                                 : Mon Aug  2 23:53:27 2021
    Driver Version                            : 460.91.03
    CUDA Version                              : 11.2
    
    Attached GPUs                             : 1
    GPU 00000000:01:00.0
        Temperature
            GPU Current Temp                  : 45 C
            GPU Shutdown Temp                 : 97 C
            GPU Slowdown Temp                 : 94 C
            GPU Max Operating Temp            : 92 C
            GPU Target Temperature            : 83 C
            Memory Current Temp               : N/A
            Memory Max Operating Temp         : N/A
    
    boby@sok-01:~$ 
    
  • sensors

    sensors command shows data from various sensors on your computer like CPU temperature, voltage, etc…

    To install lm-sensors package, run

    apt install lm-sensors
    

    To see sensor data, run the command “sensors”.

    boby@sok-01:~$ sensors
    k10temp-pci-00c3
    Adapter: PCI adapter
    Vcore:       844.00 mV 
    Vsoc:          1.06 V  
    Tctl:         +39.0°C  
    Tdie:         +39.0°C  
    Icore:         5.00 A  
    Isoc:          1.50 A  
    
    boby@sok-01:~$ 
    

    To properly configure sensors, you need to run

    sudo sensors-detect
    

    This only needs to run one time to detect your hardware configuration. It will ask many questions, press enter to use default values.

  • ss

    ss is a tool to investigate sockets. It is similar to netstat, but shows more information. To see list of all open ports, run

    ss -tlnp
    

    Example

    boby@sok-01:~$ sudo ss -lntp
    State   Recv-Q  Send-Q    Local Address:Port     Peer Address:Port  Process                                                                                                                                
    LISTEN  0       128           127.0.0.1:7878          0.0.0.0:*      users:(("ssh",pid=2401,fd=5))                                                                                                         
    LISTEN  0       80            127.0.0.1:3306          0.0.0.0:*      users:(("mysqld",pid=1135,fd=19))                                                                                                     
    LISTEN  0       4096            0.0.0.0:111           0.0.0.0:*      users:(("rpcbind",pid=880,fd=4),("systemd",pid=1,fd=34))                                                                              
    LISTEN  0       511             0.0.0.0:80            0.0.0.0:*      users:(("nginx",pid=1147,fd=10),("nginx",pid=1146,fd=10),("nginx",pid=1145,fd=10),("nginx",pid=1144,fd=10),("nginx",pid=1143,fd=10))  
    LISTEN  0       32        192.168.122.1:53            0.0.0.0:*      users:(("dnsmasq",pid=1528,fd=6))                                                                                                     
    LISTEN  0       4096      127.0.0.53%lo:53            0.0.0.0:*      users:(("systemd-resolve",pid=883,fd=13))                                                                                             
    LISTEN  0       5             127.0.0.1:631           0.0.0.0:*      users:(("cupsd",pid=929,fd=7))                                                                                                        
    LISTEN  0       511           127.0.0.2:443           0.0.0.0:*      users:(("nginx",pid=1147,fd=11),("nginx",pid=1146,fd=11),("nginx",pid=1145,fd=11),("nginx",pid=1144,fd=11),("nginx",pid=1143,fd=11))  
    LISTEN  0       1               0.0.0.0:7070          0.0.0.0:*      users:(("anydesk",pid=1054,fd=32))                                                                                                    
    LISTEN  0       128               [::1]:7878             [::]:*      users:(("ssh",pid=2401,fd=4))                                                                                                         
    LISTEN  0       4096               [::]:111              [::]:*      users:(("rpcbind",pid=880,fd=6),("systemd",pid=1,fd=36))                                                                              
    LISTEN  0       5                 [::1]:631              [::]:*      users:(("cupsd",pid=929,fd=6))                                                                                                        
    boby@sok-01:~$ 
    

    See netstat

  • How to install development tools on Debian/Ubuntu

    Development tools are programs used to build software from its source code. These include compilers, make, and other generally used libraries.

    To install development tools on Ubuntu/Debian, run

    apt install -y build-essential
    apt install -y autoconf automake gdb libffi-dev zlib1g-dev libssl-dev git wget

    See Ubuntu, Debian

  • Create a Debian Container in LXD

    Debian OS templates are available in images:debian/VERSION. To see all available Debian OS templates, run

    lxc image list images: debian

    To create a container with Debian 10 OS, run

    lxc launch  images:debian/10 my-debian

    Example

    lxd debian container

    See LXD

  • Audacity Import Filter Curve in Ubuntu

    The import feature in Audacity Filter Curve Plugin is disabled on Ubuntu. Save feature worked. So what I did was to save a preset, then edit it, replace it with the preset you need.

    To import Josh Meyer’s Male EQ preset available at

    https://drive.google.com/file/d/163aSM4c-I6REKDqIzD9IzwiyDR4cXqma/view

    First saved one of the preset. It asked for a name, I enter “sevrerok” as the preset name.

    Close Audacity, Edited the file

    /home/boby/.audacity-data/pluginsettings.cfg
    

    Find the entry like

    [pluginsettings/base64\:RWZmZWN0X0F1ZGFjaXR5X0F1ZGFjaXR5X0ZpbHRlciBDdXJ2ZQ\=\=/private/UserPresets/serverok]
    

    Below this, you can add your preset. Here is what I have in the pluginsettings.cfg file

    [pluginsettings/base64\:RWZmZWN0X0F1ZGFjaXR5X0F1ZGFjaXR5X0ZpbHRlciBDdXJ2ZQ\=\=/private/UserPresets/serverok]
    Parameters=f0="62.77682" f1="70.002037" f10="336.65327" f11="492.91565" f12="591.0509" f13="689.68267" f14="776.07428" f15="889.28813" f16="982.67802" f17="9948.9608" f18="11195.196" f19="12597.538" f2="73.252718" f20="14047.435" f21="16096.677" f3="83.938837" f4="97.946153" f5="119.59827" f6="152.81833" f7="195.26572" f8="221.72906" f9="256.39197" FilterLength="8191" InterpolateLin="0" InterpolationMethod="B-spline" v0="-41.952381" v1="-10.904762" v10="0.031745911" v11="-2.984127" v12="-1.3650789" v13="-0.015872955" v14="0.469841" v15="0.469841" v16="-0.015872955" v17="-0.015872955" v18="-0.031746864" v19="-0.031746864" v2="-5.2349215" v20="-1.7301588" v21="-41.885715" v3="-1.6888895" v4="0.13650751" v5="1.1746035" v6="2" v7="2" v8="1.3015871" v9="0.031745911"
    
  • lspci

    lspci command is used to list PCI devices on your computer.

    To see all lspci command-line options

    root@first-vm:~# lspci help
    Usage: lspci []
    
    Basic display modes:
    -mm		Produce machine-readable output (single -m for an obsolete format)
    -t		Show bus tree
    
    Display options:
    -v		Be verbose (-vv or -vvv for higher verbosity)
    -k		Show kernel drivers handling each device
    -x		Show hex-dump of the standard part of the config space
    -xxx		Show hex-dump of the whole config space (dangerous; root only)
    -xxxx		Show hex-dump of the 4096-byte extended config space (root only)
    -b		Bus-centric view (addresses and IRQ's as seen by the bus)
    -D		Always show domain numbers
    -P		Display bridge path in addition to bus and device number
    -PP		Display bus path in addition to bus and device number
    
    Resolving of device ID's to names:
    -n		Show numeric ID's
    -nn		Show both textual and numeric ID's (names & numbers)
    -q		Query the PCI ID database for unknown ID's via DNS
    -qq		As above, but re-query locally cached entries
    -Q		Query the PCI ID database for all ID's via DNS
    
    Selection of devices:
    -s [[[[]:]]:][][.[]]	Show only devices in selected slots
    -d []:[][:]		Show only devices with specified ID's
    
    Other options:
    -i 	Use specified ID database instead of /usr/share/misc/pci.ids.gz
    -p 	Look up kernel modules in a given file instead of default modules.pcimap
    -M		Enable `bus mapping' mode (dangerous; root only)
    
    PCI access options:
    -A 	Use the specified PCI access method (see `-A help' for a list)
    -O =	Set PCI access parameter (see `-O help' for a list)
    -G		Enable PCI access debugging
    -H 	Use direct hardware access ( = 1 or 2)
    -F 	Read PCI configuration dump from a given file
    root@first-vm:~# 
    

    To list all PCI devices

    root@first-vm:~# lspci
    00:00.0 Host bridge: Intel Corporation Core Processor DMI (rev 11)
    00:03.0 PCI bridge: Intel Corporation Core Processor PCI Express Root Port 1 (rev 11)
    00:08.0 System peripheral: Intel Corporation Core Processor System Management Registers (rev 11)
    00:08.1 System peripheral: Intel Corporation Core Processor Semaphore and Scratchpad Registers (rev 11)
    00:08.2 System peripheral: Intel Corporation Core Processor System Control and Status Registers (rev 11)
    00:08.3 System peripheral: Intel Corporation Core Processor Miscellaneous Registers (rev 11)
    00:10.0 System peripheral: Intel Corporation Core Processor QPI Link (rev 11)
    00:10.1 System peripheral: Intel Corporation Core Processor QPI Routing and Protocol Registers (rev 11)
    00:1a.0 USB controller: Intel Corporation 5 Series/3400 Series Chipset USB2 Enhanced Host Controller (rev 05)
    00:1c.0 PCI bridge: Intel Corporation 5 Series/3400 Series Chipset PCI Express Root Port 1 (rev 05)
    00:1d.0 USB controller: Intel Corporation 5 Series/3400 Series Chipset USB2 Enhanced Host Controller (rev 05)
    00:1e.0 PCI bridge: Intel Corporation 82801 PCI Bridge (rev a5)
    00:1f.0 ISA bridge: Intel Corporation 3420 Chipset LPC Interface Controller (rev 05)
    00:1f.2 SATA controller: Intel Corporation 5 Series/3400 Series Chipset 6 port SATA AHCI Controller (rev 05)
    01:00.0 Serial Attached SCSI controller: Broadcom / LSI SAS2008 PCI-Express Fusion-MPT SAS-2 [Falcon] (rev 02)
    02:00.0 Ethernet controller: Broadcom Inc. and subsidiaries NetXtreme II BCM5716 Gigabit Ethernet (rev 20)
    02:00.1 Ethernet controller: Broadcom Inc. and subsidiaries NetXtreme II BCM5716 Gigabit Ethernet (rev 20)
    03:03.0 VGA compatible controller: Matrox Electronics Systems Ltd. MGA G200eW WPCM450 (rev 0a)
    ff:00.0 Host bridge: Intel Corporation Core Processor QuickPath Architecture Generic Non-Core Registers (rev 04)
    ff:00.1 Host bridge: Intel Corporation Core Processor QuickPath Architecture System Address Decoder (rev 04)
    ff:02.0 Host bridge: Intel Corporation Core Processor QPI Link 0 (rev 04)
    ff:02.1 Host bridge: Intel Corporation Core Processor QPI Physical 0 (rev 04)
    ff:03.0 Host bridge: Intel Corporation Core Processor Integrated Memory Controller (rev 04)
    ff:03.1 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Target Address Decoder (rev 04)
    ff:03.2 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Test Registers (rev 04)
    ff:03.4 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Test Registers (rev 04)
    ff:04.0 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Channel 0 Control Registers (rev 04)
    ff:04.1 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Channel 0 Address Registers (rev 04)
    ff:04.2 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Channel 0 Rank Registers (rev 04)
    ff:04.3 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Channel 0 Thermal Control Registers (rev 04)
    ff:05.0 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Channel 1 Control Registers (rev 04)
    ff:05.1 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Channel 1 Address Registers (rev 04)
    ff:05.2 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Channel 1 Rank Registers (rev 04)
    ff:05.3 Host bridge: Intel Corporation Core Processor Integrated Memory Controller Channel 1 Thermal Control Registers (rev 04)
    root@first-vm:~# 
    

    To get detailed list

    lspci -knn
    

    bash: lspci: command not found

  • bash: lspci: command not found

    On Ubuntu server, when I run lspci command, I get the error

    root@first-vm:~# lspci
    -bash: lspci: command not found
    root@first-vm:~# 

    To fix this error, install the package pciutils

    apt install -y pciutils

    See lspci