Category: Linux

  • apropos

    apropos is a linux command that search manual pages and descriptions.

    Example

    root@mil-146068:~# apropos vagrant
    vagrant (1)          - Tool for building and distributing virtualized development environments.
    dh_vagrant_plugin (1) - packaging helper for vagrant plugins
    root@mil-146068:~# 
    

    See Linux Commands

  • bind

    bind is a DNS server.

    To check bind configuration for errors, run

    named-checkconf -z /etc/named.conf
    

    if chroot

    named-checkconf -z -t /var/named/chroot /etc/named.conf
    

    Installation

    Install bind in CentOS 7

  • maximum number of open files and file descriptors in linux

    To see open files in linux use the command

    lsof
    

    There is a limit set in the kernel on how many open file descriptors are allowed on the system. This may be compiled in, or it may be tunable on the fly. In Linux, the value of this parameter can be read from and written to the proc filesystem.

    [root@server50 home]# cat /proc/sys/fs/file-max
    131072
    [root@server50 home]#
    

    On this system 1,31,072 open file descriptors are permitted. We are unlikely to run out. If we wanted to change it, we’d do something like this:

    echo "132096" > /proc/sys/fs/file-max 
    

    But how do we know how many file descriptors are being used?

    [root@server1 ~]# cat /proc/sys/fs/file-nr
    1792    0       131072
    |	 |       |
    |	 |       |
    |        |       maximum open file descriptors
    |        total free allocated file descriptors
    total allocated file descriptors
    (the number of file descriptors allocated since boot)
    
  • lighttpd too many open files

    lighttpd server crashes with fllowing error in error_log file.

    2019-11-05 09:39:02: (network_linux_sendfile.c.143) open failed:  Too many open files
    2019-11-05 09:39:02: (connections.c.603) connection closed: write failed on fd 1228
    2019-11-05 09:39:02: (response.c.537) file not found ... or so:  Too many open files /4032/1_451.jpg ->
    

    As lighttpd is a single-threaded server, its main resource limit is the number of file descriptors, which is set to 1024 by default (on most systems).

    If you are running a high-traffic site you might want to increase this limit by setting server.max-fds.

    server.max-fds = 8192
    
    [root@server22 lighttpd]# cat /proc/sys/fs/file-nr
    4544    0       95873
    [root@server22 lighttpd]#
    

    Related Posts

    lighttpd

    maximum number of open files and file descriptors in linux

  • df not showing all mounts

    On a server, df not showing all mounts

    root@server20 [~]# df -h
    Filesystem            Size  Used Avail Use% Mounted on
    tmpfs                 3.9G     0  3.9G   0% /dev/shm
    root@server20 [~]#
    

    This is caused by corrupt /etc/mtab

    To fix

    mv /etc/mtab /etc/mtab.old
    cat /proc/mounts > /etc/mtab
    

    See df

  • Show disk usage with df

    df command shows partitions and disks used by each partition.

    root@server54 [~]# df -h
    Filesystem            Size  Used Avail Use% Mounted on
    /dev/sda2             450G  380G   47G  90% /
    /dev/sda1              99M   11M   83M  12% /boot
    tmpfs                 2.0G     0  2.0G   0% /dev/shm
    /dev/sdb1             458G  390G   46G  90% /backup
    /usr/tmpDSK           485M   63M  397M  14% /tmp
    root@server54 [~]#
    

    To see partitions alone with Type, use

    df -hT
    

    df not showing all mounts

  • RHCSA Study Guide

    1. Logical volume ‘home’ as created and mounted. Reduce its size to ‘192M’ (size from 185M to 200MB is acceptable)

    # lvdispaly
    # umount /dev/vgsrv/home
    # e2fsck -f /dev/vgsrv/home
    # resize2fs /dev/vgsrv/home 192M 
    # lvcreduce -L 192M /dev/vgsrv/home
    # mount /dev/vgsrv/home
    # lvdisplay
    
    
    # lvdisplay
    # umount /dev/vgsrv/home
    # lvextend -L 256M /dev/vgsrv/home
    # e2fsck -f /dev/vgsrv/home
    # resize2fs /dev/vgsrv/home 256M
    # mount /dev/vgsrv/home
    # lvdisplay
    

    2. Add a group sysmgrs

    Add a user Natasha such that user’s secondary group is sysmgrs.

    Add a user harry such that user’s secondary group is sysmgrs.

    Add a user sarrah, who has no interactive shell, and not belongs to the group sysmgrs.

    Set password of Natasha, harry and sarrah to lotawens.

    # groupadd sysmgrs
    # useradd -G sysmgrs Natasha
    ( We can verify the newly created user by cat /etc/passwd)
    # useradd -G sysmgrs harry
    # useradd -s /sbin/nologin sarrh
    # passwd Natasha
    # passwd harry
    # passwd sarrah
    

    3. Configure FTP access on your virtual machine to allow permission for anonymous user.

    If yum not configured;
    # cd /etc/yum.repos.d
    # vim domain70.repo
    [domain70]
    baseurl=
    enabled=1
    gpgcheck=0
    :wq!
    
    # yum clean all
    # yum update all
    
    # yum install vsftpd*
    # yum install ftp
    # ftp ip
    User: anonymous
    Password: 
    
    If logging successfully, do the last steps;
    If not, the below mentioned files and make changes.
    # vim /etc/vsftpd/vsftpd.conf
    # vim /etc/vsftpd/ftpusers
    # vim /etc/vsftpd/user_list
    And try again
    # service vsftpd restart
    # chkconfig vsftpd on
    

    4. Make a collaborative directory /a/b and set the permission as

    Group ownership of /a/b is sysmgrs

    The directory should be readable, writable and accessable to members of sysmgrs, but not to any other user. ( it is undershould that root has access to all files and
    directories on the system)

    Files created in /a/b automatically have group ownership set to the group sysmgrs.

    # mkdir -p /a/b
    # chgrp sysmgrs /a/b
    # chmod 2770 /a/b
    

    5. Copy the file /etc/fstab to /var/tmp. Configure the permissions of /var/tmp/fstab so that,

    The file /var/tmp/fstab is owned by the root user

    The file /var/tmp/fstab is belongs to group root

    The file /var/tmp/fstab is should not be executable by anyone

    The user natasha is able to read and write /var/tmp/fstab

    The user harry can neigher write not read /var/tmp/fstab

    All other users (current or future) have the ability to read /var/tmp/fstab

    # cp -a /etc/fstab /var/tmp
    # cd /var/tmp
    # ls -l
    # getfacl /var/tmp/fstab
    # chmod ugo-x /var/tmp/fstab 
    [ No need to do this, there won't be execute permission for the file by default]
    # setfacl -m u:natasha:rw /var/tmp/fstab
    # setfacl -m u:harry:0 /var/tmp/fstab   (zero)
    [Read permission will be there for all the users, by default. Check it using ls -l /var/tmp/fstab]
    
    Verify by
    
    [ ls -la /var/tmp/fstab]
    
    

    6. set cronjob for user natasha to do /bin/echo hiya at 14:23

    # crontab -e -u natasha
    23 14 * * * /bin/echo hiya
    :wq!
    

    7. host.domain70.example.com shares remote users. Configure ldap such that ldapusers has no home directory until we do automounting.

    baseDN: dc=domain70, dc=example, dc=com

    Certificate: ftp://host.domain70.example.com/pub/EXAMPLE-CA-CERT

    Username: ldapuser70

    Password: password

    # system-config-authentication
    LDAP user
    DN=dc=domain70,dc=example,dc=com
    Server=host.domain70.example.com
    Certificate= ftp://host.domain70.example.com/pub/exam-crt ( enter url carefully, there maybe // or ..)
    LDAP password
    OK
    
    starting sssd
    # su -ldapuser70
    Display Bash prompt
    #exit
    

    8. configure NTP with that of rhcert.domain70.example.com

    # system-config-date
    Delete old server names and add given server name 
    Advanced Tick speedup
    #exit
    

    9. Implement a web server for the site http://station.domain70.example.com/ then perform the following steps:

    Download ftp://rhcert.domain70.example.com/pub/rhcsa/station.html

    Rename the download file to index.html

    Copy this index.html to the Document root of your web server.

    DO NOT make any modifications to the content of index.html

    # yum install httpd
    # cd /var/www/html
    # wget ftp://rhcert.domain70.example.com/pub/rhcsa/station.html
    # mv station.html index.html
    990th line : remove '#'
    Remove '*' and add IP address:
    Eg Name VirtualHost 172.40.70.12
    1003rd line copy 7 lines and paste below that itself.
    (last 7 lines)
    Remove # of all lines
    
    Ist line : remove * and add ip
    
    
    3rd line
    
    Document Root /var/www/html
    
    4th line
    
    server name station.domain70.example.com
    :wq!
    
    #service httpd restart
    # chkconfig httpd on
    
    check site http://station.domain70.example.com/
    
    

    10. Install the appropriate Kernel update from ftp://domain70.example.com/pub/updates/ The following criteria must also be met:

    The updated kernel is the default Kernel when the system is rebooted.

    The orginal kernel remains available and bootable on the system.

    # ftp rhcert.domain70.example.com
    Anonymous login
    ftp> cd /pub/updates
    ftp> ls
    ftp> mget kernel*
    ftp> bye
    # rpm -ivh kernel*
    # vim /etc/grub.conf
    Check the updatted kernel is the first kernel and the orginal kernel remains available.
    set default=0
    :wq!
    

    11. Configure autofs to automount the home directories of ldapusers host.domain70.example.com NFS-exports /rhome to your
    machine. ldapuser70’s home directory should be automounted locally beneath /rhome/ldapuser7-. Home directores must be writable by thier users.

    User: ldpauser70
    Password: password

    # vim /etc/auto.master
    /rhome /etc/auto.misc
    :wq!
    # vim /etc/auto.misc
    ldapuser70 --rw,sync host.domain70.example.com:/rhome/ldpauser70
    :wq!
    
    #service autofs restart
    # service autofs reload
    # chkconfig autofs on
    # su -ldapuser70
    Login ldapuser with home directory
    # exit
    

    12. Create a swap partition of 754 MB size. Do not make any change to the existing swap partition

    # fdisk -l
    # fdisk -cu /dev/vda
    p
    n
    e or p
    select e
    default (first): enter
    default (last): enter
    n
    default(first): enter
    default(first): +754M
    t(1-5)
    l: 82
    p
    w
    #reboot
    #mkswap /dev/vda5
    
    
    # vim /etc/fstab
    
    /dev/vda5 swap swap defaults 0 0
    
    :wq
    
    # mount -a
    # swapon -a
    # swapon -s
    
    

    13. Add a user manlo with uid 1353. Set his password as lotawens

    # useradd -u 1353 manlo
    # passwd manlo
    # su - manlo
    

    14. Locate all files and directories of user jacques and copy it to /root/findfiles

    OR locate the files of owner “dax” and copy to the directory /root/founddirectory

    OR Find files in your system which is owned by andrew user & save on /backup/somefile.

    
    # find / -user jacques > /root/findfiles ( if /root/findfiles is a file)
    
    
    # mkdir -p /root/findfiles
    # find / -user jacques -exec cp -a {} /root/findfiles\;    [ if /root/findfiles is a directory ]
    
    

    15. Find all lines contain a string loop in a file /etc/grub.conf copy it to /root/list. Don’t leave a free line in /root/list

    grep loop /etc/hosts > /root/list
    

    16. Create a device:

    Logical volume qa with 60 extents.

    Volume group qagroup with 16MB extent size.

    Mount it permanently under /abc with file system ext3

    
    # fdisk -l
    # fdisk -cu /dev/vda
    n
    default(first)
    default(last): +1000M
    (since 60 extents of 16M = 16*60=960MB lvm;
    So physical volume > 960MB)
    t(1-6):6
    l:8e
    p
    w
    # reboot(init6)
    # pvcreate /dev/vda6
    # vgcreate -s 16M qagroup /dev/vda6
    # lvcreate -l 60 -n qa qagroup
    # mkfs.ext3 /dev/qagroup/qa
    # mkdir /abc
    # vim /etc/fstab
    /dev/qagroup/qa /abc ext3 defaults 0 0
    :wq
    # mount -a
    
  • debconf: unable to initialize frontend: Dialog

    When installing a program in Ubuntu 18.04 server minimal installation, i get following error

    debconf: unable to initialize frontend: Dialog
    debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
    debconf: falling back to frontend: Readline
    

    To fix this, run

    apt -y install whiptail
    

    OR

    apt -y install dialog
    

    Related Posts

    Errors

    apt

  • Install Unbound DNS caching server

    Unbound is an Open source DNS caching and recursive resolver. You can find more about unbound at

    https://nlnetlabs.nl/projects/unbound/about/

    To install unbound on Ubuntu/Debian, run

    apt install unbound
    

    To start unbound

    systemctl start unbound
    

    Set unbound to start on boot

    systemctl enable unbound
    

    To configure your server to use local name servers provided by unbound, edit file

    vi /etc/resolv.conf
    

    Add

    nameserver 127.0.0.1
    

    See dns

  • Start x11vnc with supervisord

    To auo start x11vnc with supervisord, first install x11vnc and supervisord

    apt -y install supervisor x11vnc
    

    Create a password file

    x11vnc -storepasswd YOUR_SECRET_PW /etc/vncsecret
    

    Replace YOUR_SECRET_PW with whatever password you want to use.

    Create supervisord unit file

    vi /etc/supervisor/conf.d/x11vnc.conf 
    

    Add following content

    [program:x11vnc]
    priority=200
    command=/usr/bin/x11vnc -rfbauth /etc/vncsecret -display :0 -xkb -noxrecord -noxfixes -noxdamage -wait 5 -shared 
    user=USERNAME_HERE
    autorestart=true
    autostart=true
    redirect_stderr=true
    

    Replace USERNAME_HERE with actual user name used to login to system.

    Enable supervisior

    systemctl enable supervisor
    

    You can use following commands to interact with supervisord

    supervisorctl restart all
    supervisorctl reload
    supervisorctl status
    

    See vnc

  • Manually run icecast on CentovaCast server

    On CentovaCast server, icecast is run as user ccuser, to run icecast, you need to enable shell for this user. By defult, this user have shell access disabled.

    ccuser:x:1001:1001::/usr/local/centovacast:/bin/false
    

    running icecast manually maybe useful when you want to debug some issue with icecast.

    To enable bash shell for user, run

    chsh --shell /bin/bash ccuser
    

    Login as user ccuser

    su - ccuser
    

    Now start icecast with

    /usr/local/icecast/bin/icecast -c /usr/local/centovacast/var/vhosts/USER_HERE/etc/server.conf
    

    Beofore you manually start icecast from terminal, make sure you stop icecast by logging into user in Centova Cast control panel.

    centovacast icecast

    See Centova Cast