ServerOK – Page 2 – Linux Server Management

Install rsync in freebsd from source

On the server, i want to install rsync have no ports as it was older version FreeBSD 5.4 and is not supported, so install rsync from source.

http://www.samba.org/ftp/rsync/

mkdir /usr/local/src
cd /usr/local/src
wget http://www.samba.org/ftp/rsync/rsync-3.0.5.tar.gz
tar -zxvf rsync-3.0.5.tar.gz
cd rsync-3.0.5
./configure
make
make install

mkdir /usr/local/src

cd /usr/local/src

wget http://www.samba.org/ftp/rsync/rsync-3.0.5.tar.gz

tar -zxvf rsync-3.0.5.tar.gz

cd rsync-3.0.5

./configure

make

make install

After install, you need to run rehash command

newinst# rsync
rsync: Command not found.
newinst# rehash
newinst# rsync
rsync  version 3.0.5  protocol version 30
Copyright (C) 1996-2008 by Andrew Tridgell, Wayne Davison, and others.
Web site: http://rsync.samba.org/
Capabilities:
    64-bit files, 32-bit inums, 32-bit timestamps, 64-bit long ints,
    socketpairs, hardlinks, symlinks, IPv6, batchfiles, inplace,
    append, ACLs, xattrs, no iconv, symtimes

rsync comes with ABSOLUTELY NO WARRANTY.  This is free software, and you
are welcome to redistribute it under certain conditions.  See the GNU
General Public Licence for details.

rsync is a file transfer program capable of efficient remote update
via a fast differencing algorithm.

Usage: rsync [OPTION]... SRC [SRC]... DEST
  or   rsync [OPTION]... SRC [SRC]... [USER@]HOST:DEST
  or   rsync [OPTION]... SRC [SRC]... [USER@]HOST::DEST
  or   rsync [OPTION]... SRC [SRC]... rsync://[USER@]HOST[:PORT]/DEST
  or   rsync [OPTION]... [USER@]HOST:SRC [DEST]
  or   rsync [OPTION]... [USER@]HOST::SRC [DEST]
  or   rsync [OPTION]... rsync://[USER@]HOST[:PORT]/SRC [DEST]
The ':' usages connect via remote shell, while '::' & 'rsync://' usages connect
to an rsync daemon, and require SRC or DEST to start with a module name.

Options
 -v, --verbose               increase verbosity
 -q, --quiet                 suppress non-error messages
     --no-motd               suppress daemon-mode MOTD (see manpage caveat)
 -c, --checksum              skip based on checksum, not mod-time & size
 -a, --archive               archive mode; equals -rlptgoD (no -H,-A,-X)
     --no-OPTION             turn off an implied OPTION (e.g. --no-D)
 -r, --recursive             recurse into directories
 -R, --relative              use relative path names
     --no-implied-dirs       don't send implied dirs with --relative
 -b, --backup                make backups (see --suffix & --backup-dir)
     --backup-dir=DIR        make backups into hierarchy based in DIR
     --suffix=SUFFIX         set backup suffix (default ~ w/o --backup-dir)
 -u, --update                skip files that are newer on the receiver
     --inplace               update destination files in-place (SEE MAN PAGE)
     --append                append data onto shorter files
     --append-verify         like --append, but with old data in file checksum
 -d, --dirs                  transfer directories without recursing
 -l, --links                 copy symlinks as symlinks
 -L, --copy-links            transform symlink into referent file/dir
     --copy-unsafe-links     only "unsafe" symlinks are transformed
     --safe-links            ignore symlinks that point outside the source tree
 -k, --copy-dirlinks         transform symlink to a dir into referent dir
 -K, --keep-dirlinks         treat symlinked dir on receiver as dir
 -H, --hard-links            preserve hard links
 -p, --perms                 preserve permissions
 -E, --executability         preserve the file's executability
     --chmod=CHMOD           affect file and/or directory permissions
 -A, --acls                  preserve ACLs (implies --perms)
 -X, --xattrs                preserve extended attributes
 -o, --owner                 preserve owner (super-user only)
 -g, --group                 preserve group
     --devices               preserve device files (super-user only)
     --specials              preserve special files
 -D                          same as --devices --specials
 -t, --times                 preserve modification times
 -O, --omit-dir-times        omit directories from --times
     --super                 receiver attempts super-user activities
     --fake-super            store/recover privileged attrs using xattrs
 -S, --sparse                handle sparse files efficiently
 -n, --dry-run               perform a trial run with no changes made
 -W, --whole-file            copy files whole (without delta-xfer algorithm)
 -x, --one-file-system       don't cross filesystem boundaries
 -B, --block-size=SIZE       force a fixed checksum block-size
 -e, --rsh=COMMAND           specify the remote shell to use
     --rsync-path=PROGRAM    specify the rsync to run on the remote machine
     --existing              skip creating new files on receiver
     --ignore-existing       skip updating files that already exist on receiver
     --remove-source-files   sender removes synchronized files (non-dirs)
     --del                   an alias for --delete-during
     --delete                delete extraneous files from destination dirs
     --delete-before         receiver deletes before transfer, not during
     --delete-during         receiver deletes during transfer (default)
     --delete-delay          find deletions during, delete after
     --delete-after          receiver deletes after transfer, not during
     --delete-excluded       also delete excluded files from destination dirs
     --ignore-errors         delete even if there are I/O errors
     --force                 force deletion of directories even if not empty
     --max-delete=NUM        don't delete more than NUM files
     --max-size=SIZE         don't transfer any file larger than SIZE
     --min-size=SIZE         don't transfer any file smaller than SIZE
     --partial               keep partially transferred files
     --partial-dir=DIR       put a partially transferred file into DIR
     --delay-updates         put all updated files into place at transfer's end
 -m, --prune-empty-dirs      prune empty directory chains from the file-list
     --numeric-ids           don't map uid/gid values by user/group name
     --timeout=SECONDS       set I/O timeout in seconds
     --contimeout=SECONDS    set daemon connection timeout in seconds
 -I, --ignore-times          don't skip files that match in size and mod-time
     --size-only             skip files that match in size
     --modify-window=NUM     compare mod-times with reduced accuracy
 -T, --temp-dir=DIR          create temporary files in directory DIR
 -y, --fuzzy                 find similar file for basis if no dest file
     --compare-dest=DIR      also compare destination files relative to DIR
     --copy-dest=DIR         ... and include copies of unchanged files
     --link-dest=DIR         hardlink to files in DIR when unchanged
 -z, --compress              compress file data during the transfer
     --compress-level=NUM    explicitly set compression level
     --skip-compress=LIST    skip compressing files with a suffix in LIST
 -C, --cvs-exclude           auto-ignore files the same way CVS does
 -f, --filter=RULE           add a file-filtering RULE
 -F                          same as --filter='dir-merge /.rsync-filter'
                             repeated: --filter='- .rsync-filter'
     --exclude=PATTERN       exclude files matching PATTERN
     --exclude-from=FILE     read exclude patterns from FILE
     --include=PATTERN       don't exclude files matching PATTERN
     --include-from=FILE     read include patterns from FILE
     --files-from=FILE       read list of source-file names from FILE
 -0, --from0                 all *-from/filter files are delimited by 0s
 -s, --protect-args          no space-splitting; only wildcard special-chars
     --address=ADDRESS       bind address for outgoing socket to daemon
     --port=PORT             specify double-colon alternate port number
     --sockopts=OPTIONS      specify custom TCP options
     --blocking-io           use blocking I/O for the remote shell
     --stats                 give some file-transfer stats
 -8, --8-bit-output          leave high-bit chars unescaped in output
 -h, --human-readable        output numbers in a human-readable format
     --progress              show progress during transfer
 -P                          same as --partial --progress
 -i, --itemize-changes       output a change-summary for all updates
     --out-format=FORMAT     output updates using the specified FORMAT
     --log-file=FILE         log what we're doing to the specified FILE
     --log-file-format=FMT   log updates using the specified FMT
     --password-file=FILE    read daemon-access password from FILE
     --list-only             list the files instead of copying them
     --bwlimit=KBPS          limit I/O bandwidth; KBytes per second
     --write-batch=FILE      write a batched update to FILE
     --only-write-batch=FILE like --write-batch but w/o updating destination
     --read-batch=FILE       read a batched update from FILE
     --protocol=NUM          force an older protocol version to be used
 -4, --ipv4                  prefer IPv4
 -6, --ipv6                  prefer IPv6
     --version               print version number
(-h) --help                  show this help (-h works with no other options)

Use "rsync --daemon --help" to see the daemon-mode command-line options.
Please see the rsync(1) and rsyncd.conf(5) man pages for full documentation.
See http://rsync.samba.org/ for updates, bug reports, and answers
rsync error: syntax or usage error (code 1) at main.c(1408) [client=3.0.5]
newinst#

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

newinst# rsync

rsync: Command not found.

newinst# rehash

newinst# rsync

rsync version 3.0.5 protocol version 30

Web site: http://rsync.samba.org/

Capabilities:

64-bit files, 32-bit inums, 32-bit timestamps, 64-bit long ints,

socketpairs, hardlinks, symlinks, IPv6, batchfiles, inplace,

append, ACLs, xattrs, no iconv, symtimes

rsync comes with ABSOLUTELY NO WARRANTY. This is free software, and you

are welcome to redistribute it under certain conditions. See the GNU

General Public Licence for details.

rsync is a file transfer program capable of efficient remote update

via a fast differencing algorithm.

Usage: rsync [OPTION]... SRC [SRC]... DEST

or rsync [OPTION]... SRC [SRC]... [USER@]HOST:DEST

or rsync [OPTION]... SRC [SRC]... [USER@]HOST::DEST

or rsync [OPTION]... SRC [SRC]... rsync://[[email protected]]HOST[:PORT]/DEST

or rsync [OPTION]... [USER@]HOST:SRC [DEST]

or rsync [OPTION]... [USER@]HOST::SRC [DEST]

or rsync [OPTION]... rsync://[[email protected]]HOST[:PORT]/SRC [DEST]

The ':' usages connect via remote shell, while '::' & 'rsync://' usages connect

to an rsync daemon, and require SRC or DEST to start with a module name.

Options

-v, --verbose increase verbosity

-q, --quiet suppress non-error messages

--no-motd suppress daemon-mode MOTD (see manpage caveat)

-c, --checksum skip based on checksum, not mod-time & size

-a, --archive archive mode; equals -rlptgoD (no -H,-A,-X)

--no-OPTION turn off an implied OPTION (e.g. --no-D)

-r, --recursive recurse into directories

-R, --relative use relative path names

--no-implied-dirs don't send implied dirs with --relative

-b, --backup make backups (see --suffix & --backup-dir)

--backup-dir=DIR make backups into hierarchy based in DIR

--suffix=SUFFIX set backup suffix (default ~ w/o --backup-dir)

-u, --update skip files that are newer on the receiver

--inplace update destination files in-place (SEE MAN PAGE)

--append append data onto shorter files

--append-verify like --append, but with old data in file checksum

-d, --dirs transfer directories without recursing

-l, --links copy symlinks as symlinks

-L, --copy-links transform symlink into referent file/dir

--copy-unsafe-links only "unsafe" symlinks are transformed

--safe-links ignore symlinks that point outside the source tree

-k, --copy-dirlinks transform symlink to a dir into referent dir

-K, --keep-dirlinks treat symlinked dir on receiver as dir

-H, --hard-links preserve hard links

-p, --perms preserve permissions

-E, --executability preserve the file's executability

--chmod=CHMOD affect file and/or directory permissions

-A, --acls preserve ACLs (implies --perms)

-X, --xattrs preserve extended attributes

-o, --owner preserve owner (super-user only)

-g, --group preserve group

--devices preserve device files (super-user only)

--specials preserve special files

-D same as --devices --specials

-t, --times preserve modification times

-O, --omit-dir-times omit directories from --times

--super receiver attempts super-user activities

--fake-super store/recover privileged attrs using xattrs

-S, --sparse handle sparse files efficiently

-n, --dry-run perform a trial run with no changes made

-W, --whole-file copy files whole (without delta-xfer algorithm)

-x, --one-file-system don't cross filesystem boundaries

-B, --block-size=SIZE force a fixed checksum block-size

-e, --rsh=COMMAND specify the remote shell to use

--rsync-path=PROGRAM specify the rsync to run on the remote machine

--existing skip creating new files on receiver

--ignore-existing skip updating files that already exist on receiver

--remove-source-files sender removes synchronized files (non-dirs)

--del an alias for --delete-during

--delete delete extraneous files from destination dirs

--delete-before receiver deletes before transfer, not during

--delete-during receiver deletes during transfer (default)

--delete-delay find deletions during, delete after

--delete-after receiver deletes after transfer, not during

--delete-excluded also delete excluded files from destination dirs

--ignore-errors delete even if there are I/O errors

--force force deletion of directories even if not empty

--max-delete=NUM don't delete more than NUM files

--max-size=SIZE don't transfer any file larger than SIZE

--min-size=SIZE don't transfer any file smaller than SIZE

--partial keep partially transferred files

--partial-dir=DIR put a partially transferred file into DIR

--delay-updates put all updated files into place at transfer's end

-m, --prune-empty-dirs prune empty directory chains from the file-list

--numeric-ids don't map uid/gid values by user/group name

--timeout=SECONDS set I/O timeout in seconds

--contimeout=SECONDS set daemon connection timeout in seconds

-I, --ignore-times don't skip files that match in size and mod-time

--size-only skip files that match in size

--modify-window=NUM compare mod-times with reduced accuracy

-T, --temp-dir=DIR create temporary files in directory DIR

-y, --fuzzy find similar file for basis if no dest file

--compare-dest=DIR also compare destination files relative to DIR

--copy-dest=DIR ... and include copies of unchanged files

--link-dest=DIR hardlink to files in DIR when unchanged

-z, --compress compress file data during the transfer

--compress-level=NUM explicitly set compression level

--skip-compress=LIST skip compressing files with a suffix in LIST

-C, --cvs-exclude auto-ignore files the same way CVS does

-f, --filter=RULE add a file-filtering RULE

-F same as --filter='dir-merge /.rsync-filter'

repeated: --filter='- .rsync-filter'

--exclude=PATTERN exclude files matching PATTERN

--exclude-from=FILE read exclude patterns from FILE

--include=PATTERN don't exclude files matching PATTERN

--include-from=FILE read include patterns from FILE

--files-from=FILE read list of source-file names from FILE

-0, --from0 all *-from/filter files are delimited by 0s

-s, --protect-args no space-splitting; only wildcard special-chars

--address=ADDRESS bind address for outgoing socket to daemon

--port=PORT specify double-colon alternate port number

--sockopts=OPTIONS specify custom TCP options

--blocking-io use blocking I/O for the remote shell

--stats give some file-transfer stats

-8, --8-bit-output leave high-bit chars unescaped in output

-h, --human-readable output numbers in a human-readable format

--progress show progress during transfer

-P same as --partial --progress

-i, --itemize-changes output a change-summary for all updates

--out-format=FORMAT output updates using the specified FORMAT

--log-file=FILE log what we're doing to the specified FILE

--log-file-format=FMT log updates using the specified FMT

--password-file=FILE read daemon-access password from FILE

--list-only list the files instead of copying them

--bwlimit=KBPS limit I/O bandwidth; KBytes per second

--write-batch=FILE write a batched update to FILE

--only-write-batch=FILE like --write-batch but w/o updating destination

--read-batch=FILE read a batched update from FILE

--protocol=NUM force an older protocol version to be used

-4, --ipv4 prefer IPv4

-6, --ipv6 prefer IPv6

--version print version number

(-h) --help show this help (-h works with no other options)

Use "rsync --daemon --help" to see the daemon-mode command-line options.

Please see the rsync(1) and rsyncd.conf(5) man pages for full documentation.

See http://rsync.samba.org/ for updates, bug reports, and answers

rsync error: syntax or usage error (code 1) at main.c(1408) [client=3.0.5]

newinst#

See FreeBSD

maximum number of open files and file descriptors in linux

To see open files in linux use the command

lsof

lsof

There is a limit set in the kernel on how many open file descriptors are allowed on the system. This may be compiled in, or it may be tunable on the fly. In Linux, the value of this parameter can be read from and written to the proc filesystem.

[root@server50 home]# cat /proc/sys/fs/file-max
131072
[root@server50 home]#

[root@server50 home]# cat /proc/sys/fs/file-max

131072

[root@server50 home]#

On this system 1,31,072 open file descriptors are permitted. We are unlikely to run out. If we wanted to change it, we’d do something like this:

echo "132096" > /proc/sys/fs/file-max

1	echo "132096" > /proc/sys/fs/file-max

But how do we know how many file descriptors are being used?

[root@server1 ~]# cat /proc/sys/fs/file-nr
1792    0       131072
|	 |       |
|	 |       |
|        |       maximum open file descriptors
|        total free allocated file descriptors
total allocated file descriptors
(the number of file descriptors allocated since boot)

[root@server1 ~]# cat /proc/sys/fs/file-nr

1792 0 131072

| | |

| | maximum open file descriptors

| total free allocated file descriptors

total allocated file descriptors

(the number of file descriptors allocated since boot)

lighttpd too many open files

lighttpd server crashes with fllowing error in error_log file.

2019-11-05 09:39:02: (network_linux_sendfile.c.143) open failed:  Too many open files
2019-11-05 09:39:02: (connections.c.603) connection closed: write failed on fd 1228
2019-11-05 09:39:02: (response.c.537) file not found ... or so:  Too many open files /4032/1_451.jpg ->

2019-11-05 09:39:02: (network_linux_sendfile.c.143) open failed: Too many open files

2019-11-05 09:39:02: (connections.c.603) connection closed: write failed on fd 1228

2019-11-05 09:39:02: (response.c.537) file not found ... or so: Too many open files /4032/1_451.jpg ->

As lighttpd is a single-threaded server, its main resource limit is the number of file descriptors, which is set to 1024 by default (on most systems).

If you are running a high-traffic site you might want to increase this limit by setting server.max-fds.

server.max-fds = 8192

1	server.max-fds = 8192

[root@server22 lighttpd]# cat /proc/sys/fs/file-nr
4544    0       95873
[root@server22 lighttpd]#

[root@server22 lighttpd]# cat /proc/sys/fs/file-nr

4544 0 95873

[root@server22 lighttpd]#

Related Posts

lighttpd

maximum number of open files and file descriptors in linux

df not showing all mounts

On a server, df not showing all mounts

root@server20 [~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
tmpfs                 3.9G     0  3.9G   0% /dev/shm
root@server20 [~]#

root@server20 [~]# df -h

Filesystem Size Used Avail Use% Mounted on

tmpfs 3.9G 0 3.9G 0% /dev/shm

root@server20 [~]#

This is caused by corrupt /etc/mtab

To fix

mv /etc/mtab /etc/mtab.old
cat /proc/mounts > /etc/mtab

1 2	mv /etc/mtab /etc/mtab.old cat /proc/mounts > /etc/mtab

See df

Show disk usage with df

df command shows patritions and disk used by each partitions.

root@server54 [~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda2             450G  380G   47G  90% /
/dev/sda1              99M   11M   83M  12% /boot
tmpfs                 2.0G     0  2.0G   0% /dev/shm
/dev/sdb1             458G  390G   46G  90% /backup
/usr/tmpDSK           485M   63M  397M  14% /tmp
root@server54 [~]#

root@server54 [~]# df -h

Filesystem Size Used Avail Use% Mounted on

/dev/sda2 450G 380G 47G 90% /

/dev/sda1 99M 11M 83M 12% /boot

tmpfs 2.0G 0 2.0G 0% /dev/shm

/dev/sdb1 458G 390G 46G 90% /backup

/usr/tmpDSK 485M 63M 397M 14% /tmp

root@server54 [~]#

df not showing all mounts

RHCSA Study Guide

1. Logical volume ‘home’ as created and mounted. Reduce its size to ‘192M’ (size from 185M to 200MB is acceptable)

# lvdispaly
# umount /dev/vgsrv/home
# e2fsck -f /dev/vgsrv/home
# resize2fs /dev/vgsrv/home 192M 
# lvcreduce -L 192M /dev/vgsrv/home
# mount /dev/vgsrv/home
# lvdisplay


# lvdisplay
# umount /dev/vgsrv/home
# lvextend -L 256M /dev/vgsrv/home
# e2fsck -f /dev/vgsrv/home
# resize2fs /dev/vgsrv/home 256M
# mount /dev/vgsrv/home
# lvdisplay

# lvdispaly

# umount /dev/vgsrv/home

# e2fsck -f /dev/vgsrv/home

# resize2fs /dev/vgsrv/home 192M

# lvcreduce -L 192M /dev/vgsrv/home

# mount /dev/vgsrv/home

# lvdisplay

# umount /dev/vgsrv/home

# lvextend -L 256M /dev/vgsrv/home

# e2fsck -f /dev/vgsrv/home

# resize2fs /dev/vgsrv/home 256M

# mount /dev/vgsrv/home

# lvdisplay

2. Add a group sysmgrs

Add a user Natasha such that user’s secondary group is sysmgrs.

Add a user harry such that user’s secondary group is sysmgrs.

Add a user sarrah, who has no interactive shell, and not belongs to the group sysmgrs.

Set password of Natasha, harry and sarrah to lotawens.

# groupadd sysmgrs
# useradd -G sysmgrs Natasha
( We can verify the newly created user by cat /etc/passwd)
# useradd -G sysmgrs harry
# useradd -s /sbin/nologin sarrh
# passwd Natasha
# passwd harry
# passwd sarrah

# groupadd sysmgrs

# useradd -G sysmgrs Natasha

( We can verify the newly created user by cat /etc/passwd)

# useradd -G sysmgrs harry

# useradd -s /sbin/nologin sarrh

# passwd Natasha

# passwd harry

# passwd sarrah

3. Configure FTP access on your virtual machine to allow permission for anonymous user.

If yum not configured;
# cd /etc/yum.repos.d
# vim domain70.repo
[domain70]
baseurl=
enabled=1
gpgcheck=0
:wq!

# yum clean all
# yum update all

# yum install vsftpd*
# yum install ftp
# ftp ip
User: anonymous
Password: <none>

If logging successfully, do the last steps;
If not, the below mentioned files and make changes.
# vim /etc/vsftpd/vsftpd.conf
# vim /etc/vsftpd/ftpusers
# vim /etc/vsftpd/user_list
And try again
# service vsftpd restart
# chkconfig vsftpd on

If yum not configured;

# cd /etc/yum.repos.d

# vim domain70.repo

[domain70]

baseurl=

enabled=1

gpgcheck=0

:wq!

# yum clean all

# yum update all

# yum install vsftpd*

# yum install ftp

# ftp ip

User: anonymous

Password: <none>

If logging successfully, do the last steps;

If not, the below mentioned files and make changes.

# vim /etc/vsftpd/vsftpd.conf

# vim /etc/vsftpd/ftpusers

# vim /etc/vsftpd/user_list

And try again

# service vsftpd restart

# chkconfig vsftpd on

4. Make a collaborative directory /a/b and set the permission as

Group ownership of /a/b is sysmgrs

The directory should be readable, writable and accessable to members of sysmgrs, but not to any other user. ( it is undershould that root has access to all files and
directories on the system)

Files created in /a/b automatically have group ownership set to the group sysmgrs.

# mkdir -p /a/b
# chgrp sysmgrs /a/b
# chmod 2770 /a/b

# mkdir -p /a/b

# chgrp sysmgrs /a/b

# chmod 2770 /a/b

5. Copy the file /etc/fstab to /var/tmp. Configure the permissions of /var/tmp/fstab so that,

The file /var/tmp/fstab is owned by the root user

The file /var/tmp/fstab is belongs to group root

The file /var/tmp/fstab is should not be executable by anyone

The user natasha is able to read and write /var/tmp/fstab

The user harry can neigher write not read /var/tmp/fstab

All other users (current or future) have the ability to read /var/tmp/fstab

# cp -a /etc/fstab /var/tmp
# cd /var/tmp
# ls -l
# getfacl /var/tmp/fstab
# chmod ugo-x /var/tmp/fstab 
[ No need to do this, there won't be execute permission for the file by default]
# setfacl -m u:natasha:rw /var/tmp/fstab
# setfacl -m u:harry:0 /var/tmp/fstab   (zero)
[Read permission will be there for all the users, by default. Check it using ls -l /var/tmp/fstab]

Verify by

[ ls -la /var/tmp/fstab]

# cp -a /etc/fstab /var/tmp

# cd /var/tmp

# ls -l

# getfacl /var/tmp/fstab

# chmod ugo-x /var/tmp/fstab

[ No need to do this, there won't be execute permission for the file by default]

# setfacl -m u:natasha:rw /var/tmp/fstab

# setfacl -m u:harry:0 /var/tmp/fstab (zero)

[Read permission will be there for all the users, by default. Check it using ls -l /var/tmp/fstab]

Verify by

[ ls -la /var/tmp/fstab]

6. set cronjob for user natasha to do /bin/echo hiya at 14:23

# crontab -e -u natasha
23 14 * * * /bin/echo hiya
:wq!

# crontab -e -u natasha

23 14 * * * /bin/echo hiya

:wq!

7. host.domain70.example.com shares remote users. Configure ldap such that ldapusers has no home directory until we do automounting.

baseDN: dc=domain70, dc=example, dc=com

Certificate: ftp://host.domain70.example.com/pub/EXAMPLE-CA-CERT

Username: ldapuser70

Password: password

# system-config-authentication
LDAP user
DN=dc=domain70,dc=example,dc=com
Server=host.domain70.example.com
Certificate= ftp://host.domain70.example.com/pub/exam-crt ( enter url carefully, there maybe // or ..)
LDAP password
OK

starting sssd
# su -ldapuser70
Display Bash prompt
#exit

# system-config-authentication

LDAP user

DN=dc=domain70,dc=example,dc=com

Server=host.domain70.example.com

Certificate= ftp://host.domain70.example.com/pub/exam-crt ( enter url carefully, there maybe // or ..)

LDAP password

starting sssd

# su -ldapuser70

Display Bash prompt

#exit

8. configure NTP with that of rhcert.domain70.example.com

# system-config-date
Delete old server names and add given server name 
Advanced Tick speedup
#exit

# system-config-date

Delete old server names and add given server name

Advanced Tick speedup

#exit

9. Implement a web server for the site http://station.domain70.example.com/ then perform the following steps:

Download ftp://rhcert.domain70.example.com/pub/rhcsa/station.html

Rename the download file to index.html

Copy this index.html to the Document root of your web server.

DO NOT make any modifications to the content of index.html

# yum install httpd
# cd /var/www/html
# wget ftp://rhcert.domain70.example.com/pub/rhcsa/station.html
# mv station.html index.html
990th line : remove '#'
Remove '*' and add IP address:
Eg Name VirtualHost 172.40.70.12
1003rd line copy 7 lines and paste below that itself.
(last 7 lines)
Remove # of all lines

Ist line : remove * and add ip
<VirtualHost 172.40.70.12:80>

3rd line

Document Root /var/www/html

4th line

server name station.domain70.example.com
:wq!

#service httpd restart
# chkconfig httpd on

check site http://station.domain70.example.com/

# yum install httpd

# cd /var/www/html

# wget ftp://rhcert.domain70.example.com/pub/rhcsa/station.html

# mv station.html index.html

990th line : remove '#'

Remove '*' and add IP address:

Eg Name VirtualHost 172.40.70.12

1003rd line copy 7 lines and paste below that itself.

(last 7 lines)

Remove # of all lines

Ist line : remove * and add ip

3rd line

Document Root /var/www/html

4th line

server name station.domain70.example.com

:wq!

#service httpd restart

# chkconfig httpd on

check site http://station.domain70.example.com/

10. Install the appropriate Kernel update from ftp://domain70.example.com/pub/updates/ The following criteria must also be met:

The updated kernel is the default Kernel when the system is rebooted.

The orginal kernel remains available and bootable on the system.

# ftp rhcert.domain70.example.com
Anonymous login
ftp> cd /pub/updates
ftp> ls
ftp> mget kernel*
ftp> bye
# rpm -ivh kernel*
# vim /etc/grub.conf
Check the updatted kernel is the first kernel and the orginal kernel remains available.
set default=0
:wq!

# ftp rhcert.domain70.example.com

Anonymous login

ftp> cd /pub/updates

ftp> ls

ftp> mget kernel*

ftp> bye

# rpm -ivh kernel*

# vim /etc/grub.conf

Check the updatted kernel is the first kernel and the orginal kernel remains available.

set default=0

:wq!

11. Configure autofs to automount the home directories of ldapusers host.domain70.example.com NFS-exports /rhome to your
machine. ldapuser70’s home directory should be automounted locally beneath /rhome/ldapuser7-. Home directores must be writable by thier users.

User: ldpauser70
Password: password

# vim /etc/auto.master
/rhome /etc/auto.misc
:wq!
# vim /etc/auto.misc
ldapuser70 --rw,sync host.domain70.example.com:/rhome/ldpauser70
:wq!

#service autofs restart
# service autofs reload
# chkconfig autofs on
# su -ldapuser70
Login ldapuser with home directory
# exit

# vim /etc/auto.master

/rhome /etc/auto.misc

:wq!

# vim /etc/auto.misc

ldapuser70 --rw,sync host.domain70.example.com:/rhome/ldpauser70

:wq!

#service autofs restart

# service autofs reload

# chkconfig autofs on

# su -ldapuser70

# exit

12. Create a swap partition of 754 MB size. Do not make any change to the existing swap partition

# fdisk -l
# fdisk -cu /dev/vda
p
n
e or p
select e
default (first): enter
default (last): enter
n
default(first): enter
default(first): +754M
t(1-5)
l: 82
p
w
#reboot
#mkswap /dev/vda5


# vim /etc/fstab

/dev/vda5 swap swap defaults 0 0

:wq

# mount -a
# swapon -a
# swapon -s

# fdisk -l

# fdisk -cu /dev/vda

e or p

select e

default (first): enter

default (last): enter

default(first): enter

default(first): +754M

t(1-5)

l: 82

#reboot

#mkswap /dev/vda5

# vim /etc/fstab

/dev/vda5 swap swap defaults 0 0

:wq

# mount -a

# swapon -a

# swapon -s

13. Add a user manlo with uid 1353. Set his password as lotawens

# useradd -u 1353 manlo
# passwd manlo
# su - manlo

# useradd -u 1353 manlo

# passwd manlo

# su - manlo

14. Locate all files and directories of user jacques and copy it to /root/findfiles

OR locate the files of owner “dax” and copy to the directory /root/founddirectory

OR Find files in your system which is owned by andrew user & save on /backup/somefile.

# find / -user jacques > /root/findfiles ( if /root/findfiles is a file)


# mkdir -p /root/findfiles
# find / -user jacques -exec cp -a {} /root/findfiles\;    [ if /root/findfiles is a directory ]

# find / -user jacques > /root/findfiles ( if /root/findfiles is a file)

# mkdir -p /root/findfiles

# find / -user jacques -exec cp -a {} /root/findfiles\; [ if /root/findfiles is a directory ]

15. Find all lines contain a string loop in a file /etc/grub.conf copy it to /root/list. Don’t leave a free line in /root/list

grep loop /etc/hosts > /root/list

1	grep loop /etc/hosts > /root/list

16. Create a device:

Logical volume qa with 60 extents.

Volume group qagroup with 16MB extent size.

Mount it permanently under /abc with file system ext3

# fdisk -l
# fdisk -cu /dev/vda
n
default(first)
default(last): +1000M
(since 60 extents of 16M = 16*60=960MB lvm;
So physical volume > 960MB)
t(1-6):6
l:8e
p
w
# reboot(init6)
# pvcreate /dev/vda6
# vgcreate -s 16M qagroup /dev/vda6
# lvcreate -l 60 -n qa qagroup
# mkfs.ext3 /dev/qagroup/qa
# mkdir /abc
# vim /etc/fstab
/dev/qagroup/qa /abc ext3 defaults 0 0
:wq
# mount -a

# fdisk -l

# fdisk -cu /dev/vda

default(first)

default(last): +1000M

(since 60 extents of 16M = 16*60=960MB lvm;

So physical volume > 960MB)

t(1-6):6

l:8e

# reboot(init6)

# pvcreate /dev/vda6

# vgcreate -s 16M qagroup /dev/vda6

# lvcreate -l 60 -n qa qagroup

# mkfs.ext3 /dev/qagroup/qa

# mkdir /abc

# vim /etc/fstab

/dev/qagroup/qa /abc ext3 defaults 0 0

:wq

# mount -a

MySQL ERROR Access denied you need SUPER privilege for this operation

WHen restoring a MySQL database, i get following error

root@ns3043014:~# mysql -u NEW_DB_USER -p'PASSOWRD_HERE' DB_NAME < BACKUP_FILE.sql
ERROR 1227 (42000) at line 4382: Access denied; you need (at least one of) the SUPER privilege(s) for this operation
root@ns3043014:~#

root@ns3043014:~# mysql -u NEW_DB_USER -p'PASSOWRD_HERE' DB_NAME < BACKUP_FILE.sql

ERROR 1227 (42000) at line 4382: Access denied; you need (at least one of) the SUPER privilege(s) for this operation

root@ns3043014:~#

I opened the file in vim editor. On checking line 4382, i found following

/*!50013 DEFINER=`OLD_DB_USER`@`localhost` SQL SECURITY DEFINER */

1	/!50013 DEFINER=`OLD_DB_USER`@`localhost` SQL SECURITY DEFINER /

This is because some stored procedures use old database user as definer. To fix you need to find and replace all entry for old username with new username.

In vim, i can run

:%s/OLD_DB_USER/NEW_DB_USER/g

1	:%s/OLD_DB_USER/NEW_DB_USER/g

Or delete the DEFINER line from SQL file.

sed 's/\sDEFINER=`[^`]*`@`[^`]*`//g' BACKUP_FILE.sql > BACKUP_FILE-modified.sql

1	sed 's/\sDEFINER=`[^`]`@`[^`]`//g' BACKUP_FILE.sql > BACKUP_FILE-modified.sql

Now restore BACKUP_FILE-modified.sql with

mysql -u NEW_DB_USER -p'PASSOWRD_HERE' DB_NAME < BACKUP_FILE-modified.sql

1	mysql -u NEW_DB_USER -p'PASSOWRD_HERE' DB_NAME < BACKUP_FILE-modified.sql

debconf: unable to initialize frontend: Dialog

When installing a program in Ubuntu 18.04 server minimal installation, i get following error

debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline

debconf: unable to initialize frontend: Dialog

debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)

debconf: falling back to frontend: Readline

To fix this, run

apt -y install dialog

1	apt -y install dialog

Errors

apt

Install Unbound DNS caching server

Unbound is an Open source DNS caching and recursive resolver. You can find more about unbound at

https://nlnetlabs.nl/projects/unbound/about/

To install unbound on Ubuntu/Debian, run

apt install unbound

1	apt install unbound

To start unbound

systemctl start unbound

1	systemctl start unbound

Set unbound to start on boot

systemctl enable unbound

1	systemctl enable unbound

To configure your server to use local name servers provided by unbound, edit file

vi /etc/resolv.conf

1	vi /etc/resolv.conf

Add

nameserver 127.0.0.1

1	nameserver 127.0.0.1

See dns

x11vnc

See vnc