sorted by: recent | see : popular

Content Tagged with System + Administration

Linux is a perfect platform to act as a router/gateway.

In this tutorial, I will explain how to set up a Linux box to operate as a network router. The box will provide the following services:

• DHCP server to provide the ip addresses to the machines in the LAN
• DNS server to resolve domain names
• Gateway with IP tables to give access to the Internet.
• Firewall with IP tables.

The resulting machine will have quite a small footprint: about 600M, and except if your network is intensively used, a low spec computer can be recycled to do the job.

As the machine is going to operate as a router/firewall

read more

In the last post, a mail server setup was demonstrated. This post will demonstrate the setup of a mail client. Again, the setup of mail client is fairly straightforward. Here is the run.

On the client side, ensure the /var/mail directory is present.
# ls -l /var/mail

If not, create it.
# cd /var
# mkdir mail

Now modify the client's /etc/vfstab file
# vi /etc/vfstab
esoft:/var/mail - /var/mail nfs - yes -
:wq!

Now mount /var/mail
# mount /var/mail

Verify the /var/mail is actually being shared from the mail server
# cd /var/mail
# df -k .

A colleague, Mahlon Anderson, and I were thinking of ways of splitting up a fairly large XML file, which had approximately 27K records in it. I wanted to split this file into smaller ones, each having about 250-300 records, because my former web host service kept complaining about constant CPU quota overloads during uploads. A Perl based splitter script quickly came to mind.

With the web host service, I had plenty disk space and plenty bandwidth but limited CPU usage. Apparently, I didn’t notice that sticky point in the fine print while signing up for the service.

A different splitting implementation was later used as the permanent solution, but here is Mahlon's "quick and dirty" XML Perl splitter-- printed with his permission of course.

# vi split.pl
#!/usr/bin/perl
$file = @ARGV[0];

open(_FH, "_FH)
{
if($count == 0)
{
$filename = $file . "_part_" . $files_counter;
open(FH2, "> $filename") or die "Unable to open file: $filename\n";
$count++;
}

if (grep //, $_ )
{
$count++;
}

print FH2 $_;

if ($count == $max_records + 1)
{
$count = 0;
$files_counter++;
close(FH2);
}
}
:wq!

# ./split.pl bigxmlfile.xml

I am finally getting an opportunity to write a post. I have been so busy with upgrades lately and had to put off writing for awhile.

The other day I had a number of users complaining about not being able to fetch mail to their mail client, MS Outlook. As usual, I attempted to duplicate the error. The error message was reporting unable to connect to the mail server. At that point, I decided to telnet the Post Office Protocol or POP3 port, 110, via the command line interface. Sure enough, I had a problem.

Note: The “before and after” command line examples are only for illustration purposes.

# telnet server 110
Trying 192.1xx.xx.xxx...
telnet: Unable to connect to remote host: Connection refused

I started thinking there was a problem with the inetd.conf file. After reviewing the file, I noticed the pop3 service was commented out. The appropriate change was made and inetd was restarted. Problem resolved.

# telnet server 110
Trying 192.1xx.xx.xxx...
Connected to server.
Escape character is '^]'.
+OK connected to pop3 on 3429

By the way, you can check out other popular port services, too.
# telnet server 6667
# telnet server 25

Here is a convenient way of creating test files using the powerful Z Shell. I have been using this shell for a short while, and I am quickly becoming a fan of it. I used it to support transfer speed tests. To support these tests, I created a specified number of files that varied in size (1MB, 5MB, 10MB, 50MB, 100MB, 500MB, etc). Here is a straightforward one-liner mkfile example of creating 50 x 12MB files and a few others using zsh’s brace expansion.

# zsh
# mkfile 12m {1..50}.tst
# ls -l
total 122960
-rw------T 1 root other 12582912 Feb 18 20:04 1.tst
-rw------T 1 root other 12582912 Feb 18 20:04 2.tst
-rw------T 1 root other 12582912 Feb 18 20:04 3.tst
-rw------T 1 root other 12582912 Feb 18 20:04 4.tst
-rw------T 1 root other 12582912 Feb 18 20:04 5.tst
...

Other examples...

# touch {1..5}.testfile
# ls -l
total 0
-rw-r--r-- 1 root other 0 Feb 18 20:07 1.testfile
-rw-r--r-- 1 root other 0 Feb 18 20:07 2.testfile
-rw-r--r-- 1 root other 0 Feb 18 20:07 3.testfile
-rw-r--r-- 1 root other 0 Feb 18 20:07 4.testfile
-rw-r--r-- 1 root other 0 Feb 18 20:07 5.testfile

# touch {6..10}.data
# ls -l
total 0
-rw-r--r-- 1 root other 0 Feb 18 20:30 1.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 10.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 2.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 3.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 4.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 5.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 6.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 7.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 8.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 9.data

# ls -l {1..5}.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 1.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 2.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 3.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 4.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 5.data

If you want to add a credential for a workstation, you will need to make an entry into the niscred.org_dir table on the server. This example demonstrates what is done on the server side and workstation side. There are third party tools out there to manage credentials, but personally I like using the command line. Here is what a colleague and I did to support a NIS+ server change.

On Server
C shell
# setenv PATH $PATH:/usr/lib/nis
Bourne or Korn Shell
# PATH=$PATH:/usr/lib/nis; export PATH
# nisclient -c -o -d esofthub.com esoft
# nisaddcred -p unix.esoft@esofthub.com -P esoft.esofthub.com. des
# nisgrpadm -a admin.esofthub.com esoft.esofthub.com.

On Workstation
C shell
# setenv PATH $PATH:/usr/lib/nis
Bourne or Korn Shell
# PATH=$PATH:/usr/lib/nis; export PATH
# nisclient -i -d esofthub.com -h esoftsvr -a IPADDRESS

Building on the last post, I am using the niscat -o flag to display the structure of a common nisplus table. In the example below, the run shows the passwd table and its specific metadata/attribute information. Here is the syntax.

# niscat -o passwd.org_dir
Object Name : "passwd"
Directory : "org_dir.esofthub.com."
Owner : "esoft.esofthub.com."
Group : "admin.esofthub.com."
Access Rights : ----rmcdrmcdr---
Time to Live : 12:0:0
Creation Time : Sun Feb 24 18:22:47 2008
Mod. Time : Sun Feb 24 18:22:47 2008
Object Type : TABLE
Table Type : passwd_tbl
Number of Columns : 8
Character Separator : :
Search Path :
Columns :
[0] Name : name
Attributes : (SEARCHABLE, TEXTUAL DATA, CASE SENSITIVE)
Access Rights : r---r---r---r---
[1] Name : passwd
Attributes : (TEXTUAL DATA)
Access Rights : ----rm--r---r---
[2] Name : uid
Attributes : (SEARCHABLE, TEXTUAL DATA, CASE SENSITIVE)
Access Rights : r---r---r---r---
[3] Name : gid
Attributes : (TEXTUAL DATA)
Access Rights : r---r---r---r---
[4] Name : gcos
Attributes : (TEXTUAL DATA)
Access Rights : r---rmcdrmcdr---
[5] Name : home
Attributes : (TEXTUAL DATA)
Access Rights : r---rmcdrmcdr---
[6] Name : shell
Attributes : (TEXTUAL DATA)
Access Rights : r---rmcdrmcdr---
[7] Name : shadow
Attributes : (TEXTUAL DATA)
Access Rights : ----------------

A few years ago I took an Oracle database class at a university. I remember running SQL commands to perform a number of DBA tasks, such as creating databases, creating tables, creating procedures, altering tables, etc. via the command line. But in order to complete these tasks, we had to connect to the university's UNIX server via SSH. I remember using a nifty ssh client application. I found a link to its website while browsing my old coursework archive. At the time, I downloaded the "university use" copy, which was free, and it worked pretty well for the course.

Per the vendor's website, you can still download their SSH Secure Shell 3.2 non-commercial source code and there is also a Windows Client executable. Both are free of charge from various anonymous ftp sites around the globe for purposes of EVALUATION, NON-COMMERCIAL USE, and UNIVERSITY USE as defined in their license agreement.

Here is the link to the SSH Secure Shell for Workstations.

Other suggestions are always welcome.

A couple of days ago I was adding entries to my ban related tables via phpbb's administration tools. After awhile, I quickly tired of serially adding an entry and then submitting it. I decided to dump the three tables in question and then modify them by hand. Plus that, I wanted to review the MySQL syntax.

Here are a series of create and insert statements for MySQL. I modified some of the entry values with "x", "!", "?" as to not offend some readers.

SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
--
-- Table structure for table `phpbb_banlist`
--

CREATE TABLE `phpbb_banlist` (
`ban_id` mediumint(8) unsigned NOT NULL auto_increment,
`ban_userid` mediumint(8) NOT NULL default '0',
`ban_ip` varchar(8) NOT NULL default '',
`ban_email` varchar(255) default NULL,
PRIMARY KEY (`ban_id`),
KEY `ban_ip_user_id` (`ban_ip`,`ban_userid`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=97 ;

--
-- Dumping data for table `phpbb_banlist`
--

INSERT INTO `phpbb_banlist` VALUES(84, 0, '', '*@fromru.com');
INSERT INTO `phpbb_banlist` VALUES(5, 0, '', '*@mail.ru');
INSERT INTO `phpbb_banlist` VALUES(6, 0, '', '*@*.ru');
INSERT INTO `phpbb_banlist` VALUES(7, 0, '', '*@go2.pl');
...

CREATE TABLE `phpbb_disallow` (
`disallow_id` mediumint(8) unsigned NOT NULL auto_increment,
`disallow_username` varchar(25) NOT NULL default '',
PRIMARY KEY (`disallow_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=30 ;

INSERT INTO `phpbb_disallow` VALUES(1, '*porn*');
INSERT INTO `phpbb_disallow` VALUES(2, '*sex*');
INSERT INTO `phpbb_disallow` VALUES(3, '*xxxxx*');
INSERT INTO `phpbb_disallow` VALUES(4, '*co!!*');
INSERT INTO `phpbb_disallow` VALUES(5, '*axx*');
INSERT INTO `phpbb_disallow` VALUES(6, '*adult*');
INSERT INTO `phpbb_disallow` VALUES(7, '*viagra*');
INSERT INTO `phpbb_disallow` VALUES(8, '*pill*');
INSERT INTO `phpbb_disallow` VALUES(9, '*drug*');
INSERT INTO `phpbb_disallow` VALUES(10, '*pharm*');
...

-- Table structure for table `phpbb_words`
--

CREATE TABLE `phpbb_words` (
`word_id` mediumint(8) unsigned NOT NULL auto_increment,
`word` char(100) NOT NULL default '',
`replacement` char(100) NOT NULL default '',
PRIMARY KEY (`word_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=27 ;

--
-- Dumping data for table `phpbb_words`
--

INSERT INTO `phpbb_words` VALUES(1, 'xxxx', '***');
INSERT INTO `phpbb_words` VALUES(2, 'sh??', '****');
INSERT INTO `phpbb_words` VALUES(3, 'xxxch', '*****');
INSERT INTO `phpbb_words` VALUES(4, 'fxxke?', '******');
INSERT INTO `phpbb_words` VALUES(5, 'axx', '***');
INSERT INTO `phpbb_words` VALUES(6, '*turd*', '****');
...

I have been upgrading my phpbb forum from 2.X to 3.X. It has been a slog so far and mostly due to spammers. Before the 3.X converter would allow me to complete the conversion process, I had to delete most of the spammer usernames because they were essentially dups (e.g. User, USer, user, etc) but with different UID's . There were about 7,000 rows in the phpbb_user table - now there is a fraction of that left. Good.

Anyways, after exporting approximately 7000 rows to a file, I truncated the table. Here is an example.

TRUNCATE TABLE `phpbb_users`;

Here is the cleaned up (unique usernames) version of the file, which was re-ingested into the phpbb_users 2.X table.

INSERT INTO `phpbb_users` VALUES(2, 1, 'adam123', '49ad5...,NULL);
INSERT INTO `phpbb_users` VALUES(3, 1, 'laurahing', 'a3dcb4d2..., NULL);
INSERT INTO `phpbb_users` VALUES(4, 1, 'joshman', '49ad5b0771f..., NULL);
INSERT INTO `phpbb_users` VALUES(5, 0, 'ipsofacto', 'b63fc..., NULL);
INSERT INTO `phpbb_users` VALUES(6, 1, 'FitForFree', '04305e8e..., NULL);
INSERT INTO `phpbb_users` VALUES(7, 1, 'banchee', '8a645340...,NULL);
...

#####
I saw another meta data query asking how to limit the deletes by time for mysql. Here is a simple example.

DELETE FROM classified_ads WHERE user = 'esoft123'
ORDER BY timestamp_col LIMIT 10;

This tutorial will go over the steps to go through in order to set up a serial console on Debian Linux.

Debian uses sysvinit to handle the booting process, amongst the different task, and as such, there is a few differences between most of the tutorial that you might find on the internet regarding how to set up a serial console.

A Serial Console becomes handy when running a headless server (i.e no keyboard and screen) or if you cannot connect a a server because of a network issue.

read more

This tutorial will go over the steps to go through in order to set up a serial console on Ubuntu Linux.

Unlike most other distros, Ubuntu uses upstart instead of sysvinit and as such, there is a few differences between most of the tutorial that you might find on the internet regarding how to set up a serial console.

A Serial Console becomes handy when running a headless server (i.e no keyboard and screen) or if you cannot connect a a server because of a network issue.

read more

Chainloading an operating system allows grub to boot an opearating system's boot loader. This is commonly used to boot Windows for instance.

I personnaly use it to be able to have my "production" system's grub on the MBR, and address other distros'grub install on their root partition. The advantage is that kernel updates are real easy to handle. Each testing distro modifying their own grub won't interfere with my main OS bootloader.

This tutorial will explain how to configure grub's menu.lst from the main OS to boot other OSes bootloader through an example.

read more

Good tutorial on how to set up a Samba LDAP environment, especially for a PDC

Linux.com :: Automated user management with Expect