Admins eHow SysAdmin Tips & Tricks

June 19, 2011

Linux Redirection Cheat Sheet

Filed under: Bash,linux — Tags: , , , , — admin @ 2:32 pm
Normal Redirect:

command > filename        Redirect command output to a file
command >> filename       APPEND into a file
command < filename        Type a text file and pass the text to command
commandA  |  commandB     Pipe the output from commandA into commandB
commandA &  commandB      Run commandA and then run commandB
commandA && commandB      Run commandA, if it succeeds then run commandB
commandA || commandB      Run commandA, if it fails then run commandB

Numeric handles:

STDIN  = 0  Keyboard input
STDOUT = 1  Text output
STDERR = 2  Error text output
UNDEFINED = 3-9

command 2> filename       Redirect any error message into a file
command 2>> filename      Append any error message into a file
command > file 2>&1       Redirect errors and output to one file
command > file 2<&1       Redirect output and errors to one file
command > fileA 2> fileB  Redirect output and errors to separate files
command 2>&1 >filename    This will fail!

Redirect to /dev/null (hide errors):

command 2> /dev/null            Redirect error messages to /dev/null
command >/dev/null 2>&1         Redirect error and output to /dev/null
command >filename 2> /dev/null  Redirect output to file but suppress error

Source : ss64.com

May 4, 2011

Backup Files or MySQL DBs to a remote FTP server with compression and encryption

Filed under: CentOS,Debian,General,linux,Security — Tags: , , , , , , , — admin @ 6:30 pm

After my previous article which explained how to backup MySQL DBs to an email address , I am going to provide a more perfect solution in this article 🙂
The previous solution had some drawbacks and some advantages but the biggest problem was about the size of backup. although we compress the data with bzip2 algorithm which provides a high level of compression but in many cases, the attachment size will exceed 25MB or the limit of your email box. so it can not be used with public email services or will need a personal email server.
a better solution is to backup the data to a remote FTP server. in this case we will have almost no limit on file size (depending on your remote FTP server).
A perfect place to backup your files is fileserve.com , it offers 500GB of space for free and FTP access to it ! it is awesome ! I would recommend to upgrade to their premium service.
click on this link to signup for your free account : FileServe.com Free Account
also we will employ encryption to make sure our data is safe in transmit and in remote location.
to use this solution make sure bzip2, mcrypt and ncftp are installed on your server. I am not going into the details of installing each package, Google is your friend 🙂
so lets say you want to backup /var/www folder, use the following command :

tar jcf - /var/www | mcrypt -k 'SOME_LONG_COMPLEX_KEY' |  ncftpput -c -u FTP_USER -p FTP_PASS FTP_HOST /PREFIX-`date +%Y%m%d`

this only command will compress the whole /var/www folder by tar and bzip2 at the same time encrypt it by your key and at the same time will upload it to remote FTP server !
omg ! thats why I love Linux ! you can put it in your crontab to create automatic backups.
now lets say you want to backup all MySQL DBs , you can use the following command :

mysqldump --user=USERNAME --password=PASSWORD -A | bzip2 | mcrypt -k 'SOME_LONG_COMPLEX_KEY' |  ncftpput -c -u FTP_USER -p FTP_PASS FTP_HOST /PREFIX-`date +%Y%m%d`

the combinations and possibilities are limitless !
I just gave you the idea and showed you the power, use your own brain to make your perfect solution 😉
Just something else , if you needed to decrypt the file , you can use the following command :

mcrypt -d FILE_NAME -k 'YOUR_LONG_COMPLEX_KEY' > NEW_FILE_NAME

April 29, 2011

Backup all MySQL DBs and Compress and Email the backup

Filed under: CentOS,Debian,General,linux,MySQL — Tags: , , , , , , — admin @ 1:28 pm

Make sure mutt & bzip2 are installed on your server.
Change USERNAME & PASSWORD to your MySQL login credentials.
Change email@domain.com to your email which can accept large attachments (gmail is recommended, currently it accepts attachments up to 25MBs)
Put the following line in your crontab. you can access crontab by this command : crontab -e

0 0 * * * mysqldump --user=USERNAME --password=PASSWORD -A | bzip2 > ~/AllDBsBackup.bz2 && echo | mutt -a ~/AllDBsBackup.bz2 -s "All DBs Daily Backup" -- email@domain.com

April 27, 2011

Block BitTorrent traffic on your Linux firewall using iptables

Filed under: Debian,linux,Security — Tags: , , , , , — admin @ 7:25 pm

The following script will block and log un-encrypted BitTorrent & DHT traffic on your Linux firewall.
I have personally tested it on debian 5 lenny , but I am almost sure it should work pretty well on any new Linux distros.

iptables -N LOGDROP > /dev/null 2> /dev/null 
iptables -F LOGDROP 
iptables -A LOGDROP -j LOG --log-prefix "LOGDROP " 
iptables -A LOGDROP -j DROP

#Torrent
iptables -A FORWARD -m string --algo bm --string "BitTorrent" -j LOGDROP 
iptables -A FORWARD -m string --algo bm --string "BitTorrent protocol" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "peer_id=" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string ".torrent" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "announce.php?passkey=" -j LOGDROP 
iptables -A FORWARD -m string --algo bm --string "torrent" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "announce" -j LOGDROP
iptables -A FORWARD -m string --algo bm --string "info_hash" -j LOGDROP 

# DHT keyword
iptables -A FORWARD -m string --string "get_peers" --algo bm -j LOGDROP
iptables -A FORWARD -m string --string "announce_peer" --algo bm -j LOGDROP
iptables -A FORWARD -m string --string "find_node" --algo bm -j LOGDROP

March 28, 2011

How to fix “Starting httpd: httpd: apr_sockaddr_info_get() failed”

Filed under: Apache,General,linux — Tags: , — admin @ 5:49 am

This error is caused by the improper configuration of hostname of server. to fix it follow the steps below :
Change HOST.DOMAIN.com to your own hostname.

echo HOST.DOMAIN.com > /etc/hostname
/bin/hostname -F /etc/hostname
/etc/init.d/httpd restart

November 18, 2010

Install SNMP on Centos/RHEL

Filed under: CentOS,linux — Tags: , , , — admin @ 4:13 pm

The following easy steps will install snmp daemon on your CentOS/RHEL server :

yum install net-snmp net-snmp-utils

now snmpd simple configuration ( change SECRET_NAME to a complex string ) :

echo rocommunity SECRET_NAME > /etc/snmp/snmpd.conf

start snmpd :

service snmpd restart

also make sure it starts on boot :

chkconfig snmpd on

last step to check snmpd is working ( change SECRET_NAME to the string you have chose before ) :

snmpwalk -v 1 -c SECRET_NAME -O e 127.0.0.1

you should get an output like below :

SNMPv2-MIB::sysDescr.0 = STRING: Linux 2.6.18-194.11.4.el5xen #1 SMP Tue Sep 21 05:40:24 EDT 201
0 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (242211) 0:40:22.11
SNMPv2-MIB::sysContact.0 = STRING: root@localhost
SNMPv2-MIB::sysName.0 = STRING: 
SNMPv2-MIB::sysLocation.0 = STRING: Unknown
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (2) 0:00:00.02
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.3 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.4 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.6 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.7 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.8 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
.
.
.
.

September 28, 2010

XEN – Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.

Filed under: linux,XEN — Tags: , , , — admin @ 8:30 am

If you are getting the following error on a XEN domU :

Unable to load SELinux Policy. Machine is in enforcing mode. Halting now.
Kernel panic - not syncing: Attempted to kill init!

add the following line to domU config file :

extra = "selinux=0 ro"

May 22, 2010

Check connected IPs to port 80 and number of connections on linux

Filed under: Apache,linux,Security — admin @ 6:57 pm
netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
« Newer Posts

Powered by WordPress