dreadknot / linux Goto Github PK

View Code? Open in Web Editor NEW

1.0 1.0 0.0 144 KB

Notes and brain dump. Tricks and samples.

Awk 40.61% Shell 59.39%

linux's People

Contributors

Stargazers

linux's Issues

ssh

add key

ssh-add <keyfile>

get finger print from public key

ssh-keygen -lf github_rsa.pub

Don't use public key auth

ssh -o "PubkeyAuthentication=no" hostname

Cat key into other system

cat vagrant-id_rsa.pub | ssh -p 9999 vagrant@<host ip address> 'sh -c "cat - >>~/.ssh/authorized_keys"'

Create public key from private key in openssh format

ssh-keygen -y -f mykey.pem > mykey.pub

ssh-agent

SSH_AUTH_SOCK=/tmp/ssh-TDpadig12775/agent.12775; export SSH_AUTH_SOCK;
SSH_AGENT_PID=12776; export SSH_AGENT_PID;
echo Agent pid 12776;

Bastion ssh config, Host line supports filter to not match a host.

Host 192.168.255.136
    HostName bastionip

Host 192.* !192.168.255.136
    ServerAliveInterval    60
    TCPKeepAlive           yes
    ProxyCommand           ssh -qaY bastionip 'nc %h %p'
    ControlMaster          auto
    ControlPath            ~/.ssh/mux-%r@%h:%p
    ControlPersist         8h
    ForwardAgent yes
    User                   ubuntu

snmp

root@cacti:~# snmpwalk -OQn -v2c -c community host pLUNStatisticsPerformanceMetricsTotal OsPerSecond 

.1.3.6.1.4.1.15548.1.4.5.3.1.1.1 = 0.000 

.1.3.6.1.4.1.15548.1.4.5.3.1.1.2 = 13.000

root@cacti:~# snmpwalk -v2c -c community host pLUNStatisticsPerformanceMetricsReadMBPerSecond.1 

PILLAR-AXIOM-MIB::pLUNStatisticsPerformanceMetricsReadMBPerSecond.1 = STRING: 0.000 

snmpwalk -v2c -c community host 1.3.6 

PILLAR-AXIOM-MIB::cGUISSLConfigDetailsInsecureConnection.1 = STRING: false 

PILLAR-AXIOM-MIB::cGUISSLConfigDetailsSSLCertificateCommonName.1 = STRING: localhost 

PILLAR-AXIOM-MIB::cGUISSLConfigDetailsSSLCertificateExpires.1 = STRING: 2008-12-25T22:41:52+00:00

root@cacti:~# cp PILLAR-AXIOM-MIB.txt .snmp/mibs/ 

root@cacti:~# export MIBS=+PILLAR-AXIOM-MIB

root@cacti:~# snmpwalk -v2c -c community host pLUNStatisticsPerformanceMetricsReadMBPerSecond 

PILLAR-AXIOM-MIB::pLUNStatisticsPerformanceMetricsReadMBPerSecond.1 = STRING: 0.000

grep

grep -E 'restart|reload'

Grep @sfsu.edu /var/log/mail.log

grep to=.*@sfsu.edu mail.log

A count of them

grep -c to=.*@sfsu.edu mail.log

Sends from

grep ctladdr=<.*> /var/log/mail.log

to=[email protected], ctladdr=[email protected]

grep -o '[[:alnum:]+.-]@[[:alnum:]+.-]' /var/log/mail.log | sort -u

grep 'to=<.*>,' /var/log/mail.log

AT\mregan@openvzstage01:~$ sudo vzlist -H | awk '{ print "echo " $5 " && sudo vzctl exec " $1 " cat /var/log/mail.log | cut -f7-8 -d" " | grep -o '[[:alnum:]+.-]@[[:alnum:]+.-]' | sort -u"}' | sh

With a little break in it

AT\mregan@openvzstage01:~$ sudo vzlist -H | awk '{ print "echo " $5 " && echo ------ && sudo vzctl exec " $1 " cat /var/log/mail.log | cut -f7-8 -d" " | grep -o '[[:alnum:]+.-]@[[:alnum:]+.-]' | sort -u"}' | sh

With word count

administrator@openvztier3a:~$ sudo vzlist -H | awk '{ print "echo " $5 " && echo [------ && sudo vzctl exec " $1 " cat /var/log/mail.log | cut -f7-8 -d" " | grep -o '[[:alnum:]+.-]@[[:alnum:]+.-]' | sort -u | wc -l && echo ------]"}' | sh

bonded interface

Created a vagrant box with 4 host only networks interfaces.

config.vm.network :hostonly, "192.168.101.50"
config.vm.network :hostonly, "192.168.101.51"
config.vm.network :hostonly, "192.168.101.52"
config.vm.network :hostonly, "192.168.101.53"

[vagrant@vcs ~]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:bf:0b:58 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
inet6 fe80::a00:27ff:febf:b58/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:2e:52:e1 brd ff:ff:ff:ff:ff:ff
inet 192.168.101.50/24 brd 192.168.101.255 scope global eth1
inet6 fe80::a00:27ff:fe2e:52e1/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:4e:11:61 brd ff:ff:ff:ff:ff:ff
inet 192.168.101.51/24 brd 192.168.101.255 scope global eth2
inet6 fe80::a00:27ff:fe4e:1161/64 scope link
valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:65:e0:1f brd ff:ff:ff:ff:ff:ff
inet 192.168.101.52/24 brd 192.168.101.255 scope global eth3
inet6 fe80::a00:27ff:fe65:e01f/64 scope link
valid_lft forever preferred_lft forever
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:58:a0:3d brd ff:ff:ff:ff:ff:ff
inet 192.168.101.53/24 brd 192.168.101.255 scope global eth4
inet6 fe80::a00:27ff:fe58:a03d/64 scope link
valid_lft forever preferred_lft forever

Now create bonded interface config.

[vagrant@vcs ~]$ sudo vi /etc/sysconfig/network-scripts/ifcfg-bond0

DEVICE=bond0
IPADDR=192.168.101.20
NETWORK=192.168.101.0
NETMASK=255.255.255.0
USERCTL=no
BOOTPROTO=none
ONBOOT=yes

Edit interfaces to bond

[vagrant@vcs ~]$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eth1
[vagrant@vcs ~]$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eth2
[vagrant@vcs ~]$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eth3
[vagrant@vcs ~]$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eth4

For each interface added

USERCTL=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=none

Create bond modprobe config in /etc/modprobe.d/bond.conf

[vagrant@vcs modprobe.d]$ sudo vi bond.conf

alias bond0 bonding
options bond0 mode=balance-alb miimon=100

Modprobe bonding

[vagrant@vcs modprobe.d]$ modprobe bonding

Restart network

[vagrant@vcs modprobe.d]$ sudo service network restart
Shutting down interface bond0: [ OK ]
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface bond0: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0... done.
[ OK ]

Check the status

[vagrant@vcs modprobe.d]$ cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.6.0 (September 26, 2009)

Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: eth1
MII Status: up
Link Failure Count: 0
Permanent HW addr: 08:00:27:2e:52:e1
Slave queue ID: 0

Slave Interface: eth2
MII Status: up
Link Failure Count: 0
Permanent HW addr: 08:00:27:4e:11:61
Slave queue ID: 0

Slave Interface: eth3
MII Status: up
Link Failure Count: 0
Permanent HW addr: 08:00:27:65:e0:1f
Slave queue ID: 0

Slave Interface: eth4
MII Status: up
Link Failure Count: 0
Permanent HW addr: 08:00:27:58:a0:3d
Slave queue ID: 0

See the new interface

7: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 08:00:27:2e:52:e1 brd ff:ff:ff:ff:ff:ff
inet 192.168.101.20/24 brd 192.168.101.255 scope global bond0
inet6 fe80::a00:27ff:fe2e:52e1/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
#2 Updated by Mike Regan 9 months ago

Comment Edit

It looks like redhat does not use the options in /etc/modprobe.d/bonding.conf

Do not specify options for the bonding device in /etc/modprobe.d/bonding.conf, or in the deprecated /etc/modprobe.conf file. For further instructions and advice on configuring the bonding module and to view the list of bonding parameters.

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sec-Using_Channel_Bonding.html

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-networkscripts-interfaces-chan.html

Use BONDING_OPTS in /etc/sysconfig/network-scripts/ifcfg-bond1

DEVICE=bond1
IPADDR=10.16.1.238
GATEWAY=10.16.1.1
NETWORK=10.16.1.0
NETMASK=255.255.255.0
USECTL=no
BOOTPROTO=none
ONBOOT=yes
BONDING_OPTS="mode=4 miimon=100 lacp_rate=1"

cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.6.0 (September 26, 2009)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2 (0)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: fast
Aggregator selection policy (ad_select): stable
Active Aggregator Info:
Aggregator ID: 5
Number of ports: 2
Actor Key: 17
Partner Key: 32
Partner Mac Address: 00:11:5d:df:2c:00

Slave Interface: em3
MII Status: up
Link Failure Count: 1
Permanent HW addr: 90:b1:1c:38:a6:92
Aggregator ID: 5
Slave queue ID: 0

Slave Interface: em4
MII Status: up
Link Failure Count: 1
Permanent HW addr: 90:b1:1c:38:a6:93
Aggregator ID: 5
Slave queue ID: 0

Change the mode manually

echo 4 > /sys/class/net/bond1/bonding/mode

Check the mode

cat /sys/class/net/bond1/bonding/mode
802.3ad 4

dpkg

install

dpkg -i package.deb

lsof

Find largest open files

lsof / | awk '{if($7 > 1048576) print $7/1048576 "MB" " " $9 " " $1}' | sort -n -u | tail

lsof -nP | grep '(deleted)'

apache

SSLCertificateFile    /etc/apache2/site.cer 
SSLCertificateKeyFile /etc/apache2/site.key 
SSLCAcertificateFile /etc/apache2/site_interm.cer

ServerName site.dns 
ServerAlias also.site.dns 

<VirtualHost *:80> 
    DocumentRoot /var/www/site 
    ServerName dns.site
    ErrorLog /var/log/apache2/error.log 
        LogLevel warn 
        CustomLog /var/log/apache2/access.log combined 
</VirtualHost>

Alias /site /var/www/site 
<Directory /var/www/site> 
        Options -Indexes FollowSymLinks MultiViews 
        AllowOverride None 
        Order allow,deny 
        allow from all 
</Directory>

bash

Alias for quick typing

alias dc='echo "domain.com"'
ssh user@host.`dc`

show environment variables

env

printenv

set

find

Find 0 byte .json files and calculate disk usage of the filename with .json removed

find . -name '*something.json' -size 0 -print0 | sed 's/.json//g' | du -s

lvm

Basic lvm file system

vgcreate -s 32 data_ebs /dev/xvdf
lvcreate -l 100%FREE -n opt_ebs data_ebs
mkfs.xfs /dev/data_ebs/opt_ebs
mkdir /opt_ebs
mount /dev/data_ebs/opt_ebs /opt_ebs

httpperf

httperf --session-cookie --wsess=10,5,1 --uri=moodle/course/view.php?id=2 

Set-Cookie: MoodleSession=817upk8qa8580q29r7kg0dfa85; path=/ 
RH2:Expires: 
RH2:Cache-Control: private, pre-check=0, post-check=0, max-age=0 
RH2:Pragma: no-cache 
RH2:Set-Cookie: MoodleSessionTest=g9xSvX58cz; path=/ 
RH2:Set-Cookie: MOODLEID_=deleted; expires=Mon, 21-Jun-2010 22:05:55 GMT; path=/ 
RH2:Set-Cookie: MOODLEID_=%25ED%25C3%251CC%25B7d; expires=Sat, 20-Aug-2011 22:05:56 GMT; path=/

http://www.xenoclast.org/doc/benchmark/HTTP-benchmarking-HOWTO/node6.html

The program sesslog supplied in the autobench package can be used to generate session log files for use with httperf from an NCSA Common Log Format, or Combined Log Format log file. See the sesslog man page for more details.

Pasted from http://www.xenoclast.org/doc/benchmark/HTTP-benchmarking-HOWTO/node6.html

ab -v 4 -C 'MoodleSession=b0cq1e2uqca8dso6hnp7n298b6' -C 'MoodleSessionTest=kLC6lnWKu4' -C 'MOODLEID_=%25E2%25C8%2513E%25BD' -n 10 -T 'application/x-www-form-urlencoded' http://192.168.56.101/moodle/course/view.php?id=2

httperf --wsesslog 1,1,login.post --print-reply --session-cookie --debug 1 --add-header="content-type: application/x-www-form-urlencoded\n" 

wget --cookies=on --keep-session-cookies --save-cookies=cookie.txt   http://192.168.56.101/moodle/course/view.php?id=2 

wget  --page-requisites --load-cookies cookie.txt http://192.168.56.101/moodle/course/view.php?id=2

php5-xmlrpc aspell imagemagick ldap-utils libcurl4-openssl-dev php5-curl php5-ldap php5-mcrypt php5-memcache php5-mysql php-pear php5-dev libpcre3-dev clamav-daemon munin-node libapache2-mod-shib2 git-core unzip zip cronolog php5-gd php5-imagick ntp

headers='Content-Type: application/x-www-form-urlencoded\n' 
MoodleSession=mrg05nihr215ltr2i2dpkdc5k4; 
MoodleSession=b0cq1e2uqca8dso6hnp7n298b6; 
Cookie=MoodleSession=b0cq1e2uqca8dso6hnp7n298b6; MoodleSessionTest=kLC6lnWKu4; MOODLEID_=%25E2%25C8%2513E%25BD 
URL=http://192.168.56.101/moodle/course/view.php?id=2

wget --page-requisites --load-cookies cookie.txt http://192.168.56.101/moodle/course/view.php?id=2

tcpdump

filter for host

tcpdump -vv host hostname/ip

filter ssh and dns out

tcpdump port not 22 or 53

on interface eth1

tcpdump -i eth1

udp port 1055

tcpdump udp port 1055

iptables

Nothing to see, but strange things still happening...

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

show the nat table

/home []# iptables -t nat --list
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
REDIRECT   tcp  --  anywhere             anywhere             tcp dpt:8000 redir ports 443

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

pear

pear upgrade-all

kill and friends

Kill any process with SummaryDirector checking the full command line

pkill -f SummaryDirector

sed

Substitute in place over the whole file

sed -i 's/i-6ae77506/i-11aa2131/g' lsyncd.conf.lua 

sed 's/chef.domain.com/prod-vpc.chef.domain.com/g' file.txt

exim4

Send a test email

dpkg-reconfigure exim4-config 
/path/to/exim -v 'user@domain' 

message here 

^D ( control D )

Redo config

sudo dpkg --configure -a

Look for Completed

administrator@app01:/var/log/exim4$ zcat mainlog.*.gz | grep 2011-04-04.00:10:...*.Completed -c

administrator@app01:/var/log/exim4$ zcat mainlog..gz | grep 2011-04-04...:..:....Completed -c

administrator@app01:/var/log/exim4$ zcat mainlog..gz | grep 2011-04-04.00:10:....mail.messaging.microsoft.com

NFS

proto=n

Mount udp

-o vers=3,proto=udp,mountproto=udp,mountport=987

update

locate

updatedb as root

/etc/updatedb.conf

du

Give a summary of each dir

du -sh *

Don't follow mounts

du -shx *

strace

sudo strace -T -s 300 -p 

sudo strace -e write=17 -e read=17

dkpg

dpkg --get-selections > file 

dpkg --set-selections < selections 

apt-get dselect-upgrade 

apt-get -u dselect-upgrade

Open debs with ar

ar x package.deb

pidstat

apt

Install specific version

sudo apt-get -y install perl-modules=5.14.2-6ubuntu2.4 libyaml-0-2=0.1.4-2ubuntu0.12.04.2 libcurl3=7.22.0-3ubuntu4.7 libcurl3-gnutls=7.22.0-3ubuntu4.7

Find specific version

apt-cache showpkg libyaml-0-2

Or change hkp to :80

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 428D7C01

Use defaults or old config

sudo apt-get  -y -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" dist-upgrade

postfix

output deferred mail in text format

root@logger:/var/spool/postfix/deferred/9# less 92CDB2327
"92CDB2327" may be a binary file.  See it anyway?
root@logger:/var/spool/postfix/deferred/9# ls
92CDB2327
root@logger:/var/spool/postfix/deferred/9# postcat 92CDB2327
*** ENVELOPE RECORDS 92CDB2327 ***
message_size:             526             193               1               0             526
message_arrival_time: Tue Dec 10 16:15:01 2013
create_time: Tue Dec 10 16:15:01 2013
named_attribute: rewrite_context=local
sender_fullname: CronDaemon
sender: root@logger
original_recipient: root
recipient: root@logger
*** MESSAGE CONTENTS 92CDB2327 ***

tar

create tar.gz

tar -cvzf tarballname.tar.gz itemtocompress

open

tar -zxf itemtoopen.tar.gz

Skip top dir and just get contents, useful if owner can't write

tar -zxf /tmp/file.tar.gz --strip 1 -C /opt/splunk

Select only certain files to unarchived

tar -zxf file.tar.gz -C dest_dir --wildcards --no-anchored '*.spec'

tmux

Command Key

Control b

squid

acl shib      urlpath_regex ^/Shibboleth.sso 
acl shib_index  urlpath_regex ^/icarus/auth/shibboleth/index.php 
acl shibtest urlpath_regex ^/icarus/shibtest.php 
acl icarusmoodle urlpath_regex ^/icarus

cache_peer 130.212.64.149 parent 8080 0 originserver round-robin max-conn=100 name=godzilla 
cache_peer 130.212.64.100 parent 443 0 originserver no-digest ssl sslflags=DONT_VERIFY_PEER round-robin max-conn=100 name=icarus 
cache_peer 130.212.64.80 parent 443 0 originserver no-digest ssl sslflags=DONT_VERIFY_PEER round-robin max-conn=100 name=shibd

cache_peer_access godzilla deny icarusmoodle 
cache_peer_access godzilla deny shib 
cache_peer_access godzilla deny shib_index 
cache_peer_access godzilla deny shibtest

# Deny shib acl traffic to the icarus cache_peer 
cache_peer_access icarus deny shib 
cache_peer_access icarus deny shib_index 
cache_peer_access icarus deny shibtest 
cache_peer_access icarus allow icarusmoodle 
cache_peer_access icarus deny all

# allow shib acl traffic to the shibd cache_peer then deny all 
cache_peer_access shibd allow shib 
cache_peer_access shibd allow shib_index 
cache_peer_access shibd allow shibtest 
cache_peer_access shibd deny all

pecl

Pecl list

Perf & SystemTap

http://www.slideshare.net/AmazonWebServices/your-linux-ami-optimization-and-performance-cpn302-aws-reinvent-2013?from_search=1

apt-get install linux-tools-common
apt-get install linux-base
apt-get install linux-tools-kernel-version

apt-cache search linux-tools-3.2.0-38
linux-tools-3.2.0-38 - Linux kernel version specific tools for version 3.2.0-38
apt-get install linux-tools-3.2.0-38

perf top

perf top -G

perf stat -e skb:*,net:*,napi:*,sock:*,irq:* -p 3891
 Performance counter stats for process id '3891':

                 0 skb:kfree_skb
                36 skb:consume_skb
                10 skb:skb_copy_datagram_iovec
                19 net:net_dev_xmit
                19 net:net_dev_queue
                19 net:netif_receive_skb
                19 net:netif_rx
                19 napi:napi_poll
                 0 sock:sock_rcvqueue_full
                 0 sock:sock_exceed_buf_limit
                 8 irq:irq_handler_entry
                 8 irq:irq_handler_exit
                48 irq:softirq_entry
                48 irq:softirq_exit
                48 irq:softirq_raise

      21.768702711 seconds time elapsed

perf probe -add='tcp_recvmsg'
Failed to find path of kernel module.
Add new event:
  probe:dd             (on tcp_recvmsg)

You can now use it on all perf tools, such as:

    perf record -e probe:dd -aR sleep 1

root@stormbase:~# perf record -a sleep 10
[ perf record: Woken up 2 times to write data ]
[ perf record: Captured and wrote 0.523 MB perf.data (~22868 samples) ]

root@stormbase:~# perf report --stdio
# ========
# captured on: Tue Dec  3 15:18:10 2013
# os release : 3.2.0-38-virtual
# perf version : 3.2.37
# arch : x86_64
# nrcpus online : 1
# nrcpus avail : 1
# cpudesc : Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz
# cpuid : GenuineIntel,6,58,9
# total memory : 503472 kB
# cmdline : /usr/bin/perf_3.2.0-38 record -a sleep 10
# event : name = cycles, type = 1, config = 0x0, config1 = 0x0, config2 = 0x0, excl_usr = 0, excl_kern = 0, id = { 1811 }
# HEADER_CPU_TOPOLOGY info available, use -I to display
# HEADER_NUMA_TOPOLOGY info available, use -I to display
# ========
#
# Events: 9K cpu-clock
#
# Overhead      Command       Shared Object                                                  Symbol
# ........  ...........  ..................  ......................................................
#
    97.62%      swapper  [kernel.kallsyms]   [k] mwait_idle
     0.28%       python  python2.7           [.] PyEval_EvalFrameEx
     0.16%       python  python2.7           [.] lookdict_string
     0.14%       python  libc-2.15.so        [.] 0x7f5d4
     0.07%      splunkd  [vdso]              [.] 0x7fff29feb70c

perf report

openssl

Decrypt

openssl aes-256-cbc -d -a -in text.enc -out text.clear

Check a remote site, use < /dev/null so it doesn't wait for input.

openssl s_client -showcerts -connect site:443 < /dev/null | openssl x509 -text

openssl s_client -showcerts -connect google.com:443

openssl s_client -connect idx2.splunk.instance:9997

openssl s_client -showcerts -connect localhost:9997 < /dev/null

Check that csr, key, and cert match

openssl req -noout -modulus -in server.csr | openssl md5 
eaa19cedd07f06dbc4b40881479736fd 

openssl rsa -noout -modulus -in myserver.key | openssl md5 
eaa19cedd07f06dbc4b40881479736fd 

openssl x509 -noout -modulus -in hostself.cert | openssl md5 
eaa19cedd07f06dbc4b40881479736fd

Print dates for cert

echo | openssl s_client -connect site:port 2>/dev/null | openssl x509 -noout -dates

Create a random password

/usr/bin/openssl rand -base64 16

monit

http://mmonit.com/monit/documentation/monit.html

Check process list

monit procmatch

time

Day light savings update on linux systems that don't have updates

To check if the system needs the update

/usr/sbin/zdump -v /etc/localtime | grep 2007

It should show Mar 11th to Nov 4th as the days to change.

If it shows Apr 1st to Oct 28t, it needs a new /etc/localtime

Found tzdata at http://www.cs.cmu.edu/~help/dst/solaris_and_linux_systems.html  ftp://elsie.nci.nih.gov/pub/

untar into it's own directory.
then

/usr/sbin/zic -d /tmp/time northamerica

this will create a directory of the north america time zones. I usually use the America/Los_angles one.

cp /etc/localtime /etc/localtime.old
cp /tmp/time/America/Los_Angles /etc/localtime

Raid

Mdadm softwre raid

http://en.wikipedia.org/wiki/Mdadm

sysbench

$ sysbench --num-threads=16 --test=fileio --file-total-size=3G --file-test-mode=rndrw prepare 

$ sysbench --num-threads=16 --test=fileio --file-total-size=3G --file-test-mode=rndrw run 

$ sysbench --num-threads=16 --test=fileio --file-total-size=3G --file-test-mode=rndrw cleanup

Operations performed:  6001 Read, 3999 Write, 12800 Other = 22800 Total 

Read 93.766Mb  Written 62.484Mb  Total transferred 156.25Mb  (19.69Mb/sec) 

 1260.19 Requests/sec executed 



Test execution summary: 

    total time:                          7.9353s 

    total number of events:              10000 

    total time taken by event execution: 35.4302 

    per-request statistics: 

         min:                                  0.00ms 

         avg:                                  3.54ms 

         max:                                124.93ms 

         approx.  95 percentile:              29.68ms 



Threads fairness: 

    events (avg/stddev):           625.0000/92.86 

    execution time (avg/stddev):   2.2144/0.20

screen

Detach

Control - a Control - d

Switch windows
List

Control - a "

Control -a <space> - Next

Start a session and detach immediately

screen -S wipe -d -m dd if=/dev/zero of=/dev/mapper/something

syslog

See what logs are controlled by syslogd

syslogd-listfiles

Rotate logs controlled by syslogd

/etc/cron.daily/sysklogd

Ticks and Combos

Find dirs and sum the size

find . -maxdepth 1 -mtime +120 -type d -print0 | du -hc --files0-from=-

Find directories older then 120 days and copy to s3

find . -maxdepth 1 -mtime +120 -type d -exec s3cmd sync {} s3://bucket/dir/archive/ \;

Upper Case to lower case

tr '[:upper:]' '[:lower:]' < input.txt > output.txt

Use to do things to gzip files without uncompressing

zcat 

/var/log/exim4$ zcat *.gz | grep emailadres

Disk usage by directory

du -sh *

Don't follow mounts

du -shx *  


uptime | awk '{print $1 " " $8 " " $9 " " $10}'

See what logs are controlled by syslogd

syslogd-listfiles

Rotate logs controlled by syslogd

/etc/cron.daily/sysklogd

Memory Stats

Ipcs

Show shared memory limit

sysctl kernel.shmmax

Xargs

Argument expansion

ls *.sql | xargs cat | psql -U upac upac 


tr '\r' '\n' < macfile.txt > unixfile.txt 

tr '\n' '\r' < unixfile.txt > macfile.txt

Awk and Grep apache access log for top ips

awk '{print $1}' access.log | sort | uniq -c | sort -rn | head

Shared Memory

http://fscked.org/writings/SHM/shm-5.html

http://www.cs.cf.ac.uk/Dave/C/node27.html

Build-essential

Dump svn

[root@dtlc dtlc]# svnadmin dump svn/repo/ | gzip > repo.svn.gz 



zcat dump.svn.gz | svnadmin load /var/lib/svnrepos/repo

Get a cvs branch and commit it to svn

Switch svn repo command line

svn --username mregan switch --relocate https://oldsite/svn/repo https://newsite/svn/repo

Snipping Tool Windows

CTRL-PRINT SCRN

ALT-PRINT SCRN Just active window

Run a command on all vzs

sudo vzlist -H | awk '{ print "sudo vzctl exec " $1 " apt-get -y remove anacron"}' | sh

Sort by ip address

sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4 somefile.txt

Mount cdrom

sudo mount /dev/scd0 /media/CD

uptime | awk '{print $1 " " $8 " " $9 " " $10}'
16:21 load averages: 4.83

Grep @domain.com /var/log/mail.log

grep to=.*@domain.com mail.log

A count of them

grep -c to=.*\@domain.com mail.log

Sends from

grep ctladdr=\<.*\> /var/log/mail.log

to=[email protected], ctladdr=[email protected]

grep -o '[[:alnum:]+\.\_\-]*@[[:alnum:]+\.\_\-]*' /var/log/mail.log | sort -u 

grep 'to=<.*>,' /var/log/mail.log 

mregan@openvzstage01:~$ sudo vzlist -H | awk '{ print "echo " $5 " && sudo vzctl exec " $1 " cat /var/log/mail.log | cut -f7-8 -d\" \" | grep -o  '[[:alnum:]+\.\_\-]*@[[:alnum:]+\.\_\-]*' | sort -u"}' | sh

With a little break in it

mregan@openvzstage01:~$ sudo vzlist -H | awk '{ print "echo " $5 " && echo ------ && sudo vzctl exec " $1 " cat /var/log/mail.log | cut -f7-8 -d\" \" | grep -o  '[[:alnum:]+\.\_\-]*@[[:alnum:]+\.\_\-]*' | sort -u"}' | sh

With word count

administrator@openvztier3a:~$ sudo vzlist -H | awk '{ print "echo " $5 " && echo [------ && sudo vzctl exec " $1 " cat /var/log/mail.log | cut -f7-8 -d\" \" | grep -o  '[[:alnum:]+\.\_\-]*@[[:alnum:]+\.\_\-]*' | sort -u | wc -l && echo ------]"}' | sh

find data files .json that are empty and sum up the sizes of the data files

find . -name '*data.json' -size 0 -print0 | sed 's/.json//g' | du -s

Cut and AWK

./listmaker.rb -r mt* | grep i-* | cut -d " " -f 2 | awk -v ORS=, '{ print "\x27"$1"\x27" }'

Find and total some 0 size files for a bug hunt.

find . -name '*somedata.json' -size 0 -print0 | sed 's/.json//g' | du -s

Squeeze, takes the extra spaces out. Useful for route -n output.

tr -s ' '

Remote Diff

rsync --rsync-path="sudo rsync" -ani --delete mregan@/opt/splunk/etc/ [email protected]:/opt/splunk/etc/

diff <(ssh xx.yy.xx.yy 'sudo cat /opt/splunk/etc/apps/100-whisper-indexer/default/server.conf') <(ssh yy.xx.yy.xx 'sudo cat /opt/splunk/etc/apps/100-whisper-indexer/default/server.conf')

swap

Description

How to Add Swap Space to a VMWare RHEL Linux VM

There are two ways to add swap space to an existing VMWare RHEL VM. One is by increasing the size of an existing swap partition. The other is by adding a new partition.
Increasing the Size of an Existing Partition
To Add a New Swap Partition

Just to make sure you know what your current swap configuration is, run

swapon -s

In VSphere Center, add a new hard drive of the desired size. (This note doesn't explain how to do this).

Rescan the SCSI bus to find the new hard drive.

echo "- - -" > /sys/class/scsi_host/host0/scan

Make sure you see the new hard drive

fdisk -l -u

If you don't see the new hard drive, run the echo command above again, but use a different host number (e.g host1, host2). Then try this fdisk command again.

Run fdisk to create a partition on the new hard drive. Switch the display units to sectors by using the 'u' fdisk command. Make sure the new partition starts on sector 2048. (Again, this note doesn't explain how to use the fdisk utility).

Let's assume your new partition is /dev/sdd1. Run

mkswap /dev/sdd1

Add your new swap partition to the /etc/fstab file. You can easily do this by copying the entry for an existing swap partition, and then changing the partition name to the new partition name.

Run

swapon -a

to add the new swap partition.

To make sure the new swap partition is being used, again run

swapon -s

Kerberos

List tickets

klist

sudo apt-get install krb5-user

vagrant@domainbase:~$ ktutil
ktutil: addent -password -p [email protected] -k 1 -e rc4-hmac
Password for [email protected]:
ktutil: wkt krb5.keytab
ktutil: quit

dreadknot / linux Goto Github PK

linux's People

Contributors

Stargazers

linux's Issues

Recommend Projects

Recommend Topics

Recommend Org