Posts by :
shell script to find linux memory process usage
April 9th, 2011Hi,
The following script will check for top 20 processes which uses maximum memory resource in the server and will store it in “overusage” file only if the free memory goes below 700MB. Set cron to execute this script whenever needed.
#!/bin/bash
#High RAM usage checker
r=`free -m |awk 'NR==3' |awk '{ print$4 }'`
if [ $r -lt 700 ];
then
ps -e -orss=,args= | sort -b -k1,1n |tail -n 20 >> overusage
exit
fi
MySQL root password reset linux
April 7th, 2011Hi,
You can reset forgotten MySQL’s root password by following the below steps.
First stop the running MySQL process by using the following command.
[user@linux]# /etc/init.d/mysql stop
Then start the mysql daemon by skipping the grant tables which stores the mysql user passwords.
mysqld_safe --skip-grant-tables &
once it gets started. Login as root using the following command
> mysql --user=root mysql
now reset MySQL root password with the following command
> update user set Password=PASSWORD('new-password') where user='root';
> flush privileges;
> quit
You have reset your root password. Now kill the running MySQL process and restart the MySQL service normally, using the following command
[user@linux]#/etc/init.d/mysql start
Thank you for viewing helpinlinux.com
Reference www.howtoforge.com
echo 0 proc sys kernel hung_task_timeout_secs disables this message
April 6th, 2011If your server crashes frequently and if your log throws out the following error message, then you are probably running with buggy kernel version “2.6.18-194.32.1.el5“. This needs to be upgraded to “kernel-2.6.18-238” atleast.
Mar 6 00:36:06 mytv kernel: “echo 0 > /proc/sys/kernel/hung_task_timeout_secs” disables this message.
Mar 6 00:36:06 mytv kernel: mysqld D 0000000000000014 0 2193 2166 2194 (NOTLB)
Mar 6 00:36:06 mytv kernel: ffff8104329ffe18 0000000000000082 ffff810363481558 ffff810432a92a78
Mar 6 00:36:06 mytv kernel: 0000000300000001 0000000000000007 ffff8103317fd7a0 ffff81041d767040
Mar 6 00:36:06 mytv kernel: 000145a166ba6621 0000000001178623 ffff8103317fd988 0000000280008d94
Mar 6 00:36:06 mytv kernel: Call Trace:
Mar 6 00:36:06 mytv kernel: [] __down_read+0x7a/0x92
Mar 6 00:36:06 mytv kernel: [] do_page_fault+0x446/0x874
Mar 6 00:36:06 mytv kernel: [] thread_return+0x62/0xfe
Mar 6 00:36:06 mytv kernel: [] sys_getsockname+0x9c/0xb2
Mar 6 00:36:06 mytv kernel: [] error_exit+0x0/0x84
Mar 6 00:36:06 mytv kernel:
Mar 6 00:36:06 mytv kernel: INFO: task mysqld:27457 blocked for more than 120 seconds.
Mar 6 00:36:06 mytv kernel: “echo 0 > /proc/sys/kernel/hung_task_timeout_secs” disables this message.
Mar 6 00:36:06 mytv kernel: mysqld D 0000000000000014 0 27457 2166 27463 27441 (NOTLB)
Mar 6 00:36:06 mytv kernel: ffff8101db559e18 0000000000000082 0000000000000000 0000000000000001
Mar 6 00:36:06 mytv kernel: ffff8101db559e88 0000000000000001 ffff81029e23f040 ffff810171c3d080
Mar 6 00:36:06 mytv kernel: 000145a4237abea6 000000000000bde6 ffff81029e23f228 0000000200000000
Mar 6 00:36:06 mytv kernel: Call Trace:
Mar 6 00:36:06 mytv kernel: [] generic_file_aio_read+0x34/0x39
Mar 6 00:36:06 mytv kernel: [] __down_read+0x7a/0x92
Mar 6 00:36:06 mytv kernel: [] do_page_fault+0x446/0x874
Mar 6 00:36:06 mytv kernel: [] autoremove_wake_function+0x0/0x2e
Mar 6 00:36:06 mytv kernel: [] thread_return+0x62/0xfe
Mar 6 00:36:06 mytv kernel: [] sys_faccessat+0x148/0x18d
Mar 6 00:36:06 mytv kernel: [] error_exit+0x0/0x84
Mar 6 00:36:06 mytv kernel:
Mar 6 00:36:06 mytv kernel: INFO: task mysqld:27464 blocked for more than 120 seconds.
Mar 6 00:36:06 mytv kernel: “echo 0 > /proc/sys/kernel/hung_task_timeout_secs” disables this message.
Mar 6 00:36:06 mytv kernel: mysqld D 0000000000000014 0 27464 2166 27466 27463 (NOTLB)
Mar 6 00:36:06 mytv kernel: ffff81023fe05e18 0000000000000082 0000000000000000 0000000000000001
Mar 6 00:36:06 mytv kernel: ffff81023fe05e88 0000000000000007 ffff8102151677a0 ffff81043e0c0040
Mar 6 00:36:06 mytv kernel: 000145ae237fd7de 0000000003d504c4 ffff810215167988 0000000200000000
Mar 6 00:36:06 mytv kernel: Call Trace:
Mar 6 00:36:06 mytv kernel: [] generic_file_aio_read+0x34/0x39
Mar 6 00:36:06 mytv kernel: [] __down_read+0x7a/0x92
Mar 6 00:36:06 mytv kernel: [] do_page_fault+0x446/0x874
Mar 6 00:36:06 mytv kernel: [] autoremove_wake_function+0x0/0x2e
Mar 6 00:36:06 mytv kernel: [] sys_faccessat+0x148/0x18d
Mar 6 00:36:06 mytv kernel: [] error_exit+0x0/0x84
Mar 6 00:36:06 mytv kernel:
Steps to upgrade kernel
======================
You can download it from CentOS official site by changing the CentosBase repo file “/etc/yum.repos.d/CentOS-Base.repo” from
[base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo =os #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
to
[base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo =os #baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
And try by using the following command
#yum upgrade kernel*
make sure that you have default=0 in /etc/grub.conf which will load the newer version of kernel after reboot.
Thanks for viewing helpinlinux.com
the ip address of a physical server cannot be used with its parallels power panel port number
March 22nd, 2011
If you are getting the above error the possible reason is that your Container IP and you main node IP are same, you need to change the container IP and reinstall virtuozzo to fix this error. Or may be the Service Container is out of disk space you need to increase its disk space by using the below command from your main node. #vzctl set 1 --diskspace 2000000 --save
FreeBSD knowledgebase
March 19th, 2011Services location in FreeBSD
=========================
/usr/local/etc/rc.d/services.sh
Crontab useful paths
==================
Root user crons are at
/etc/crontab
System user crons are at
/var/cron/tabs
For other cron jobs please check
/var/cron/atjobs
Alternative for yum command
=======================
pkg_add Command In FreeBSD is the alternative for yum in Linux.
Syntax:
=====
pkg_add -r <packagename>
Alterative for wget command
======================
You can use fetch command In FreeBSD as an alternative for wget in Linux or you can install wget by using
pkg_add -r wget
Thank you for viewing helpinlinux.com
configure: error: C++ compiler cannot create executables
February 28th, 2011If you are getting the following error while running configuration file
configure: error: C++ compiler cannot create executables
It means that you have not installed c++ libraries to fix that please execute the below command.
yum install *gcc-c++*
which will install gcc-c++ libraries which will fix the issue.
Apache server tokens
February 25th, 2011Hi,
Apache token is one of the options for securing your web server. Let me explain you the options here.
Apache token is generally found in apache main configuration file httpd.conf if it is not present never mind, you can simply add it “eg:ServerTokens Prod”
Syntax for ServerTokens is
ServerTokens Major|Minor|Min|Prod|OS|Full
The five options will differ from each other. I will explain them one by one.
ServerTokens Full
=============
When the above option is set, the server will send the full information to the remote host.
Information sent will be
Server: Apache/2.0.41 (Unix) PHP/4.2.2 MyMod/1.2
which is a big security hole and it is not recommended, because hackers can look for the security holes in Apache 2.0.41, PHP4.2.2 and unix operating systems and can easily hack the server.
ServerTokens OS
============
When the above option is set, the server will send the Web server version and the operating system version.
Information sent will be
Server: Apache/2.0.41 (Unix)
This is also an security issue as the remote user will try to hack the server with security holes in the webserver version and operating system.
ServerTokens Min
============
When the above option is set, the server will send the Web server’s full version number like Apache2.0.41
Information sent will be
Server: Apache/2.0.41
This is also an security issue as the remote user will try to hack the server with security holes in Apache2.0.41 versions.
ServerTokens Minor
==============
When the above option is set, the server will send the Web server’s minor version number like Apache version2.0
Information sent will be
Server: Apache/2.0
This is also an security issue as the remote user will try to hack the server with security holes in Apache 2.0 versions.
ServerTokens Major
==============
When the above option is set, the server will send the Web server’s minor version number like Apache version2
Information sent will be
Server: Apache/2
This is also an security issue as the remote user will try to hack the server with security holes in Apache 2 version.
ServerTokens Prod
=============
When the above option is set, the server will send the Web server’s name alone, which is recommended as the hacker will not have a clue of which version of Apache is running in the server and also which operating system is used.
Information sent will be
Server: Apache
I would recommend to use this option to avoid unwanted exploitation of your server information.
Reference: http://www.debianhelp.co.uk
APF, BFD and DDOS installation steps
February 22nd, 2011=======================================================
APF
=======================================================
APF stands for Advanced policy firewall, is a software for unix based systems. Let me explain the steps to be followed in installing APF in your Linux system.
#cd /usr/local/src/ [user@linux]#wget http://www.rfxn.com/downloads/apf-current.tar.gz [user@linux]#tar -xvzf apf-current.tar.gz [user@linux]#./install.sh [user@linux]#vi /etc/apf/conf.apf
DEVEL_MODE=”0″
Common inbound (ingress) TCP ports
IG_TCP_CPORTS=”21,25,80,443,43,22,9080,9090,3306″
Common inbound (ingress) UDP ports
IG_UDP_CPORTS=”53″
Common outbound (egress) TCP ports
EG_TCP_CPORTS=”21,25,80,443,43,22,9080,9090,3306″
Common outbound (egress) UDP ports
EG_UDP_CPORTS=”20,21,53″
#/etc/init.d/apf start #/usr/local/sbin/apf -s
======================================================
BFD Installation
======================================================
#cd /usr/local/src/ #wget http://www.rfxn.com/downloads/bfd-current.tar.gz #tar -xvzf bfd-current.tar.gz #cd bfd-1.4 #./install.sh #vi /usr/local/bfd/conf.bfd
EMAIL_ALERTS=”1″
LOCK_FILE_TIMEOUT=”600″
EMAIL_ADDRESS=”root,admin@Domainname”
#/usr/local/sbin/bfd -s
=======================================================
DDOS installation
=======================================================
#cd /usr/local/ # wget http://www.inetbase.com/scripts/ddos/install.sh #sh install.sh #vi /usr/local/ddos/ddos.conf
EMAIL_TO=”root,admin@Domainname”
NO_OF_CONNECTIONS=150
#ddos -s
MySQL command help
February 21st, 2011Command to create mysql user
============================
CREATE USER 'username'@'localhost' IDENTIFIED by 'password';
Command to grant all privileges to a user to databases starting with any name
=============================================================================
GRANT ALL PRIVILEGES ON database_.* TO 'username'@'localhost' IDENTIFIED BY 'password'; flush privileges;
The above two line command will make the user “username” to have all the privileges to add delete modify databases that starts with the name database_.
Command to dump mysql database
==============================
mysqldump -u [databaseusername] -p[password] databasename > databasebackup.sql
Command to restore mysql database
=================================
mysqldump -u [databaseusername] -p[password] databasebackup < databasename.sql
Command to dump all MySQL databases
=============================
mysqldump -u root -p(password) –all-databases > dumpfilename.sql
Command to grant privileges to mysql database starting with prefix
==================================================================
GRANT ALL PRIVILEGES ON `databaseprefix_%`.* TO 'username'@'localhost';
Plesk control panel server paths
February 21st, 2011Plesk admin password can be found in the followin file
/etc/psa/.psa.shadow
Web user files are located at the following path
/var/www/vhosts
Maillogs path for plesk control panel
/usr/local/psa/var/log/maillog
Plesk binary file paths.
/usr/local/psa/bin
Domain’s Logrotate path
/usr/local/psa/etc/logrotate.d/domainname
Qmail paths in plesk
/var/qmail
Qmail binary paths in plesk
/var/qmail/bin
Qmail configurations like badmail addresses, blacklist IPs etc are located in
/var/qmail/control
Email accounts and domain names for email services hosted in the server are located at
/var/qmail/mailnames
Path for DNS db files in plesk server is
/var/named/run-root/var
Plesk web directory’s path
/var/www/vhosts
Thank you for viewing helpinlinux.com