Aug 01
adminLinux (RedHat/CentOS), Linux (RedHat/CentOS), Linux (SuSE), Linux (SuSE)
Here are some simple examples of how to add or delete host and network route under Linux:
Example 1: accessing HOST2 via GW2 on ETH1 (replace HOST2 and GW2 with an IP address)
adding route:
# route add -host HOST2 gw GW2 eth1
deleting route:
# route del HOST2 eth1
show current routing table:
# route
Example 2: accessing NETWORK2 on ETH1 (replace NETWORK2 with an IP address and NETMASK2 with the subnet mask of the network)
adding route:
# route add -net NETWORK2 netmask NETMASK2 eth1
deleting route:
# route del NETWORK2 eth1
show current routing table:
# route
Jul 15
adminLinux (RedHat/CentOS), Linux (SuSE), Mini How-Tos, Web apache, httpd.conf, name-based virtual hosting
This is an example of a simple apache name-based virtual hosting
Or, if your apache name-based virtual hosting is not working and it only directs to the new host, read below as well…
Th most important part of the configuration is to include the ORIGINAL HOST in the configuration file (i.e.: /etc/httpd/conf/httpd.conf). If virtual host configuration only contains new host information, apache will ONLY direct http request to the new host as the original host can no longer be seen.
Here’s a very simple example. Additional apache directive (http://httpd.apache.org/docs/2.0/mod/directives.html) can be added into each virtual host to make it differ from other virtual hosts or the original host.
ServerName www.jujubi.net ### IT IS VERY IMPORTANT TO INCLUDE THE ORIGINAL HOST IN THE VIRTUAL HOST CONFIGURATION ###
ServerAlias www.jujubi.net
DocumentRoot /var/www/html
ServerName virtual-host1.jujubi.net
DocumentRoot /var/www/html/virtual-host1 ### OR OTHER LOCATIONS ###
CustomLog logs/virtual-host1.jujubi.net-access_log common
ServerName virtual-host2.jujubi.net
DocumentRoot /var/www/html/virtual-host2 ### OR OTHER LOCATIONS ###
CustomLog logs/virtual-host2.jujubi.net-access_log common
ServerName virtual-host3.jujubi.net
DocumentRoot /var/www/html/virtual-host3 ### OR OTHER LOCATIONS ###
CustomLog logs/virtual-host3.jujubi.net-access_log common
Note that DocumentRoot as well as CustomLog can be changed to any location and any file name as you wish.
Now, save your httpd.conf and restart or reload apache for the updated configuration to take in effect (service httpd restart OR reload)
Jul 06
adminWindows host, uptime, Windows
In Linux, host uptime can be easily determined by using the “uptime” command.
In Windows, host (desktops or servers) uptime can be determined in command prompt
net stats srv
Server Statistics for \DESKTOP
Statistics since 7/4/2011 3:13 AM
This command actually displays more information than just uptime, such as network traffic sent/received and other system information.
Jun 17
adminWindows batch, dos, TE%, today' date, Windows
For files backup, I need to create a directory in a script with today’s date. To do so, the following variables are needed inside the batch file:
SET dd=%DATE:~0,2%
SET mm=%DATE:~3,2%
SET yyyy=%DATE:~6,4%
To create a directory with today’s date, add the following line anywhere after the variables are being set:
mkdir %yyyy%%mm%%dd%
Jun 09
adminLinux (RedHat/CentOS), Linux (SuSE) authentication refused, linux, openssh, public key, ssh
This is a very stupid problem but could be very frustrating!
I recently came across a system that would not take the public key for key-based authentication as root with the following error under /var/log/messages:
sshd[1234]: Authentication refused: bad ownership or modes for directory /root
At first, I thought the public key for the host A is wrong inside of the authorized_key file on host B. Turns out, it has nothing to do with the keys and the SSHD config. It is the permission being set on /root directory.
drwxrwxrwx 8 root root 4096 Jan 1 12:34 root
For some reasons, someone has setup the /root directory to be world readable, writable and executable, which of course Openssh is not going to be happy about. That’s why key-based authentication failed and Openssh requires root to enter the password in order to log in properly.
Now change the permission for /root
drwx—— 8 root root 4096 Jan 1 12:34 root
Key-based authentication works again!
Jun 09
adminWindows frminst, mcafee, uninstall, Windows
When uninstalling McAfee Enterprise client agent from add/remove program, the following error may show up
McAfee Agent cannot be removed because other products are still using it
Failed during uninstallation
To resolve this, the uninstall will need to be forced
(THIS SHOULD BE DONE ON THE CLIENT AND NOT THE ANTI-VIRUS SERVER)
c:> cd C:Program FilesMcAfeeCommon Framework
c:> FrmInst.exe /forceuninstall
ePolicy Orchestrator may need to be updated because this client is gone. To do this, log on to the Anti-virus server web interface (via https://server:8443) and under Systems, check the client that needs to be removed. Then, select delete and DO NOT select remove agent (since the agent has been manually/forced removed).
Jun 07
adminLinux (RedHat/CentOS), Linux (SuSE) linux, rsync, throttle
To throttle a rsync connection, use the –bwlimit option in rsync
rsync -avd –bwlimit=100 /source_file username@remote_host:/target_location/
Note that the –bwlimit option takes the parameter in kBytes and not kbits so in the example above, rsync will throttle the connection at 800kb per second.
Jun 07
adminLinux (RedHat/CentOS), Linux (SuSE) fstab, iso, linux, mount
To mount an ISO image (without burning a CD, of course) under Linux, a few commands will do the trick:
First, a directory should be created
#mkdir /mnt/iso
Then, mount filename.iso to /mnt/iso directory
#mount -o loop /filename.iso /mnt/iso
Content of ISO image will now be available under /mnt/iso
# ls /mnt/iso
The mount point will stay until it is being unmounted or the system restarts
To automount an ISO image at boot time, add the following lines to /etc/fstab:
# /filename.iso /mnt/iso iso 9660 ro,auto,loop 0 0
Jun 03
adminLinux (RedHat/CentOS), Linux (SuSE), Security linux; ssh; root
It is very important to disable the ability to have direct root login on any publicly accessible Linux hosts. In the /etc/ssh/sshd_config (at least for OpenSSH version 4.3 or earlier) file, root login is permitted by default. To disable direct root login, the following line needs to be added to the sshd_config file:
PermitRootLogin no
SSH Daemon will need to be reload (or restarted) for the changes to take in effect. Reloading sshd won’t affect your existing SSH connection. If I choose to restart sshd while I am connected via ssh, my existing ssh session will appear to be “hung” for a few seconds before the connection is re-instated again.
To verify direct root login has truly been disabled, try this…
#ssh root@jujubi.net
root@jujubi.net’s password:
Permission denied, please try again.
It is always a good idea to login as a regular user and then su to become root. It is not very convenient but it adds another layer of security to the systems.
# su - (to become root after logged in as a regular user)
Jun 03
adminLinux (RedHat/CentOS), Linux (SuSE) gunzip, gzip, linux, tar, tar -zxvf, untar
I put this here because I recently came across a lot of Linux documentations that feel like they were written 20 years ago when gzip and tar do not work together nicely.
gunzip -c filename.tar.gz | tar xvf –
but I remember over 13 years ago when I was sitting in a Linux 101 class, my Professor told me “you don’t have to do this anymore. tar and gzip (gunzip) work together now in Linux.”
tar -zxvf filename.tar.gz
to create a filename.tar.gz file from a directory
tar -zcvf filename.tar.gz directory_name
Interestingly, I tried to use the same command in Solaris 10 but the system came back to me and said I don’t know anything about gzip…
tar: z: unknown function modifier
Usage: tar {c|r|t|u|x}[BDeEFhilmnopPqTvw@[0-7]][bfk][X...] [blocksize] [tarfile] [size] [exclude-file...] {file | -I include-file | -C directory file}…
So, if you are using Solaris, probably you should still use the old fashion way to tar and zip a file/directory.
Note: filename.tar.gz may appear as filename.tgz which I think is the same thing.
Older Entries
RSS
Recent Comments