Monthly Archives: September 2009

Difference Between Swap File and Swap Partition

Some difference between swap file and swap partition.

Swap File,

1. If the hard disk is full or corrupted,swap file will get damaged.
2. System speed get decrease as soon the hard disk space is full.
3. It should be on a particular location where it should not get
damaged or accidentally copied with other files.
4. It have advantage to increase the swap space on a system that have
already installed with linux.
5. In any case if we need to increase the swap space of the system
immediately we can do it.
6. We can able to create and keep the swap file on external device eg:
Express Card SSD
7. New kernel have nearly achieved to make both swap partitions and
swap file speed closer.
8. Swap file will get fragmented.

Swap Partition

1. Reside on a separate hard disk space.
2. Multiple Os on a single machine can share the same partition.
3. Fragmentation is less compare to swap file.
4. If hard disk is corrupted the swap partition would not be
functioning.
5. Reduce accident loss or corruption.

*Choice depend on the type of activity we are doing on the system.
Increasing Ram will increase the speed of the machine than the swap
system. But product price will be high.

Cheers!

Melbin Mathew

www.talk2melbin.com

Simple monitoring script using pgrep command

This is a usefull script to monitor the service status.

The script checks the service status using pgrep command. If the command return zero script identifies the service down and send us an alert email.

#!/bin/bash apache=`pgrep httpd` mysql=`pgrep mysqld` tmp="/tmp/monitoring.tmp" touch /tmp/monitoring.tmp if [ -n "$apache" ] then echo "Apache Is Working" else echo "Apache Service Down" >> $tmp fi if [ -n "$mysql" ] then echo "Mysqld Is Working" else echo "Mysqld Service Down" >> $tmp fi EMAIL="****@talk2melbin.com" SUBJECT="Alert Service Down" MESSAGE="$tmp" COUNT=`wc -m $tmp | awk '{print $1}'` echo "$COUNT" if [ $COUNT -ne 0 ]; then /bin/mail -s "$SUBJECT" "$EMAIL" < $MESSAGE fi rm -rf /tmp/monitoring

Cheers!
Melbin Mathew
www.talk2melbin.com

Simple Bash Script To Send Email Message

Here is a small script that used to send email from bash,

#!/bin/bash #Enter the email address to which we need to send the message EMAIL="**@talk2melbin.com" #Enter the subject of the email SUBJECT="Alert Service Down" #Enter the body of the message, read it from a file MESSAGE="/tmp/monitoring.tmp" #Mail command to send the email /bin/mail -s "$SUBJECT" "$EMAIL" < $MESSAGE

Cheers!
Melbin Mathew
www.talk2melbin.com

Simple Backup Script With Compression And Date Checking

To secure the data we usually use backup process. In order make the backup process automatic in Linux we usually use scripts. Here i would like to describe a small backup script which backup apache document root to a secure backup location.

The script backup all the folder and file from the apache document root. On execution of the script, will create a backup folder with present date on the backup location. Then it will backup all files and folder into present date backup folder on backup location.

Working scenario of the script,

1. Define Directory Location,

SORC_DIR=/var/www/ #Source location from where we need to backup .

BACK_DIR=/backup/htdocs/ #Backup location to where we need to backup .

TAR_DIR=/backup/compress/htdocs/ #Archive location where the script compress and backup after 2 days.

TMP=/tmp/backdate.tmp #Temp file location

2. Backup directory creation with current date.

3. Copy all the folder and file from source directory to backup location (to inside date folder).

4. Compress the two days old backup location (date folder having backup data from source) and store it on a backup compress location.

5. Remove the old backup folder from first backup location leaving compress backup on the backup location.

Script

#!/bin/bash -e SORC_DIR=/var/www/ BACK_DIR=/backup/htdocs/ TAR_DIR=/backup/compress/htdocs/ TMP=/tmp/backdate.tmp mkdir -p  $BACK_DIR/`date +%Y-%m-%d` cp -rf $SORC_DIR $BACK_DIR/`date +%Y-%m-%d` find /backup/htdocs/ -mtime +2 | cut -d "/" -f4 > $TMP DATE_BACK_DIR=`tail -1 $TMP` COUNT=`wc -m /tmp/backdate.tmp | awk '{print $1}'` if [ $COUNT -eq 0 ];then echo "count 0" rm -rf $TMP else mkdir -p $TAR_DIR tar -cvjf $TAR_DIR/$DATE_BACK_DIR.tar.gz.bz $BACK_DIR/$DATE_BACK_DIR echo "$COUNT" rm -rf $BACK_DIR/$DATE_BACK_DIR rm -rf $TMP fi

Cheers!
Melbin Mathew
www.talk2melbin.com

Linux Command to check Wifi Noise Ratio

WiFi networks are subjected to noise. When ever the noise ration is high, systems connected with Wifi will experience high connetivity issue. Inorder to check the connection stability run the following command on Linux,

# iwlist scan

lo Interface doesn’t support scanning.

eth1 Scan completed :

[…]

Cell 02 – Address: 00:14:7F:A1:B3:A1

ESSID:”BTHomeHub-267B”

Protocol:IEEE 802.11bg

Mode:Master

Channel:7

Frequency:2.442 GHz (Channel 7)

Encryption key:on

Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 6 Mb/s; 9 Mb/s

11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s

48 Mb/s; 54 Mb/s

Quality=85/100 Signal level=-64 dBm Noise level=-69 dBm

Extra: Last beacon: 103ms ago

[…]

Cheers!

Melbin Mathew

www.talk2melbin.com

Vnstat Bandwidth/Network Monitoring Tool For Linux – Configure Vnstat With Web Interface

Monitoring bandwidth of the network, gateway and servers are one of important day to day activity of System Administrator. Bandwidth monitoring can help us to monitor the activities on network. We can easily monitor the users bandwidth usage and control their activities. Monitoring help us keep aware of the each day activities on our network, thus help to prevent harmful activities inside the network eg: torrent download.

Their are many techniques to control and monitor the bandwidth usage. Here i like to explain a simple monitoring tool called “Vnstat”. Vnstat help us to monitor the bandwidth usage on each network interfaces. Operating and monitoring using vnstat is simple. We can also view the usage using web interface.

Vnstat tool can able to calculate the total bandwidth usage on each interface.

Configure Vnstat On Linux

1. Download Vnstat tar.gz.

# cd /donwloadlocation
# wget http://humdi.net/vnstat/vnstat-1.9.tar.gz

**Vnstat is also available via yum installation using rpmforge repo

2. Extract downloaded vnstat package.

# tar -xvzf vnstat-1.9.tar.gz
# cd vnstat-1.9/

3. Compiling the binaries.

# make all

*Required extra packages are usually named libgd2 and libgd2-dev (or libgd2-noxpm and libgd2-noxpm-dev in Debian/Ubuntu, xpm version can also be used)

4. Installing vnstat.

Login as root and run the following command,

# make install

5. Test Kernel compatibility.

# vnstat –testkernel

If the kernel is not compatible we need to upgrade the kernel.

6. Check the interface availability.

# vnstat –iflist

eg: Available interfaces: lo eth0 sit0

7. Create new databases for the monitoring interface.

# vnstat -u -i eth0

Repeat that for every other interface you wish to use.

eg: # vnstat -u -i eth0

Error: Unable to read database “/var/lib/vnstat/eth0″.

Info: -> A new database has been created.

**Set write permission for interface database files inside “/var/lib/vnstat/”

8. Run Vnstat via cron.

Edit the crontab and add the following line,

# crontab -e

Add the line into crontab

*/5 * * * * /usr/bin/vnstat -u

The script will update vnstat database in every five minutes. We can also define the same vnstat cron on /etc/cron.d/ folder. Only one cron definition is required.

# vi /etc/cron.d/vnstat

Add the same line

*/5 * * * * /usr/bin/vnstat -u

9. Reload crond

# /etc/init.d/crond reload

10. View the Bandwidth usage.

Run the command.

# vnstat

Configure Web Interface for Vnstat

1. Download the vnstat php frontend

# cd /tmp
# wget http://www.sqweek.com/sqweek/files/vnstat_php_frontend-1.4.tar.gz

2. Extract the package.

# tar -xvzf vnstat_php_frontend-1.4.tar.gz

3. Move the package to html doc root.

# mv vnstat_php_frontend-1.4 /var/www/html/vnstat

* Apache must configure to handle php request.

4. Edit config.php

Specify the network interface,

$iface_list = array(‘eth0′, ‘eth1′);

Specify interface function on the following line,

$iface_title[‘eth0′] = ‘Internal';
$iface_title[‘eth1′] = ‘Internet';

Comment the line,

//$iface_title[‘sixxs’] = ‘SixXS IPv6′;

Specify the vnstat command. Use which command to locate the path.

# which vnstat

$vnstat_bin = ‘/usr/bin/vnstat';

Now open browser and browser the url eg: http://bdgw2.talk2melbin.com. Secure the root directory using .htaccess password protection.

Cheers!
Melbin Mathew
www.talk2melbin.com

.htaccess Password Protection On Apache Virtual Host/Directory

Apache web server have a key security feature called .htaccess password. .htaccess password protection help us to secure our root directories on web servers. We all know our sites and web servers are exposed to the outer world. Unauthorized access of users to restricted areas will cause damage on our web server. It might also lead us to data loss. In order to prevent the unauthorized access to our data’s, we need to use security feature on Apache server. .htaccess password come into the role to implement the security. .htaccess can help us to configure the authentication mechanism on Apache web server. Users or group can only access the directory or website using their unique password.

Here i like to explain the implementation of .htaccess password on Apache virtual directory,

1. Enable the .htaccess feature on Apache httpd.conf

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
#   Options FileInfo AuthConfig Limit
<Directory />
Options FollowSymLinks
#AllowOverride None
AllowOverride All
</Directory>

2. Enter the Vhost entries on Apache

<VirtualHost 192.168.0.252:80>
ServerName   sarg.talk2melbin.com:80
ServerAlias  www.sarg.talk2melbin.com
ServerAdmin  "melbin@talk2mebin.com"
DocumentRoot /var/www/sarg/
</VirtualHost>

 In order to detect .htaccess form /var/www/html, we need to specify the
"AllowOverride All" directive inside <Directory "/var/www/html"> <Directory> tag.

3. Create a secure directory to store the .htaccess password’s

# mkdir /var/www/htpass

4. Generate the password, keep strong the password

Command will create new .htpasswd file and add user with MD5 encryption password

# htpasswd -cm /var/www/htpass/.htpasswd melbin
To add a second user.
# htpasswd -m /var/www/htpass/.htpasswd nobin

5. Write the .htaccess rule under root directory

# vi /var/www/sarg/.htaccess

Add the following lines into .htaccess file

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /var/www/htpass/.htpasswd
AuthGroupFile /dev/null
require valid-user

6. Run configuration checker to make ensure all apache edits are correct

#/etc/init.d/httpd configtest

Syntax OK

7.  Reload Apache

# /etc/init.d/httpd reload

Now our website url is protected by authentication. While browsing the domain url www.sarg.talk2melbin.com .httaccess prompt for user name and password. Only allowed users can access the url.

Cheers!
Melbin Mathew
www.talk2melbin.com

Add join a Computer to Domain Membership or WorkGroup Membership

There are two types of computer memberships on Windows Operating Systems. They are,

  1. Domain Membership
  2. WorkGroup Membership

Domain Membership

Domain Membership joins the computer to a Domain Controller (eg: Samba PDC, Active Directory). Using Domain controller System Administrator can centrally monitor and manage each windows clients. They can even set securities, access policies, group policies etc… from the domain controller.

Domain membership help computers to act like Server – Client model. Each operation on the client systems are controlled by the rules and regulation from the domain controller to which the computer be a member of.

After joining a computer to a domain membership, by default there would be two Administrator users. They are called Local Administrator and Domain Administrator.

WorkGroup Membership

WorkGroup enables the Windows operating systems to communicate each other on a single LAN (Local Area Network). Communication will be carried out depending on the computer workgroup names. Same workgroup allow each other access to their files, printers, Internet connection etc…

After joining a computer to Workgroup membership, by default there would be one Administrator user. He is named as Local Administrator.

How to join a computer to Domain Membership

  1. Login as Administrator.
  2. Go to My Computer – Properties
  3. Click on Computer Name tab
  4. Click on Change Icon
  5. Select Member of option
  6. Check the Radio button on Domain
  7. Enter the Fully Qualified Domain Name
  8. Prompt ask for Domain administrator user name and password .
  9. Enter the user name and password
  10. Click ok – Machine will restart automatically.
  • Dns should resolve to the full qualified domain name.

  • Network connection between domain controller and client should be proper.

Verify the Domain Membership

  1. Login into the computer
  2. Go to My Computer – Properties
  3. Click on Computer Name tab
  4. See the computer name

Computer name is now updated with the domain name. Name will display like hostname.domain format.

How to join a computer to WorkGroup Membership

  1. Login as Administrator.
  2. Go to My Computer – Properties
  3. Click on Computer Name tab
  4. Click on Change Icon
  5. Select Member of option
  6. Check the Radio button on WorkGroup
  7. Enter the workGroup Name
  8. Prompt ask for Local administrator user name and password .
  9. Enter the user name and password
  10. Click ok – Machine will restart automatically.

Verify the WorkGroup Membership

  1. Login into the computer
  2. Go to My Computer – Properties
  3. Click on Computer Name tab
  4. See the WorkGroup

Cheers!
Melbin Mathew
www.talk2melbin.com

Vmware Esxi 4 Installation And Configuration – Use of Existing Vmware .vmdk on Esxi Server

VMware ESXi is the easiest way to get started with virtualization—and it’s free. Consolidate your applications onto fewer servers and start saving money through reduced hardware, power, cooling and administration costs. With VMware ESXi you can,

Advantage

1. Run multiple operating systems on a single server and reduce hardware costs.
2. Run a greener data center and reduce your energy cost.
3. Enable easier back-ups and restores for your applications.
4. Run the most resource intensive applications in production.

Disadvantage

1. Need a powerful server.
2. For the full operation we need to purchase some more applications from Vmware.

Here i like to explain,

1. Installation and customization of Vmware Esxi server.
2. Fresh Installation of Operating System.
3. Use existing Vmware from workstation to Vmware Esxi Server.
4. Enabling SSH.
5. Make the imported Vmware compatible to Vmware Esxi server.
6. Run the virtual machines.

Installation Procedure Of Vmware ESXi

I have test Vmware Esxi installation and configuration on my “Hp Compaq dc7700 Convertible Minitower”. The installation and configuration are successful. I have run different flavors of Operating Systems
1. Download the latest Esxi from Vmware site.
http://www.vmware.com/products/esxi/
2. Burn the image into a plain cd.
3. Collect the free license from the email.
4. Change the BIOS boot priority
Select the server BIOS boot priority to cd drive.
5. Boot the server with the Esxi Image cd.
6. It will prompt for the installation and start continue the installation.
7. Once the Vmware Esxi installation is completed without errors, we can proceed with others steps.

Configuration Part on Vmware Esxi

One the Vmware Esxi server rebooted we need to set the following parameters,

1. Press F2 for customization on Esxi sever.
2. Assign the root password from “Configure Password” menu. (Password need to meet complexity requirement)
3. Assign a static Ip address from “Configuration Management Network”. (Assigning Ip address from DHCP will cause issue)
4. Assign Dns configuration.

Browse Vmware Esxi Server

1. Now the Esxi server is accessible on the network.
2. Use ping command to test the connectivity.
3. Open the Bowser and call the Vmware Esxi server Url (eg: https://192.168.0.9/). This will open a welcome page.
This mean our Esxi server accessible from the network.

Accessing Vmware Esxi Server.

In order to access Vmware Esxi we need to install “vSphere Client” application on a windows machine.

1. Go to Windows machine.
2. Open the Bowser and call the Vmware Esxi server Url (eg: https://192.168.0.9/). This will open a welcome page.
3. Click on Download vSphere Client.
4. Install the application and login into the Vmware Esxi server using user name ‘root’ and assigned root password.
5. From vShere Client, we are able to manage and install new Vmware operating systems.

Choosing the Boot option during Vmware installation.

1. Power on the VM
2. Open a console connection to the VM
3. Wait for it to get to the PXE boot phase
4. Click the Connect CD/DVD button and attach your ISO file
5. In the menu bar goto VM, and then pick Send Ctrl+Alt+Del

**If we need to start the installation from cd, power off the network boot and power on the cd boot on startup. Change according to our installation method.

Once the installation is new vmware installation is completed. We can able to manage the working of the new virtual machine using the vSphere Client

Using existing vmware from workstation to Vmware Esxi Server

1. We need to enable ssh on Vmware Esxi server.
2. Copy the existing Vmware into the Esxi server storage, using ‘scp‘ command or ‘WinScp‘ application from windows machines.
3. Once the copy is completed we need to take a clone of the Vmware. Then only we are able start the copied Vmware on the Esxi server.
4. Keep the cloned Vmware on Esxi server and remove the copied Vmware.
5. Create and new virtual machine and select the newly cloned .vmdk file.

Enable ssh on Vmware Esxi

1. ALT-F1 to change to the main console.
2. Type ‘unsupported’ (you will not be able to see what you’re typing).
3. When prompted, enter the root user’s password.
4. Type: vi /etc/inetd.conf
5. Find the line that begins with #ssh
6. Cursor over the first ‘s’ and press the ‘i’ key (for insert mode)
7. Press backspace
8. Press ESC
9. Type SHIFT+colon (:) and then ‘wq!’ to write and exit.
10. Type ‘ps | grep inetd’ to find the inetd process
11. Send the hang-up signal to the process ID output from step 10 with: kill -s HUP <PID> (Reboot of Esxi server also help to do the same)
12. You can now SSH into your ESXi server.

Copy the existing Vmware into the Esxi server storage

1. Use ‘scp’ command from Linux or use WinScp from windows.
2. Copy the existing Vmware into the data storage (eg: /vmfs/volumes/datastore1/).
3. Use SSH to login into the Vmware Esxi server. Use ssh command from Linux or Putty from windows.

Use the command to clone the copied Vmware.

# vmkfstools -i /vmfs/volumes/datastore1/Win2003/windows2003.vmdk

/vmfs/volumes/datastore1/Win2003New/windows2003-new.vmdk

# vmkfstools -i /source.vmdk /destination.vmdk

vmkfstools -e  this command is used for exporting the Vmware.vmdk from Vmware Exsi server

** Change the path according to the location.

Once the conversion is completed the new .vmdk file is compatible to Esxi Server.

Run the new cloned Vmware .vmdk file from Exsi Server

1. Login into vSphere Client.
2. Create a new virtual machine. Choose custom option while creating the new virtual machine.
3. Select the operating system and architecture according to the newly cloned .vmdk vmware.
4. Browse and choose the cloned .vmdk file.
5. Start the Imported vmware on Vmware Esxi.

Now our Esxi server is ready to manage imported as well as newly installed operating systems.

Cheers!
Melbin Mathew
www.talk2melbin.com

Send, Receive Email Using Telnet Command – Troubleshoot Email Accounts with Telnet Commands

Telnet

An Internet communications protocol that enables a computer to function as a terminal working from a remote computer.

Telnet was developed in 1969 beginning with RFC 15, extended in RFC 854, and standardized as Internet Engineering Task Force (IETF) Internet Standard STD 8, one of the first Internet standards.

Advantage of telnet

1. Easy of use.

2. Allows users to log on to a remote system and run programs on that system.

3. Email account management, send and receive emails.

4. Easy to check ports on servers. (eg: to check email server smtp, telnet servername 25)

Disadvantage of telnet

1. Actions available are very limited.

2. Files cannot be saved.

3. Does not support encryption.

4. Login information and data is send by clear text, unencrypted format.

Telnet on Windows

On windows, we can check send and receive emails using the same commands mentioned here.

To open the command prompt,

Click on Start -> Run -> type ‘cmd’ and Enter.

Sending and Receive Emails Using Telnet

Using telnet commands we are able to troubleshoot the email account with out login into the control panels.

Telnet commands for Receiving emails pop3,

# telnet mail.talk2melbin.com 110 (where mail.talk2melbin is the email server and 110

pop3 service port number)

# user melbin@talk2melbin.com (Specify the user name for login)

# pass **** (Enter the correct Password)

# list (Command list all the emails received on the account)

List command will also show us the id number of your messages (erg. 1 or 2 etc.)

To view the contents of received email type RETR + the id number of the message (e.g RETR 1).

To delete a message use DELE + the id number of the message (e.g DELE 1).

To leave your mailbox and close the connection use QUIT

Telnet commands for Sending emails smtp,

# mail from: melbin@talk2melbin.com

250 ok

# rcpt to:melbin@talk2melbin.com (Both domain names for send and receive emails should be

same or the both domains belong to same server)

250 ok

# data

354 go ahead

Test Email

# .

Telnet commands for checking Open Relay on servers

Enabling Open relay increase the spamming/security risk on the servers. We can check the status of server via telnet commands,

# mail from: melbin@talk2melbin.com

250 wok

# rcpt to:****@gmail.com (Domain name used for sending and receiving emails should be

different)

Relay access denied

Which means the servers is not set for open relay.

Cheers!

Melbin Mathew

www.talk2melbin.com