My bookmarks
1.5. Check
if a program is running and kill if necessary
1.6. NTSYSV: Tool that lets you select what runs at boot
time
1.8. Configuring
Safe Logins (root access)
4.2. Configuring
IPtables for MySQL
*Important: When setting up drives, make sure the final column in the fstab (/etc/fstab) for the partition is set to 0 so that boot will not depend on the proper mounting of the drive. An example of how I’ve been stung by this is an entry for mounting a network drive set to 1 in this column. When rebooted, the system will not finish booting because the path to this network drive is invalid, corrupt, temporarily unavailable or whatever else. Only set this column to 1 if it is the system partition you’ll be booting to. If you forget, get yourself a systemrescuecd(.com) and edit the fstab. The system rescue cd even supports software raid volumes.
In the files system column, be sure to use cifs for network folders as smbfs is no longer used (at least on late model CENTOS distros that I use).
In order for you to be able to mount samba shares (either by fstab or command line), you have to have samba+samba client installed:
# yum list samba*
# yum install samba
# yum install samba-client
http://unthought.net/Software-RAID.HOWTO/Software-RAID.HOWTO-6.html
http://www.firstpr.com.au/web-mail/CentOS-5.1-RAID-1/
http://www.excaliburtech.net/archives/19
My personal software raid 1 crash recovery war story post-mortem notes:
http://www.4micah.net/RAIDrecovery.txt
Sendmail is configured automatically in CENTOS 5:
[root@apvdbs03 ~]# mail admins@xyz.com
Subject: test from apvdbs03
test from apvdbs03, did it work?
Now hit Cntl+D and return at the “cc:”
Edit /etc/sysconfig/network file, HOSTNAME= line to be whatever you name the machine.domain_name.local
Edit /etc/hosts the line 127.0.0.1 similar to this:
127.0.0.1 apvdbs02 apvdbs02.billingconsultants.local localhost
Example, you want events and stuff for root to go to your admin email account.
You need to edit the .forward file in the home folder of the user (root, for most purposes). By default, the file doesn’t exist, but vi makes it:
>vi .forward
Then, just add the address you want the mail forwarded to:
admins@xyz.com
then save it.
> crontab -e
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=admins@xyz.com ###This is the line to edit!
HOME=/
LD_LIBRARY_PATH=/usr/local/lib/
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR
#sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * command to be executed
05 01 * * * /root/backup_scripts/run_backups.sh
~
~
~
~
~
~
~
~
~
"/tmp/crontab.XXXXDQOJjX" 14L, 476C
--You have to generate the keyset and append the key to the remote machine’s authorized_keys file in /$home/.ssh/ folder:
The following generates a private key (id_dsa) a public key (id_dsa.pub) in /[home]/.ssh/
# ssh-keygen -t rsa -f $HOME/.ssh/id_dsa -P ''
Now copy the public key to the remote machine:
# scp id_dsa.pub 10.0.1.20:/root/.ssh/
# chmod 700 ~/.ssh
# chmod 600 ~/.ssh/id_rsa
Now ssh to the remote machine and append the key:
# ssh root@10.0.1.20
--enter password
# cd .ssh
# cat id_dsa.pub >> authorized_keys
# chmod 700 /root/.ssh
# chmod 600 /root/.ssh/authorized_keys
Use the “-v” switch to get verbose mode going:
# ssh –v user@server
# ps ax | grep pwrstat
The above checks if pwrstat (our UPS monitoring software) is running
Check this url for an explanation: http://www.anyexample.com/linux_bsd/bash/check_if_program_is_running_with_bash_shell_script.xml
Here’s an example using the ps above to find it first:
[root@apvdbs03 etc]# ps ax | grep pwrstat
6411 ? S 2707:39 /usr/sbin/pwrstatd
12147 pts/1 S+ 0:00 grep pwrstat
[root@apvdbs03 etc]# kill 6411
[root@apvdbs03 etc]# ps ax | grep pwrstat
14244 pts/1 S+ 0:00 grep pwrstat
I’m not sure why, but the “grep pwrstat” listed seems only to be there due to the grep command itself (notice the different process id # in the 2 ps commands).
Simply type “ntsysv” at the prompt to bring up a list of programs with the option to set to run at boot (RHEL types only I believe)
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
Change static to dhcp and/or add lines IPADDR=xxx.xxx.xxx.xxx and NETMASK=xxx…
Useradd so-and-so
Visudo
/wheel (uncomment)
# usermod -a -G wheel so-and-so
# sudo su -
[root@aapxen01 scripts]# find /scripts | grep -i string
/scripts/strING
/scripts/string1
/scripts/1string
/scripts/STRing
That command is the ultimate grep search. To search the whole system, use “/” insteach of “/scripts”
grep -r "exclude-from" *
This searches all files recursively (-r) for lines with the string “exclude-from”. Add the -i for case insensitive and you’ll also get “ExClUdE-fRoM” and such.
# gem env
RubyGems Environment:
- RUBYGEMS VERSION: 1.3.7
- RUBY VERSION: 1.8.7 (2010-08-16 patchlevel 301) [x86_64-linux]
- INSTALLATION DIRECTORY: /usr/local/lib/ruby/gems/1.8
- RUBY EXECUTABLE: /usr/local/bin/ruby
- EXECUTABLE DIRECTORY: /usr/local/bin
- RUBYGEMS PLATFORMS:
- ruby
- x86_64-linux
- GEM PATHS:
- /usr/local/lib/ruby/gems/1.8
- /root/.gem/ruby/1.8
- GEM CONFIGURATION:
- :update_sources => true
- :verbose => true
- :benchmark => false
- :backtrace => false
- :bulk_threshold => 1000
- "gem" => "--no-ri --no-rdoc"
- :sources => ["http://gemcutter.org", "http://gems.rubyforge.org"]
- REMOTE SOURCES:
- http://gemcutter.org
# rails –v
Rails 2.3.5
Also, this pings each pc in the list first and doesn’t even try copying to that pc if it doesn’t respond to ping. Also, it logs the non-pingables to a noreply.log
The file to be copied must be in the folder the script is run from. The log will go to this folder also.
MUST: you must have computers.txt that simply names the pcs, one name per line with no spaces before or after the name. This must be in the same directory as the .bat file.
@echo on & setLocal EnableDELAYedeXpansion
for /f "tokens=* delims= " %%a in (computers.txt) do (
ping %%a | find /i "reply" > nul
if errorlevel 1 (
>> noreply.log echo %%a
) else (
copy /Y somefile.that \\%%a\c$\
)
)
You can turn echo off in line one above after you verify it is working as you want it to.
Copy the code into notepad. Save it as somefile.bat into the directory with the file you’ll be copying and run it like this:
$>somefile.bat>log.txt
Then when it’s done you can come back and look at the log to troubleshoot any errors.
In the code above, you should rename somefile.that with whatever your file is you want to copy over.
This script creates a registry value that causes the userenv.log file (in C:\WINDOWS\Debug\UserMode) to be verbose. This can help troubleshoot group policy issues as well as probably a whole lot of other stuff I’m glad I haven’t had to troubleshoot yet:
@echo on & setLocal EnableDELAYedeXpansion
for /f "tokens=* delims= " %%a in (computers.txt) do (
ping %%a | find /i "reply" > nul
if errorlevel 1 (
>> debugregadd.log echo %%a
) else (
psexec \\%%a REG ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v UserenvDebugLevel /t REG_DWORD /d 196610 /f
)
)
Save this code to debuglevelraise.bat and have computers.txt in the same folder listing each computer name on a separate line with no whitespace. Then, double click the .bat file. It will log all unreachable (by ping) systems to deburegadd.log in the same folder. You must have psexec installed where run.
You cannot have gp control power management settings (win2k3 or earlier) directly. In order to do this on the network, I had to do 3 things:
о In GP (comp confg>WindowsSettings>SecuritySettings>Registry), grant domain users full control to HKLM\Software\Microsoft\CurrentVersion\Controls Folder\PowerCfg
о Add user logon script to configure settings (shown below)
о In GP, (comp confg>WindowsSettings>SecuritySettings>File System) configure zero access (not deny, just no read/write/etc) to /%systemroot%/system32/powercfg.cpl
This combination will allow the script to run at user logon and configure the settings, yet they will not be able to open the configuration in the menu and therefore can’t make their own changes. The script we use is:
ECHO ********************BEGIN POWER CONFIG SCRIPT******************>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
ECHO %DATE% %TIME% %COMPUTERNAME%>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CREATE Custom1>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /monitor-timeout-ac 15>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /monitor-timeout-dc 10>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /disk-timeout-ac 30>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /disk-timeout-dc 10>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /standby-timeout-ac 0>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /standby-timeout-dc 0>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /hibernate-timeout-ac 0>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /hibernate-timeout-dc 30>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /processor-throttle-ac ADAPTIVE>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /CHANGE Custom1 /processor-throttle-dc ADAPTIVE>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
POWERCFG /SETACTIVE Custom1>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
ECHO **********************END POWER CONFIG SCRIPT**************************>>\\apvdbs03\Public\pwrcfg\%USERNAME%.log 2>&1
You might say I overdo it with the logging, but I do that to make sure it’s running right. I also configure this parameter in the gp for the script “>\\share\%COMPUTERNAME%.log
My reasoning for doing all this is because some computers were defaulting to standby after 20min, which was not allowing my autologout script to run. In standby, my other gp and scripts won’t run. If logout only, my stuff still runs.
To
search your hard disk to find and display the file names on drive C that
contain the string "CPU," use the pipe (|) to direct the results of a dir command to find as follows:
dir c:\ /s
/b | find "CPU"
-from http://technet.microsoft.com/en-us/library/bb490906.aspx
mysql>grant select on DATABASE_NAME.* to 'dude'@'10.0.1.%';
“%” is wildcard. In this case, the user “dude” will not require a password.
See this (my) question answered on ServerFault.com: http://serverfault.com/questions/191657/ip-tables-modification-to-allow-access-to-mysql-on-centos-5-server
!backup to file
# mysqldump -uroot -p credentialing1 > /public/public/cred/101123
!restore from file
# mysql -u root -p credentialing1 < /public/public/cred/101123
!Way #1
load data local infile '/public/public/cred/filename.csv' into table main
fields terminated by ','
lines terminated by '\n'
(ProviderName, Practice)
!Way #2
!update column with list in file
load data local infile '/public/public/cred/add_insurances.txt' into table cred_insurances
fields terminated by ','
lines terminated by '\n'
(ProviderName)
UPDATE `main` SET ProviderName = replace(ProviderName," (Tenncare)","")
That command replaced all instances of “ (Tenncare)” and blanks it in column “ProviderName” of table “main”
xe vdi-list is-a-snapshot=true > /mnt/aapsan01/temp/log.csv
saves list of all snapshots
#!/bin/bash
for i in `xe snapshot-l
Save the above as your script
(snapdel.sh or some such). Now automate it using Cron (Cron isn’t just for mail, add the path to the script to the
crontab). Citrix
forum is where I learned about the above command.