Sunday, February 28, 2010

Some of the Important Config files And Directories in Linux :

 

They say that Linux is tweaker's heaven, here is why:

All of the configuration files are readable and quiet easy to understand, here is a list of the most common files and a short description what they are about. ( go on, do have a look with "cat" )

/etc/bashrc =settings for the bash shell trough the system

/etc/crontab =setting for the cron-jobs ( remember the jobs that run in the middle of the night ? )

/etc/cups =the printer settings ( if you use lpr instead of cups: /etc/printcap )

/etc/fstab = filesystem table

/etc/inittab = the default runlevel

/etc/lilo.conf = the configuration of the boot loader ( /boot/grub if you use grub instaed of lilo )

/etc/modules.conf = the modules to load at boot

/etc/profile = programs started at boot

/etc/rc.d = the different runlevels and shotcuts to programs to load at that level

/etc/ssh = the ssh settings for secure remote acces

/etc/X11/XF86Config = the X configuration ( GUI )

~/.bash_profile = aliases and variables for the bash shell

~/.bashrc = personal settings for the bash shell

~/.evolution = your mail, adresses and settings for evolution

~/.galeon = you bookmarks and settings for galeon

~/.gnome = your personal gnome settings

~/.gnome2 = more gnome settings

~/.kde = your peronal settings for kde

~/Mail = here are your mail and mail settings if you use kmail

~/.mozilla = personal mozilla settings, bookmarks etc.

~/.ssh = personal ssh settings

~/.exrc = your settings for the vi editor

Saturday, February 27, 2010

Overview on FSTAB and MTAB:

 

These are some of those critical programs for your computer. Without these, your computer will not know where to find any of the partitions or drives on the computer. If u mess up these files, the next moment you will feel like the fish kicked out of the water.

Never make any changes without a good backup copy.

/etc/fstab

In this file there is a description of the various file systems. Commands like ¨fsck¨ and ¨mount¨ consult this file for the actions they take.

This looks like a complicated description of the files on your computer, but it is really simple if you break it down into the parts of each entry. Take a look below.

( OR :In order for certain programs to be able to determine where certain partitions are supposed to be mounted by default, the /etc/fstab file is used )

/dev/hdb1 / ext3 defaults 1 1

none /dev/pts devpts mode=0620 0 0

/dev/hdb6 /home ext3 defaults 1 2

none /mnt/cdrom supermount dev=/dev/hdc,fs=auto,ro,--,iocharset=iso8859-1,codepage=850,umask=0 0 0

none /mnt/cdrom2 supermount dev=/dev/scd0,fs=auto,ro,--,iocharset=iso8859-1,codepage=850,umask=0 0 0

none /mnt/floppy supermount dev=/dev/fd0,fs=auto,--,iocharset=iso8859-1,sync,codepage=850,umask=0 0 0

/dev/hda1 /mnt/windows vfat iocharset=iso8859-1,codepage=850,umask=0 0 0

none /proc proc defaults 0 0

/dev/hdb7 /usr ext3 defaults 1 2

/dev/hdb5 swap swap defaults 0 0

/dev/sda1 /mnt/memory_card auto user,iocharset=iso8859-1,kudzu,codepage=850,noauto,umask=0,exec 0 0

I will try to bring some clarity in there. Let´s only take the partitions, here for Linux : / and /home and swap. For Windows C:

< partition >< mount point >< file system >< mount options >< dump >< fsck order >

/dev/hdb1 . . . . / . . . . . . . . . . . . ext3 . . . . . . . . . defaults . . . . . . . 1 . . . . . . . . . 1

/dev/hdb6 . . . . /home. . . . . . . ext3 . . . . . . . . . defaults . . . . . . . 1 . . . . . . . . . 2

/dev/hdb5 . . . . swap . . . . . . . . swap . . . . . . . . defaults . . . . . . . 0 . . . . . . . . . 0

/dev/hda1 . . . . /mnt/win_c vfat . . . iocharset=iso8859-1,codepage=850,umask=0 0 0

For the CD-ROM and floppy drive:

none . /mnt/cdrom . . supermount dev=/dev/hdc,fs=auto,ro,--,iocharset=iso8859-1,codepage=850,umask=0 0 0

none . /mnt/floppy supermount dev=/dev/fd0,fs=auto,--,iocharset=iso8859-1,sync,codepage=850,umask=0 0 0

You can see the CD-ROM and floppy have the same codes as the Windows partition because they are not Linux default.

For the memory card reader:

/dev/sda1 /mnt/memory_card auto user,iocharset=iso8859-1,kudzu,codepage=850,noauto,umask=0,exec 0 0

Two additional entries are ¨devpts¨ and ¨/proc¨

The devpts file system provides an interface to pseudo-terminal (pty) devices. It is typically mounted at /dev/pts.

The /proc filesystem is to provide an easy way to view kernel and information about currently running processes.

If you build Linux from scratch, you will have to write your own /etc/fstab file.

/etc/mtab

This file handles the mounted devices and is automatically updated by the mount command.

And it looks a bit similar to fstab but not the 100% same ( notice rw and ro for read/write and read only ) And it does only lists the mounted devices !

Wednesday, February 24, 2010

SKINNY ELEPHANTS ( Or: If All Else Fails ) :

 

In addition to the PID story in Run-Away Processes If all is blocked and even Ctrl+Alt+backspace ( what should be a last resort ) does not react, if your system does not react on any action ( like I said before, very rare in

Linux ) remember the next line:

Raising Skinny Elephants Is Utterly Boring

Here is how you "raise the elephant":

Alt+SysRq+r ( The LEFT Alt key ) ( SysRq is on the same button as print screen )

Alt+SysRq+s

Alt+SysRq+e

Alt+SysRq+i

Alt+SysRq+u

Alt+SysRq+b

Give a little time between keystrokes.

The r stands for put keyboard in raw mode

The s for sync the disk

The e for terminate all processes

The i for kill all processes

The u for remount all file systems read only

The b for reboot the system

THIS IS THE VERY LAST SAVE YOUR BUTT PROCEDURE ONLY IF ALL ELSE FAILS !

RUN-AWAY PROCESSES ( and the way to kill them ) :

 

A full system crash is very rare in Linux, most of the times it is only one program that acts up. There are several ways to recover from a crashed program.

1). If a program blocks, crashes or runs-away ( does not want to close or stop running ), change desktop and press the Ctrl+Esc keys. You will get the Process Table with all processes running on your system ( some

processes may appear several times, that is normal ) the first four columns are the most important, if you know the name of the process things are simple, if you don't: in the 3rd and 4th you can see what is consuming

all that cpu. Now remember or note down the PID number ( Process IDentifier ) you will need this. ( for multiple processes with the same name only the last one is the one you're after ).

Now go to yet another desktop open a terminal/console type < su > ( without the <> ) and give your root password, then type < kill 4246 >; ( if 4246 was the pid number ).

That's all, job done ! ( rebooting like in Windows is NOT needed in Linux !)

(There are other ways with names instead of numbers, terminal instead of gui process table, but this is the most general way to solve ur problem )

2). If all your desktops are blocked ( when X crashes): Press Ctrl+Alt+F1, you will go out of X, and get an empty terminal screen, fully black with a login prompt. ( there are 6 terminals available F1 to F6 ) Then log in as

"root" ( not "su" this time ) and type <top>, you will get the same process-table with the PID numbers, find the number that's hurting, close top with the"Q" key, press Alt+F2, you will get a second black screen ( terminal )

to log in to, log in as root and < kill 4246 >.

For returning to X, press Alt+F7 !

3). Also you can try Ctrl+Alt+Backspace . . . it will log you out of X and bring you back to the graphical login screen where you can start KDE or Gnome again.

4). If even this does not help or you can not find the process and PID number just type "reboot" at the root-prompt ( of a Ctrl+Alt+F1 terminal ) and you will get a clean reboot.

5). If even this last step does not work, read the POST: Skinny Elephants

Tuesday, February 23, 2010

Backing up the MBR:

 

Just another note about restoring the boot loader for dual boot systems,

after Windows messes it up. In Linux, the "dd" command can read and

write to/from raw disks and files. If you have a floppy drive, creating

a boot disk is as simple as putting a floppy in the drive and typing

this:

$ su

<type password>

# dd if=/dev/hda of=/dev/fd0 bs=512 count=1

This makes an exact copy of the MBR of the first hard drive, copying it

to a floppy disk. You can boot directly from this floppy, and see your

old boot menu. You can restore it by switching the "if=" and "of="

(input file, output file) parameters.

If you don't have a floppy drive, you can back it up to a file with

this:

# dd if=/dev/hda of=/home/john/boot.mbr bs=512 count=1

Then you can boot into a CD-ROM distribution such as Knoppix, or often

use your Linux distribution's installation CD to boot into rescue mode,

and restore it with:

$ su

# dd if=/mnt/hda5/john/boot.mbr of=/dev/hda bs=512 count=1

(you'll need to find and mount the partition containing the directory

where you backed up the MBR for the "if" parameter--this is an example).

Sunday, February 21, 2010

Recover ROOT Password :

 

First of all disconnect your PC from the internet connection !

Steps to recover lost root password:

(Here I'm assuming that you are lot allowed to boot into linux maching through single user mode or your Bootloader is password protected. )

Step 1: For Redhat and Mandrake:

Then boot from your first install CD and as the very first screen comes up hit F2 and type:

rescue ( For RedHat "linux rescue" )

and the computer will boot in rescue mode.

It will show a few alternatives, select : ¨mount the existing partitions¨ and go to the shell/console prompt.

( Booting Mandrake in "failsafe" from the Lilo menu does the same )

Step 1: For SUSE:

Boot from your first install CD and press F1 at the first screen, then choose "Rescue System" from the menu and at the prompt type "root" ( you do not need a password )

Step 1: For other distro's

Boot from the first install CD ( or any Live CD like Knoppix ) and at the bootprompt type:

CODE

linux single

( For Knoppix: knoppix single )

And it will boot in "single user mode" and you will get an odd looking prompt like “sh-2.05b#”

Alternative for step 1

Sure with most Live and Rescue CDs you can also just boot in the live version, mount the partition and, as root, make changes to the files indicated below:

Step 2

CODE

# cd /etc

( if you boot from knoppix first cd to the partition your lost-password-distro is on )

We need to change two files; ¨passwd¨ and ¨shadow¨:

CODE

# vi passwd

( opens the file )

< i > ( puts vi in insertmode )

This is the first line:

root:x:0:0:root:/root:/bin/bash

Make it:

root::0:0:root:/root:/bin/bash

So just get writ of the ¨x¨ do not touch the ¨:¨ ( colons )

Save the file:

Esc

ZZ

Second file to be changed:

CODE

# vi shadow

( open the file )

< i > ( insert mode )

The first line is a long scrambled line of characters, just make it:

root:::: ( four colons ! )

Save the file and quit editor.

wq

Now you can reboot your computer. Log in as normal user, open a console and type:

CODE

$ su

# passwd

And set the new root password !

Log out as root:

Ctrl+d

And the job is done !!

WARNING: Only after setting your new root password it is safe to connect your computer to the internet or local network again !!

Make Linux ignore a ping

 

Because I want to monitor traffic, not block it entirely. I just want this machine to basically lurk on my network looking for suspicious activity and then notifying me if it occurs. Sometimes it can be useful to hide a Linux machine a bit. Not responding to pings would at least keep most "hackers" out because they would never even

Know it's there.

To turn answers to icmp_echos off, as root type:

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

and to turn it on again type:

echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all

Even better way:

Don't ignore ICMP echos:

sysctl -w net.ipv4.icmp_echo_ignore_all=0

do ignore ICMP echos:

sysctl -w net.ipv4.icmp_echo_ignore_all=1

sysctl -a will give you a nice list of values that you can tweak.

If you're running a Redhat-based system, you can plop the desired values in /etc/sysctl.conf.

Sunday, February 14, 2010

Best Linux Distributions of the Decade (2000-2009)

 

We've seen plenty of "Best of the Decade" lists around, but not one is related to Linux distribution. So it's only fitting that we will give credit to the best Linux distros that dominated the last decade (2000-2009), or most part of it.

One of the best ways to measure a Linux distribution's caliber is to look at its popularity. Since Distrowatch is the only site that religiously measures the popularity of distros through its "Page Hit Ranking" system, let's take a look at first at some of its data gathered from 2002-2009.

Distrowatch Distro Rankings (2002-2009)

2002
1. Mandrake (Mandriva)
2. Red Hat
3. Gentoo
4. Debian
5. Sorcerer
6. SuSE
7. Slackware
8. Lycoris
9. Lindows
10. Xandros

2003
1. Mandrake
2. Red Hat
3. Knoppix
4. Gentoo
5. Debian
6. Yoper
7. SUSE
8. Slackware
9. Lycoris
10. Xandros

2004
1. Mandrakelinux (Mandriva)
2. Fedora
3. KNOPPIX
4. SUSE
5. Debian
6. MEPIS
7. Gentoo
8. Slackware
9. PCLinuxOS
10. Damn Small

2005
1. Ubuntu
2. Mandriva
3. SUSE
4. Fedora
5. MEPIS
6. Debian
7. KNOPPIX
8. Damn Small
9. Gentoo
10. Slackware

2006
1. Ubuntu
2. openSUSE
3. Fedora
4. MEPIS
5. Mandriva
6. Damn Small
7. Debian
8. PCLinuxOS
9. Slackware
10. Gentoo

2007
1. Ubuntu
2. PCLinuxOS
3. openSUSE
4. Fedora
5. Sabayon
6. Mint
8. MEPIS
9. Mandriva
10. Damn Small

2008
1. Ubuntu
2. openSUSE
3. Mint
4. Fedora
5. PCLinuxOS
6. Debian
7. Mandriva
8. Dreamlinux
9. Sabayon
10. Damn Small

2009
1. Ubuntu
2. Fedora
3. Mint
4. openSUSE
5. Debian
6. Mandriva
7. Puppy
8. PCLinuxOS
9. Sabayon
10. Arch

With a rough estimate based on the Distrowatch rankings, here are the best Linux distros from 2002-2009:

1. Ubuntu
2. Mandriva
3. openSUSE
4. Fedora
5. Debian
6. Mint
7. Gentoo
8. Slackware
9. Damn Small
10. MEPIS

You may also want to see this graph from Google Trends:

best-linux-distro1

 

Please Participate in this poll :

What's NEW in RHEL 5.5?

 

The next release of Red Hat Enterprise Linux (RHEL) is in beta. The release notes give a clue as to what's coming in RHEL 5.5, including improvements to virtualization and support for new platforms from Intel, AMD, and IBM's Power7.

Improvements to virtualization mean better memory management and use of devices. RHEL 5.5 will allow virtual machines running under KVM to use PCI devices as if attached to the guest OS, rather than running as virtualized devices. If deployed on machines using Intel VT-d extensions, PCI devices can be reassigned while a system is running and attached to another guest OS. In addition, RHEL 5.5 will also allow reallocation of memory during runtime, so it won't be necessary to shut down a guest OS under KVM to increase or decrease its allocated RAM.

Kernel updates in RHEL 5.5 will enable AMD's new processors, Intel's new Boxboro-Ex and Boxboro-MC, and IBM's Power7. Power7 has been getting quite a bit of attention and could be a major platform for Linux.

This release also includes a number of updates to drivers, improvements to SystemTap, an update to FreeRADIUS 2, and Samba. A full and detailed list of package updates is available on the Red Hat Website.(The next release of Red Hat Enterprise Linux (RHEL) is in beta. The release notes give a clue as to what's coming in RHEL 5.5, including improvements to virtualization and support for new platforms from Intel, AMD, and IBM's Power7.

Improvements to virtualization mean better memory management and use of devices. RHEL 5.5 will allow virtual machines running under KVM to use PCI devices as if attached to the guest OS, rather than running as virtualized devices. If deployed on machines using Intel VT-d extensions, PCI devices can be reassigned while a system is running and attached to another guest OS. In addition, RHEL 5.5 will also allow reallocation of memory during runtime, so it won't be necessary to shut down a guest OS under KVM to increase or decrease its allocated RAM.

Kernel updates in RHEL 5.5 will enable AMD's new processors, Intel's new Boxboro-Ex and Boxboro-MC, and IBM's Power7. Power7 has been getting quite a bit of attention and could be a major platform for Linux.

This release also includes a number of updates to drivers, improvements to SystemTap, an update to FreeRADIUS 2, and Samba. A full and detailed list of package updates is available on the Red Hat Website.

The 5.5 release will also include a fair amount of functionality for technology preview purposes. This includes stateless Linux, the Ext4 filesystem, Fibre Channel over Ethernet (FCoE), GCC 4.4, and support for the Intel Trusted Platform Module. See a longer list on Dag Wieers site.

Access to the beta requires a subscription to the Red Hat Network. The beta is scheduled to last through March 16, 2010, and the final release date has not yet been announced.

Migrating users in one Linux.

 

Have you ever had a need to migrate current running Linux users from installation to another? That would be a simple task if the user count was low. But  what happens when the user count is in the hundreds? What do you do then? If you’re not using LDAP, you know you will have to migrate the users’ data, passwords, etc from the old machine to the new. Believe it or not, this is just a matter of a few commands – not necessarily simple commands, but it’s not as complex as you would think.

In this article I am going to show you how to make this migration so your Linux users do not loose their data and their passwords are all retained.

What we migrating

The list is fairly simple:

    * /etc/passwd - Contains information about the user.
    * /etc/shadow - Contains the encrypted passwords.
    * /etc/group - Contains group information.
    * /etc/gshadow - Contains group encrypted passwords.
    * /var/spool/mail - Contains users email (the location will depend upon the mail server you use).
    * /home/ - Contains users data.

Unfortunately these files can not simply be copied from one machine to another – that would be too easy.  Just make sure you enter the following commands correctly.

Source machine

These are the commands you will need to run on the machine you are migrating users FROM. I will assume you are doing this on a system that uses a root user (such as Fedora), so all commands will be done as root:

mkdir ~/MOVE

The above command creates a directory to house all of the files to be moved.

export UGIDLIMIT=500

The above command sets the UID filter limit to 500. NOTE: This value will be dictated by your distribution. If you use Red Hat Enterprise Linux, CentOS, or Fedora this value is shown in the command above. If you use Debian or Ubuntu that limit is 1000 (not 500).

awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/passwd > ~/MOVE/passwd.mig

The above command copies only user accounts from /etc/passwd (using awk allows us to ignore system accounts.)

awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/group > ~/MOVE/group.mig

The above command copies the /etc/group file.

awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534) {print $1}’ /etc/passwd | tee – |egrep -f – /etc/shadow > ~/MOVE/shadow.mig

The above command copies the /etc/shadow file.

cp /etc/gshadow ~/MOVE/gshadow.mig

The above command copies the /etc/gshadow file.

tar -zcvpf ~/MOVE/home.tar.gz /home

The above command archives /home.

tar -zcvpf ~/MOVE/mail.tar.gz /var/spool/mail

The above command archives the mail directory. NOTE: If you are using Sendmail this is the correct directory. If you are using Postfix that directory most likely will be /etc/postfix.

Now it’s time to move everything in ~/MOVE over to the new server. You can do this using the scp command like so:

scp -r ~/MOVE/* USER@IP_OF_NEW_SERVER:/home/USER/

Where USER is the username you will use to send the file and IP_OF_NEW_SERVER is the address of the new server. NOTE: If this server is not on line yet you can always copy these files onto a thumb drive and move them that way.

Target machine

Now we’re working on the new server. Follow these commands (run as the root user):

mkdir ~/newsusers.bak

The above command will create a new directory that will house the backup of the current users.

cp /etc/passwd /etc/shadow /etc/group /etc/gshadow ~/newsusers.bak

The above command will copy the necessary files to the new backup directory.

cd /PATH/TO/DIRECTORY
cat passwd.mig >> /etc/passwd
cat group.mig >> /etc/group
cat shadow.mig >> /etc/shadow
/bin/cp gshadow.mig /etc/gshadow

The above commands will restore all password files onto the new system. NOTE: Where /PATH/TO/DIRECTORY is the location where you copied the files onto the new system.

cd /
tar -zxvf /PATH/TO/DIRECTORY/home.tar.gz

The above commands will first change you to the / directory and then unpack the archived /home directory. NOTE: Where /PATH/TO/DIRECTORY is the location where you copied the files onto the new system.

cd /
tar -zxvf /PATH/TO/DIRECTORY/mail.tar.gz

The above commands will first change you to the / directory and then unpack the archived/var/spool/mail directory. NOTE: Where /PATH/TO/DIRECTORY is the location where you copied the files onto the new system.

You can now reboot your system with the users

 
Things You Should Know About Linux !!!