Tuesday, November 19, 2013

File content search command in linux

By default, grep command prints the matching lines You can pass -H option to print the filename for each match.


$ grep -H -r “irfan” /etc/passwd

Wednesday, October 30, 2013

How to reset top gnome panel on Ubuntu 12.04

Config reset
This worked for me in GNOME Classic on 12.04 to reset the gnome-panel configuration:

dconf reset -f /org/gnome/gnome-panel/
killall gnome-panel

Tuesday, October 15, 2013

TRUST A CERTIFICATE IN JAVA ON MAC OS X

First, export the cert using a web browser or whatever.  I used firefox, because it is easy, and I couldn’t figure out how to do it in chrome.  You should end up with a simple PEM encoded file.  Then here’s how you import it:

$ cd /System/Library/Java/Support/CoreDeploy.bundle/Contents/Home/lib/security
$ sudo cp cacerts cacerts.orig
$ sudo keytool -importcert -file your_cert_file_here -keystore cacerts

(Note: default keystore password is "changeit")

you’ll be prompted to trust it, then you are done.

or

$ sudo -i
# cd /Library/Java/Home
# keytool -import -trustcacerts -alias CAName -file CA.crt -keystore lib/security/cacerts


or

============================================


If Java is installed on your computer, but you are still having problems with Java functionality in Blackboard (see Troubleshooting Java Issues in Blackboard), there might be a problem with the Java security certificate settings on your computer. Here are two things to look for, with tips to troubleshoot:

1. The application digital signature has not been allowed to run

When you login to Blackboard for the first time on a given computer, you are greeted with a prompt that reads "The application's digital signature has been verified. Do you want to run the application?" You must select "Run" for Java-driven functionality to work within Blackboard.

If you accidentally select "Cancel," you should be able to restart your browser and then login again. This will bring up the prompt, allowing you to select "Run."

When you select "Run," you tell your Java installation to trust the Java security certificate that Blackboard uses. That information is stored away so that you do not have to keep selecting "Run" every time you login


2. The certificate information stored on the comptuer does not match the current certificate

Every once in a while, the Java security certificate on Blackboard is renewed, which may cause problems if the certificate information stored on your comptuter does not match. To see if this is the case, you must clear out your stored Blackboard certificates in Java. Below are the steps for doing so.

Windows

Open a web browser and login to Blackboard. This will initiate Java on your computer.
Look for the Java icon located in the bottom-right corner of the Windows task bar.





3. Right click on the icon and select "Open Control Panel."


4. Once the control panel is open, select the "Security" tab.




5. Click the "Certificates" button. 
6.Highlight any certificates containing the word "blackboard" and click the "Remove" button.









Solved Error "unable to find valid certification path to requested target" java


Saturday, September 21, 2013

Configure Postfix to Use Gmail SMTP on Ubuntu

If you want to use a Gmail account as a free SMTP server on your Ubuntu-Linux server, you will find this article useful. This guide is tested with Ubuntu 12.04. If you face any issue, feel free to use comments-section below.

Relaying Postfix mails via smtp.gmail.com:

First, install all necessary packages:

sudo aptitude install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules

If you do not have postfix installed before, postfix configuration wizard will ask you some questions. Just select your server as Internet Site and for FQDN use something like mail.example.com

Then open your postfix config file:

vim /etc/postfix/main.cf

and following lines to it:

relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes

You might have noticed that we haven’t specified our Gmail username and password in above lines. They will go into a different file. Open/Create

vim /etc/postfix/sasl_passwd

And add following line:

[smtp.gmail.com]:587    USERNAME@gmail.com:PASSWORD

If you want to use your Google App’s domain, please replace @gmail.com with your @domain.com

Fix permission and update postfix config to use sasl_passwd file:

sudo chmod 400 /etc/postfix/sasl_passwd
sudo postmap /etc/postfix/sasl_passwd


Next, validate certificates to avoid running into error. Just run following command:

cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem

Finally, reload postfix config for changes to take effect:

sudo /etc/init.d/postfix reload

Testing if mails are sent via Gmail SMTP server:

If you have configured everything correctly, following command should generate a test mail from your server to your mailbox.

echo "Test mail from postfix" | mail -s "Test Postfix" you@example.com

To further verify, if mail sent from above command is actually sent via Gmail’s SMTP server, you can log into Gmail account USERNAME@gmail.com with PASSWORD and check “Sent Mail” folder in that Gmail account. By default, Gmail always keeps a copy of mail being sent through its web-interface as well as SMTP server. This logging is one strong reason that we often use Gmail when mail delivery is critical.

Once configured, all emails from your server will be sent via Gmail. This method will be useful if you have many sites on your server and want them all to send emails via Gmail’s SMTP server.

Thursday, September 12, 2013

Blocking domain names with bind

Create zone file with name "poison"

@ IN SOA ( ns1.domain.com. hostmaster.domain.com.
           1 10800 3600 86400 21600 )
  IN NS  ns1.domain.com.

save and exit

After setting up the "poison" zone file, you need to direct the domains to this file in your named.conf file. You should add lines (or blocks, if you prefer to keep things on multiple lines) to named.conf which look like this:
named.conf

zone "virus.com" in { type master; file "poison"; };
zone "irfan.com"      in { type master; file "poison"; };
zone "pathan.com" in { type master; file "poison"; };

save and exit

#rndc reload
       or
#service named restart

Saturday, September 7, 2013

IPV6

                                                   ***  IPv6 Addressing  ***
IPv6 Basics

The most widespread implementation of IP currently is IPv4, which utilizes 
a 32-bit address. Mathematically, a 32-bit address can provide roughly 4 
billion unique IP addresses (232= 4,294,967,296). Practically, the number of 
usable IPv4 addresses is much lower, as many addresses are reserved for 
diagnostic, experimental, or multicast purposes. 
The explosive growth of the Internet and corporate networks quickly led to 
an IPv4 address shortage. Various solutions were developed to alleviate this 
shortage, including CIDR, NAT, and Private Addressing. However, these 
solutions could only serve as temporary fixes. 
In response to the address shortage, IPv6 was developed. IPv6 increases the 
address size to 128 bits, providing a nearly unlimited supply of addresses 
(340,282,366,920,938,463,463,374,607,431,768,211,456 to be exact). This 
provides roughly 50 octillion addresses per person alive on Earth today, or 
roughly 3.7 x 1021 addresses per square inch of the Earth’s surface.

IPv6 offers the following features: 

• Increased Address Space and Scalability – providing the absurd
number of possible addresses stated previously.
• Simplified Configuration – allows hosts to auto-configure their IPv6
addresses, based on network prefixes advertised by routers.
• Integrated Security – provides built-in authentication and encryption
into the IPv6 network header
• Compatibility with IPv4 – simplifies address migration, as IPv6 is
backward-compatible with IPv4


The IPv6 Address

The IPv6 address is 128 bits, as opposed to the 32-bit IPv4 address. Also
unlike IPv4, the IPv6 address is represented in hexadecimal notation,
separate by colons.
An example of an IPv6 address would be:
1254:1532:26B1:CC14:0123:1111:2222:3333

Each “grouping” (from here on called fields) of hexadecimal digits is 16
bits, with a total of eight fields. The hexadecimal values of an IPv6 address
are not case-sensitive.
We can drop any leading zeros in each field of an IPv6 address. For
example, consider the following address:
1423:0021:0C13:CC1E:3142:0001:2222:3333

We can condense that address to: 1423:21:C13:CC1E:3142:1:2222:3333
Only leading zeros can be condensed. If we have an entire field comprised of
zeros, we can further compact the following address:
F12F:0000:0000:CC1E:2412:1111:2222:3333

The condensed address would be: F12F::CC1E:2412:1111:2222:3333
Notice the double colons (::). We can only condense one set of contiguous
zero fields. Thus, if we had the following address:
F12F:0000:0000:CC1E:2412:0000:0000:3333

We could not condense that to: F12F::CC1E:2412::3333
The address would now be ambiguous, as we wouldn’t know


The IPv6 Address Hierarchy

IPv4 separated its address space into specific classes. The class of an IPv4
address was identified by the high-order bits of the first octet:
• Class A - (00000001 – 01111111, or 1 - 127)
• Class B - (10000000 – 10111111, or 128 - 191)
• Class C - (11000000 – 11011111, or 192 - 223)
• Class D - (11100000 – 11101111, or 224 - 239)
IPv6’s addressing structure is far more scalable. Less than 20% of the IPv6
address space has been designated for use, currently. The potential for
growth is enormous.
The address space that has been allocated is organized into several types,
determined by the high-order bits of the first field:
• Special Addresses – addresses begin 00xx:
• Link Local – addresses begin FE8x:
• Site Local – addresses begin FECx:
• Aggregate Global – addresses begin 2xxx: or 3xxx:
• Multicasts – addresses begin FFxx:
• Anycasts

Thursday, September 5, 2013

Vim Tip: Comment out multiple lines

ommenting out a bunch of lines without a vim plugin:
Select your lines with VISUAL BLOCK (CTRL-V), then press I to insert before all highlighted lines. Next type your comment character, # (for python, shell, etc). Last press ESC.
I forget not frequently used, but helpful VIM commands from time to time.
You can alternatively select your lines with VISUAL LINE (SHIFT-V), then type : s/^/#
This tells the selected lines that you wish to substitute the start of the line with the # char.

Thursday, August 29, 2013

Examples of linux find commands

The Linux Find Command is one of the most important and much used command in Linux sytems. Find command used to search and locate list of files and directories based on conditions you specify for files that match the arguments. Find can be used in variety of conditions like you can find files by permissionsusersgroupsfile typedatesize and other possible criteria.




1. Find Files Using Name in Current Directory

Find all the files whose name is tecmint.txt in a current working directory.
# find . -name tecmint.txt

./tecmint.txt

2. Find Files Under Home Directory

Find all the files under /home directory with name tecmint.txt.
# find /home -name tecmint.txt

/home/tecmint.txt

3. Find Files Using Name and Ignoring Case

Find all the files whose name is tecmint.txt and contains both capital and small letters in /homedirectory.
# find /home -iname tecmint.txt

./tecmint.txt
./Tecmint.txt

4. Find Directories Using Name

Find all directories whose name is Tecmint in / directory.
# find / -type d -name Tecmint

/Tecmint

5. Find PHP Files Using Name

Find all php files whose name is tecmint.php in a current working directory.
# find . -type f -name tecmint.php

./tecmint.php

6. Find all PHP Files in Directory

Find all php files in a directory.
# find . -type f -name "*.php"

./tecmint.php
./login.php
./index.php
Part II – Find Files Based on their Permissions

7. Find Files With 777 Permissions

Find all the files whose permissions are 777.
# find . -type f -perm 0777 -print

8. Find Files Without 777 Permissions

Find all the files without permission 777.
# find / -type f ! -perm 777

9. Find SGID Files with 644 Permissions

Find all the SGID bit files whose permissions set to 644.
# find / -perm 2644

10. Find Sticky Bit Files with 551 Permissions

Find all the Sticky Bit set files whose permission are 551.
# find / -perm 1551

11. Find SUID Files

Find all SUID set files.
# find / -perm /u=s

12. Find SGID Files

Find all SGID set files.
# find / -perm /g+s

13. Find Read Only Files

Find all Read Only files.
# find / -perm /u=r

14. Find Executable Files

Find all Executable files.
# find / -perm /a=x

15. Find Files with 777 Permissions and Chmod to 644

Find all 777 permission files and use chmod command to set permissions to 644.
# find / -type f -perm 0777 -print -exec chmod 644 {} \;

16. Find Directories with 777 Permissions and Chmod to 755

Find all 777 permission directories and use chmod command to set permissions to 755.
# find / -type d -perm 777 -print -exec chmod 755 {} \;

17. Find and remove single File

To find a single file called tecmint.txt and remove it.
# find . -type f -name "tecmint.txt" -exec rm -f {} \;

18. Find and remove Multiple File

To find and remove multiple files such as .mp3 or .txt, then use.
# find . -type f -name "*.txt" -exec rm -f {} \;

OR

# find . -type f -name "*.mp3" -exec rm -f {} \;

19. Find all Empty Files

To file all empty files under certain path.
# find /tmp -type f -empty

20. Find all Empty Directories

To file all empty directories under certain path.
# find /tmp -type d -empty

21. File all Hidden Files

To find all hidden files, use below command.
# find /tmp -type f -name ".*"
Part III – Search Files Based On Owners and Groups

22. Find Single File Based on User

To find all or single file called tecmint.txt under /root directory of owner root.
# find / -user root -name tecmint.txt

23. Find all Files Based on User

To find all files that belongs to user Tecmint under /home directory.
# find /home -user tecmint

24. Find all Files Based on Group

To find all files that belongs to group Developer under /home directory.
# find /home -group developer

25. Find Particular Files of User

To find all .txt files of user Tecmint under /home directory.
# find /home -user tecmint -iname "*.txt"
Part IV – Find Files and Directories Based on Date and Time

26. Find Last 50 Days Modified Files

To find all the files which are modified 50 days back.
# find / -mtime 50

27. Find Last 50 Days Accessed Files

To find all the files which are accessed 50 days back.
# find / -atime 50

28. Find Last 50-100 Days Modified Files

To find all the files which are modified more than 50 days back and less than 100 days.
# find / -mtime +50 –mtime -100

29. Find Changed Files in Last 1 Hour

To find all the files which are changed in last 1 hour.
# find / -cmin -60

30. Find Modified Files in Last 1 Hour

To find all the files which are modified in last 1 hour.
# find / -mmin -60

31. Find Accessed Files in Last 1 Hour

To find all the files which are accessed in last 1 hour.
# find / -amin -60
Part V – Find Files and Directories Based on Size32. Find 50MB Files
To find all 50MB files, use.
# find / -size 50M

33. Find Size between 50MB – 100MB

To find all the files which are greater than 50MB and less than 100MB.
# find / -size +50M -size -100M

34. Find and Delete 100MB Files

To find all 100MB files and delete them using one single command.
# find / -size +100M -exec rm -rf {} \;

35. Find Specific Files and Delete

Find all .mp3 files with more than 10MB and delete them using one single command.
# find / -type f -name *.mp3 -size +10M -exec ls -l {} \;

Tuesday, August 20, 2013

Add Jobs To cron Under Linux

How Do I install or create or edit my own cron jobs?

To edit your crontab file, type the following command at the UNIX / Linux shell prompt:
$ crontab -e

Syntax of crontab (field description)

The syntax is:
 
1 2 3 4 5 /path/to/command arg1 arg2
 
OR
 
1 2 3 4 5 /root/backup.sh
 
Where,
  • 1: Minute (0-59)
  • 2: Hours (0-23)
  • 3: Day (0-31)
  • 4: Month (0-12 [12 == December])
  • 5: Day of the week(0-7 [7 or 0 == sunday])
  • /path/to/command - Script or command name to schedule
Easy to remember format:
* * * * * command to be executed
- - - - -
| | | | |
| | | | ----- Day of week (0 - 7) (Sunday=0 or 7)
| | | ------- Month (1 - 12)
| | --------- Day of month (1 - 31)
| ----------- Hour (0 - 23)
------------- Minute (0 - 59)
Your cron job looks as follows for system jobs:
1 2 3 4 5 USERNAME /path/to/command arg1 arg2
OR
1 2 3 4 5 USERNAME /path/to/script.sh

Example: Run backup cron job script

If you wished to have a script named /root/backup.sh run every day at 3am, your crontab entry would look like as follows. First, install your cronjob by running the following command:
# crontab -e
Append the following entry:
0 3 * * * /root/backup.sh
Save and close the file.

More examples

To run /path/to/command five minutes after midnight, every day, enter:
5 0 * * * /path/to/command
Run /path/to/script.sh at 2:15pm on the first of every month, enter:
15 14 1 * * /path/to/script.sh
Run /scripts/phpscript.php at 10 pm on weekdays, enter:
0 22 * * 1-5 /scripts/phpscript.php
Run /root/scripts/perl/perlscript.pl at 23 minutes after midnight, 2am, 4am ..., everyday, enter:
23 0-23/2 * * * /root/scripts/perl/perlscript.pl
Run /path/to/unixcommand at 5 after 4 every Sunday, enter:
5 4 * * sun /path/to/unixcommand

How do I use operators?

An operator allows you to specifying multiple values in a field. There are three operators:
  1. The asterisk (*) : This operator specifies all possible values for a field. For example, an asterisk in the hour time field would be equivalent to every hour or an asterisk in the month field would be equivalent to every month.
  2. The comma (,) : This operator specifies a list of values, for example: "1,5,10,15,20, 25".
  3. The dash (-) : This operator specifies a range of values, for example: "5-15" days , which is equivalent to typing "5,6,7,8,9,....,13,14,15" using the comma operator.

How do I disable email output?

By default the output of a command or a script (if any produced), will be email to your local email account. To stop receiving email output from crontab you need to append >/dev/null 2>&1. For example:
0 3 * * * /root/backup.sh >/dev/null 2>&1
To mail output to particular email account let us say vivek@nixcraft.in you need to define MAILTO variable as follows:
MAILTO="vivek@nixcraft.in"
0 3 * * * /root/backup.sh >/dev/null 2>&1

Task: List all your cron jobs

Type the following command:
# crontab -l
# crontab -u username -l

To remove or erase all crontab jobs use the following command:
# crontab -r
crontab -r -u username

Use special string to save time

Instead of the first five fields, you can use any one of eight special strings. It will not just save your time but it will improve readability.
Special stringMeaning
@rebootRun once, at startup.
@yearlyRun once a year, "0 0 1 1 *".
@annually(same as @yearly)
@monthlyRun once a month, "0 0 1 * *".
@weeklyRun once a week, "0 0 * * 0".
@dailyRun once a day, "0 0 * * *".
@midnight(same as @daily)
@hourly Run once an hour, "0 * * * *".     

Friday, August 16, 2013

crontab settings

Introduction

Cron is a system daemon used to execute desired tasks (in the background) at designated times.
A crontab is a simple text file with a list of commands meant to be run at specified times. It is edited with a command-line utility. These commands (and their run times) are then controlled by the cron daemon, which executes them in the system background. Each user has a crontab file which specifies the actions and times at which they should be executed, these jobs will run regardless of whether the user is actually logged into the system. There is also a root crontab for tasks requiring administrative privileges. This system crontab allows scheduling of systemwide tasks (such as log rotations and system database updates).

On Gnome-based Ubuntu systems Gnome Scheduled tasks tool (from the gnome-schedule package) in Applications --> System Tools provides a graphical interface with prompting for using Cron. The project website is at http://gnome-schedule.sourceforge.net/; the software is installable from the Software Center or by typing
sudo apt-get install gnome-schedule
 
 
 
You can create a cron.log file to contain just the CRON entries that show up in syslog. Note that CRON jobs will still show up in syslog if you follow the following directions.
Open the file


/etc/rsyslog.d/50-default.conf
 
Find the line that starts with:
#cron.* uncomment that line, save the file, and restart rsyslog:
sudo service rsyslog restart You should now see a cron log file here:
/var/log/cron.log Cron activity will now be logged to this file (in addition to syslog).


 

 

tcptrack command

The tcptrack command displays the status of TCP connections that it sees on a given network interface. tcptrack monitors their state and displays information such as state, source/destination addresses and bandwidth usage in a sorted, updated list very much like the top command.

# tcptrack -i eth0


Sample outputs:
Fig.01: tcptrack in Action

(for ubuntu apt-get -y install tcptrack)

How to find out Active Connections or which Ports are open/listening on Linux

While managing a server or your home desktop, sometimes you might want to check out which ports are currently being used by which applications, what all TCP/UDP connections are active at the moment or other similar cases. There are two basic command line tools present in almost all the Linux/UNIX based systems - netstat and lsof, that might help you out with such queries.
Before starting it would be good to know about these two commands.
  • Netstat is used to display network connections, routing tables and a whole bunch of network and interface stats.
  • lsof on the other hand is used to list out open files. So, if you want to find out what all files are currently open just run lsof.  And since in Linux "Everything is a File", we can use lsof to print network connections too.
Lets start learning by resolving common queries.

How to display a list of open ports?

This can be done using both netstat and lsof.
[shredder12]$ netstat -n -A inet
-n is used to display numeric addresses instead of trying to determine symbolic hostnames
-A is used to define the address family we are concerned with. Here its internet connections on IPv4 network, so inet(user inet6 for IPv6 connections).
[shredder12]$ lsof -i

How to display a list of Active connections?

In case you noticed the output of the command mentioned above, they actually show the active connections.
[shredder12]$ netstat -n -A  inet
[shredder12]$ lsof -i

How to display a list of listening ports?

Use the --listen flag with netstat to get a list.
[shredder12]$ netstat --listen -A inet

How to display a list of active TCP or UDP connections?

With netstat, we can use the flag -t to denote TCP connections only.
[shredder12]$ netstat -n -A inet -t
similarly, -u for UDP connections.
The -i flag of lsof provides a lot of configurable options. Use the following command to filter out TCP connections.
[shredder12]$ lsof -i4TCP
Please note no space between i4 and TCP. This means TCP connections on IPv4 network. Similary one can use i6 for IPv6 and UDP for udp connections.

How to find out all the ports being used by a single application or process using PID?

With netstat option -p you can even list out the program a port/socket is associated with. So, lets run -p with our active connections command and grep the pid.
[shredder12]$ netstat -A inet -n -p | grep 1413
You can find out the PID of a process using ps or pgrep.

[shredder12]$ ps -e | grep firefox

[shredder12]$ pgrep firefox

How to find out all the files being used by a program or application using PID?

Since we are concerned with files, lsof comes into play here. Here the -p option used along with the PID to catch the files associated with that process.
[shredder12]$ lsof -i4TCP -a -p 1413

The -a flag is used to tell lsof to AND the result of all the options used.
I hope this will help you out.