Administration – Page 8

Find Out Hard Disk Specs on Linux

February 24, 2016 The Geek Decoder No Comments Administration

Find your drives

# fdisk -l

Disk /dev/sda: 17.2 GB, 17179869184 bytes
255 heads, 63 sectors/track, 2088 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0007f474

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          64      512000   83  Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2              64        2089    16264192   8e  Linux LVM

Disk /dev/mapper/vg_backup-lv_root: 14.9 GB, 14935916544 bytes
255 heads, 63 sectors/track, 1815 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000


Disk /dev/mapper/vg_backup-lv_swap: 1715 MB, 1715470336 bytes
255 heads, 63 sectors/track, 208 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

SDA is the primary

hdparm Command

Open the terminal and type the following


# hdparm -I /dev/sda


$ sudo hdparm -I /dev/sda

Why Backup your MySql Databases with Cron

February 19, 2016 The Geek Decoder No Comments Administration, MySQL

There are a few reasons to install a cron job to create full database dumps versus copying the /var/lib/mysql data. The MySQL service may have a lock on the database file(s) when it attempts to replicate the data file, causing it to fail; if the backup on the data files does succeed, the InnoDB log files may not match with the ibdata increasing the chance of full corruption or lost data; MyISAM data and table structures can face similar issues.

Plesk

Create a location for the dumps. This will be the folder the dumps are exported to by the script.

# mkdir -pv /usr/local/db/dumps

Create a script that cron can execute. Create /usr/local/bin/dbdump with these contents:

nano /usr/local/bin/dbdump

Put this in the file (for Plesk)

#!/bin/bash
for db in $(mysql -uadmin -p`cat /etc/psa/.psa.shadow` -e 'show databases' -s --skip-column-names); do echo -n "dumping $db..."; mysqldump -uadmin -p`cat /etc/psa/.psa.shadow` $db > "/usr/local/db/dumps/$db.sql"; echo "[done]"; done

Make it executable:

# chmod +x /usr/local/bin/dbdump

For non plesk:

# nano /usr/local/bin/dbdump

Put this in the file

for db in $(mysql -uroot -pPASSWORD -e 'show databases' -s --skip-column-names); do echo -n "dumping $db..."; mysqldump -uroot -pPASSWORD $db > "/usr/local/db/dumps/$db.sql"; echo "[done]"; done

Make it executable:

# chmod +x /usr/local/bin/dbdump

Create /etc/cron.d/dbdump with these contents:

# nano /etc/cron.d/dbdump

# Cronjob to dump databases nightly
05     0      *       *       *       root       /usr/local/bin/dbdump >/dev/null 2>&1

Install Zabbix agent on CentOS

February 11, 2016 The Geek Decoder No Comments Administration

Link to install zabbix server on centOS 6- http://www.unixmen.com/install-zabbix-monitoring-tool-centos-6-5/

Zabbix Documentation – https://www.zabbix.com/documentation/3.4/manual/installation/install_from_packages/rhel_centos

Install on CentOS 7 – http://www.unixmen.com/how-to-install-zabbix-server-on-centos-7/

Install Epel

# yum install epel-release

Configure the ZabbixZone package repository and GPG key using command:

# rpm --import http://repo.zabbix.com/RPM-GPG-KEY-ZABBIX

# rpm -Uv  http://repo.zabbix.com/zabbix/2.4/rhel/7/x86_64/zabbix-release-2.4-1.el7.noarch.rpm

Install the agent

# yum install zabbix-agent

Modify Zabbix Agent Configuration
Open zabbix_agentd.conf and make below necessary changes (Add your Zabbix Server IP and add Zabbix Agent hostname) and save + Exit.

# sudo nano /etc/zabbix/zabbix_agentd.conf
Server=192.168.1.106
ServerActive=192.168.1.106
Hostname=server.geekdecoder.com

Set to on

# chkconfig zabbix-agent on

Restart Zabbix Agent

# service zabbix-agent restart
or
# /etc/init.d/zabbix-agent restart

# For Systemd Systeme #
# systemctl restart zabbix-agent.service
or
# systemctl restart zabbix-agent
or
# /bin/systemctl restart zabbix-agent.service

Add firewall rule in CentOS 7:

# firewall-cmd --permanent --zone=public --add-port=10050/tcp
success
# firewall-cmd --reload
success

Zip files and exclude directories

February 10, 2016 The Geek Decoder No Comments Administration

Zip and exclude one directory

Change to the directory…

# cd /var/www/vhosts/domainname/httpdocs/

# zip -r domainname.zip * -x \*test\*

2 directories

# zip -r domainname.zip * -x \*test\* \*test2\*

Reset CentOS Root Password

December 31, 2015 The Geek Decoder No Comments Administration, CentOS 6, CentOS 7

To reset the root password for CentOS 6:

Boot Computer and Interrupt while booting at GRUB stage hitting ‘arrow‘ keys or “space bar“.
Type ‘a‘ to modify kernel argument. Anytime you can cancel typing ‘ESC‘ key.
Append 1 at the end of “rhgb quiet” and press “Enter” key to boot into single user mode.
Type command “runlevel” to know the the runlevel where you are standing. Here “1 S” state that your are in a single user mode.
Type ‘passwd‘ command without username and press ‘Enter‘ key in command prompt. It’ll ask to supply new root password and re-type the same password for confirmation.

Reboot

# shutdown -r now

CentOS 7

At the boot menu, press e to edit the existing kernel (Core)

Next, scroll down to the list until you see the line underlined below ( ro ) . What we need to do is change that ro to rw and start into a bash shell. It should look like this rw init=/sysroot/bin/sh.

Change the ro line to rw and add init=/sysroot/bin/sh

After changing that, press Control + X or Ctrl + X on your keyboard to start into single user mode using the bash shell specified above. In this mode, we’re going to change the root password.

In the single user mode, run the command as shown below


# chroot /sysroot

Finally, run the commands below to change the root password.


# passwd root

You’ll be prompted to create and confirm a new password. After creating the password, run the commands below to update SELinux parameters

touch /.autorelabel

Reboot

Use Find on Linux to find a file name

December 28, 2015 The Geek Decoder No Comments Administration, Find

How to search a directory for a specific filename.

cd /path/to/directory
find -iname "filename"

Install ClamAV on CentOS 7

December 16, 2015 The Geek Decoder No Comments Administration, CentOS 7, ClamAV

Install ClamAV and set up scheduled scans.

Install Epel:

# yum install epel-release

Install ClmAV

# yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.lax.hugeserver.com
 * epel: dl.fedoraproject.org
 * extras: dallas.tx.mirror.xygenhosting.com
 * updates: linux.mirrors.es.net
Package clamav-data-0.98.7-1.el7.noarch already installed and latest version
Package clamav-filesystem-0.98.7-1.el7.noarch already installed and latest version
Package clamav-lib-0.98.7-1.el7.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package clamav.x86_64 0:0.98.7-1.el7 will be installed
---> Package clamav-devel.x86_64 0:0.98.7-1.el7 will be installed
---> Package clamav-scanner-systemd.noarch 0:0.98.7-1.el7 will be installed
--> Processing Dependency: clamav-scanner = 0.98.7-1.el7 for package: clamav-scanner-systemd-0.98.7-1.el7.noarch
---> Package clamav-server.x86_64 0:0.98.7-1.el7 will be installed
--> Processing Dependency: nc for package: clamav-server-0.98.7-1.el7.x86_64
---> Package clamav-server-systemd.noarch 0:0.98.7-1.el7 will be installed
---> Package clamav-update.x86_64 0:0.98.7-1.el7 will be installed
--> Running transaction check
---> Package clamav-scanner.noarch 0:0.98.7-1.el7 will be installed
---> Package nmap-ncat.x86_64 2:6.40-7.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================================
 Package                                                   Arch                                      Version                                         Repository                               Size
===================================================================================================================================================================================================
Installing:
 clamav                                                    x86_64                                    0.98.7-1.el7                                    epel                                    806 k
 clamav-devel                                              x86_64                                    0.98.7-1.el7                                    epel                                     37 k
 clamav-scanner-systemd                                    noarch                                    0.98.7-1.el7                                    epel                                     19 k
 clamav-server                                             x86_64                                    0.98.7-1.el7                                    epel                                     93 k
 clamav-server-systemd                                     noarch                                    0.98.7-1.el7                                    epel                                     19 k
 clamav-update                                             x86_64                                    0.98.7-1.el7                                    epel                                     89 k
Installing for dependencies:
 clamav-scanner                                            noarch                                    0.98.7-1.el7                                    epel                                     26 k
 nmap-ncat                                                 x86_64                                    2:6.40-7.el7                                    base                                    201 k

Transaction Summary
===================================================================================================================================================================================================
Install  6 Packages (+2 Dependent packages)

Total download size: 1.3 M
Installed size: 3.0 M
Is this ok [y/d/N]: y
Downloading packages:
(1/8): clamav-0.98.7-1.el7.x86_64.rpm                                                                                                                                       | 806 kB  00:00:00
(2/8): clamav-devel-0.98.7-1.el7.x86_64.rpm                                                                                                                                 |  37 kB  00:00:00
(3/8): clamav-scanner-0.98.7-1.el7.noarch.rpm                                                                                                                               |  26 kB  00:00:00
(4/8): clamav-scanner-systemd-0.98.7-1.el7.noarch.rpm                                                                                                                       |  19 kB  00:00:00
(5/8): clamav-server-0.98.7-1.el7.x86_64.rpm                                                                                                                                |  93 kB  00:00:00
(6/8): clamav-server-systemd-0.98.7-1.el7.noarch.rpm                                                                                                                        |  19 kB  00:00:00
(7/8): clamav-update-0.98.7-1.el7.x86_64.rpm                                                                                                                                |  89 kB  00:00:00
(8/8): nmap-ncat-6.40-7.el7.x86_64.rpm                                                                                                                                      | 201 kB  00:00:00
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                              1.3 MB/s | 1.3 MB  00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : 2:nmap-ncat-6.40-7.el7.x86_64                                                                                                                                                   1/8
  Installing : clamav-server-0.98.7-1.el7.x86_64                                                                                                                                               2/8
  Installing : clamav-server-systemd-0.98.7-1.el7.noarch                                                                                                                                       3/8
  Installing : clamav-scanner-0.98.7-1.el7.noarch                                                                                                                                              4/8
  Installing : clamav-scanner-systemd-0.98.7-1.el7.noarch                                                                                                                                      5/8
  Installing : clamav-0.98.7-1.el7.x86_64                                                                                                                                                      6/8
  Installing : clamav-update-0.98.7-1.el7.x86_64                                                                                                                                               7/8
  Installing : clamav-devel-0.98.7-1.el7.x86_64                                                                                                                                                8/8
  Verifying  : clamav-scanner-systemd-0.98.7-1.el7.noarch                                                                                                                                      1/8
  Verifying  : clamav-server-0.98.7-1.el7.x86_64                                                                                                                                               2/8
  Verifying  : clamav-scanner-0.98.7-1.el7.noarch                                                                                                                                              3/8
  Verifying  : clamav-devel-0.98.7-1.el7.x86_64                                                                                                                                                4/8
  Verifying  : clamav-server-systemd-0.98.7-1.el7.noarch                                                                                                                                       5/8
  Verifying  : clamav-update-0.98.7-1.el7.x86_64                                                                                                                                               6/8
  Verifying  : 2:nmap-ncat-6.40-7.el7.x86_64                                                                                                                                                   7/8
  Verifying  : clamav-0.98.7-1.el7.x86_64                                                                                                                                                      8/8

Installed:
  clamav.x86_64 0:0.98.7-1.el7                        clamav-devel.x86_64 0:0.98.7-1.el7          clamav-scanner-systemd.noarch 0:0.98.7-1.el7         clamav-server.x86_64 0:0.98.7-1.el7
  clamav-server-systemd.noarch 0:0.98.7-1.el7         clamav-update.x86_64 0:0.98.7-1.el7

Dependency Installed:
  clamav-scanner.noarch 0:0.98.7-1.el7                                                                nmap-ncat.x86_64 2:6.40-7.el7

Complete!

Copy a the clamd.conf template, in case you don’t have a configuration file yet:

# cp /usr/share/clamav/template/clamd.conf /etc/clamd.d/clamd.conf

Change the file and Comment out “Example”

# nano /etc/clamd.d/clamd.conf

Change this…

# Comment or remove the line below.
Example

To this…

# Comment or remove the line below.
#Example

Configure SELinux for ClamAV.

Check if selinux in on:

# getenforce
Enforcing
[root@database ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

Write this command to get it working with SELinux if this is active:


# setsebool -P antivirus_can_scan_system 1

Enabling and Disabling SELinux


nano /etc/sysconfig/selinux

To enable…set this to enforcing


# SELINUX=enforcing

To disable, set to permissive

# SELINUX=permissive

Reboot after changes

Or, to make temp changes:

# setenforce permissive

Enable Freshclam

# cp /etc/freshclam.conf /etc/freshclam.conf.bak

Edit the config file to comment out example

# nano /etc/freshclam.conf

# Comment or remove the line below.
#Example

Creat a file

# nano /usr/lib/systemd/system/clam-freshclam.service

Add

# Run the freshclam as daemon
[Unit]
Description = freshclam scanner
After = network.target
 
[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 4
Restart = on-failure
PrivateTmp = true
 
[Install]
WantedBy=multi-user.target

Let’s enable and start the service

# systemctl enable clam-freshclam.service
# systemctl start clam-freshclam.service

rename the /usr/lib/systemd/system/clamd@.service file

# mv /usr/lib/systemd/system/clamd@.service /usr/lib/systemd/system/clamd.service

change the clamd@scan service as well. Change this line in /usr/lib/systemd/system/clamd@scan.service and remove the @ sign

# nano /usr/lib/systemd/system/clamd@scan.service

From…

# .include /lib/systemd/system/clamd@.service

to…

# .include /lib/systemd/system/clamd.service

change the clamd service file /usr/lib/systemd/system/clamd.service:

[Unit]
Description = clamd scanner daemon
After = syslog.target nss-lookup.target network.target
 
[Service]
Type = simple
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true
 
[Install]
WantedBy=multi-user.target

Start all services

#cd /usr/lib/systemd/system

# systemctl enable clamd.service
# systemctl enable clamd@scan.service
# systemctl start clamd.service
# systemctl start clamd@scan.service.

Run a scan

# clamscan -i -r --log=/var/log/clamscan-date.txt /var/www/vhosts/*

----------- SCAN SUMMARY -----------
Known viruses: 4159219
Engine version: 0.98.7
Scanned directories: 3
Scanned files: 116
Infected files: 0
Data scanned: 13.64 MB
Data read: 39.54 MB (ratio 0.34:1)
Time: 10.738 sec (0 m 10 s)

Set up a cron to run a scan (example is for a plesk server for the virtual hosts

# nano /etc/cron.daily/clamscan

#!/bin/bash
# setup the scan location and scan log
CLAM_SCAN_DIR="/var/www/vhosts"
CLAM_LOG_FILE="/var/log/clamav/dailyscan.log"
# update the virus database
/usr/bin/freshclam
# run the scan
/usr/bin/clamscan -i -r $CLAM_SCAN_DIR >> $CLAM_LOG_FILE
MAILTO=user@domain.com

Set the cron file as an executible


# chmod 555 /etc/cron.daily/clamscan

Test your installation and cron job


# /etc/cron.daily/clamscan

Display timestamp using HISTTIMEFORMAT for History Command

December 10, 2015 The Geek Decoder No Comments Administration

Usually, when you run the history command, you get the following:

995  ls -la
  996  cd themes/
  997  cd heavenly/
  998  ls
  999  ls -la
 1000  exit

Run the following to get a timestamp

995  2015-12-10 08:31:35 ls -la
  996  2015-12-10 08:31:35 cd themes/
  997  2015-12-10 08:31:35 cd heavenly/
  998  2015-12-10 08:31:35 ls
  999  2015-12-10 08:31:35 ls -la
 1000  2015-12-10 08:31:35 exit

Find php spam script for cpanel/exim server

November 4, 2015 The Geek Decoder No Comments Administration

Edit php.ini and search for “mail.log”, check whether this option is enabled or not, if not uncomment it and specify log file name.

# nano /usr/local/lib/php.ini
mail.log = /var/log/phpmail.log


# touch /var/log/phpmail.log

File must be writable or owned by apache user.


# chmod 666 /var/log/phpmail.log
# chown apache.apache /var/log/phpmail.log


# service httpd restart


# tail -f /var/log/phpmail.log

Remove Old Logs from Linux

October 30, 2015 The Geek Decoder No Comments Administration

Example

Remove logs older than 5 days

# find /var/log* -mtime +5 -exec rm {} \;

rm: cannot remove `/var/log/tomcat6': Is a directory
rm: cannot remove `/var/log/proftpd': Is a directory
rm: cannot remove `/var/log/clamav': Is a directory
rm: cannot remove `/var/log/prelink': Is a directory
rm: cannot remove `/var/log/sssd': Is a directory
rm: cannot remove `/var/log/roundcubemail': Is a directory
rm: cannot remove `/var/log/samba': Is a directory
rm: cannot remove `/var/log/samba/old': Is a directory
rm: cannot remove `/var/log/ConsoleKit': Is a directory
rm: cannot remove `/var/log/ntpstats': Is a directory
rm: cannot remove `/var/log/mailman': Is a directory
rm: cannot remove `/var/log/cups': Is a directory
rm: cannot remove `/var/log/audit': Is a directory

GEEKDECODER

Category: Administration