System administration: Difference between revisions
Tag: visualeditor |
mNo edit summary |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= Links = | = Links = | ||
[[fail2ban]] | |||
[[Mirth Connect]] | [[Mirth Connect]] | ||
Line 32: | Line 34: | ||
== Set timezone == | == Set timezone == | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo timedatectl set-timezone America/Denver | $ sudo timedatectl set-timezone America/Denver | ||
</ | </syntaxhighlight> | ||
== Composer == | == Composer == | ||
Line 41: | Line 43: | ||
Composer is a PHP package management tool. Usually needed for setting up web application development environment. | Composer is a PHP package management tool. Usually needed for setting up web application development environment. | ||
< | <syntaxhighlight lang="bash"> | ||
$ cd | $ cd | ||
$ mkdir bin | $ mkdir bin | ||
Line 50: | Line 52: | ||
$ ./getcomposer | $ ./getcomposer | ||
$ mv composer.phar composer | $ mv composer.phar composer | ||
</ | </syntaxhighlight> | ||
Line 59: | Line 61: | ||
Create private/public SSH key file using the default bit encryption and with a comment. The command creates files under ~/.ssh folder. | Create private/public SSH key file using the default bit encryption and with a comment. The command creates files under ~/.ssh folder. | ||
< | <syntaxhighlight lang="bash"> | ||
$ ssh-keygen -C user@host.domain | $ ssh-keygen -C user@host.domain | ||
</ | </syntaxhighlight> | ||
Line 68: | Line 70: | ||
The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings. | The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings. | ||
< | <syntaxhighlight lang="linux-config"> | ||
Host hostname1 | Host hostname1 | ||
HostName hostname1.domain.com | HostName hostname1.domain.com | ||
User username1 | User username1 | ||
Port 1234 | Port 1234 | ||
</ | </syntaxhighlight> | ||
== Adding a user to sudoers list == | == Adding a user to sudoers list == | ||
Line 89: | Line 91: | ||
On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt. | On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt. | ||
< | <syntaxhighlight lang="bash"> | ||
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' | PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' | ||
</ | </syntaxhighlight> | ||
== Enable byobu == | == Enable byobu == | ||
< | <syntaxhighlight lang="bash"> | ||
$ byobu-enable | $ byobu-enable | ||
</ | </syntaxhighlight> | ||
== Update .vimrc == | == Update .vimrc == | ||
< | <syntaxhighlight lang="vim"> | ||
syntax on | syntax on | ||
set noexpandtab | set noexpandtab | ||
Line 128: | Line 130: | ||
autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR> | autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR> | ||
autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR> | autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR> | ||
</ | </syntaxhighlight> | ||
=== awesome-vim === | === awesome-vim === | ||
For a preset of VIM development environment, awesome-vim is okay:< | For a preset of VIM development environment, awesome-vim is okay:<syntaxhighlight lang="bash"> | ||
$ git clone --depth=1 https://github.com/amix/vimrc.git ~/.vim_runtime | $ git clone --depth=1 https://github.com/amix/vimrc.git ~/.vim_runtime | ||
$ sh ~/.vim_runtime/install_awesome_vimrc.sh | $ sh ~/.vim_runtime/install_awesome_vimrc.sh | ||
</ | </syntaxhighlight># Run inside vim: -- this will let you click and drag panes to resize or jump between (learning vim more and being able to jump panes | ||
<nowiki>#</nowiki> makes this unecessary, but i'm not that good yet.) | <nowiki>#</nowiki> makes this unecessary, but i'm not that good yet.) | ||
Line 201: | Line 203: | ||
Install the LAMP stack | Install the LAMP stack | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo apt-get install tasksel | $ sudo apt-get install tasksel | ||
$ sudo tasksel install lamp-server | $ sudo tasksel install lamp-server | ||
</ | </syntaxhighlight> | ||
Install git and other PHP related extensions | Install git and other PHP related extensions | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl | $ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl | ||
</ | </syntaxhighlight> | ||
=== .gitconfig === | === .gitconfig === | ||
< | <syntaxhighlight lang="linux-config"> | ||
[core] | [core] | ||
editor = vim | editor = vim | ||
Line 242: | Line 244: | ||
[merge] | [merge] | ||
defaultToUpstream = true | defaultToUpstream = true | ||
</ | </syntaxhighlight> | ||
== Change default shell == | == Change default shell == | ||
< | <syntaxhighlight lang="bash"> | ||
$ chsh | $ chsh | ||
</ | </syntaxhighlight> | ||
== Edit passwd files == | == Edit passwd files == | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo vipw | $ sudo vipw | ||
</ | </syntaxhighlight> | ||
= RHEL-specific = | = RHEL-specific = | ||
[[RHEL]]-specific notes | [[RHEL]]-specific notes | ||
Optimize using Tuned. Optimize for general performance. | |||
<syntaxhighlight lang="bash"> | |||
# tuned-adm profile throughput-performance | |||
</syntaxhighlight> | |||
Optimize for KVM | |||
<syntaxhighlight lang="bash"> | |||
# tuned-adm profile throughput-performance | |||
</syntaxhighlight> | |||
= Debian/Ubuntu-specific = | = Debian/Ubuntu-specific = | ||
Line 270: | Line 284: | ||
== Update the server == | == Update the server == | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo apt update && sudo apt -y full-upgrade && sudo apt-get -y autoremove | $ sudo apt update && sudo apt -y full-upgrade && sudo apt-get -y autoremove | ||
</ | </syntaxhighlight> | ||
== Reconfigure console font == | == Reconfigure console font == | ||
< | <syntaxhighlight lang="bash"> | ||
$ dpkg-reconfigure console-setup | $ dpkg-reconfigure console-setup | ||
</ | </syntaxhighlight> | ||
== Change the default editor == | == Change the default editor == | ||
Line 284: | Line 298: | ||
Used by visudo and other programs for invoking an editor. | Used by visudo and other programs for invoking an editor. | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo update-alternatives --config editor | $ sudo update-alternatives --config editor | ||
</ | </syntaxhighlight> | ||
== Change time zone == | == Change time zone == | ||
Line 302: | Line 316: | ||
* First determine your own shell | * First determine your own shell | ||
< | <syntaxhighlight lang="bash"> | ||
$ tty | $ tty | ||
</ | </syntaxhighlight> | ||
* Show all of your running processes | * Show all of your running processes | ||
< | <syntaxhighlight lang="bash"> | ||
$ ps -fu mhan | $ ps -fu mhan | ||
UID PID PPID C STIME TTY TIME CMD | UID PID PPID C STIME TTY TIME CMD | ||
Line 318: | Line 332: | ||
mhan 21939 21609 0 19:06 pts/3 00:00:00 ps -fu mhan | mhan 21939 21609 0 19:06 pts/3 00:00:00 ps -fu mhan | ||
mhan 21580 21469 0 19:02 ? 00:00:00 sshd: mhan@pts/2 | mhan 21580 21469 0 19:02 ? 00:00:00 sshd: mhan@pts/2 | ||
</ | </syntaxhighlight> | ||
* If I want to kill pts/2 then the PID to kill is 21580. | * If I want to kill pts/2 then the PID to kill is 21580. | ||
< | <syntaxhighlight lang="bash"> | ||
$ kill -HUP 21580 | $ kill -HUP 21580 | ||
</ | </syntaxhighlight> | ||
Reference: https://kb.iu.edu/d/adqw (accessed on 10/5/2017) | Reference: https://kb.iu.edu/d/adqw (accessed on 10/5/2017) | ||
Line 338: | Line 352: | ||
As an example, let's say the process of interest is ''qemu-system-arm''. You have to find out what PID (Process ID) is first. | As an example, let's say the process of interest is ''qemu-system-arm''. You have to find out what PID (Process ID) is first. | ||
< | <syntaxhighlight lang="bash"> | ||
$ pidof qemu-system-arm | $ pidof qemu-system-arm | ||
3016 | 3016 | ||
</ | </syntaxhighlight> | ||
Then check what the current nice value of the process is: | Then check what the current nice value of the process is: | ||
< | <syntaxhighlight lang="bash"> | ||
$ ps -o pid,comm,nice -p 3016 | $ ps -o pid,comm,nice -p 3016 | ||
PID COMMAND NI | PID COMMAND NI | ||
3016 qemu-system-arm 0 | 3016 qemu-system-arm 0 | ||
</ | </syntaxhighlight> | ||
According to the output, the nice value of ''qemu-system-arm'' is 0. We want to '''decrease''' the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10. | According to the output, the nice value of ''qemu-system-arm'' is 0. We want to '''decrease''' the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10. | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo renice -10 -p 3016 | $ sudo renice -10 -p 3016 | ||
</ | </syntaxhighlight> | ||
To set a permanent priority on all processes for a specific user or a group you can update ''/etc/security/limits.conf'' file. | To set a permanent priority on all processes for a specific user or a group you can update ''/etc/security/limits.conf'' file. | ||
Line 372: | Line 386: | ||
== Pull a random line from a log == | == Pull a random line from a log == | ||
< | <syntaxhighlight lang="bash"> | ||
$ shuf -n 1 /etc/pihole/gravity.list | $ shuf -n 1 /etc/pihole/gravity.list | ||
</ | </syntaxhighlight> | ||
== Viewing of the log in real time == | == Viewing of the log in real time == | ||
< | <syntaxhighlight lang="bash"> | ||
$ tail -f /var/log/some.log | $ tail -f /var/log/some.log | ||
</ | </syntaxhighlight> | ||
[[Multitail]] | [[Multitail]] | ||
Line 430: | Line 444: | ||
== Remove some columns from an output == | == Remove some columns from an output == | ||
< | <syntaxhighlight lang="bash"> | ||
$ ls -l | awk '{print $3 " " $9}' | $ ls -l | awk '{print $3 " " $9}' | ||
</ | </syntaxhighlight> | ||
== Make a backup without typing the full path twice == | == Make a backup without typing the full path twice == | ||
Line 438: | Line 452: | ||
To make a backup without typing the full path twice with the suffix .orig | To make a backup without typing the full path twice with the suffix .orig | ||
< | <syntaxhighlight lang="bash"> | ||
$ cp /long/path/to/file/name{,.orig} | $ cp /long/path/to/file/name{,.orig} | ||
</ | </syntaxhighlight> |
Latest revision as of 08:19, 19 September 2024
Links
Some differences between Debian/Ubuntu, RHEL/CentOS, and Slackware (WIP)
Initial setup (for Ubuntu distribution)
Set timezone
$ sudo timedatectl set-timezone America/Denver
Composer
- Last tested on Ubuntu 22.04.1 LTS (2022-10-08)
Composer is a PHP package management tool. Usually needed for setting up web application development environment.
$ cd
$ mkdir bin
$ cd bin
$ wget https://private.michaelhan.net/getcomposer.txt
$ mv getcomposer.txt getcomposer
$ chmod u+x getcomposer
$ ./getcomposer
$ mv composer.phar composer
SSH keys
- Last tested on Ubuntu 22.04.1 LTS (2022-10-08)
Create private/public SSH key file using the default bit encryption and with a comment. The command creates files under ~/.ssh folder.
$ ssh-keygen -C user@host.domain
SSH config for connection
The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings.
Host hostname1
HostName hostname1.domain.com
User username1
Port 1234
Adding a user to sudoers list
#includedir /etc/sudoers.d
should be at the end of /etc/sudoers file.
Create a file under this directory (i.e. localusers) and add entries.
jsmith ALL=(ALL) NOPASSWD:ALL
would allow a user to sudo without entering a password.jpocahontas ALL=(ALL) ALL
would force password entry
Run $ chmod 0440 filename
afterwards.
Enable color prompt
On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt.
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
Enable byobu
$ byobu-enable
Update .vimrc
syntax on
set noexpandtab
set wrap
set tabstop=4
set shiftwidth=4
set smartindent
set autoindent
set encoding=utf-8 fileencodings=
set mouse=a
set fo=cqlro
set tags=tags,../tags,../../tags,../../../tags,../../../../tags,../../../../../tags,../../../../../../tags
color elflord
" set foldmethod=marker
set foldmethod=indent
set foldnestmax=15
set nofoldenable
set foldlevel=1
" filetype plugin on
imap <c-k> <esc>:r! zdump GMT <bar> tail -c29 <bar> xargs -0 date +"\%-m/\%-d/\%-Y \%-l:\%M:\%S \%p" -d<enter>$i<right>
" PHP documenter script bound to Control-P
autocmd FileType php inoremap <C-p> <ESC>:call PhpDocSingle()<CR>i
autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR>
autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR>
awesome-vim
For a preset of VIM development environment, awesome-vim is okay:
$ git clone --depth=1 https://github.com/amix/vimrc.git ~/.vim_runtime
$ sh ~/.vim_runtime/install_awesome_vimrc.sh
# Run inside vim: -- this will let you click and drag panes to resize or jump between (learning vim more and being able to jump panes
# makes this unecessary, but i'm not that good yet.)
:set mouse=a
# So now some sections on easy key commands/shortcuts
## Splitting VIM screen Horizontally and Vertically
To open a new VIM window next to the existing one, press <Ctrl>+<w> then press <v>.
## Move panes around vim (left/right or top/bottom)
Ctrl w + L - Move the current window to the "far right"
Ctrl w + H - Move the current window to the "far left"
Ctrl w + J - Move the current window to the "very bottom"
Ctrl w + K - Move the current window to the "very top"
## Copying everything into clipboard
gg"*yG
## Indenting all the code
# Still need to look into a more serious formatter like:
https://github.com/vim-autoformat/vim-autoformat
gg=G
# AwesomeVIM Leader Key Shortcut
You'll see vim plugins mention <leader>, that <leader> for awesome view is "," so whenever you see leader hit that key.
## phpunit
### Set the path of phpunit (most cases for me, vendor/bin/phpunit)
let g:phpunit_bin = 'phpunit'
### Shortcuts
<leader>ta - Run all test cases
<leader>ts - Switch between source & test file
<leader>tf - Run current test case class
# Folding
`zo` to open folding
`zc` to close folding
# NerdTREE
<leader>nn - Toggles NerdTREE
While inside NerdTREE hit "m" to do a number of modifications from renaming, deleting or adding files.
Set up environment for web development
Install the LAMP stack
$ sudo apt-get install tasksel
$ sudo tasksel install lamp-server
Install git and other PHP related extensions
$ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl
.gitconfig
[core]
editor = vim
excludesfile = /home/mhan/.gitignore_global
# autocrlf = input
# safecrlf = true
[color]
ui = always
[alias]
co = checkout
ci = commit
st = status
br = branch
df = difftool
hist = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short
histall = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all
hist10 = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short | head -n 10
hist10all = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all | head -n 10
type = cat-file -t
dump = cat-file -p
ignore = update-index --assume-unchanged
track = update-index --no-assume-unchanged
listignored = !git ls-files -v | grep -s ^'h ' | cut -b 1-2 --complement
[diff]
tool = vimdiff
[difftool]
prompt = false
[merge]
defaultToUpstream = true
Change default shell
$ chsh
Edit passwd files
$ sudo vipw
RHEL-specific
RHEL-specific notes
Optimize using Tuned. Optimize for general performance.
# tuned-adm profile throughput-performance
Optimize for KVM
# tuned-adm profile throughput-performance
Debian/Ubuntu-specific
Ubuntu-specific notes
Security
- Install 'denyhosts' to help protect against brute force SSH attacks, auto-blocking multiple attempts.
Update the server
$ sudo apt update && sudo apt -y full-upgrade && sudo apt-get -y autoremove
Reconfigure console font
$ dpkg-reconfigure console-setup
Change the default editor
Used by visudo and other programs for invoking an editor.
$ sudo update-alternatives --config editor
Change time zone
$ dpkg-reconfigure tzdata
Kill other user terminal sessions
- Tested on: Ubuntu 14.04.5 Trusty
Sometimes it is necessary to kill other remote sessions that have been zombified.
- First determine your own shell
$ tty
- Show all of your running processes
$ ps -fu mhan
UID PID PPID C STIME TTY TIME CMD
mhan 21580 21469 0 19:02 ? 00:00:00 sshd: mhan@pts/2
mhan 21581 21580 0 19:02 pts/2 00:00:00 -bash
mhan 21607 21581 0 19:02 pts/2 00:00:00 screen
mhan 21608 21607 0 19:02 ? 00:00:00 SCREEN
mhan 21609 21608 0 19:02 pts/3 00:00:00 /bin/bash
mhan 21939 21609 0 19:06 pts/3 00:00:00 ps -fu mhan
mhan 21580 21469 0 19:02 ? 00:00:00 sshd: mhan@pts/2
- If I want to kill pts/2 then the PID to kill is 21580.
$ kill -HUP 21580
Reference: https://kb.iu.edu/d/adqw (accessed on 10/5/2017)
Setting niceness (aka priority) on Linux processes
- Tested on: Ubuntu 12.04 Precise
- Difficulty: 1/10
- Time: <1 minute + your WPM
Niceness or nice value in Linux is just another name for the value of priority given to a process. The higher the number means the lower the priority. The nice value can also be negative, and such values will give a process higher than normal priority. Higher the priority (or lower the nice value), the more CPU time is given, therefore the application will be perceived as running faster.
As an example, let's say the process of interest is qemu-system-arm. You have to find out what PID (Process ID) is first.
$ pidof qemu-system-arm
3016
Then check what the current nice value of the process is:
$ ps -o pid,comm,nice -p 3016
PID COMMAND NI
3016 qemu-system-arm 0
According to the output, the nice value of qemu-system-arm is 0. We want to decrease the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10.
$ sudo renice -10 -p 3016
To set a permanent priority on all processes for a specific user or a group you can update /etc/security/limits.conf file.
References
http://www.nixtutor.com/linux/changing-priority-on-linux-processes/ (accessed on July 22, 2012)
Tips
- 'etckeeper' allows you to save changes you make to /etc/ in a bazaar repository. Useful to track and revert changes. https://help.ubuntu.com/11.10/serverguide/C/etckeeper.html
Basic
Pull a random line from a log
$ shuf -n 1 /etc/pihole/gravity.list
Viewing of the log in real time
$ tail -f /var/log/some.log
Change to previous folder
This changes the folder to the previous folder you were in.
$ cd -
Check disk space usage
You can check the file space usage with the command du.
$ du -h
Check disk space left
df is for checking the amount of disk space used and available on file systems.
$ df -h
Disable Ctrl-Q freeze
$ stty -ixon
Enable SSH public key authentication with an encrypted home folder
Last tested on Ubuntu 16.04 LTS
$ /sbin/umount.ecryptfs_private
$ cd $HOME
$ chmod 700 .
$ mkdir -m 700 .ssh
$ chmod 500 .
$ echo $YOUR_REAL_PUBLIC_KEY > .ssh/authorized_keys
$ /sbin/mount.ecryptfs_private
Remove some columns from an output
$ ls -l | awk '{print $3 " " $9}'
Make a backup without typing the full path twice
To make a backup without typing the full path twice with the suffix .orig
$ cp /long/path/to/file/name{,.orig}