System administration: Difference between revisions

From Han Wiki
Jump to navigation Jump to search
→‎Debian/Ubuntu-specific: Security - denyhosts
Line 183: Line 183:
</syntaxhighlight>
</syntaxhighlight>


== Kill other user terminal sessions ==
*Tested on: Ubuntu 14.04.5 Trusty
Sometimes it is necessary to kill other remote sessions that have been '''zombified'''.
* First determine your own shell
<source lang="bash">
$ tty
</source>
* Show all of your running processes
<source lang="bash">
$ ps -fu mhan
UID        PID  PPID  C STIME TTY          TIME CMD
mhan    21580 21469  0 19:02 ?        00:00:00 sshd: mhan@pts/2
mhan    21581 21580  0 19:02 pts/2    00:00:00 -bash
mhan    21607 21581  0 19:02 pts/2    00:00:00 screen
mhan    21608 21607  0 19:02 ?        00:00:00 SCREEN
mhan    21609 21608  0 19:02 pts/3    00:00:00 /bin/bash
mhan    21939 21609  0 19:06 pts/3    00:00:00 ps -fu mhan
mhan    21580 21469  0 19:02 ?        00:00:00 sshd: mhan@pts/2
</source>
* If I want to kill pts/2 then the PID to kill is 21580.
<source lang="bash">
$ kill -HUP 21580
</source>
Reference: https://kb.iu.edu/d/adqw (accessed on 10/5/2017)


== Setting niceness (aka priority) on Linux processes ==
== Setting niceness (aka priority) on Linux processes ==

Revision as of 19:17, 5 October 2017

Links

Mirth Connect

Web services

User accounts

Samba

Disk management

File management

Network management

MySQL

PostgreSQL

Synergy

VIM

OS X

Slackware

Some differences between Debian/Ubuntu, RHEL/CentOS, and Slackware (WIP)

Initial setup (for Ubuntu distribution)

SSH keys

Create private/public SSH key file using 2048 bit encryption and with a comment. The command creates files under ~/.ssh folder.

$ ssh-keygen -b 2048 -C user@host.domain

SSH config for connection

The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings.

Host hostname1
    HostName hostname1.domain.com
    User username1
    Port 1234

Adding a user to sudoers list

#includedir /etc/sudoers.d should be at the end of /etc/sudoers file.

Create a file under this directory (i.e. localusers) and add entries.

  • jsmith ALL=(ALL) NOPASSWD:ALL would allow a user to sudo without entering a password.
  • jpocahontas ALL=(ALL) ALL would force password entry

Run $ chmod 0440 filename afterwards.

Enable color prompt

On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt.

PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '

Enable byobu

$ byobu-enable

Update .vimrc

syntax on
set noexpandtab
set wrap
set tabstop=4
set shiftwidth=4
set smartindent
set autoindent
set encoding=utf-8 fileencodings=
set mouse=a
set fo=cqlro
set tags=tags,../tags,../../tags,../../../tags,../../../../tags,../../../../../tags,../../../../../../tags
color elflord

" set foldmethod=marker
set foldmethod=indent
set foldnestmax=15
set nofoldenable
set foldlevel=1

" filetype plugin on
imap <c-k> <esc>:r! zdump GMT <bar> tail -c29 <bar> xargs -0 date +"\%-m/\%-d/\%-Y \%-l:\%M:\%S \%p" -d<enter>$i<right>

" PHP documenter script bound to Control-P
autocmd FileType php inoremap <C-p> <ESC>:call PhpDocSingle()<CR>i
autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR>
autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR>

Set up environment for web development

Install the LAMP stack

$ sudo apt-get install tasksel

$ sudo tasksel install lamp-server

Install git and other PHP related extensions

$ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl

.gitconfig

[core]
  editor = vim
  excludesfile = /home/mhan/.gitignore_global
# autocrlf = input
# safecrlf = true
[color]
  ui = always
[alias]
  co = checkout
  ci = commit
  st = status
  br = branch
  df = difftool
  hist = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short
  histall = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all
  hist10 = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short | head -n 10
  hist10all = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all | head -n 10
  type = cat-file -t
  dump = cat-file -p
  ignore = update-index --assume-unchanged
  track = update-index --no-assume-unchanged
  listignored = !git ls-files -v | grep -s ^'h ' | cut -b 1-2 --complement
[diff]
  tool = vimdiff
[difftool]
  prompt = false
[merge]
  defaultToUpstream = true

Change default shell

$ chsh

Edit passwd files

$ sudo vipw

Debian/Ubuntu-specific

Security

  • Install 'denyhosts' to help protect against brute force SSH attacks, auto-blocking multiple attempts.

Reconfigure console font

$ dpkg-reconfigure console-setup

Change time zone

$ dpkg-reconfigure tzdata

Kill other user terminal sessions

  • Tested on: Ubuntu 14.04.5 Trusty

Sometimes it is necessary to kill other remote sessions that have been zombified.

  • First determine your own shell
$ tty
  • Show all of your running processes
$ ps -fu mhan
UID        PID  PPID  C STIME TTY          TIME CMD
mhan     21580 21469  0 19:02 ?        00:00:00 sshd: mhan@pts/2
mhan     21581 21580  0 19:02 pts/2    00:00:00 -bash
mhan     21607 21581  0 19:02 pts/2    00:00:00 screen
mhan     21608 21607  0 19:02 ?        00:00:00 SCREEN
mhan     21609 21608  0 19:02 pts/3    00:00:00 /bin/bash
mhan     21939 21609  0 19:06 pts/3    00:00:00 ps -fu mhan
mhan     21580 21469  0 19:02 ?        00:00:00 sshd: mhan@pts/2
  • If I want to kill pts/2 then the PID to kill is 21580.
$ kill -HUP 21580

Reference: https://kb.iu.edu/d/adqw (accessed on 10/5/2017)

Setting niceness (aka priority) on Linux processes

  • Tested on: Ubuntu 12.04 Precise
  • Difficulty: 1/10
  • Time: <1 minute + your WPM

Niceness or nice value in Linux is just another name for the value of priority given to a process. The higher the number means the lower the priority. The nice value can also be negative, and such values will give a process higher than normal priority. Higher the priority (or lower the nice value), the more CPU time is given, therefore the application will be perceived as running faster.

As an example, let's say the process of interest is qemu-system-arm. You have to find out what PID (Process ID) is first.

$ pidof qemu-system-arm
3016

Then check what the current nice value of the process is:

$ ps -o pid,comm,nice -p 3016
  PID COMMAND         NI
 3016 qemu-system-arm  0

According to the output, the nice value of qemu-system-arm is 0. We want to decrease the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10.

$ sudo renice -10 -p 3016

To set a permanent priority on all processes for a specific user or a group you can update /etc/security/limits.conf file.

References

http://www.nixtutor.com/linux/changing-priority-on-linux-processes/ (accessed on July 22, 2012)


Tips

Byobu

keyboard shortcuts

C-a c - Create a new screen window

C-a A - Rename the screen

C-a C-a - Go back to the previous window

C-a <0-9> - Switch to screen #0-9 (quick toggle)

C-a " - View a list of the current screens, which will allow you to select one from the list

C-a ' - Enter a screen number to switch to (slower version of C-a <0-9>)

C-a d - Detach the whole screen session and fork to the background. Very useful for remote sessions you want to leave open. The command "screen -r" will resume your screen session.

C-a <Escape> - Scroll up through your command line "history" and see what output you previously got. Hitting <Escape> again cancels it.

links

http://aperiodic.net/screen/quick_reference

Bash

Change to previous folder

This changes the folder to the previous folder you were in.

$ cd -

Check disk space usage

You can check the file space usage with the command du.

$ du -h

Check disk space left

df is for checking the amount of disk space used and available on file systems.

$ df -h

Disable Ctrl-Q freeze

$ stty -ixon

Enable SSH public key authentication with an encrypted home folder

Last tested on Ubuntu 16.04 LTS

$ /sbin/umount.ecryptfs_private
$ cd $HOME
$ chmod 700 .
$ mkdir -m 700 .ssh
$ chmod 500 .
$ echo $YOUR_REAL_PUBLIC_KEY > .ssh/authorized_keys
$ /sbin/mount.ecryptfs_private