25/02/2010
Using screen is a great way to leave long-running processes churning away when you’re not logged into the machine.
Open a new screen
Detach from the screen
This does not interrupt whatever is running in the screen.
Press Ctrl-A then D.
Reattach to a screen you’ve already opened
If you’ve opened multiple screens, a list will be displayed:
There are several suitable screens on:
1681.ttys004.braeburn (Detached)
1686.ttys004.braeburn (Detached)
Just use the process ID of the screen to resume the right one:
13/10/2009
To copy files from one directory, you might usually do:
If you try to do this with a particular large number of files, you may encounter the ‘argument list too long’ error. In this case you can use:
find . -exec cp {} /path/to/anotherdir/ \;More approaches at: http://www.linuxjournal.com/article/6060
30/09/2009
#!/bin/bash
# Send an email when disk space used reaches a certain threshold
FS="/"
SERVER_NAME="linux02"
EMAIL="user@example.com"
THRESHOLD=95
OUTPUT=($(LC_ALL=C df -P ${FS}))
CURRENT=$(echo ${OUTPUT[11]} | sed 's/%//')
[ $CURRENT -gt $THRESHOLD ] && df -h | mail -s "$SERVER_NAME disk space alert: $CURRENT% full" $EMAILI’ve set this up as a cron job run at 3am daily:
0 3 * * * ./root/maintenance/check_free_space.sh
Based upon http://www.cyberciti.biz/faq/mac-osx-unix-get-an-alert-when-my-disk-is-full/
23/11/2006
split will split one file into several smaller parts. If you have an individual file named ‘bigfile.tar’ which is 4 GB in size, you can split it into 3 smaller parts with this command:
split -b 1500m bigfile.tar
This will give you 3 files with names ‘xaa’, ‘xab’ and ‘xac’. The two first ones have the size of 1500 MB (as requested by option ‘-b 1500m’) and the 3rd one is about 1000 MB (what was left after the first 2 files). You can also define the prefix for the splitted files (previously ‘x’) with the command:
split -b 1500m bigfile.tar myprefix
…which will give you files named ‘myprefixaa’, ‘myprefixab’ and ‘myprefixac’.
When you want to use your big file again, you have to paste it together. This can be done with cat:
cat xaa xab xac >> bigfile.tar
Please, note that the order of split files is important and that you need all the split files to retrieve your original file. In most cases, even one missing split file will make it impossible to retrieve any of your original data.
(Adapted from http://www.ami.tkk.fi/instructions/split.htm)
20/11/2006
See who has been trying to login using SSH:
cat /var/log/secure*|grep smtp|awk -F: '{print $5}'|sed 's/^.*from=//; s/\.[0-9]\{1,3\}$//;'|sort|uniq -c|sed 's/^ *//;'|sort -gnr|more
13/02/2006
Set password minimum length to 8 characters
In /etc/pam.d/system-auth:
password requisite /lib/security/$ISA/pam_cracklib.so retry=3 minlen=8
Disallow direct root login
Specify that no device is trusted for root login:
cp /etc/securetty /etc/securetty_bak
cp /dev/null /etc/securetty
Limit the set of people able to attempt to become root
Add the desired users to the group wheel (and you must add at least one!):
usermod -G wheel youruser
Change the group affiliation of the su command, and make it remain setuid as root and executable only by group wheel members:
chgrp wheel /bin/su
chmod 4750 /bin/su
Test to verify that members of the group ‘wheel’ can use su to become root.
Secure /tmp
Remove /var/tmp and symlink to /tmp instead
rm -fR /var/tmp
ln -s /tmp/ /var/
Create a 500Mb partition for /tmp
cd /dev; dd if=/dev/zero of=tmpMnt bs=1024 count=512000
/sbin/mke2fs /dev/tmpMnt
Backup the old tmp folder
Mount the new tmp filesystem
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
chmod 1777 /tmp
Move the files back into tmp
cp -Rp /tmp_backup/* /tmp/
Add this to /etc/fstab so /tmp is mounted on startup:
/dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0
And check that the shm line in /etc/fstab looks like this:
none /dev/shm tmpfs noexec,nosuid 0 0
Unmount and remount /dev/shm
unmount /dev/shm; mount /dev/shm
Remove the /tmp backup if everything looks okay
Restrict permissions on key executables
chmod 700 /usr/bin/rcp
chmod 700 /usr/bin/wget
chmod 700 /usr/bin/lynx
chmod 700 /usr/bin/scp
chmod 700 /usr/bin/GET
chmod 700 /usr/bin/gcc
chmod 700 /usr/bin/cc
Remove Samba
Keep an eye out for root kits
Try RKHunter or chkrootkit.
Turn off Apache server signature
In httpd.conf:
ServerSignature Off
ServerTokens Prod
Stop named providing a version
In /etc/named.conf, search for:
query-source address * port 53
Add a line directly underneath with
Make sure display_errors = Off in /etc/php.ini
Echoing errors to the page on a production server is a bad idea™.