os.wait()
will return the oldest finished jobs
2011-02-22
2011-02-15
Vim Recording
Ref: http://www.thegeekstuff.com/2009/01/vi-and-vim-macro-tutorial-how-to-record-and-play/
Start recording by pressing q, followed by a lower case character to name the macro
Perform any typical editing, actions inside Vim editor, which will be recorded
Stop recording by pressing q
Play the recorded macro by pressing @ followed by the macro name
To repeat macros multiple times, press : NN @ macro name. NN is a number
Start recording by pressing q, followed by a lower case character to name the macro
Perform any typical editing, actions inside Vim editor, which will be recorded
Stop recording by pressing q
Play the recorded macro by pressing @ followed by the macro name
To repeat macros multiple times, press : NN @ macro name. NN is a number
2011-02-11
32-bit and 64-bit packages in CentOS 5 x86_64
yum -y remove *.i386 *.i486 *.i586 *.i686
*Not recommended but you can prevent yum from installing 32-bit software by adding this line to section
[main]
in /etc/yum.conf
:exclude=*.i386 *.i586 *.i686
2011-02-09
MySQL (RHEL5)
chkconfig mysqld on
/etc/init.d/mysqld start
Login mysql
CREATE USER 'user1'@'localhost' IDENTIFIED BY 'passpass';
(passpass
is the password you use to login)DROP USER 'user2'@'localhost'
GRANT ALL ON *.* TO 'user1'@'localhost';
(wildcard % is allowed for * match)USE mysql
UPDATE user SET password=PASSWORD("passpass") WHERE User='user1';
FLUSH PRIVILEGES;
Modify MySQL configuration file (
/etc/my.cnf
for Fedora-based linux; /etc/mysql/my.cnf
for Debian-based linux), so it looks like this:[client]
max_allowed_packet=1024M
[odbc]
max_allowed_packet=1024M
[mysqld]
max_allowed_packet=1024M
slave_transaction_retries=128
default-storage-engine=INNODB
datadir=/mnt/MD_1000/mysql
user = mysql
socket = /var/run/mysqld/mysqld.sock
port = 3306
Open port 3306 for remote administration:
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
Or if the only allowed client (e.g. your web server) is 10.5.1.3, then:
/sbin/iptables -A INPUT -i eth0 -s 10.5.1.3 -p tcp --destination-port 3306 -j ACCEPT
Save iptables rules:
service iptables save
Backup/dumping with limited rows (e.g. to build a sample database from a large one)
mysqldump -u [username] -p [databaseName] --where="true limit 100" > dump.sql
2011-02-01
Linux List The Open Ports And The Process That Owns Them
Ref: http://www.cyberciti.biz/tips/linux-display-open-ports-owner.html
How do you list the network open ports on your server and the process that owns them? The answer is simple use the following command (must run as root):
How do you list the network open ports on your server and the process that owns them? The answer is simple use the following command (must run as root):
sudo lsof -i
sudo netstat -lptu
CentOS 5 FTP Setup (vsftpd)
Ref 1: http://www.linuxquestions.org/questions/fedora-35/vsftpd-error-553-could-not-create-file-390569
Ref 2: http://www.cyberciti.biz/tips/rhel-fedora-centos-vsftpd-installation.html
Disable SELinux on FTP, so that uploading works:
Install the vsftpd package via yum command:
Default port: TCP / UDP - 21 and 20
The main configuration file: /etc/vsftpd/vsftpd.conf
Users that are not allowed to login via ftp: /etc/vsftpd/ftpusers
Turn off standard ftpd xferlog log format:
Turn on verbose vsftpd log format. The default vsftpd log file is /var/log/vsftpd.log:
Above to directives will enable logging of all FTP transactions. Lock down users to their home directories:
Create warning banners for all FTP users:
Turn on vsftpd on boot:
Start the service:
Add the following lines, ensuring that they appear before the final LOG and DROP lines for the RH-Firewall-1-INPUT:
Open file /etc/sysconfig/iptables-config, enter:
Ensure that the space-separated list of modules contains the FTP connection tracking module:
Save and close the file. Restart firewall:
Tip: View FTP Log File
Type the following command:
Tip: Restrict Access to Anonymous User Only
Edit the vsftpd configuration file /etc/vsftpd/vsftpd.conf and add the following:
Tip: Disable FTP Uploads
Edit the vsftpd configuration file /etc/vsftpd/vsftpd.conf and add the following:
For upload to work except for anonymous, you might need to:
Ref 2: http://www.cyberciti.biz/tips/rhel-fedora-centos-vsftpd-installation.html
Disable SELinux on FTP, so that uploading works:
setsebool -P ftp_home_dir 1
Install the vsftpd package via yum command:
# yum install vsftpd
vsftpd Defaults
Default port: TCP / UDP - 21 and 20
The main configuration file: /etc/vsftpd/vsftpd.conf
Users that are not allowed to login via ftp: /etc/vsftpd/ftpusers
Configure Vsftpd Server
# vi /etc/vsftpd/vsftpd.conf
Turn off standard ftpd xferlog log format:
xferlog_std_format=NO
Turn on verbose vsftpd log format. The default vsftpd log file is /var/log/vsftpd.log:
log_ftp_protocol=YES
Above to directives will enable logging of all FTP transactions. Lock down users to their home directories:
chroot_local_user=YES
Create warning banners for all FTP users:
banner_file=/etc/vsftpd/issue
Turn on vsftpd on boot:
# chkconfig vsftpd on
Start the service:
# service vsftpd start
# netstat -tulpn | grep :21
Configure Iptables To Protect The FTP Server
# vi /etc/sysconfig/iptables
Add the following lines, ensuring that they appear before the final LOG and DROP lines for the RH-Firewall-1-INPUT:
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 21 -j ACCEPT
Open file /etc/sysconfig/iptables-config, enter:
# vi /etc/sysconfig/iptables-config
Ensure that the space-separated list of modules contains the FTP connection tracking module:
IPTABLES_MODULES="OTHER_MODULES ip_conntrack_ftp"
Save and close the file. Restart firewall:
# service iptables restart
Tip: View FTP Log File
Type the following command:
# tail -f /var/log/vsftpd.log
Tip: Restrict Access to Anonymous User Only
Edit the vsftpd configuration file /etc/vsftpd/vsftpd.conf and add the following:
local_enable=NO
Tip: Disable FTP Uploads
Edit the vsftpd configuration file /etc/vsftpd/vsftpd.conf and add the following:
write_enable=NO
For upload to work except for anonymous, you might need to:
- create a group, say ftpw
- change the ownership of /var/ftp and its subdirectories to group ftpw
- add ftpw group onto users with write privilege
Subscribe to:
Posts (Atom)