Misc

From Unix Wiki
Jump to: navigation, search

Linux

Hard Reboot machine

# echo 10 > /proc/sys/kernel/panic
# echo 1 > /proc/sys/kernel/sysrq
# echo s > /proc/sysrq-trigger
# sleep 5
# echo s > /proc/sysrq-trigger
# sleep 1
# echo b > /proc/sysrq-trigger


Identify if running inside Virtual machine

VM=No
/sbin/lsmod|grep xen &> /dev/null && VM="OracleVM/Xen"
cat /proc/scsi/scsi |grep VMware &> /dev/null && VM=VMware
[ -f /proc/user_beancounters ] && VM=OpenVZ
echo $VM

Drop disk caches

# sync
# echo 3 | sudo tee /proc/sys/vm/drop_caches

List of users with password set

awk -F: '$2 !~ /[!*]/ {print $1}' /etc/shadow

List of users which can interactively login to server

( grep "/.*bin/.*sh$" /etc/passwd | awk -F: '{print $1}' && awk -F: '$2 !~ /[!*]/ {print $1}' /etc/shadow) | sort | uniq

Generating password

cat /dev/urandom | tr -c -d "A-Za-z0-9" | head -c 8 ; echo

or

openssl rand -base64 6

http://www.tech-recipes.com/rx/1264/generate-passwords-with-openssl/

Generate shadow-style passwords

echo "password"|openssl passwd -1 -stdin

Faster way to clone disk to disk over network

Using dd

dd if=/dev/sda bs=1M | ssh -c arcfour new_server "dd of=/dev/sda bs=1M"

and some trick with tar

tar -zcvf - /data | ssh root@server "dd of=/data/backup.tar.gz"

Copy using tar

Copy files to remote server

tar -zcvf - /data | ssh user@server "cat > /data/backup.tar.gz"

Get data from remote server

ssh user@server "cat /data/backup.tar.gz" | tar -zxvf -

Copy directory over ssh using tar with preserve user/group rights

tar -cf - /directory | ssh root@remote "tar -xf - -C /remotedir"

Get directory from remote server to local directory

ssh root@remote "tar -cf - /remotedir" | tar -xf - -C /where_put_it_local

Install TTF fonts

Check /etc/fonts/fonts.conf, it should have an entry corresponding to directory where fronts reside.

<dir>/usr/share/X11/fonts/TTF</dir>

Copy ttf file to that directory.

cd /usr/share/X11/fonts/TTF; \
mkfontscale; mkfontdir
fc-cache -v
fc-list |grep Swis721
Swis721 BT:style=Roman

Delete MBR from device

# dd if=/dev/zero of=/dev/<your device> bs=512 count=1
1+0 records in
1+0 records out
512 bytes (512 B) copied, 0.00308483 s, 166 kB/s

Audit

Password settings

cat /etc/pam.d/system-auth
cat /etc/login.defs
cat /etc/sudoers
useradd -D
chage -l root

Members of OS group

LOCAL_GROUPS="oinstall dba"
LOCAL_USERS=""
for g in $LOCAL_GROUPS; do
       grpLine=`cat /etc/group|awk -v group=$g -F: 'group == $1'`
       grpUsers="`echo ${grpLine} | cut -d":" -f4 | sed 's/,/ /g'`"
         grpNumber="`echo ${grpLine} | cut -d":" -f3`"
       pwdUsers="`awk -F: -v num=$grpNumber 'num == $4 {print $1}' /etc/passwd`"
       LOCAL_USERS="$LOCAL_USERS $grpUsers $pwdUsers"
done
echo $LOCAL_USERS | xargs -n1 |sort -u |xargs

/etc/passwd => useradd

cat /etc/passwd | awk -F: '{printf("useradd -d %s -s %s -u %s -g %s -c \"%s\" %s\n", $6, $7, $3, $4,$5,$1)}'
cat /etc/shadow| awk -F: '{printf("usermod -p \x27%s\x27 %s\n", $2, $1)}'


Password complexyty and account expiration

All these settings are applied to _NEW_ accounts and passwords.

Sets max password age to 90 days, after 90+14 days account is locked.

sed -i.bak -e 's/^PASS_MAX_DAYS.*$/PASS_MAX_DAYS 90/g' /etc/login.defs
useradd -D -f 14

Sets password to minimum 8 characters and require specials.

RHEL5

sed -i.bak -e 's/^password.*requisite.*pam_cracklib.so.*/password required pam_cracklib.so retry=3 minlen=8 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1/g' /etc/pam.d/system-auth

RHEL 4

sed -i.bak -e 's/^password.*requisite.*pam_cracklib.so.*/password required /lib/security/$ISA/pam_cracklib.so retry=3 minlen=8 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1/g' /etc/pam.d/system-auth


Java version and bits

java -d32 -version
java -d64 -version


GPG

Gen key

GPG_LOCAL_KEY="$( whoami )@$( hostname -f)"
TMP=$(mktemp)

cat > $TMP <<GPG_EOF
%echo Generating a standard key
Key-Type: RSA
Subkey-Type: RSA
Name-Real: Local key
Name-Comment: Local gpg key
Name-Email: $GPG_LOCAL_KEY
Expire-Date: 0
# Do a commit here, so that we can later print "done" :-)
%commit
%echo done
GPG_EOF

gpg --batch --gen-key $TMP
rm -f $TMP

kSAR

for file in /var/log/sa/sa??; do
FBASE="/scratch/sar/sar-`hostname -s`-$(stat -c %y $file|awk '{print $1}')"
LC_ALL=C sar -f $file -u ALL -S -q -r > $FBASE.txt;
LC_ALL=C sar -f $file  -d -p|awk '(NR <= 3 || ($2 == "dev252-1" || $2 == "dev252-2")) {print}'|sed -e 's|dev252-1|data|g' -e 's|dev252-2|arch|g' >> $FBASE.txt;
rm -f $FBASE.pdf;
java -jar /scratch/sar/kSar-5.0.6/kSar.jar -cpuFixedAxis -showCPUstacked -showMEMstacked -input file://$FBASE.txt -outputPDF $FBASE.pdf;
done

BASH

Function to delete files skipping 'open' files

safe_delete() {
       fuser "$1" > /dev/null 2>&1
       if [ $? -eq 1 ]; then
               rm "$1"
       else
               echo "$1 is in use, not deleting"
       fi
       }

Perl

Local install of cpan modules

In this case $HOME=/home/centreon/

mkdir $HOME/.cpan/
mkdir $HOME/.cpan/CPAN/
echo "\$CPAN::Config->{cpan_home}='/home/centreon/.cpan';" > /home/centreon/.cpan/CPAN/MyConfig.pmmkdir 


vi /home/centreon/.cpan/CPAN/MyConfig.pm
'make_arg' => q[INSTALLDIRS=site],
'make_install_arg' => q[],
'makepl_arg' => q[INSTALLDIRS=site PREFIX=/home/centreon/perl/],
export PERL5LIB="/home/centreon/perl/lib/perl5/site_perl/5.8.8/";
export PATH=~/perl/bin:$PATH