To get the list of username with its user ID in formatted way:-

awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd

Find the particular string from the list of files in current directory:-

cd /etc
for i in $(find -type f); do grep -iH nfsnobody $i; done
Or
grep -iH nfsnobody *

Get the number of occurrences of particular word in file:-

awk '/ServerName/ {i=i+1} END {print i}' /etc/httpd/conf/httpd.conf
grep ServerName /etc/httpd/conf/httpd.conf

To delete resources of semaphore arrays from memory:-

ipcs -s | grep apache | perl -e 'while () { @a=split(/\s+/); print`ipcrm sem $a[1]`}'

To get the list of IP addresses in the server:-

ifconfig | grep -vw inet6 | grep -w inet | cut -d : -f 2 | cut -d \ -f 1

Find list of IP address along with eth device and network mask:-

ifconfig | cut -d " " -f1,12,16 | grep -A 1 eth | tr -d - | tr -s "\n" |sed -e :a -e N -e 's/\n/ /'

Change the device address as per your servers configuration:-

hdparm -Tt /dev/sda

To get the listing of directories:-

ls -F $1 | grep \/ | sed -e 's/\/$/4/g'

To Get Real Time Network Activity Examples:-

watch -d "netstat -nalp |grep -v DGRAM |grep -v STREAM |grep -v LISTEN"
watch "netstat -nalp"|grep ":TCP PORT Number"
watch "netstat -nalp"|grep ":22"

The details of the present http connections can be found by using:-

netstat -plan | grep ":80 " | awk {'print $5'} |awk -F: {'print $1'}|sort
cat /proc/net/ip_conntrack | grep "port=80" | wc -l

Number of connection from perticular IP address:-

netstat -ntu | awk '{print $5}'| cut -d: -f1 | sort | uniq -c | sort -nr | more

Below are couple of good points about LAMP optimization. I have figured that out after doing some googling and reading some PDF..

Disable unwanted Apache Modules:

• Disable all the apache modules like perl,python,proxy etc except php,mysql which are required for your application.
• Enable only mod_php and mod_rewrite
• Disable everything else (java, python)

Tune MaxClients

• Too low: you can’t serve a traffic spike
• Too high: your memory cannot keep up with the load, and you start swapping (server dies!)

KeepAlive

• 5 to 10 seconds
• More than that, it ties up procesess

AllowOverrides

• You can set to None and move Drupal’s .htaccess contents to vhosts
• Less filesystem accesses
• mod_gzip/mod_deflate

Compromise of CPU usage vs. Bandwidth usage

• nginx
• use Nginx if possible, its very fast and stable.

Mysql

• USE MyISAM Engine wherever is possible – Its has good read speed

Query cache

• Probably the most important thing to tune
• Table cache
• Also important Key buffer

PHP

• Use a recent version
• Install an Op­code cache / Accelerator
• eAccelerator
• APC
• Xcache
• Zend (commerical)

Op­code cache Benefits

• Dramatic speed up of applications, specially complex ones like Drupal
• Significant decrease in CPU utilization
• Considerable decrease in memory utilization
• The biggest impact on a busy site
• Drawbacks:
• May crash often
• Use logwatcher to auto restart Apache

Note: eAccelerator uses the least memory and provides the most speed

Hope above point helps you in understanding what is important for your environment.

It is important to know traffic usage of your client if you’re a Linux network administrator.

You can monitor your client in text mode, graphic mode or html exported like mrtg, cacti

but bandwidthd is very good bandwidth monitoring tool…………..

You don’t need any database or snmp connection to monitor all of your client on bandwidthd,

all you need just libcap, libpng, libgd and apache installed on your Linux system. And other

good news is bandwidthd monitor all of your connected client per IP and per connection protocol.

Link to the download area on SourceForge: Download BandwidthD

[root@Ryan]# tar xvfz bandwidthd-2.0.1.tgz

[root@Ryan]# cd bandwidthd

Configure and install the Bandwidthd source:

[root@Ryan]# ./configure && make install

Please make sure you have:
libpcap from http://www.tcpdump.org/
libpng from http://www.libpng.org/
libgd from http://www.boutell.com/gd/

Or

# yum install libbap Or # apt-get install libcap

# yum install libpng Or # apt-get install libpng

# yum install apache Or # apt-get install apache2

Edit /usr/local/bandwidthd/etc/bandwidthd.conf

to suit your network environment. …..
Save your config and start bandwidthd using /usr/local/bandwidthd/bandwidthd.

Point your Apache Virtual Host to

/usr/local/bandwidthd/htdocs for browse
the bandwidthd graph

Alias /bandwidthd “/usr/local/bandwidthd/htdocs”

Order Allow,Deny
Allow from All

Save your work and restart apache. Next open your browser and point to http://yourserverip/bandwidth.

Introduction

Pre-Requistes:
Apache-2.2.x
PHP-5.2.x
Mysql-5.x

SugarCRM can not be upgraded directly from version 5.2.x to 6.2.x. Its a multistep process. You have to upgrade SugarCRM to version 5.5.zx then from 5.5.x to 6.2.x. Below is the outlined procedure for that.

Step1: Check the server for Apache,PHP and MySQL version. (My server was having lower versions so I had to upgrade php and mysql before upgrading SugarCRM)
Step2: Login to SugarCRM with admin user or same access level user.
Step3: Click on Admin link
Step4: Scroll down and Click on Upgrade Wizard
Step5: Click Next, Next, when it asked for upload upgrade file go to http://www.sugarforge.org/frs/?group_id=6 website and download the suitable file according to your current version. I have download all the below files once as to avoid download them again and again.

http://www.sugarforge.org/frs/download.php/6547/SugarCE-5.2.0l.zip
http://www.sugarforge.org/frs/download.php/6589/SugarCE-Upgrade-5.2.0-to-5.5.1.zip
http://www.sugarforge.org/frs/download.php/6591/SugarCE-Upgrade-5.5.1RC-to-5.5.1.zip
http://www.sugarforge.org/frs/download.php/8046/SugarCE-Upgrade-5.5.1-to-6.0.4.zip
http://www.sugarforge.org/frs/download.php/8163/SugarCE-Upgrade-6.0.x-to-6.2.0.zip

Step6: After upload the suitable file complete the steps and on last step it will give you link of “DONE”. Click on that and logout
Step7: Repeat the step4 to step6 again for upgrade to 5.5.1 to 6.0.4 and one more time for 6.0.4 to 6.2.0

Introduction:
Few days back one of customer asked to have more security on their data transfer via ftp. I have heard of encryption,SSL and all. I know how to build the CA and create the certificates but don’t know how to integrate it with VSFTPD or alternatively I can say that I did not get such requirement. Vsftpd with SSL is pretty straight forward and very easy to configure just create the self sign certificate just like i did, if you can not buy the trusted certificate from registered CA. Procedure to configure the vsftpd with SSL supports is as given below:

vsftpd is the default FTP server supplied with CentOS. It should be installed by default (?) If it isn’t you may install it by one of these methods:
Using yum (if you’ve installed yum):
Install VSFTPD:

[root@Gladiator]#yum install vsftpd

Generate a Certificate:
You use OpenSSL to generate a certificate for vsftpd. The certificate is store on your server, in a location of your choice. Here I choose to put it in the /etc/vsftpd directory. As well, you specify a ‘lifetime’ for the certificate; here’s it set for a year (“-days 365″).
Note that the backslashes only signify line breaks. You should be able to copy/paste & run it as it is, or remove the backslashes and the line breaks. You may need to create this directory first (mkdir /etc/vsftpd).

[root@Gladiator]#openssl req -x509 -nodes -days 365 -newkey rsa:1024 \
 -keyout /etc/vsftpd/vsftpd.pem \
 -out /etc/vsftpd/vsftpd.pem

You will be prompted with a series of question, which you answer as they appear. When done the certificate will be installed in the /etc/vsftpd directory.
Configure vsftpd:
To configure vsftpd you edit the file /etc/vsftpd/vsftpd.conf and add the following lines:

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=NO
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/vsftpd/vsftpd.pem

Restart vsftpd for these settings to take effect:

[root@Gladiator]#/etc/rc.d/init.d/vsftpd restart

”’NOTE:”’If you set “force_local_logins_ssl=YES” then your clients will be required to use an FTP client that supports AUTH TLS/SSL in order to connect. If you leave it at “NO” then people can connect securely or insecurely.

Intorduction
Installation of Mod_jk is not that hard but to make it work or integrate with apache and tomcat a bit tricky. I am explaining here how to install and configure apache to serve the java pages or webapps with the help of mod_jk module.

Scenario
Let me brief my scenario here, yours may be different. You can take the refference from here. I am having app1 and app2 and i want URL http://www.aap1.com to serve the pages from app1 tomcat webapp and http://www.app2.com serve the pages from app2 tomcat webapp. Also you need to take care for the tomcat port also, if you want to use two tomcat instace you you have to use the two diff ports like i am using. app1 is on 8080 port and app2 is on 8081 port.

You can install apache and tomcat via yum if you are using Redhat/CentOS distro and if you are using any Debian based system you can use apt-get/aptitude utility for the same.
I am explaining here on CentOS-5.4 disto

#yum install httpd
#/etc/init.d/httpd restart
#chkconfig httpd on

Now its time to install mod_jk, i am using here the rpm package you can even compile it from source as well.
http://mirrors.dotsrc.org/jpackage/1.7/redhat-el-5.0/free/RPMS/
or
You can download it from centOS testing repo.

http://dev.centos.org/centos/5/testing/i386/RPMS/

#wget http://mirrors.dotsrc.org/jpackage/1.7/redhat-el-5.0/free/RPMS/mod_jk-ap20-1.2.26-1jpp.i386.rpm
or
#wget http://dev.centos.org/centos/5/testing/i386/RPMS/mod_jk-ap20-1.2.28-2.el5.centos.i386.rpm

#rpm -ivh mod_jk-ap20-1.2.26-1jpp.i386.rpm or
#rpm -ivh  mod_jk-ap20-1.2.28-2.el5.centos.i386.rpm

Now its time to install tomcat. You can install it via yum or compile it from source. I am using the source here.

Get the tar.gz for Tomcat 5.5 — you can download it from the Apache Tomcat download site(http://tomcat.apache.org/download-55.cgi). I am using tomcat-5.5 version you can use the latest release also.

Unpack apache-tomcat-5.5.23.tar.gz under /usr/local. Rename apache-tomcat-5.5.23 to tomcat8080. Unpack the tar.gz one more time, rename it to tomcat8081.

cd /usr/local/tomcat8081/conf
- edit server.xml and change following ports:
8005 (shutdown port) -> 8006
8080 (non-SSL HTTP/1.1 connector) -> 8081
8009 (AJP 1.3 connector) -> 8010

There are other ports in server.xml, but I found that just changing the 3 ports above does the trick.

I won’t go into the details of getting the 2 Tomcat instances to run. You need to create a tomcat user, make sure you have a Java JDK or JRE installed, etc., etc.
One more thing i want to mention here, you have to set JAVA_HOME variable set to make the java application to find the exact JRE/JAVA location. If you want to set them system wide then mention that variable in /etc/profile file instead if ‘export’ on shell.

The startup/shutdown scripts for Tomcat are /usr/local/tomcat808X/bin/startup.sh|shutdown.sh.

I will assume that at this point you are able to start up the 2 Tomcat instances. The first one will listen on port 8080 and will have an AJP 1.3 connector (used by mod_jk) listening on port 8009. The second one will listen on port 8081 and will have the AJP 1.3 connector listening on port 8010.

I am assuming that you are well aware, how to deploy the tomcat apps.So i am skipping that section. Please write me at ramesh.mimit@gmail.com if you want to have a chapter on this as well.

Create Apache virtual hosts for www.myapp1.com and www.myapp2.com and tie them to the 2 Tomcat instances via mod_jk.

Here is the general mod_jk section in httpd.conf — note that it needs to be OUTSIDE of the virtual host sections:

#
# Mod_jk settings
#
# Load mod_jk module
LoadModule    jk_module  modules/mod_jk.so
# Where to find workers.properties
JkWorkersFile conf/workers.properties
# Where to put jk logs
JkLogFile     logs/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel    emerg
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions     +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat     "%w %V %T"

Note that the section above has an entry called JkWorkersFile, referring to a file called workers.properties, which I put in /etc/httpd/conf. This file contains information about so-called workers, which correspond to the Tomcat instances we’re running on that server. Here are the contents of my workers.properties file:

#
# This file provides minimal jk configuration properties needed to
# connect to Tomcat.
#
# The workers that jk should create and work with
#

workers.tomcat_home=/usr/local/tomcat8080
workers.java_home=/usr/lib/jvm/java
ps=/
worker.list=app1, app2

worker.app1.port=8009
worker.app1.host=localhost
worker.app1.type=ajp13
worker.app1.lbfactor=1

worker.app2.port=8010
worker.app2.host=localhost
worker.app2.type=ajp13
worker.app2.lbfactor=1

The file declares 2 workers that I named app1 and app2. The first worker corresponds to the AJP 1.3 connector running on port 8009 (which is part of the Tomcat instance running on port 8080), and the second worker corresponds to the AJP 1.3 connector running on port 8010 (which is part of the Tomcat instance running on port 8081).

The way Apache ties into Tomcat is that each of the VirtualHost sections configured for www.app1.com and www.app2.com declares a specific worker. Here is the VirtualHost section I have in httpd.conf for www.app1.com:

ServerName www.app1.com
DocumentRoot "/usr/local/tomcat8080/webapps/ROOT"

  # Options Indexes FollowSymLinks MultiViews
  Options None
  AllowOverride None
  Order allow,deny
  allow from all

ErrorLog logs/app1-error.log
CustomLog logs/app1-access.log combined
# Send ROOT app. to worker named app1
JkMount  /* app1
RewriteEngine On
RewriteRule ^/(images/.+);jsessionid=\w+$ /$1

The 2 important lines as far as the Apache/mod_jk/Tomcat configuration is concerned are:

JkMount /* app1

The line “JkMount /* app1″ tells Apache to send everything to the worker app1, which then ties into the Tomcat instance on port 8080.

The line “JkUnMount /images/* app1″ tells Apache to handle everything under /images itself — which was one of our goals.

At this point, you need to restart Apache, for example via ‘sudo service httpd restart’. If everything went well, you should be able to go to http://www.myapp1.com and http://www.myapp2.com and see your 2 Web applications running merrily.

You may have noticed a RewriteRule in each of the 2 VirtualHost sections in httpd.conf. What happens with many Java-based Web application is that when a user first visits a page, the application does not know yet if the user has cookies enabled or not, so the application will use a session ID mechanism fondly known as jsessionid. If the user does have cookies enabled, the application will not use jsessionid the second time a page is loaded. If cookies are not enabled, the application (Tomcat in our example) will continue generating URLs such as

http://www.myapp1.com/images/myimage.gif;jsessionid=0E45D13A0815A172BD1DC1D985793D02

In our example, we told Apache to process all URLs that start with ‘images’. But those URLs have already been polluted by Tomcat with jsessionid the very first time they were hit. As a result, Apache was trying to process them, and was failing miserably, so images didn’t get displayed the first time a user hit a page. If the user refreshed the page, images would get displayed properly (if the user had cookies enabled).

The solution I found for this issue was to use a RewriteRule that would get rid of the jsessionid in every URL that starts with ‘images’. This seemed to do the trick.

That’s about it. I hope this helps somebody

Scenario:

Linux machine with/home having ext3 type of filesystem.
You have welcome.jpg file in /home/test. And you have deleted it by “rm -f ” command.
Now we will recover that welcome.jpg
Required Tools: debugfs, foremost & blkls

Step 1. –> Check which Filesystem /home is.

 Gladiator:~ # df -h
    Filesystem    Size     Used     Avail     Use%      Mounted on
    /dev/sda       2 7.8G   5.3G     2.2G      71%          /
    udev              122M    168K    121M       1%         /dev
    /dev/sda3      12G       158M    11G         2%         /home 

So we got Filesystem ID – /dev/sda3

Step 2. –> Debugfs to get necessary information
The debugfs program is an interactive file system debugger that is installed by default with most common Linux distributions. This program is used to manually examine and change the state of a filesystem. In our situation, we’re going to use this program to determine the inode which stored information about the deleted file and to what block group the deleted file belonged.

  Gladiator:~ # debugfs /dev/sda3
    debugfs 1.41.1 (01-Sep-2008)
    debugfs:  cd test
    debugfs:  ls -d
    32769  (12) .    2  (4084) ..   <32770> (4072) welcome.jpg    ---> Here we got Inode number which is in RED

The next command we want to run is imap, giving it the inode number above so we can determine to which block group the file belonged. We see by the output that it belonged to block group 4.

debugfs:  imap <32770>
    Inode 32770 is part of block group 4    -----------> Here we got block group no. ---> BG
    located at block 131074, offset 0x0100

Running the stats command will generate a lot of output. The only data we are interested in from this list, however, is the number of blocks per group. In this case, and most cases, its 32768. Now we have enough data to be able to determine the specific set of blocks in which the data resided. We’re done with debugfs now, so we type q to quit.

debugfs: stats
    << lots of content>>
    Blocks per group:         32768   ---> BPG
    <>
    debufs: q    -------> To quit debugfs

Step 3. –> Recovering data in dat format.

The next thing we need to do is pull all unallocated blocks from block group 56 so we can examine their content. The blkls program, from The Sleuth Kit (TSK), allows us to do just that. We simply need to know the device file, a range of blocks, and have enough space in the appropriate place to output this data. Using the information above, we can calculate the block range by multiplying the block group number and the block group size and then multiplying the block group number plus one by the blocks per group minus one. In this case, the formula would look like this:

(BG * BPG) through ((BG + 1) * BPG -1)

In above example, it will look like:
BPG –> 32768
BG –> 4
(4 * 32768) through ((4+1) * 32768 -1)
131072 through 163839

    So now need to give following command:
 Gladiator:~ # blkls /dev/sda3 131072-163839 > /root/block.dat

Step 4. –> Recovering file from dat file using “Foremost” tool

Create output directory first.
    linux-remo:~ # mkdir /root/output
    linux-remo:~ # foremost -dv -t jpg -o /root/output/ -i /root/block.dat 

Foremost version 1.5.6 by Jesse Kornblum, Kris Kendall, and Nick Mikus
Audit File

oremost started at Sat Sep 26 12:11:59 2009
Invocation: foremost -dv -t jpg -o /root/output/ -i /root/block.dat
Output directory: /root/output
Configuration file: /usr/local/etc/foremost.conf
Processing: /root/block.dat
|——————————————————————
File: /root/block.dat
Start: Sat Sep 26 12:11:59 2009
Length: 125 MB (132108288 bytes)

Num Name (bs=512) Size File Offset Comment

0: 00012272.jpg 65 KB 6283264 (IND BLK bs:=4096)
**|
Finish: Sat Sep 26 12:12:03 2009

1 FILES EXTRACTED
jpg:= 1
——————————————————————

Foremost finished at Sat Sep 26 12:12:03 2009

And here we got the jpg file in /root/output directory. Filename will be different that original. But content will be same.

Comparing size only works, of course, if you “know your data”. Integrity checking programs such as Tripwire play a big role in a recovery operation as you can identify the recovered data without ever inspecting the content, as well as verify its integrity. This becomes quite useful if the information you’re attempting to recover is confidential and you are not authorized to view the data.

File formats supported by Foremosts are jpg, gif, png, bmp, avi, exe, mpg, wav, riff, wmv, mov, pdf, ole, doc, zip, rar, htm, and cpp. If you need to recover data beyond these built-in data types, you will need to define custom types in Foremost’s configuration file foremost.conf.

NOTE: All credit goes to Neelesh Gurjar who has been posted the same article here: http://www.linuxforums.org/articles/recovering-deleted-files-from-ext3-partition-in-linux_724.html