UnixServerAdmin

Server Administration & Management

How to startup server using ether-wake

Wake-on-LAN is a useful feature on most network cards that allows you to remotely boot up a computer. The ethtool utility (found in the ethtool RPM) can tell you if your network card supports Wake-on-LAN:

# ethtool eth0
Settings for eth0:
    Supported ports: [ TP ]
    Supported link modes: 10baseT/Half 10baseT/Full
    100baseT/Half 100baseT/Full
    1000baseT/Full
    Supports auto-negotiation: Yes
    Advertised link modes: 10baseT/Half 10baseT/Full
    100baseT/Half 100baseT/Full
    1000baseT/Full
    Advertised auto-negotiation: Yes
    Speed: 100Mb/s
    Duplex: Full
    Port: Twisted Pair
    PHYAD: 0
    Transceiver: internal
    Auto-negotiation: on
    Supports Wake-on: umbg
    Wake-on: d
    Current message level: 0x00000007 (7)
    Link detected: yes

Look for the “Supports Wake-on” line. It should list one or more letters, including “g” (WoL using Magic Packet). In the example above, Wake-on-LAN is currently disabled (“d”). The Wake-on-LAN setting does not persist. It needs to be configured every time the machine boots. On RHEL, this is usually done from /etc/init.d. Create a script called /etc/init.d/wol with the following content:

==============================================
#!/bin/bash
#
# wol Wake-on-LAN configuration script
#
# chkconfig: – 99 01
# description: Wake-on-LAN allows a machine to be started using a WoL network packet.
# This script configured WoL on interfaces listed in $NIC.
# processname: –
# config: –
# pidfile: –

# Source function library.
. /etc/rc.d/init.d/functions
# List of NICs to configure for WoL.
# Note: on Xen hosts, use peth0 instead of eth0.
NIC=”eth0?

if [ “$1” != “start” ]; then
exit 0
fi

echo -n “Enabling Wake-on-LAN for:”
for nic in ${NIC};
do
echo -n ” ${nic}”
[ -x /sbin/ethtool ] && /sbin/ethtool -s ${nic} wol g >/dev/null 2>&1
done

# Note: no error checking – ethtool does not return a useful exit code
success
echo

# EOF
==============================================

Add the script to the start-up sequence:

# chkconfig –add wol

# chkconfig wol on

The script will now be run on every reboot. You can check the result using ethtool eth0; it should now display “Wake-on: g“.

You should now be able to shutdown your computer, and wake it by sending a “WoL Magic Packet” from another computer. On Linux, use ether-wake (from the net-tools RPM) or wol (from the wol RPM) to send the Magic Packet:

# /sbin/ether-wake -i eth0 00:04:23:C0:FF:EE

Advertisements

January 31, 2012 Posted by | Tips & Tricks, Unix/Linux | , , , , | Leave a comment

How to startup server using wakeonlan

Here is complete process turn on servers remotely without physical access. Wakeonlan (wol) enables you to switch ON remote servers without physically accessing it. Wakeonlan sends magic packets to wake-on-LAN enabled ethernet adapters and motherboards to switch on remote computers.

By mistake, when you shutdown a system instead of rebooting, you can use Wakeonlan to power on the server remotely. Also, If you have a server that don’t need to be up and running 24×7, you can turn off and turn on the server remotely anytime you want. This article gives a brief overview of Wake-On-LAN and instructions to set up Wakeonlan feature.

Overview of Wake-On-LAN

You can use Wakeonlan when a machine is connected to LAN, and you know the MAC address of that machine.
Your NIC should support wakeonlan feature, and it should be enabled before the shut down. In most cases, by default wakeonlan is enabled on the NIC. When the system crashes because of power failure, for the first time you cannot switch on your machine using this facility. But after the first first boot you can use wakeonlan to turn it on, if the server gets shutdown for some reason. WakeonLan is also referred as wol.

Check whether wol is supported on the NIC, Execute the following ethtool command in the server which you want to switch ON from a remote place.

# ethtool eth0

Settings for eth0:
        Supported ports: [ TP MII ]
        Supported link modes:   10baseT/Half 10baseT/Full
        100baseT/Half 100baseT/Full
        Supports auto-negotiation: Yes
        Advertised link modes:  10baseT/Half 10baseT/Full
        100baseT/Half 100baseT/Full
        Advertised auto-negotiation: Yes
        Speed: 100Mb/s
        Duplex: Full
        Port: MII
        PHYAD: 1
        Transceiver: internal
        Auto-negotiation: on
        Supports Wake-on: pumbg  [ Note: check whether flag g is present ]
        Wake-on: g [ Note: g mean enabled. d means disabled ]
        Current message level: 0x00000001 (1)
        Link detected: yes

If  Supports Wake-on is g, then the support for wol feature is enabled on the NIC card. Enabling wol option on the Ethernet Card. By default the Wake-on will be set to g in most of the machines. If not, use ethtool to set the g flag to the wol option of the NIC card as shown below.

# ethtool -s eth0 wol g

Note: You should execute ethtool as root, else you may get following error message.

#/sbin/ethtool eth0

Settings for eth0:
Cannot get device settings: Operation not permitted
Cannot get wake-on-lan settings: Operation not permitted
Current message level: 0x000000ff (255)
Cannot get link status: Operation not permitted

Install the wakeonlan package in the machine from where you need to send the magic packet to switch on your server.

# wget http://gsd.di.uminho.pt/jpo/software/wakeonlan/downloads/wakeonlan-0.41-0.fdr.1.noarch.rpm

# rpm -ivh wakeonlan-0.41-0.fdr.1.noarch.rpm

Note down the MAC address of the server that you wish to switch on remotely.

# ifconfig

eth0     Link encap:Ethernet  HWaddr 00:16:k5:64:A9:68  [ Mac address ]
          inet addr:192.168.6.56  Bcast:192.168.6.255  Mask:255.255.255.0
          inet6 addr: fe80::216:17ff:fe6b:289/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3179855 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2170162 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3832534893 (3.5 GB)  TX bytes:390304845 (372.2 MB)
          Interrupt:17

Finally, Switch ON the machine remotely without physical access. When the server is not up, execute the following command from another machine which is connected to the same LAN. Once the magic packet is sent, the remote system will start to boot.

# wakeonlan 00:16:k5:64:A9:68

January 29, 2012 Posted by | Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to Backup Master Boot Record (MBR)

The MBR (master boot record) is located at cylinder 0, head 0, and sector 1. It’s the very first sector of the hard drive and it is 512 bytes in size. When the BIOS boot your machine it looks in the MBR for information on your partitions and the initial boot loader. The MBR contains a partition table and boot code. The boot code executes and then transfers the process to the boot loader program on your active (bootable) partition. We can take the backup of MBR either to a floppy disk or to a CDROM.

1. Backup to a floppy:

# dd if=/dev/hda  of=/dev/fd0  bs=512   count=1

2. Backup to CD:

First, create the MBR backup to a file on your hard drive.

# dd if=/dev/hda of=mbr.bak bs=512 count=1

Now, burn the file you just created to CDR.

January 27, 2012 Posted by | Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to disable Ctrl+ALT+Del restart

1. Login as root

2. Edit the following system file (inittab)

3. To locate the system file

# whereis inittab

4. To find out the file type

# file /etc/inittab

5. To edit the text editor

# vim /etc/inittab

6. Comment this line

#ca::ctrlaltdel:/sbin/shutdown –ts –r now

7. Save this file

8. Exit the file

9. Reload the inittab file in to memory again

#init q

or otherwise we have to restart the system

January 25, 2012 Posted by | Tips & Tricks, Unix/Linux | , , | Leave a comment

How to install Suhosin in Linux

Suhosin was designed to protect your servers against a number of well known problems in PHP applications and
on the other hand against potential unknown vulnerabilities within these applications or the PHP core itself including wordpress and many other open source php based apps. Install Suhosin as extension

1. Download latest version of Suhosin, enter the following command for that purpose

# cd /opt
# wget http://download.suhosin.org/suhosin-0.9.33.tgz
# tar -zxf

2. Make sure you have php-devel installed

# yum install php-devel

3. Compile Suhosin under PHP and RHEL / CentOS Linux using the below commands

# cd suhosin-0.9.33
# phpize
#./configure
# make
# make install

4. The Configure Suhosin onto the server, using the below command a configuration file of Suhosin would be created

# echo ‘extension=suhosin.so’ > /etc/php.d/suhosin.ini

5. Restart web server

# service httpd restart

6. Verify Suhosin installation

# php -v

Sample output:

PHP 5.1.6 (cli) (built: Nov 13 2010 16:05:12)
Copyright (c) 1997-2006 The PHP Group
Zend Engine v2.1.0, Copyright (c) 1998-2006 Zend Technologies
    with Suhosin v0.9.33, Copyright (c) 2007, by SektionEins GmbH

7. You can find more information by running phpinfo():

<?php
phpinfo();
?>

January 23, 2012 Posted by | Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to mount SAN Partition to Dell Poweredge M910 Blade Server In Linux

1. Find-out SAN Card serial Number

# cat /sys/class/fc_host/host*/port_name

2. Edit /etc/multipath.conf file and Comment following Lines

# vim /etc/multipath.conf

=====================
#blacklist {
#        devnode “*”
#}
=====================

Multipathing is managed at the device level. Multipath device can be accessed by /dev/mapper/

3. Restart Multipath Services during Booting Also

# /etc/init.d/multipathd restart

# /etc/init.d/multipathd status

# chkconfig multipathd on

# chkconfig multid on

# chkconfig multipathd –list

4. Now Search the partition and format it.

# fdisk -l
# fdisk /dev/dm-0
# mkfs.ext3 /dev/mapper/mpath1p1
# mount /dev/mapper/mpath1p1 /var/lib/mysql/

5. Querying the multipath IO status outputs the current status of the multipath maps

# multipath -l

6. find out WWIDs using following command

# multipath -v2 -d

7. Edit in /etc/rc.local file during Booting Process for Mounting.

# vim /etc/rc.local

===================================
mount /dev/mapper/mpath1p1 /var/lib/mysql/
===================================

Note: Don’t entry in /etc/fstab file for SAN Mounting, Because during booting Process, System will be goes to Maintainence Mode.

January 21, 2012 Posted by | SAN, Tips & Tricks, Unix/Linux | , , , | Leave a comment

Protected: How to reset MySQL Slave Replication

This content is password protected. To view it please enter your password below:

January 19, 2012 Posted by | MySQL | , | Enter your password to view comments.

How to rotate tomcat logs

# cat /etc/logrotate.d/tomcat

/usr/local/tomcat/logs/catalina.out {
compress
copytruncate
create 644 root root
rotate 30
size 1024M
}

/usr/local/tomcat/logs/localhost.*.log {
compress
copytruncate
create 644 root root
rotate 30
size 1024M
}

/usr/local/tomcat/logs/localhost.*.log {
compress
copytruncate
create 644 root root
rotate 30
size 128M
}

/usr/local/tomcat/logs/host-manager.*.log {
compress
copytruncate
create 644 root root
rotate 30
size 1M
}

/usr/local/tomcat/logs/catalina.*.log {
compress
copytruncate
create 644 root root
rotate 30
size 1M
}

/usr/local/tomcat/logs/localhost_access_log.*.txt {
compress
copytruncate
create 644 root root
rotate 30
size 24M
}

daily :- rotates the catalina.out daily
rotate 7 :- keeps at most 7 log files
compress :- compresses the rotated files
size 10M :- rotates if the size of catalina.out is bigger than 10M
copytruncate :- Truncate the original log file in place after creating a copy, instead of moving the old log file and optionally creating a new one, It can be used when some program can not be told to close its logfile and thus might continue writing (appending) to the previous log file forever. Note that there is a very small time slice between copying the file and truncating it, so some logging data might be lost. When this option is used, the create option will have no effect, as the old log file stays in place.

January 17, 2012 Posted by | Tips & Tricks, Tomcat | , , | 1 Comment

Rsync Tips

Synchronizing data beetween two directories

# rsync -rv <src> <dst> –progress

Rsync two directories with filtered extensions

# rsync -rv –include ‘*/’ –include ‘*.txt’ –exclude ‘*’ srcDir/ desDir/

Rsync a directory excluding pesky .svn dirs

# rsync -rv –exclude .svn src/dir/ dest/dir/

Sync Source Directory to Destination Directory

# rsync -avzE -e  –process /var/www/html/deploy root@X.X.X.X/backup/testing/project

# rsync -avzE  /var/www/html/deploy root@X.X.X.X://backup/testing/project/

src :- source
dst :- destination
-v :- increase Verbosity
-a :- archive mode
-r :- recurse into directories
-e :- Specify remote shell to use
-r :- for recursive (if you want to copy entire directories)
–process :- to show a progress bar)

 

January 15, 2012 Posted by | Tips & Tricks, Unix/Linux | , , | Leave a comment

How to transfer root’s emails to another email address

If you have ‘root’ access to the server then open the file /etc/aliases in your favorite editor. Look for the section “# Person who should get root’s mail” and make the change as required.

# vim /etc/aliases

## Person who should get root’s mail  ##
root:   info@unixserveradmin.com

January 13, 2012 Posted by | Mail, Tips & Tricks | , | Leave a comment

Backup_dump.sh

##########################################################
# Database Server Backup #######################################
# backup_dump.sh script #######################################
##########################################################
set -x
set -v
standby=$1
myfirstfile=”ORS`date +’%d-%b-%Y-%H-%M’`.sql”
myfile=”ORS`date +’%d-%b-%Y-%H-%M’`.sql.bz2″

# mysql dump, check, scp and report
mysqldump -uroot -pPASSWORD –all-databases –routines –flush-logs –single-transaction –master-data=2 > /backup/mysqldump/$myfirstfile 2> /backup/mysqldump/ORS_err.txt

cd /backup/mysqldump/
bzip2  $myfirstfile

scp /backup/mysqldump/$myfile backup@$standby:/backup/autobackup/ORSmysql/
scp /backup/mysqldump/$myfile backup@X.X.X.X:/backup/autobackup/ORSmysql/
##########################################################

January 11, 2012 Posted by | MySQL, Shell Script | , | Leave a comment

Backup_script.sh

###################################################################
# Application Server Backup ##############################################
# backup_script.sh script #################################################
###################################################################
#!/bin/sh
set -x
set -v
standby=$1
myfile=”`date ‘+%d-%b-%Y-%H-%M’`.tar.bz2″
BACKUPDIR=/backup/htmldaily/
BACKUPFILE=`date ‘+%d-%b-%Y-%H-%M’`.tar
cd $BACKUPDIR
tar cvf $BACKUPFILE /var/www/html/
bzip2 $BACKUPFILE
cd /backup/htmldaily/

scp /backup/htmldaily/$myfile backup@$standby:/backup/autobackup/htmldaily/
scp /backup/htmldaily/$myfile backup@X.X.X.X:/backup/autobackup/htmldaily/
###################################################################

January 9, 2012 Posted by | Shell Script | | Leave a comment

How to Reset MySQL Root Password

Method 1. How to Change MySQL Root Password Using mysqladmin Command?

You can change the MySQL root password using mysqladmin command as shown below. Please note that there is no space between -p and currentpassword.

# mysqladmin -u root -pCURRENTPASSWORD password ‘NEWPASSWORD’

Once you’ve changed it make sure you can login with your new password successfully as shown below.

# mysql -u root -pnewpassword

Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 8
Server version: 5.5.13-rc-community MySQL Community Server (GPL)
mysql>

************************************************************************************************

Method 2. How to Change MySQL Root Password From MySQL Prompt Using UPDATE SQL Command?

You can also use the standard update SQL command combined with the MySQL password function to change the password as shown below. Login to MySQL root account using old password

# mysql -u root -poldpassword

Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 8
Server version: 5.5.13-rc-community MySQL Community Server (GPL)
mysql>

Use the UPDATE Command to change root password.

mysql> UPDATE user SET password=PASSWORD(‘newpassword’) WHERE user=’root’;
Query OK, 1 row affected (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 0

Verify the new MySQL root password

Once you’ve changed it make sure you can login with your new password successfully as shown below.

# mysql -u root -pnewpassword

Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 8
Server version: 5.5.13-rc-community MySQL Community Server (GPL)
mysql>

************************************************************************************************

Method 3. How to Set MySQL Root Password Using mysqladmin Command?

This method works only if there is no password currently assigned for the root account. If you don’t have any password assigned to the root account, set the password without giving current password as shown below.
# mysqladmin -u root password ‘newpassword’ [Note: There is no currentpassword for root in this example]

How to Change MySQL Regular User (non-root) Password Using mysqladmin Command?

# mysqladmin -u jsmith -pcurrentpassword password ‘newpassword’

How to Change MySQL Regular User (non-root) Password From MySQL Prompt Using UPDATE SQL Command?

mysql> UPDATE user SET password=PASSWORD(‘newpassword’) WHERE user=’ramesh’;
Query OK, 1 row affected (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 0

************************************************************************************************

Method 4. Recover MySQL Root Password

Step-1:- Stop mysql service

# /etc/init.d/mysql stop

Output:
Stopping MySQL database server: mysqld.

Step-2:- Start to MySQL server w/o password:

# mysqld_safe –skip-grant-tables &

Output:
[1] 5988
Starting mysqld daemon with databases from /var/lib/mysql
mysqld_safe[6025]: started

Step-3:- Connect to mysql server using mysql client:

# mysql -u root

Output:
Welcome to the MySQL monitor.  Commands end with ; or g.
Your MySQL connection id is 1 to server version: 5.5.13-rc-community MySQL Community Server (GPL)
Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the buffer.
mysql>

Step-4:- Setup new MySQL root user password

mysql> use mysql;
mysql> update user set password=PASSWORD(“NEW-ROOT-PASSWORD”) where User=’root’;
mysql> flush privileges;
mysql> quit

Step-5:- Stop MySQL Server:

# /etc/init.d/mysql stop

Output:
Stopping MySQL database server: mysqld
STOPPING server from pid file /var/run/mysqld/mysqld.pid
mysqld_safe[6186]: ended
[1]+  Done                    mysqld_safe –skip-grant-tables

Step-6:- Start MySQL server and test it

# /etc/init.d/mysql start

# mysql -u root -p

January 7, 2012 Posted by | MySQL | , | Leave a comment

How to generate a CSR for SSL Certificate without using Password

Here is following steps to generating a Certificate Signing Request (CSR) Generation Instructions – Apache 2.x Web server. When you have completed generating your CSR, cut/copy and paste it into the CSR field on the SSL certificate-request page.

1. Log in to your server’s terminal (SSH).

2. At the prompt, type the following command:

# openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

Replace yourdomain with the domain name you’re securing. For example, if your domain name is example.com, you would type example.key and example.csr

Enter the requested information:

Country: The two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.

State or Province Name: Name of the state or province where your organization is located. Do not abbreviate.

City or Locality Name: Name of the city where your organization is registered/located. Do not abbreviate.

Organization Name: The legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor’s name.

Organization Unit Name: If applicable, enter the DBA (doing business as) name.

Common Name: The fully-qualified domain name, or URL, you’re securing. If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com.

If you do not want to enter a password for this SSL, you can leave the Passphrase field blank. However, please understand there might be additional risks. Open the CSR in a text editor and copy all of the text. Paste the full CSR into the SSL enrollment form in your account.

January 5, 2012 Posted by | Apache, Security, Tips & Tricks | , , , | Leave a comment

Protected: mysql_replication_slave.sh

This content is password protected. To view it please enter your password below:

January 3, 2012 Posted by | MySQL, Shell Script | , | Enter your password to view comments.

ssh-keygen: SSH login without using Password

System-1 :- 192.168.1.5
System-2 :- 192.168.1.10

ssh-keygen creates the public and private keys

ssh-copy-id copies the local-host’s public key to the remote-host’s authorized_keys file and also assigns proper permission to the remote-host’s home, ~/.ssh, and ~/.ssh/authorized_keys.

Step 1: Create public and private keys using ssh-key-gen on local-host –> 192.168.1.5

192.168.1.5# ssh-keygen -t rsa

Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa): [Enter key]
Enter passphrase (empty for no passphrase): [Enter key]
Enter same passphrase again: [Enter key]
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is: 93:58:20:56:72:d7:bd:14:86:9f:42:aa:82:3d:f8:e5 root@192.168.1.5

Step 2: Copy the public key to remote-host –> 192.168.1.10 using ssh-copy-id

192.168.1.5# ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.1.10

root@192.168.1.10’s password:
Now try logging into the machine, with “ssh ‘192.168.1.10’”, and check in:

.ssh/authorized_keys

to make sure we haven’t added extra keys that you weren’t expecting.

Note: ssh-copy-id appends the keys to the 192.168.1.10’s .ssh/authorized_key.

Step 3: Login to remote-host without entering the password

192.168.1.5# ssh 192.168.1.10
Last login: Sun Nov 16 17:22:33 2011 from 192.168.1.5
[Note: SSH did not ask for password.]

192.168.1.10#

[Note: You are on remote-host here]

January 1, 2012 Posted by | Security, SSH, Tips & Tricks | , , | Leave a comment