One-Line ncFTP Client Install

ncftp is a client suite offering a command-line interface to commonly-used File Transfer Protocol (FTP).

To install it in one line simply run the below command. Substitute in the most currnet version for 3.2.3

cd ~; wget ftp://ftp.ncftp.com/ncftp/ncftp-3.2.3-src.tar.gz \
tar zxvf ncftp-3.2.3-src.tar.gz; cd ncftp-3.2.3 \
./configure && make && make install; cd ~ \
rm -rf ncftp-3.2.3-src.tar.gz ncftp-3.2.3

BIND 9 DoS Update: CVE-2009-0696

image BIND, the Berkley Internet Name Domain service, provides forward (authoritative) and recursive (non-authoritative) DNS lookups for the majority of the internet as we know it. A security vulnerability outlined here shows that a specially crafted packet can cause the DNS daemon to stop functioning. It is imperative that all “master” DNS servers get updated immediately. More general information on BIND can be found on their site here.

CVE Information: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0696

RHEL Bug Information: https://bugzilla.redhat.com/show_bug.cgi?id=514292

 

The NVD at NIST reports the following overview of this issue:

The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.

 

Updating BIND on RHEL/CentOS (4/5)

Updated packages are available to assure you are running the latest release.

Use this command to update bind on yum-based systems:

# yum –y update bind

Updating BIND on Debian / Ubuntu

1
<font size="1"> # apt-get update       <br /> # apt-get upgrade        <br /> # /etc/init.d/bind9 restart</font>

 

 

Basic Commands: Symbolic Links

Symbolic links allow an administrator to point a link (file or directory) to another real location.

 

How do I create a symbolic link?

# ln –s [target file/directory] /link/location/to/file/or/directory

 

For example, you wish to link /etc/httpd/conf to point to the real location of /usr/local/apache/conf

The command would look like this:
# ln –s /usr/local/apache/conf /etc/httpd/conf

 

Assure that the destination for your link (in our example this would be /usr/local/apache/conf) does not already exist.

Linux CLI (Command Line Interface) Tricks

Here is a small(ish) list of Linux CLI tips and tricks I have learned and researched over the years. This list is by no means completely comprehensive but contains a list of some of the tricks I use on an everyday basis. Living your life “in the shell” can be very cumbersome if you aren’t using the tricks outlined below. Good luck and happy Linuxing.

 

I will say this: Do not give in and use all the tricks all the time if you are just starting with Linux. It’s always best (in my opinion) to learn the ropes and background to everything before using the GUI or any related tricks. I believe this is true with almost any learning process – technology-based or not.

Command Line File Name Completion

Tired of typing the whole path to a single command? Some commands can be very large and cumbersome. Try “tabbing it out”.

Try for example: where<tab>

The above should return whereis. If you have more than one binary in your path that contains the word where you may not get a result. In this case hit tab again and you’ll be presented with all options.

 

Print Working Directory (pwd)

imageThe pwd command is useful to tell you what directory you are currently in. Depending on your shell configuration, you will be presented with your full working directory in the title of your shell program. For instance, I use putty and it always shows my Current Working Directory (CWD).

 
Command History

Forget what the last few commands you completed were? Want to diagnose a system and you have no idea what the person before you executed? Try the “history” command in Linux.

Type “history”. This provides a list of all recently entered commands and can be very large. If you type “history 10” it works much like the tail command and shows the last 10 commands in history.

Type “history –c” to clear your command history.

 

Output Redirection

Tons of information from the command you just executed? Redirect the output to a file or another program.

> – Output Redirection >> – Append to EOF (end of file)  
1> – Redirect STDOUT (Standard Out) < – Input Redirection  
2> – Redirect STDERR (Standard Error)    
&> – Redirect all    

 

Examples:

# echo “foo” > bar (this example will echo the text “foo” to the file called “bar”)

# echo “foo2” >> bar (this example will echo the text “foo2” to the end of the file “bar”)

# wc –l < bar (this example will do a line count on the file bar)

Typically commands read, by default from STDIN. For instance I could also run wc like this:

# wc -l bar

I would still obtain the same results as explicitly telling the CLI to use STDIN (<).

 

Aliases

Using aliases is another way to make entering common commands easier. Think of an alias as a simple shortcut to a longer command. Let’s say you want to remove a directory and you’re tired of always typing “rm –rf <directory”. You can make an alias by typing “alias rmdir=’rm –rf’. Now you can type “rmdir <directory>” on the CLI and achieve the same result.

 

Symbolic Links

A symbolic link is simply a pointer to another file/directory. To make a shortcut to a program shorter or as a link inside your home directory use a command like this:

# ln –s /usr/local/program/bin/program ~/program

– or to link an entire directory –

# ln –s /usr/local/program ~/program

Symbolic links appear when performing an ls –lt like this:
image

 

apropos Search Whatis Database

Ever wanted to find a command but never knew the name? Do you know what the command does or a description but can’t put your finger on it? Use the command apropos to search the whatis database.

Just type apropos “string to search for”

image

 

Whereis – Find a binary or man page

Ever needed to find the location of a binary easily? Try “whereis”. Simply type whereis “binary” and you will be presented with a location to the binary and/or manpage for the given binary.

image

 

There are a ton of other shortcuts I am missing but this is just a small list. Have a great day!

5 Useful Linux Performance Utilities

Ever wondered what was going on with a server or desktop that just wasn’t performing “right”? Sure the load average is a good representation of the overall load as described here, but, how do you track down the actual source of the issue? Try out these five utilities to help you track down any load-related issues with your Linux-based installation.

 

  1. top

    image

    Yes, that’s right, good ol’ fashioned “top”. If you haven’t already used the top command then you may not have been using Linux that much. Top provides a real-time look at processor time, processes that are using high amounts of memory/CPU and also an overview of physical and swap memory.  A preview of top can be seen to the right. Press “1” to show all CPU’s available (if running multiple-core processors or HT-enabled processors).

  2. htop

    There are also other top variants out there which can provide more information in the same “top-like” format. Enter htop. Htop has been around for quite imagesome time and has, as far as I know, gone generally unknown around the Linux world. htop provides colorful (who doesn’t like colors?) views of the system state and shows tree views for processes that provide even more detail. A screenshot of the htop interface can be seen on the right. Obtain more information about htop here.

  3. iostat

    Got disk performance issues? Find out with iostat! iostat is used for monitoring speed, ops/sec and cpu time spent waiting on input/output devices to respond. This command is quite useful when attempting to see what is causing your load averages to spike. If your system has high i/o wait times you may consider purchasing faster disks or tuning the performance of your application to be less disk-intensive. Performance tuning, for instance, image of a MySQL database can greatly decrease the amount of disk i/o needed. Adding indexes and re-constructing queries can speed up MySQL systems that have high i/o wait times. Of course, you can always throw hardware at the issue as well. For more information on iostat see this article.

  4. vmstat
     

    Direct from the vmstat man page: “vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.” The data shown in vmstat is the average since last reboot.
    image 
    Direct from man page:

    Procs
           r: The number of processes waiting for run time.
           b: The number of processes in uninterruptible sleep.

    Memory
           swpd: the amount of virtual memory used.
           free: the amount of idle memory.
           buff: the amount of memory used as buffers.
           cache: the amount of memory used as cache.
           inact: the amount of inactive memory. (-a option)
           active: the amount of active memory. (-a option)

    Swap
           si: Amount of memory swapped in from disk (/s).
           so: Amount of memory swapped to disk (/s).

    IO
           bi: Blocks received from a block device (blocks/s).
           bo: Blocks sent to a block device (blocks/s).

    System
           in: The number of interrupts per second, including the clock.
           cs: The number of context switches per second.

    CPU
           These are percentages of total CPU time.
           us: Time spent running non-kernel code. (user time, including nice time)
           sy: Time spent running kernel code. (system time)
           id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.
           wa: Time spent waiting for IO. Prior to Linux 2.5.41, shown as zero.

  5. ps

    Although the ps “process list” command does not show real-time updates it can provide useful information as to why your system may be slow. I typically use the “aux” options that shows enough detail but also adding “ww” to the end of “aux” yeilds good results for long commands. Run “ps aux” and look for multiple processes. This is good for troubleshooting if a process like Apache or Exim have spawned many children and caused the system to slow. Use the “e” flag to show children in a tree format.

    image 

IBM Brings new Power 560 Express to Market

"A new server for mid-size companies, the Power 560 Express, is due on Nov. 21. It uses a 3.6Ghz Power6 processor, comes in four-, eight- and 16-node configurations, and packs a hefty 384GB of memory. It’s designed for companies looking to run multiple applications on a virtualized system. It will be offered with Linux, AIX or i."

IBM brings a new line of processors and machines to the market with unreal memory capacities.

Linus Torvalds has a Blog

Linux Trovalds is the father of Linux. He has been very active in the development of the Linux kernel and recently decided to start a blog. Read his blog here.

 

It will be interesting if he keeps the blog updated or if he posts a lot at the beginning then tapers off.

 

So, having avoided the whole blogging thing so far, yesterday Alan DeClerck sent a pointer to his family blog with pictures of the kids friends, and I decided that maybe it’s actually worth having a place for our family too that we can do the same on.
Of course, I’ll need to see what Tove wants to do, but in the meantime, here’s a trial blog.

Good Information on Linux Semaphores

What is a Semaphore? An article I found here is very useful. It says that “Semaphores can be thought of as simple counters that indicate the status of a resource. This counter is a protected variable and cannot be accessed by the user directly.

This recently came up when the Dell OpenManage storage service would not start on a Linux system. It complained that there were no more Linux semaphores available. Check out the article for more information.

“ROOT Filesystem is Currently Mounted Read Only”

This error can be a bit unnerving if your Linux system doesn’t reboot cleanly. To remount your root filesystem as read/write (rw) issue this command:

 

# mount -n -o remount rw /

Backup GMAIL with FetchMail

If you’re anything like me you really enjoy GMail but you really enjoy the peace of mind and comfort in having a local imagecopy of your email available at all times. I tend to not rely heavily on services provided by third party providers, even Google. What if I am offline? What if they have a long outage and I need access to my mail? As a society, we rely heavily on mail… probably more than we really know. Think about it: When was the last time your companies mail server went down? Global anarchy, chaos and fires result.

 

In this tutorial I will install, configure and run fetchmail to retrieve my messages over POP on a CentOS server.

 

Backing up GMail

Here we go 🙂

 

1. Check to make sure fetchmail is installed on your system.

     # rpm -aq | grep fetchmail

If fetchmail is installed you will see the package returned. If not, issue this command in CentOS:
    # yum -y install fetchmail

2. Good, now we have fetchmail installed. Let’s verify by using this command:

     # fetchmail -V | grep release
        This is fetchmail release 6.2.5+IMAP-GSS+RPA+NTLM+SDPS+SSL+INET6+NLS

3. Let’s create a user which will keep our gmail backup.

     # adduser gmailbackup

4. Let’s create a fetchmail configuration file called ".fetchmailrc" in your current users home directory.

     # vi ~/.fetchmailrc

5. In this file enter the following substituting your credentials where necessary:

     poll pop.gmail.com with proto POP3 and options no dns
     user ‘[email protected]’ there with password ‘yourpassword’ is ‘gmailbackup’ here  options ssl

6. Now let’s set the permissions on the new .fetcmailrc file otherwise fetchmail will complain like this:
        File /root/.fetchmailrc must have no more than -rwx–x— (0710) permissions.

To set these permissions use this command:

      # chmod 710 ~/.fetchmailrc

7. Let’s fetch the mail with verbosity on.

      # fetchmail -vk

8. Let’s verify the mail we downloaded
      # mail -u gmailbackup

9. After this transfer let’s set up a cron entry to run a fetch every hour for safe keeping of our GMail.

      # crontab -e

    Add this to the bottom of your users cron:
          0 * * * * root fetchmail -k &> /dev/null

    The above redirects all output from fetchmail to /dev/null so we don’t get chatter in our local users mail box.

 

That’s it! You’re all done and being backed up. For easier viewing, assign a password to your local gmailbackup user with "passwd gmailbackup" and use a web client like RoundCube or SquirrelMail to view your GMail backup.