Adam’s Tech Blog

Many times we perform full backups of the root partition (/), including all mount points under root. How often do we back up our partition tables? What if we have total disk failure and our only restore option is a file-level restore? Will we know what our partition sizes were? Enter sfdisk.

 

Using SFDISK

The most common usage of sfdisk is to dump the partition sizes and count to a file for later import. This partition table dump can be included in your gzipped tarball.

Use this command to dump /dev/sda’s partition table:

# sfdisk -d /dev/sda > /backup/sda.part

 

The dump file will look like this:
# partition table of /dev/sda
unit: sectors

/dev/sda1 : start=       63, size=479990007, Id=83, bootable
/dev/sda2 : start=479990070, size=  8385930, Id=82
/dev/sda3 : start=        0, size=        0, Id= 0
/dev/sda4 : start=        0, size=        0, Id= 0

Restoring Partitions from SFDISK Dump

To restore your partition table from a dump file use this command:

# sfdisk /dev/sda < sda.part

I’m sure anyone who has used Linux has heard of the Sticky, SUID or SGID bits. The most common (and easiest to explain) is the infamous "Sticky Bit".

 

 

The Sticky Bit

Back when systems had kilobytes of RAM (instead of gigabytes), this bit was used to mark a file (program) to run, and remain, primarily in memory. This was a great benefit back in "the day". Now the most common use for the sticky bit is to maintain the integrity of publicly accessible directories.

Setting the Sticky Bit

To set the sticky bit use this command:
# chmod +t <file/directory>

 

Looking for the Sticky Bit

To identify the sticky bit use the standard "ls" command to show all files. Look for a (t) in the listing.

For example:
-rw-r–r-T  1 root root 0 Jul 14 21:14 foo

 

The SUID Bit

SUID stands for "Set User ID". The SUID makes the program run as the user who owns the program (instead of the current user). I have an application called "test" which is owned by "dale" and the user "al" runs "test" the program will still run as "dale" if the SUID bit is set.

 

Setting the SUID Bit

To set the SUID bit use this command:
# chmod +s <file/directory>

 

Looking for the SUID Bit

To identify the SUID bit use the standard "ls" command to show all files. Look for an (S) in the listing.

For example:
-rwSr-Sr–  1 root root 0 Jul 14 21:14 foo

 

The SGID Bit

The SGID bit is much like the SUID bit but runs a program only as the set group ID group.

 

 

Examples

Setting SUID for user and not group
# chmod u+s <file/directory>

Setting sticky bit for group only
# chmod g+t <file/directory>

Overview

Ever wanted to run a long-running command but you can’t seem to get it to complete because you have a shaky connection? Can’t run your command in the background? Want to leave your IRC session open so you can SSH from work and catch the chat room action? Enter screen. Screen allows you to

 

Installation

Well, installation depends on your flavor of Linux. Here are the installation methods for a few common flavors of Linux:

 

up2date

To install screen with up2date issue this command:

# up2date -i screen

 

yum

To install screen with yum issue this command:

# yum -y install screen

 

apt

To install screen with apt issue this command:

# apt-get install screen

 

Usage

Using screen is extremely easy. Here are a few commands to help you understand how it operates.

 

Creating a new screen

Type "screen" to start a new screen. Note that the title of putty (if you’re using putty) tells you which screen you are currently attached to by inserting "[screen 0: bash]  before your normal user@host:/path text.

You should now run any commands you want to save inside your "screen".

 

Detaching a screen

To detach your current screen simply press "CTRL + AD" (Control plus A then D). You are now presented with a message saying "[detached]". You are now returned to your normal shell outside of your virtual screen.

 

Attaching to an existing screen

Chances are if you are using screen you’ll need to reattach to your detached screen. Type "screen -r" to reattach to your current screen. If multiple screen sessions are active, you’ll see a list of current screens to choose from. Type "screen -r PID" to reattach to that screen.

Multiple screens to choose from

Video Overview

Here’s a quick demonstration of screen.

Here are a few substantial events in Linux history:

1991 - Linus Torvalds posts his first message about his free operating system resembling MINIX. He mentions that the operating system will probably never support anything other than AT-hard drives.

1992 - Andrew Tanenbaum, a computer scientist and author of the MINIX kernel, wrote a post in response to Linus’ post in 1991. He said "Linux is Obselete" which sparked the debate about the structure of Linux. Hundreds of people were on-board with Linux at Linus’ campus; then thousands were developing and perfecting the code … soon to become hundreds of thousands.

1993 - The compressed kernel source was no around 800K and Linux had passed multiple revisions (15+)

1994 - Linus opened Linux version 1.1; beginning the stable development of the Linux we know today.

1994 - Caldera was formed in October 1994. I won’t go much into detail about Caldera - about all they contributed was a dual-processor Pentium machine for the development of the SMP-based kernel.

1996 - The 2.0 kernel was released and included many enhancements. The list looks like this: Multi-Architecture support (x86 and Alpha). This kernel also had support for SMP. The kernel is now around 5MByte compressed.

1996 - KDE was founded. The choice to go with the Qt toolkit was a sketchy one. Qt, at the time, did not use a free software license. The GNU team was concerned about this.

1997 - In August 1997, two projects were started to help KDE. The Harmony Toolkit was the replacement for the previously pay-only Qt libraries. GNOME was also founded but build without Qt and only built upon free software)

1999 - The kernel has doubled in size. The new kernel 2.2 release included a number of features. Finer-grained locking for improved multi-processor support. IBM announced an large project in support of the Linux operating system.

2004 - Microsoft published documents evaluating the use of Windows Vs. Linux with the name "Get the Facts" on their website. RedHat, Novell and IBM published articles in response to Microsoft’s "bent" version of the truth.

Have you ever had a hard time with spammers or recently logged in to one of your Linux servers only to find 10-20+ exim processes hogging all of your resources? Check out the commands below to help you manage your queue.

 

Count The Messages

Count the number of messages in your queue. If this number is abnormally large; it’s usually a good indication of some malicious activity on your server.
# exim -bpc

 

View The Messages

After finding out you have 1000’s of messages in your exim queue it might be a good idea to stop the exim service.
# service exim stop

 

After stopping the service run this command to see what’s in the queue:
# exim -bp | less

 

This will pipe the results to the less command to enable you to page through and search the results. Find one of the message ID’s that seem to be duplicates (spam) and copy it to your clipboard.
A message ID looks like this: 1KBB28-0006UC-Fl

 

Run this command to view the header of the suspect message:
# find /var/spool/exim/input -name "1KBB28-0006UC-Fl-H" -exec cat {} \;

or this method with exim
# exim -Mvh 1KBB28-0006UC-Fl

 

The header can show you exactly where the message is originating as well as the recipient. If the spammer is connecting directly to your SMTP server you can also gather the IP address here.

 

Removing The Messages

Let’s get the messages out of the queue. For our example, we’ll use the address foo@bar.com as the sending address. To remove all emails in the queue for foo@bar.com run this command:

# exim -bp | awk ‘$4foo@bar.com { print $3 }’ | xargs exim -Mrm