Save Linux terminal session (script)

During daily work, sometimes we perform tasks that we would like to document properly.entrada Linux script

In this post we will see how to save an entire Linux terminal session, so that we can subsequently include any documentation.

The command we use is:

script

Continue reading

mount bind linux vs application reconfiguring

When configuring Linux systems one of the golden rules is to outsource the configuration and application data to another volume. This can easily be done for example by mounting /opt on another disk and performing installations on /opt.

Installations on other volumes are simple provided you do not have recourse to the repository of the distribution you’re using, in this case we will have settings and data in a few places. In such a situation we can do 2 things:

  1. Wander around all the configuration files of the application in question and modify routes logs, data, settings, etc… a lot of work.
  2. Use mount with the option –bind and not touch anything on the application.

 

Continue reading

Install different java versions, using them simultaneously in Linux

This may seem trivial, but I have seen many people do not know how to take a single machine, several Java application servers running on different versions of Java

To start for safety as recommended, it is that for every application server we have running, the facility owner is a different user, the same user is running the application server.

In short, for each user you can configure your runtime environment by default, so you do not need to touch anything in the application servers to indicate that Java should use.

Take the example that we want to run Tomcat 8 with Java 8 and Tomcat 6 with Java 6.

 

Continue reading

iptables output examples, configuration for outgoing connections, Red Hat/CentOS or Ubuntu

As an extension of the post “Configuring iptables firewall RedHat/CentOS 6 from command line“,  this time we will see how to secure outbound connections to our server.

Limiting outgoing connections may seem a little paranoid, but in case of an attack your machine will be used to “jump” to others or send mails. I know this may still sound even more paranoid, but these things happen and are very real, I want to do a post later trying a real case.

Come to the point, we start from an initial situation:

Source   
[root@oradb ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Continue reading

Change redo logs from filesystem to RAW

There is one thing I particularly like, but it is possible that we find people who say that if the database performance is greatly improved with raw redo in front of a filesystem (ext4 for example).

To find out for sure we can work with RAW mode redologs very easily. Let’s take an example made in Red Hat 4, with a test BDD with 3 redologs of 51 MB each:

Source   
[oracle@clu01 DBU]$ ls -l
total 1502076
-rw-r-----  1 oracle oinstall   9748480 Jun 25 20:38 control01.ctl
-rw-r-----  1 oracle oinstall   9748480 Jun 25 20:38 control02.ctl
-rw-r-----  1 oracle oinstall   7061504 Jun 12 11:36 control03.ctl
-rw-r-----  1 oracle oinstall  52429312 Jun 25 11:06 redo01.log
-rw-r-----  1 oracle oinstall  52429312 Jun 25 10:39 redo02.log
-rw-r-----  1 oracle oinstall  52429312 Jun 25 10:39 redo03.log
-rw-r-----  1 oracle oinstall 545267712 Jun 25 20:38 sysaux01.dbf
-rw-r-----  1 oracle oinstall 744497152 Jun 25 20:38 system01.dbf
-rw-r-----  1 oracle oinstall  20979712 Jun 23 21:22 temp01.dbf
-rw-r-----  1 oracle oinstall  36708352 Jun 25 20:38 undotbs01.dbf
-rw-r-----  1 oracle oinstall   5251072 Jun 25 20:38 users01.dbf

Continue reading

Apache SSL client certificate, configuring Apache to allow access only SSL certificate installed on client

Let’s configure Apache (on an Ubuntu 12) to allow access to clients with an installed SSL certificate personnel, first we have to create some structures to later work with revocation lists.

The first is to have openssl installed:

ubuntu@ip-10-112-31-82:~$ sudo aptitude install openssl

We will create a directory structure that conforms to the expected paths for the configuration file openssl.cnf:

Source   
ubuntu@ip-10-112-31-82:~$ mkdir -p /vol/apache2_certs
ubuntu@ip-10-112-31-82:~$ cd /vol/apache2_certs/
ubuntu@ip-10-112-31-82:/vol/apache2_certs$ sudo cp /etc/ssl/openssl.cnf .

The openssl.cnf file defines a directory structure to work among other things with lists of denial of certificates, will edit and modify the line:

Continue reading

rescan scsi linux

If we add disks in hot (from any system virtualization) it is possible that the OS does not know until we do a rescan of the SCSI bus, this can be done with the tool:

Source   
rescan-scsi-bus.sh -a

To install RedHat/Centos:

Source   
yum install sg3_utils

Continue reading

LVM external drive, HDD data access with LVM partition (eg a USB HD)

The LVM volumes have many advantages but when you connect a hard drive (with LVM) to an operating system (for example via USB) and want to access the data, we see that is not automatic.

To access the data directly we can mount the volume because the device simply does not exist, this can be easily solved. The sequence of actions is:

1- Connect the HD (logically)
2- Perform vgscan
3- Perform lvscan
4- Enable LVM volume desired
5- Mount the device and access the data

To extract HDD must:

Continue reading

md raid replace drive, software mdRAID

On this occasion we will see how to regenerate a software RAID in Linux.

Detected by SMART error type:

Smarctl diagnosis:

Source   
[root@simba ~]# smartctl -H /dev/sda
smartctl 5.42 2011-10-20 r3458 [x86_64-linux-2.6.32-279.el6.x86_64] (local build)
Copyright (C) 2002-11 by Bruce Allen, http://smartmontools.sourceforge.net
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: FAILED!
Drive failure expected in less than 24 hours. SAVE ALL DATA.
Failed Attributes:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
1 Raw_Read_Error_Rate     0x002f   001   001   051    Pre-fail  Always   FAILING_NOW 330223

Continue reading

smartctl disk health check in Linux

Let’s see how to obtain the status of a HDD using SMART technology (monitoring and analyzing HD http://es.wikipedia.org/wiki/S.M.A.R.T.).

First we need to install is the smartmontools package (in Red Hat or CentOS so, in other distributions command different):

Source   
yum install smartmontools

We can get information from a disk:

Continue reading