Unix Server Tech Knowledge Base

User Tools

Site Tools

Trace:
quickreference:unix

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
quickreference:unix [2021/09/29 01:50] – [Create Swap file] rodolicoquickreference:unix [2024/03/04 15:54] (current) rodolico
Line 4: Line 4:
  
 ===== Systems Administration ===== ===== Systems Administration =====
 +
 +==== Partitioning large drives ====
 +
 +Drives greater than 2 Terabytes are not handled well by the standard //fdisk// application, so instead we use parted. Fun Fact!!! gparted is a nice little GUI interface to this. But, we're dealing with command line stuff here.
 +
 +This assumes we have a drive, sdg, that we want to set up with gpt and create one partition on. That partition will set up on optimal sector boundries, and use all of the space available.
 +
 +<code bash>
 +# remove all old file system information. Not necessary, but I do it just because I can
 +wipefs -a /dev/sdg
 +# make this a gpt disk. Will wipe out any other partitioning scheme
 +parted /dev/sdg mklabel gpt
 +# make a new partition on optimal sector boundries. This is a primary partition, and starts
 +# at the beginning of the disk (0%) and goes to the end of the disk (100%)
 +# I put that in quotes as, from what I've read, the percent symbol does not work well
 +# within the bash command line
 +# note, we are not telling it what file system to use, so it defaults to Linux
 +parted -a optimal /dev/sdg mkpart primary '0%' '100%'
 +# display the information on the disk
 +parted /dev/sdg print
 +# format as ext4, no reserved space, and a disk label marked 'backup'
 +mkfs.ext4 -m0 -Lbackup /dev/sdg
 +
 +</code>
 +==== Rapidly wipe multiple hard drives ====
 +
 +Nothing beats DBAN [https://dban.org/] in ease of use and a feeling of good security. However, I recently had an issue where I had a server with 7 slow hard disks containing data that really wasn't all that sensitive, so I simply wanted to put a bunch of zeros on it, so I booted off of my SystemRescueCD thumbdrive [https://www.system-rescue.org/] and ran the following bash script. Should work in any shell which has the //for// command, however.
 +
 +<code bash wipedrives.sh>
 +#! /usr/bin/env bash
 +
 +# for truly not sensitive information, this command wipes all the OS information
 +for drive in a b c d e f g
 +do
 +   wipefs -a /dev/sd$drive
 +done
 +# but, to really remove in a way that takes tons of effort to recover, do this also
 +for drive in a b c
 +do
 +   echo Cleaning sd%drive
 +   dd if=/dev/zero | pv -petrs 580G | dd of=/dev/sd$drive
 +done
 +</code>
 +
 +I had 7 drives to wipe, and this takes about 5 hours per drive, so a total of 35 hours. I realized I could probably run all 7 processes in parallel since, on my system, the drive controller is a lot faster than any individual drive So I decided to use the //screen// command and see if I could make that work.
 +
 +<code bash wipedrives2.sh>
 +#! /usr/bin/env bash
 +
 +for drive in a b c d e f g h
 +do
 +   screen -dmS sd$drive bash -c "dd if=/dev/zero | pv -petrs 580G | dd of=/dev/sd$drive"
 +done
 +</code>
 +
 +Basically, we're using a bash for loop to grab all the drive names (I just used the last letter), running screen and immediately detaching the new process after telling it to run //bash -c// and the command after it in quotes (so it would not interpret the pipes in our current, non-screen shell). I'm running this right now, and //pv// is predicting it will be done in 11.5 hours, or less than a third of the time. BUT, it is really heating up the office with 7 drives being continuously written to at the same time.
 +
 +**Warning**: When SystemRescueCD boots, it tries to assemble any mdadm (software RAID) arrays, and since they are locked, //dd// and //wipefs// won't be able to write to them (maybe). In that case, do the following:
 +
 +<code bash>
 +# find any mdadm volumes running on Linux
 +cat /proc/mdstat
 +# assuming it showed you md127 was running (normal)
 +mdadm --stop /dev/md127
 +# it should stop the MD array and make the individual drives accessible
 +</code>
 +
  
 ==== Rename Server ==== ==== Rename Server ====
Line 17: Line 84:
 <code bash> <code bash>
 # change the host name, and the postfix name if that is installed # change the host name, and the postfix name if that is installed
-sed -i.old 's/oldname/newname/g' /etc/hostname /etc/hosts /etc/mailname /etc/postfix/main.cf+sed -i.old 's/oldname/newname/g' 
 +   /etc/hostname 
 +   /etc/hosts 
 +   /etc/mailname 
 +   /etc/postfix/main.cf 
 +   /etc/camp/sysinfo-client/sysinfo-client.yaml \ 
 +   /etc/msmtprc
 /etc/init.d/hostname.sh start /etc/init.d/hostname.sh start
 # update the aliases, if they exist # update the aliases, if they exist
Line 26: Line 99:
 </code> </code>
  
 +==== Reset Lost Password ====
 +The simplest solution is to boot from some kind of live system, then mount the drive and manually edit etc/shadow, which contains a hash of the passwords. In most cases, simply removing the hash sets the user in question to have no password.
  
 +We used the SystemRescueCD image (https://www.system-rescue.org/Download/) as a bootable USB thumbdrive for this and other purposes.
 +
 +  - Boot the system from the CD or USB Drive
 +  - Determine which drive contains the etc/ directory<code bash>lsblk # Linux</code>
 +  - Mount the drive someplace convenient <code bash>mount /dev/sda1 /mnt/backup</code>
 +  - Open the shadow file and edit<code bash>joe /mnt/backup/etc/shadow</code>
 +    - Find the line which contains the user. This is a colon delimited file, with the first column being the username. A sample would look like <code>dailydata:$6$FI3K:18368:0:99999:7:::</code>
 +    - On the line in question, remove everything between the first and second colon. In the sample (which was edited for brevity), it would be //$6$FI3K//. Be sure and DO NOT delete anything else, especially th colons
 +    - Save the file
 +  - Reboot the system. The user in question should now be able to log in with no password.
 +
 +Note: The username in the example is dailydata. The password hash is actually very long, in some cases around 100 characters.
 +
 +If this does not work, you can use the same procedure above but, instead of editing the file directly, mount (as in the above example), then chroot into the mounted system and use the passwd command. So, after mounting in the above example, do the following:
 +
 +<code bash>
 +chroot /mnt/backup
 +passwd root # Change root's password
 +exit # leave the chroot jail
 +reboot # or shutdown
 +</code>
  
  
Line 64: Line 160:
  
 I generally prefer a swap //file// as opposed to a swap //partition//. While swap partitions can be more efficient, swap files are easier to manage (grow/shrink). I generally prefer a swap //file// as opposed to a swap //partition//. While swap partitions can be more efficient, swap files are easier to manage (grow/shrink).
 +
 +This came from https://www.cyberciti.biz/faq/create-a-freebsd-swap-file/
  
 <code bash> <code bash>
Line 81: Line 179:
 </code> </code>
  
 +For BSD (FreeBSD specifically), you create the swapfile with dd, and you must use an md to mount it
 +<code bash>
 +# create an 8G swapfile
 +dd if=/dev/zero of=/swapfile bs=1G count=8
 +# set permissions very restrictive
 +chmod 600 /swapfile
 +# make a copy of fstab, in case we mess something up
 +cp -a /etc/fstab /etc/fstab.bak
 +# use mdconfig -lv to find an used md device. In this case, I'm using 42
 +echo 'md42   none  swap   sw,file=/swapfile  0 0' >> /etc/fstab
 +# turn on all defined swap devices
 +swapon -a
 +# now list them
 +swapinfo -g
 +</code>
 +
 +If, as in the case I ran into one time, you have an active swap device you want to get rid of, use swapinfo to find it, then use **swapoff /path/to/device/to/remove** and remove it from fstab
 ==== Mount davfs file system ==== ==== Mount davfs file system ====
  
Line 121: Line 236:
  
 ===== Shell (mainly BASH) ===== ===== Shell (mainly BASH) =====
 +
 +==== Find files within date range containing text ====
 +
 +A client needed to find a lost e-mail. All he knew was that it arrived sometime on the 24th of Apr 2020, and who it was from. Not sure if the //-newerct// parameter is available on all versions of find, or if it is specific to GNU/Linux.
 +
 +<code bash>
 +find Maildir -type f -newerct '26 Apr 2022 00:00:00' ! -newerct '27 Apr 2022 00:00:00' -exec grep -il 'from:.*user@example.org' \{\} \;
 +</code>
 +
 +This is very fast, since the find command rapidly decreases the number of messages which must be scanned (he has almost 300k e-mails in various folders, and it took less than 2 seconds).
 +
 +==== Find newest files in a directory tree ====
 +
 +This will go through an entire directory tree under the current directory and locate the newest 5 files. 
 +
 +<code bash>
 +find . -type f -exec stat --format '%Y :%y %n' "{}" \; | sort -nr | cut -d: -f2- | head
 +</code>
 +
 +  * Change //find .// to //find /some/path// to change the starting directory
 +  * Change //head// to //head -n 10// to grab the newest 10 files.
 +  * You can add any kind of filter also, so entering //-iname '*.jpg'// after the //-type f// would only find files ending in jpg.
 +
  
 ==== Count all files in directory tree(s) ==== ==== Count all files in directory tree(s) ====
Line 271: Line 409:
   * https://linuxize.com/post/how-to-add-swap-space-on-debian-9/   * https://linuxize.com/post/how-to-add-swap-space-on-debian-9/
   * https://docs.nextcloud.com/server/18/user_manual/files/access_webdav.html   * https://docs.nextcloud.com/server/18/user_manual/files/access_webdav.html
 +  * https://www.cyberciti.biz/faq/create-a-freebsd-swap-file/
 +  * https://www.mybluelinux.com/test-imap-with-telnet/
 +  * https://serverfault.com/questions/131627/how-to-inspect-remote-smtp-servers-tls-certificate#131628]
  
quickreference/unix.1632898205.txt.gz · Last modified: 2021/09/29 01:50 by rodolico