Important linux tips ( to read )
1) If you specify both deny from all and allow from all, what will be the default action of Apache?
deny will be taken first.
order allow, deny # connection will be denied
order deny, allow # connection will be allowed
2) what does ./configure , make and make in stall do
http://www.codecoffee.com/tipsforlinux/articles/27.html
3) what are shared libaries abs ldconfig or ld.so
http://www.linux.com/archive/feature/114007
4) what is openssl
SSL stands for Secure Sockets Layer. SSL's most common job, in the real world, is to encrypt the contents of web forms. This greatly decreases the chances that your credit card number, when entered into an online store's web form, ends up in somewhere else, other than the store's database. OpenSSL is the open source version of this and is available under the Apache-style license for free commercial and non-commercial use.
Since you're installing Apache, that means that you'll be on the receiving end of sensitive information. To help OpenSSL process this information, we'll need the help of a package called 'mm'. This is available at: http://www.ossp.org/pkg/lib/mm/. We'll need to compile and install this first. Get the tarball for 'mm' and untar it in our aforementioned apache_install directory. Now we're ready to configure, compile and install it. Do the following as a normal user:
./configure --disable-shared
Then:
make
and finally, as root.
make install
This will install the 'mm' libraries that OpenSSL can use to work more efficiently. Now we'll do the same for OpenSSL. You can pick up the source for OpenSSL from http://www.openssl.org/source/ Pick up the source tarball and untar it in our apache_install directory.
5) Fine tuning my.cnf
http://www.linuxweblog.com/tune-my.cnf
6) what is stiky bit
http://osr507doc.sco.com/en/OSAdminG/ssC.stickydirs.html
6) what is server type directive in apache ?
The ServerType directive sets how the server is executed by the system. Type is one of
inetd
The server will be run from the system process inetd; the command to start the server is added to /etc/inetd.conf
standalone
The server will run as a daemon process; the command to start the server is added to the system startup scripts. (/etc/rc.local or /etc/rc3.d/....)
Inetd is the lesser used of the two options. For each http connection received, a new copy of the server is started from scratch; after the connection is complete, this program exits. There is a high price to pay per connection, but for security reasons, some admins prefer this option. Inetd mode is no longer recommended and does not always work properly. Avoid it if at all possible.
Standalone is the most common setting for ServerType since it is far more efficient. The server is started once, and services all subsequent connections. If you intend running Apache to serve a busy site, standalone will probably be your only option.
Database Replication with MySQL
A typical way of backing up data in a database server is retrieving a dump of the database(s). Depending on the update frequency and the criticality of the data, this kind of backup can be done, once a week, once a day or even once every hour! When you conclude that the database is to be backed up once an hour or less than an hour, then retrieving a database dump (using tools like mysqldump in case of MySQL) is not an efficient way. This kind of requirement calls for a database replication setup. With replication, you can have two database servers, running on different machines having the same data at any point in time. The main database server, where applications and users connect, issue queries, add/update or delete data is called the master. The second database where the master database is mirrored is called the slave database. We are calling it mirroring because, under ideal circumstances, the slave database will always be an exact replica of the master database.
Replication makes the slave database an exact replica of the master. This means if some incorrect data makes its way into the master database, it will also get replicated on the slave. So replication is not a solution if you are looking for database snapshots with the goal of recovering the data from an earlier snapshot in case the latest data gets erroneous.
Let's get started with a replication setup for MySQL. For this article we assume that you are running MySQL on PCQLinux 2005 for both master and the slave databases. That is, we set up two machines with PCQLinux 2005, one will run the master database server and the other will be running the slave.
After installing PCQLinux 2005 on both the machines, install and set up MySQL on them as per the instructions in the section 'Connect to Mysql' in the article, JDBC Drivers, page 76, March 2005, PCQuest. For our setup, the master database server was running on a machine with the IP address 192.168.1.1 and the slave was running at 192.168.1.2.
Setting up the master
On the master machine, open the file, my.cnf, found in the directory /etc. Add the following under the [mysqld] section:
log-bin=/var/log/mysqlbin.log
server-id=1
Here the server-id must be a unique ID for the MySQL server. Later we'll give a server ID of 2 to the slave database server. Issue this
mysql -u root -p
|
When prompted, supply the password for the MySQL root user, specified during the setup mentioned in the article, JDBC Drivers. Subsequently, you will be dropped into a mysql> prompt. At this prompt issue:
grant replication slave on *.* to repl@"192.168.1.2" identified by 'secret123';
Substitute secret123 with your preferred password. We'll use the username 'repl' and password 'secret123' while setting up the slave in the section 'On the slave' later.
Take master's snapshot
Before starting the replication process, we need to import the latest snapshot or backup of the master's databases to the slave. Subsequently, once the replication is started, the slave will automatically sync with the master. We must ensure that the no updates happen on the master while taking the snapshot. For this we'll lock all the tables, allowing only 'read only' access. At the mysql> prompt, issue:
flush tables with read lock;
If your database is live and being used by a Web application(s) or any other application, you may like to put up a 'website under maintenance' page or inform users about it. Note that queries which only read the database like the select queries, will still work. Next, quit from the mysql> prompt by typing 'quit'.
Issue the following to take a database snapshot.
mysqldump -u root p --all-databases --master-data > backup.sql
When prompted, supply the password for MySQL's root user. Copy the file backup.sql to 192.168.1.2 (say using SSH or Secure SHell). Before proceeding with the slave configuration, release the read only lock. For this, get into the mysql> prompt and issue:
unlock tables;
This is also the right time to restart the database for the settings, made in the previous section, to get effective. Restart MySQL as:
/etc/init.d/mysql stop
/etc/init.d/mysql start
Your master database is back online and you may inform users to get started and remove the maintenance message from your site.
On the slave
On the slave machine open the file, my.cnf, found in /etc directory and add the following under the [mysqld] section.
server-id = 2
master-host = 192.168.1.1
master-user = repl
master-password = secret123
replicate-ignore-db=mysql
Note that we have set the server-id to 2, which must be different from the master database's server ID (which is 1 in our case). Also note that we have set the master-host to the IP address of the master machine and the master-user and master-password to the username and password that we had set up in the section 'Setting up the master'. With replicate-ignore-db we have specified not to replicate the database named mysql for the reasons mentioned in the following paragraph.
Next, we will import the data from backup.sql file. The backup.sql file will also contain the table definition and data for the database named mysql. You may like to exclude this database because it contains the database users and access privileges for the master. You may like to have a different set of users and access privileges on the slave. To exclude this database, open the file backup.sql on the slave machine in a text editor. Scroll down to the line that says, Current Database: `mysql`
Delete all the lines till you find the next Current Database line or upto the file's end. Delete all the SQL statements pertaining
to the mysql database. Now import backup.sql to the slave database as:
mysql -u root -p < backup.sql
When prompted, supply the password you had set up for root MySQL user on the slave database. Restart the slave database.
Get, set, go
To start the replication process, issue the start slave command from the mysql> prompt. Next, issue:
show slave status
Check whether the output shows any errors. Issue the above intermittently to check for any errors. If you don't notice any
error, it means the replication has been set up properly. To test, make changes (update or insert) on one of databases on the master machine. The changes will also get reflected on the slave machine too.
Not to forget that here you have not only configured a real-time back-up setup, but also a fault-tolerant setup. If the master machine goes down for some reason, point your application to the slave machine to resume your operations.
Shell perl scripts one liners
perl -pi -e 's/find/replace/g' *.txt
Or, to change matching files in a hierarchy:
find . -name '*.txt' |xargs perl -pi -e 's/find/replace/g'
Find the full name of a user
If you want to find out the full name for a user name you can use one of these one-liners to do the job:
ypmatch matkin passwd | cut -d: -f5 | cut -d, -f1
grep "^matkin:" /etc/passwd | cut -d: -f5 | cut -d, -f1
Remove processes matching some regular expression
If you have a number of processes that you want to kill, one of the following one-liners might be useful:
kill `ps xww | grep "sleep" | cut -c1-5` 2>/dev/null
ps xww | grep "sleep" | cut -c1-5 | xargs kill 2>/dev/null
This will kill any processes that has the word "sleep" in the calling command. If your kill does not handle multiple pids' you can either use the one-liner
ps xww | grep "sleep" | cut -c1-5 | xargs -i kill {} 2>/dev/null
or use a for-loop:
for x in `ps xww | grep "sleep" | cut -c1-5`
do
kill $x 2>/dev/null
To list all files in the `/usr/local' directory tree that are greater than 10,000 kilobytes in size, type:
$ find /usr/local -size +10000k [RET]
To list all files in your home directory tree less than 300 bytes in size, type:
$ find ~ -size -300b [RET]
To list all files on the system whose size is exactly 42 512-byte blocks, type:
$ find / -size 42 [RET]
Use the `-empty' option to find empty files -- files whose size is 0 bytes. This is useful for finding files that you might not need, and can remove.
To find all empty files in your home directory tree, type:
$ find ~ -empty [RET]
Apache important questions
If you specify both deny from all and allow from all, what
will be the default action of Apache?
It also depends on Order directive
order allow, deny # connection will be denied
order deny, allow # connection will be allowed
what is apachectl graceful
Note that you will either need to be running as root or use the "sudo" command in order to run this command.
If Apache is not already running it will be started. If it is already running then it will reload with the new changes but will not abort active connections, meaning that anyone who is in the middle of downloading something will continue to be able to download it.
Before restarting the Apache service a check will be done on the configuration files to ensure they are valid. If there is an error in them the error will be displayed and the Apache service will continue running using the old settings. You need to correct your settings before attempting to restart again.
How do you check for the httpd.conf consistency and any errors in it? -
apachectl configtest
When I do ps -aux, why do I have one copy of httpd running as root and the rest as nouser?
You need to be a root to attach yourself to any Unix port below 1024, and we need 80.
running apache as a root is a security risk? -
No, That one root process opens port 80, but never listens to it, so no user will actually enter the site with root rights. If you kill the root process, you will see the other kids disappear as well.
What is ServerType directive? -
It defines whether Apache should spawn itself as a child process (standalone) or keep everything in a single process (inetd). Keeping it inetd conserves resources. This is deprecated, however.
perl script to check duplicate files
use strict;
use warnings;
use File::Find;
use Digest::MD5;
use Data::Dumper ;
my @dup = fnd_dup(@ARGV) ;
#print Dumper ([@dup]);
foreach my $cur_cup (@dup) {
foreach my $cur_fil (@$cur_cup) {
print "my duplicate file is $cur_fil\n";
}
}
sub fnd_dup (@){
my (@dir_list) = @_;
if ( $#dir_list < 0 ) {
return (undef) ;
}
my %file ;
find( sub { -f && push @{$file{(stat($_))[7]}}, $File::Find::name }, @dir_list );
#print Dumper ([\%file]);
#'2040' => [
# '/opt/dkim-milter-2.8.3/obj.Linux.2.6.18-92.el5.x86_64/libsm/fpurge.o',
# '/opt/dkim-milter-2.8.3/obj.Linux.2.6.18-128.el5.x86_64/libsm/fpurge.o'
# ]
my (@resulth);
my %md ;
foreach my $size ( keys %file ) {
if ( $#{$file{$size}} < 1 ) {
next ;
}
foreach my $curr_file ( @{$file{$size}}) {
open (FILE, $curr_file ) or next ;
binmode(FILE) ;
push @{$md{Digest::MD5->new->addfile(*FILE)->hexdigest}}, $curr_file ;
close(FILE);
}
foreach my $hash (keys %md ) {
if ($#{$md{$hash}} >= 1 ) {
push (@resulth, [@{$md{$hash}}]);
}
}
}
return (@resulth)
Basic Shell scripting
shell scripting
1. How do you find out what's your shell? - echo $SHELL- What's the command to find out today's date? - date
- What's the command to find out users on the system? - who
- How do you find out the current directory you're in? - pwd
- How do you remove a file? - rm
- How do you remove a - rm -rf
- How do you find out your own username? - whoami
- How do you send a mail message to somebody? - mail somebody@techinterviews.com -s 'Your subject' -c 'cc@techinterviews.com'
- How do you count words, lines and characters in a file? - wc
- How do you search for a string inside a given file? - grep string filename
- How do you search for a string inside a directory? - grep string *
- How do you search for a string in a directory with the subdirectories recursed? - grep -r string *
- What are PIDs? - They are process IDs given to processes. A PID can vary from 0 to 65535.
- How do you list currently running process? - ps
- How do you stop a process? - kill pid
- How do you find out about all running processes? - ps -ag
- How do you stop all the processes, except the shell window? - kill 0
- How do you fire a process in the background? - ./process-name &
- How do you refer to the arguments passed to a shell script? - $1, $2 and so on. $0 is your script name.
- What's the conditional statement in shell scripting? - if {condition} then … fi
- How do you do number comparison in shell scripts? - -eq, -ne, -lt, -le, -gt, -ge
- How do you test for file properties in shell scripts? - -s filename tells you if the file is not empty, -f filename tells you whether the argument is a file, and not a directory, -d filename tests if the argument is a directory, and not a file, -w filename tests for writeability, -r filename tests for readability, -x filename tests for executability
- How do you do Boolean logic operators in shell scripting? - ! tests for logical not, -a tests for logical and, and -o tests for logical or.
- How do you find out the number of arguments passed to the shell script? - $#
- What's a way to do multilevel if-else's in shell scripting? - if {condition} then {statement} elif {condition} {statement} fi
- How do you write a for loop in shell? - for {variable name} in {list} do {statement} done
- How do you write a while loop in shell? - while {condition} do {statement} done
- How does a case statement look in shell scripts? - case {variable} in {possible-value-1}) {statement};; {possible-value-2}) {statement};; esac
- How do you read keyboard input in shell scripts? - read {variable-name}
- How do you define a function in a shell script? - function-name() { #some code here return }
- How does getopts command work? - The parameters to your script can be passed as -n 15 -x 20. Inside the script, you can iterate through the getopts array as while getopts n:x option, and the variable $option contains the value of the entered option.
clean up script -- difference between two files
my $totalfile = $ARGV[0];
my $suspectfile = $ARGV[1];
my $outfile = $ARGV[2];
if ($#ARGV != 2) {
print "user script.pl realfile suspectfiel goodfile\n" ;
exit;
}
local $/;
open (SUS,"<" ,$suspectfile) or die " cannot open file " ;
my @allsus = split /\n/, <SUS>;
close( SUS) ;
open (TOT,"<" ,$totalfile) or die " cannot open file " ;
my @total = split /\n/, <TOT>;
close (TOT) ;
my %allsus = map {$_ => 1 } @allsus;
my @allgood = grep {!defined $allsus{$_ } } @total ;
my @new = join "\n", @allgood;
open (OUT,">",$outfile ) or die " cannot open file ";
print OUT "@new";
close (OUT);