MailIP Blacklist And Spamming

Top 5 users sending maximum emails on the server:

grep "<=.*P=local" /var/log/exim_mainlog | awk '{print $6}' | sort | uniq -c | sort -nr | head -5 eximstats /var/log/exim_mainlog | grep -A7 "Top 50 local senders by message count" | tail -5 | awk '{print $1,$NF}' Top 5 mail receivers: egrep "(=>.*T=virtual_userdelivery|=>.*T=local_delivery)" /var/log/exim_mainlog | awk '{print $7}' | sort | uniq -c | sort -nr | head -5

eximstats /var/log/exim_mainlog | grep -A7 "Top 50 local destinations by message count" | tail -5 | awk '{print $1,$NF}'

Script to check path for the script used for spamming

awk '{ if ($0 ~ "cwd" && $0 ~ "home") {print $3} }' /var/log/exim_mainlog | sort | uniq -c | sort -nk 1
awk '{ if ($0 ~ "cwd" && $0 ~ "home") {print $4} }' /var/log/exim_mainlog | sort | uniq -c | sort -nk 1

If there is large number of hits from an IP,block the IP

tail -n1000 /var/log/exim_mainlog |grep SMTP|cut -d[ -f2|cut -d] -f1|sort -n |uniq -c

Following command will show path to the script being utilized to send mail

ps -C exim -fH eww
ps -C exim -fH eww | grep home
cd /var/spool/exim/input/
egrep "X-PHP-Script" * -R

Shows the connections from a certain ip to the SMTP server

netstat -plan|grep :25|awk {‘print $5′}|cut -d: -f 1|sort|uniq -c|sort -nk 1

To shows the domain name and the no of emails in queue

exim -bp | exiqsumm | more

If spamming from outside domain then you can block that domain or email id on the server

pico /etc/antivirus.exim

Add the following lines:

if $header_from: contains “name@domain.com”
then
seen finish
endif


To Remove particular email account email

exim -bpr |grep “test.org”|awk {‘print $3′}|xargs exim -Mrm

cdp (pid XXX?) is not running ?

root@ [~]# /etc/init.d/cdp-agent status
/etc/init.d/cdp-agent status: cdp (pid 753?) not running

If you face this problem again, please check the log file
(/usr/sbin/r1soft/log/cdp.log), there you can fine the exact reason.

Here the error I have got is the following.

============
,[ERROR],[NO-CONNECTION],Exception from network
server: Address already in use
============

This happened when the port 1167 is in use. We can sort this issue
by using the following

If your Agent hang ! and is not restarting properly,
check Agent port is used by hcp demon

lsof -i :1167 #1167 default agent port

~]# lsof -i :1167
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
hcp_io/1/ 2250 root 8u IPv4 191316993 TCP *:1167 (LISTEN)
hcp_io/1/ 2256 root 8u IPv4 191316993 TCP *:1167 (LISTEN)
hcp_io/1/ 2257 root 8u IPv4 191316993 TCP *:1167 (LISTEN)
hcp_io/1/ 2258 root 8u IPv4 191316993 TCP *:1167 (LISTEN)

you see that hcp working so , you must stop hcp activity :

hcp -r /dev/hcp1 (/dev/hcp1 : example)

now ! you can restart agent easily :
/etc/init.d/cdp-agent restart

Apache crashing Invalid argument: couldn’t grab the accept mutex



Situation: The apache error log show this error:

(22)Invalid argument: couldn't grab the accept mutex
(22)Invalid argument: couldn't grab the accept mutex
(22)Invalid argument: couldn't grab the accept mutex

Solution:

Typically, these type of errors occur on systems low on memory or file handlers.

Of note, one suggested resolution for the error message would be to try adding the following line to /usr/local/apache/conf/httpd.conf file:

AcceptMutex fcntl

Run apache distiller

/usr/local/cpanel/bin/apache_conf_distiller --update --main
/scripts/rebuildhttpdconf
/etc/init.d/httpd graceful

Show All Running Processes in Linux?

# ps aux | less
It will display all running process

See every process except those running as root

# ps -U root -u root -N

See process run by a particular user

# ps -u vivek

Save Process Snapshot to a file

# top -b -n1 > /tmp/process.log

Or you can email result to yourself:

# top -b -n1 | mail -s 'Process snapshot' you@example.com

How to tar the recently modified files linux?



To accomplish this we need two commands

- Find command - to find the files which are modified

find . -mtime -5 -type f -name "*.php" ( It gets all the php files which are modified 5 days ago)

- Tar command - to create an archive
tar cvf changed_201006014.tar - It creates the archive with the name "changed_20100614.tar"

combine above two commands

tar cvf changed_20100614.tar `find . -mtime -5 -type f -name "*.php"`

It creates archive with the files which are modified 5 days ago.

How to delete a file from tar file(archive) without untar it?

We can use the option '-f" for it

syntax
tar -f {file_name.tar} --delete file1 file2 file3

tar -f myfile.tar --delete index.php folder1/test/testfile.php folder2/test_folder/*

How to find out the symbolic links in a directory?

find . -type l ==>>this will lists all the links in the directory

Openvz installation

1 Installing OpenVZ
In order to install OpenVZ, we need to add the OpenVZ repository to yum:
cd /etc/yum.repos.d

wget http://download.openvz.org/openvz.repo
rpm --import http://download.openvz.org/RPM-GPG-Key-OpenVZ

yum search ovzkernel
yum install ovzkernel
then place the openvz kerel in the first position of the grub.conf file

title CentOS OpenVZ (2.6.18-53.1.19.el5.028stab053.14)
root (hd0,0)
kernel /vmlinuz-2.6.18-53.1.19.el5.028stab053.14 ro root=/dev/VolGroup00/LogVol00
initrd /initrd-2.6.18-53.1.19.el5.028stab053.14.img

Install vps utilities
for 32 bit
yum install vzctl vzquota

for 64 bit
yum install vzctl.x86_64 vzquota.x86_64

Open /etc/sysctl.conf and make sure that you have the following settings in it:
[...]
net.ipv4.ip_forward = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.conf.default.forwarding=1
[...]

If you need to modify /etc/sysctl.conf, run
sysctl -p

The following step is important if the IP addresses of your virtual machines are from a different subnet than the host system's IP address. If you don't do this, networking will not work in the virtual machines!

Open /etc/vz/vz.conf and set NEIGHBOUR_DEVS to all:
NEIGHBOUR_DEVS=all

SELinux needs to be disabled if you want to use OpenVZ. Open /etc/sysconfig/selinux and set the value of SELINUX to disabled:
vi /etc/sysconfig/selinux
OR
vi /etc/selinux/config

SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted

then reboot

Procedure To Add a Swap File

You need to use the dd command to create swap file. The mkswap command is used to set up a Linux swap area on a device or in a file.

a) Login as the root user.

b) Type following command to create 512MB swap file (1024 * 512MB = 524288 block size):
# dd if=/dev/zero of=/swapfile1 bs=1024 count=524288

c) Set up a Linux swap area:
# mkswap /swapfile1

d) Activate /swapfile1 swap space immediately:
# swapon /swapfile1

e) To activate /swapfile1 after Linux system reboot, add entry to /etc/fstab file. Open this file using a text editor such as vi:
# vi /etc/fstab

Append the following line:
/swapfile1 swap swap defaults 0 0

So next time Linux comes up after reboot, it enables the new swap file for you automatically.

g) How do I verify swap is activated or not?
Simply use the free command:
$ free -m

* How to replace Apache with Lighttpd on Cpanel

Lighttpd is another free webserver that is becoming more popular due to it's performance boosts over Apache and thus improving the overall server performance. This guide will show you how it's possible to replace Apache with Lighttpd while running CPanel.

Things to do prior to making the switch:

1. Make sure to recompile Apache with fastcgi support. This can be done via WHM --> Apache Configuration.
2. This setup is better for servers with a few large sites than a host with many smaller sites as a Shared host would have. If Apache is working fine, there is no need to do this.
3. If you need to have sites with SSL enabled, it will be a little trickier and will not be covered in this how-to. You can reference this link for more details:
http://redmine.lighttpd.net/wiki/1/DocsSL
4. When creating accounts after making the switch to Lighttpd, you will still use the Create Account feature, but since httpd will not be running, you will have to manually add the virtual host details to the lighttpd.conf file or hosts.conf as we will have in this example.

Step 1

Download and compile Lighttpd:

1. First get the source from www.lighttpd.net and follow the instructions there.
2. To configure: ./configure --with-openssl --with-zlib --with-bzip2 --with-memcache
NOTE: may need to install pcre-devel (yum install pcre-devel)
3. Follow the instructions here to get lighttpd configured after the install: http://redmine.lighttpd.net/projects...tallFromSource You may need to change the path in /etc/init.d/lighttpd file to /usr/local/sbin/lighttpd for it to start.
4. Configure the lighttpd.conf file in /etc/lighttpd/. Example of a working lighttpd.conf:
Code:

server.modules = ( "mod_fastcgi", "mod_rewrite", "mod_dirlisting", "mod_auth", "mod_setenv", "mod_status" )
server.document-root = "/usr/local/apache/htdocs"
server.errorlog = "/etc/lighttpd/error.log"
server.username = "nobody"
server.groupname = "nobody"
index-file.names = ( "index.html", "index.htm", "index.php" )
server.tag = "Web Services"
status.status-url = "/lighttpd-status"
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
server.port = 80
include "includes/mime.conf"
include "includes/optimizations.conf"
include "includes/php.conf"
include "includes/hosts.conf"

You can get the server.document-root from the existing httpd.conf file for Apache for the main VirtualHost.
5. In the /etc/lighttpd directory, create the includes directory:
Code:

mkdir includes

and create the mime.conf, optimizations.conf, php.conf and hosts.conf files in the includes directory. Chmod them to 644:
Code:

chmod -R 644 includes

run this command within the /etc/lighttpd directory.
6. Now we need to populate the created conf files that lighttpd will load upon startup.

mime.conf:
Code:

mimetype.assign = (
".pdf" => "application/pdf",
".sig" => "application/pgp-signature",
".spl" => "application/futuresplash",
".class" => "application/octet-stream",
".ps" => "application/postscript",
".torrent" => "application/x-bittorrent",
".dvi" => "application/x-dvi",
".gz" => "application/x-gzip",
".pac" => "application/x-ns-proxy-autoconfig",
".swf" => "application/x-shockwave-flash",
".tar.gz" => "application/x-tgz",
".tgz" => "application/x-tgz",
".tar" => "application/x-tar",
".zip" => "application/zip",
".mp3" => "audio/mpeg",
".m3u" => "audio/x-mpegurl",
".wma" => "audio/x-ms-wma",
".wax" => "audio/x-ms-wax",
".ogg" => "application/ogg",
".wav" => "audio/x-wav",
".gif" => "image/gif",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".png" => "image/png",
".xbm" => "image/x-xbitmap",
".xpm" => "image/x-xpixmap",
".xwd" => "image/x-xwindowdump",
".css" => "text/css",
".html" => "text/html",
".htm" => "text/html",
".js" => "text/javascript",
".asc" => "text/plain",
".c" => "text/plain",
".cpp" => "text/plain",
".log" => "text/plain",
".conf" => "text/plain",
".text" => "text/plain",
".txt" => "text/plain",
".dtd" => "text/xml",
".xml" => "text/xml",
".mpeg" => "video/mpeg",
".mpg" => "video/mpeg",
".mov" => "video/quicktime",
".qt" => "video/quicktime",
".avi" => "video/x-msvideo",
".asf" => "video/x-ms-asf",
".asx" => "video/x-ms-asf",
".wmv" => "video/x-ms-wmv",
".bz2" => "application/x-bzip",
".tbz" => "application/x-bzip-compressed-tar",
".tar.bz2" => "application/x-bzip-compressed-tar",
"" => "application/octet-stream"
)

optimizations.conf:
Code:

server.event-handler = "linux-sysepoll"
server.max-fds = 32768
server.network-backend = "linux-sendfile"
server.max-connections = 8192
server.max-keep-alive-requests = 15
server.max-keep-alive-idle = 15
server.max-read-idle = 15
server.max-write-idle = 15
server.max-worker = 1

The 'server.max-worker' variable should be changed according to how many CPUs the server has, and if it's a 64bit system. If it's a 32bit system, and the load stays low, keep it at 1. To get rid of keep-alive, set both of the keep-alive lines to 0. Max connections can be alterted to your needs

php.conf:
Code:

fastcgi.server = ( ".php" =>
( "localhost" =>
(
"socket" => "/tmp/php-fastcgi.socket-" + var.PID,
"bin-path" => "/usr/bin/php-cgi",
"max-procs" => 20,
"idle-timeout" => 10,
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "20",
"PHP_FCGI_MAX_REQUESTS" => "500" ),
)
)
)

To get the bin-path, just run
Code:

whereis php-cgi

and that will show you the path. You have to compile Apache with fastcgi support first via WHM as mentioned previously. PHP can run as DSO/CLI still via WHM.

hosts.conf:
Code:

$HTTP["host"] =~ "^(www\.|)domain\.com$" {
server.document-root = "/home/domain/public_html/"
}

$HTTP["host"] =~ "^(www\.|)domain2\.com$" {
server.document-root = "/home/domain2/public_html/"
}

Adjust this file to your needs. Look at your Apache's httpd.conf file and setup each vhost using the above templates for each domain/subdomain you have in httpd.conf. If you wish to add logs to each domain, you can add the following lines to each one of the vhosts above between the {} brackets:
Code:

server.errorlog = "/var/log/lighttpd/domain/error.log"
accesslog.filename = "/var/log/lighttpd/domain/access.log"
server.error-handler-404= "/e404.php"

Now you should be all done with the main lighttpd configuration, so go ahead and turn it on:
Code:

/etc/init.d/lighttpd start

7. Now we need to turn off Apache so it does not start on boot or start by Cpanel. To do this, login to WHM and go to Service Manager, then uncheck both of the boxes for httpd. You can also run the following command to turn it off via shell:
Code:

chkconfig httpd off

This will ensure Apache won't start.

At this point, you should be running completely on lighttpd. Everything else in Cpanel/WHM will work as usual (mysql, dns, email, etc..). If you need to recompile php, you can do so via Apache Configuration, just be sure to turn off Apache again after you recompile.

source: http://forums.ayksolutions.com/showthread.php?p=829

How to backup your linux VPS.

Backup script for vps

#!/bin/sh
####################################
#
# Backup to NFS mount script.
#
####################################

# What to backup.
backup_files="/"

# Where to backup to.
dest="/home/backup"

# Create archive filename.
day=$(date +%A)
hostname=$(hostname -s)
archive_file="$hostname-$day.tgz"

# Print start status message.
echo "Backing up $backup_files to $dest/$archive_file"
date
echo

# Backup the files using tar.
tar czf $dest/$archive_file $backup_files

# Print end status message.
echo
echo "Backup finished"
date

# Long listing of files in $dest to check file sizes.
ls -lh $dest

enable php function

1. Remove all functions from disable_functions in php.ini
2. Add functions in php.ini suhosin.executor.func.blacklist = “” those you want to disable globally.

After that in the virtual host section of a domain you can add below code to enable a function only for one domain:


………..

php_admin_value suhosin.executor.func.blacklist = “shell_exec”

……


In this example shell_exec has been enabled for the VirtualHost.

PS:virtual host settings will work only if suhosin is installed in the server

Install nginx

Login to SSH and do this

cd /usr/local/src
wget http://nginxcp.com/latest/nginxadmin.tar
tar xf nginxadmin.tar
cd publicnginx
./pythonfix
./nginxinstaller install

It's Done...... Now go to WHM and search for nginx, You will see it there

are you getting "502 Bad Gateway" error ?

here is the solution

go to WHM and search for "tweak settings"

open it and search for "Apache non-SSL" and set it to "0.0.0.0:8081"

mass upload bash script (good for Megaupload)

#!/bin/bash

ftp -inv << FTP
open ftp.eu.filesonic.com
user USERNAME PASSWORD
lcd /YOUR/FOLDER/WITH/FILES
mput *.zip
bye
FTP

GRUB Commands

GRUB has a powerful command line option. All you have to do to start the command line is to use the command grub.



You can see a list of the possible commands by using the help.

PHP Code:
grub> help
blocklist FILE boot
cat FILE chainloader [--force] FILE
clear color NORMAL [HIGHLIGHT]
configfile FILE device DRIVE DEVICE
displayapm displaymem
find FILENAME geometry DRIVE [CYLINDER HEAD SECTOR [
halt [--no-apm] help [--all] [PATTERN ...]
hide PARTITION initrd FILE [ARG ...]
kernel [--no-mem-option] [--type=TYPE] makeactive
map TO_DRIVE FROM_DRIVE md5crypt
module FILE [ARG ...] modulenounzip FILE [ARG ...]
pager [FLAG] partnew PART TYPE START LEN
parttype PART TYPE quit
reboot root [DEVICE [HDBIAS]]
rootnoverify [DEVICE [HDBIAS]] serial [--unit=UNIT] [--port=PORT] [--
setkey [TO_KEY FROM_KEY] setup [--prefix=DIR] [--stage2=STAGE2_
terminal [--dumb] [--no-echo] [--no-ed terminfo [--name=NAME --cursor-address
testvbe MODE unhide PARTITION
uppermem KBYTES vbeprobe [MODE]



The displaymem command will show you what GRUB thinks is the system address space map of the machine. The lower memory is the address space in the first megabyte of memory.

PHP Code:
grub> displaymem
EISA Memory BIOS Interface is present
Address Map BIOS Interface is present
Lower memory: 640K, Upper memory (to first chipset hole): 3072K
[Address Range Descriptor entries immediately follow (values are 64-bit)]
Usable RAM: Base Address: 0x0 X 4GB + 0x0,
Length: 0x0 X 4GB + 0xa0000 bytes
Reserved: Base Address: 0x0 X 4GB + 0xa0000,
Length: 0x0 X 4GB + 0x60000 bytes
Usable RAM: Base Address: 0x0 X 4GB + 0x100000,
Length: 0x0 X 4GB + 0x300000 bytes




PHP Code:
grub> find /sbin/init
(hd0,1)


enter find ( and then tab

PHP Code:
grub> find (hd0,


Use the tab
PHP Code:
grub> find (hd0,
Possible partitions are:
Partition num: 0, Filesystem type is ext2fs, partition type 0x83
Partition num: 1, Filesystem type is ext2fs, partition type 0x83
Partition num: 2, Filesystem type is ext2fs, partition type 0x83
Partition num: 4, Filesystem type unknown, partition type 0x8e
Partition num: 5, Filesystem type unknown, partition type 0x8e

Disk /dev/hda: 8589 MB, 8589934592 bytes
255 heads, 63 sectors/track, 1044 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/hda1 * 1 13 104391 83 Linux
/dev/hda2 14 523 4096575 83 Linux
/dev/hda3 524 650 1020127+ 83 Linux
/dev/hda4 651 1044 3164805 5 Extended
/dev/hda5 651 663 104391 8e Linux LVM
/dev/hda6 664 676 104391 8e Linux LVM

grub> find /grub/menu.lst
(hd0,0)



PHP Code:
grub> find /sbin/init
(hd0,1)

Understanding MX records

Notice the line with the ``MX'' in it. This is called the MX record.
mydomain.com. 14400 IN MX 0 mydomain.com.
The MX record shows that all emails @ mydomain.com should be routed to the mail server at mydomain.com. The DNS record shows that mydomain.com is located at 216.34.94.184. This means that email meant for liz@mydomain.com will be routed to the email server at 216.34.94.184. This finishes the task of the MX record. The email server on that server(say sendmail) then takes over, collects the email and then proceeds to distribute it to the user ``liz''.
It is important that there be a dot(``.'') after the domain name in the MX record. If the dot is absent, it routes to ``mydomain.com.mydomain.com''. The number 0, indicates Preferance number. Mail is always routed to the server which has the lowest Preferance number. If there is only one mail server, it is safe to mark it 0.
Multiple mail servers
Multiple email servers are useful for the sake of redundancy. If the Highest Priority email server (one with the lowest Preference number) is down, then the email is routed to the Server with the second highest Preference number.
For example
mydomain.com. 14400 IN A 216.34.94.184
server2.mydomain.com. 14400 IN A 216.34.94.185
mydomain.com. 14400 IN MX 0 mydomain.com.
mydomain.com. 14400 IN MX 30 server2.mydomain.com.
You can have unlimited MX entries for Fallback.
If all the MX records are equal Preference numbers, the client simply attempts all equal Preference servers in random order, and then goes to MX record with the next highest Preference number.
Pointing MX records to an IP
Its not possible to have an MX record pointing directly to an IP. For example 'mydomain.com. 14400 IN MX 0 216.34.94.184`` is wrong. Define an ``A Record'' first and then have the MX record pointing to it.
server2.mydomain.com. 14400 IN A 216.34.94.185
mydomain.com. 14400 IN MX 30 server2.mydomain.com.
MX records for Subdomains
A Subdomain is something like this ``Subdomain.mydomain.com''. Assume you want to send an email to liz@subdomain.mydomain.com and to capture that on another server.
mydomain.com. 14400 IN A 216.34.94.184
server2.mydomain.com. 14400 IN A 216.34.94.185
mydomain.com. 14400 IN MX 30 mydomain.com.
subdomain.mydomain.com. 14400 IN MX 30 server2.mydomain.com.
In this configuration, liz@subdomain.mydomain.com would go to 216.34.94.185 and liz@mydomain.com would go to 216.34.94.184.
Testing the MX record
Once you setup your MX record, always test it to see if it is setup correctly. You can do with tools like nslookup.
[root@localhost sangeetha]# nslookup
> set q=mx
> yahoo.com
Server: 192.168.1.1 Address: 192.168.1.1#53
Non-authoritative answer:
yahoo.com mail exchanger = 1 mx1.mail.yahoo.com.
yahoo.com mail exchanger = 1 mx2.mail.yahoo.com.
yahoo.com mail exchanger = 1 mx3.mail.yahoo.com.
yahoo.com mail exchanger = 5 mx4.mail.yahoo.com.
Authoritative answers can be found from:
yahoo.com nameserver = ns2.yahoo.com.
yahoo.com nameserver = ns3.yahoo.com.
yahoo.com nameserver = ns4.yahoo.com.
yahoo.com nameserver = ns5.yahoo.com.
yahoo.com nameserver = ns1.yahoo.com.
mx1.mail.yahoo.com internet address = 4.79.181.14
mx1.mail.yahoo.com internet address = 4.79.181.15
mx1.mail.yahoo.com internet address = 67.28.113.10
mx1.mail.yahoo.com internet address = 67.28.113.11
ns1.yahoo.com internet address = 66.218.71.63
ns2.yahoo.com internet address = 66.163.169.170
ns3.yahoo.com internet address = 217.12.4.104
ns4.yahoo.com internet address = 63.250.206.138
ns5.yahoo.com internet address = 216.109.116.17
>
How spammers read your MX
Spammers will typically target your lowest priority Email servers, in the hopes of encountering a poorly configured box. The Spam program reads the MX records, locates the Email server with the lowest Priority(highest Preference number) and attempts to spam with that server.
So it is important to equally update all your email servers with Antivirus and Antispam.

How to enable quotas on an ext4 file system. Centos 6 (Works with WHM

If you are receiving the following error when trying to enable quotas in WHM:

========
quotacheck: Cannot find filesystem to check or filesystem not mounted with quota option
=======

You should first try doing both of the following via SSH:

/scripts/fixquotas
/scripts/fixcommonproblems

Then try to enable quotas, if the error is still occurring you may need to edit your fstab file, this can be tricky. First you will need to run:

vi /etc/fstab

Then you will need to locate where your directories are mounted on. For example, if you have this line:

/dev/mapper/vg-root / ext4 discard,noatime 1 1

You will need to replace it with:

/dev/mapper/vg-root / ext4 discard,noatime,usrquota 1 1

You should now reboot your system and once booted go into WHM and click Enable Quotas or run:

/scripts/fixquotas

Finding bios version in linux servers

Command : dmidecode --type 0


[root@testsrv1 ~]# dmidecode --type 0
# dmidecode 2.7
SMBIOS 2.5 present.

CLEANING UP THE LINUX BUFFER CACHE

When you write data, it doesn’t necessarily get written to disk right then. The kernel maintains caches of many things, and disk data is something where a lot of work is done to keep everything fast and efficient.

That’s great for performance, but sometimes you want to know that data really has gotten to the disk drive. This could be because you want to test the performance of the drive, but could also be when you suspect a drive is malfunctioning: if you just write and read back, you’ll be reading from cache, not from actual disk platters.


Obviously the first thing you need to do is get the data in the cache sent on its way to the disk. That’s “sync”, which tells the kernel that you want the data written. But that doesn’t mean that a subsequent read comes from disk: if the requested data is still in cache, that’s where it will be fetched from. It also doesn’t necessarily mean that the kernel actually has sent the data along to the disk controller: a “sync” command is a request, not a command that says “stop everything else you are doing and write your whole buffer cache to disk right now!”. No, “sync” just means that the cache will be written, as and when the kernel has time to do so.

Note that you really didn’t even need the “sync” if this is what you are doing: the overwrite forces the sync itself.

Modern Linux kernels make this a bit easier: in /proc/sys/vm/ you’ll find “drop_caches”.

You can simply echo a number to that to free caches.

To free pagecache:
echo 1 > /proc/sys/vm/drop_caches

To free dentries and inodes:
echo 2 > /proc/sys/vm/drop_caches

To free pagecache, dentries and inodes:
echo 3 > /proc/sys/vm/drop_caches

clear swap space in linux

There have been times where it has been necessary for UNIX Admins to clear out the swap space on a Linux system. In order to do this, you must first make sure that you have enough free memory to hold what is being used by swap.


First we want to see what is currently being used.

free


Then I run the actual commands that empty the swap:

swapoff -a and then swapon -a


Then I check what is being used after doing this.

free

To check the login attempts to see if it needs to be reset

To check the login attempts to see if it needs to be reset type faillog -u

root@testsrv:~ # faillog -u user1
Username Failures Maximum Latest
user1 15 0

Reset the counter with the -r flag:

root@testsrv:~ # /usr/bin/faillog -r user1
Username Failures Maximum Latest
user1 0 0

Difference between ext3 and ext4

Features

1. Ext3 stands for third extended file system.

Ext4 stands for fourth extended file system.
Introduced

2. ext3 was introduced in 2001.

ext4 was introduced in 2008.

3. Kernel Support

ext3 Supports from Linux Kernel 2.4.15

ext4 Supports from Linux Kernel 2.6.19

4. Maximum individual file size supported

ext3 Maximum individual file size can be from 16 GB to 2 TB

ext4 Maximum individual file size can be from 16 GB to 16 TB

5. Maximum file system size supported

Overall ext3 file system size can be from 2 TB to 32 TB

Overall maximum ext4 file system size is 1 EB (exabyte).
1 EB = 1024 PB (petabyte).
1 PB = 1024 TB (terabyte).

6. Maximum sub directories

ext3 Directory can contain a maximum of 32,000 subdirectories

ext4 Directory can contain a maximum of 64,000 subdirectories

Other Features

The main benefit of ext3 is that it allows journaling.

Journaling has a dedicated area in the file system, where all the changes are tracked. When the system crashes, the possibility of file system corruption is less because of journaling.


There are three types of journaling available in ext3 file system.

Journal – Metadata and content are saved in the journal.

Ordered – Only metadata is saved in the journal. Metadata are journaled only after writing the content to disk. This is the default.

Writeback – Only metadata is saved in the journal. Metadata might be journaled either before or after the content is written to the disk.

In ext4, it supports journaling and also has the option of turning the journaling feature “off”.

Several other new features are introduced in ext4: multi block allocation, delayed allocation, Journal checksum, fast fsck and etc.

All you need to know is that these new features have improved the performance and reliability of the file system when compared to ext3.

Supports huge individual file size and overall file system size.


You convert ext2 to ext3 without having any data loss

You can also mount an existing ext3 fs as ext4 fs (without having to upgrade it).