Add additional IP addresses to FreeBSD
Here is how you setup a IP alias in FreeBSD. Add the following to your rc.conf file.
Posts by Tag
FreeBSD
apache
Apache proxy to a different port
Sometimes you may need to redirect a simple URL like jira.company.com to something like jira.company.com:8080 for easier access. A simple Apache Proxy will s...
Deny certain browsers access to a module
Add the following to your httpd.conf for VirtualHost.
Premature end of script headers in CGI
This is old but still comes up sometimes. Make sure the script is 755 and the file is in the correct format. First verify the file is not in binary.
aws
Install AWS CLI on OSX
You are going to need to make sure you meet a few requirements to install the CLI tools but you should already have most in place. Python 2 or Python 3.3+ Pi...
firewall
Redirect ports with IPtables
For whatever reason you may want to remap a high port to a low port. Here is how you can do it with IPtables. In this example we are going to remap 23420 to ...
freebsd
Make a FreeBSD 7.0 DVD
The goal here is to make 1 single DVD out of the 3 FreeBSD 7.0 installation CD’s. First we need to fetch all 3 of the ISO’s. For this example I am pulling ...
gnu plot
GNU plot your SAR data
So recently I had to assemble some sar data into some nice graphs that the higher ups could understand. So I decided to write out a small script to graph o...
homebrew
Install homebrew for Mac
This one is really simple but people ask me how. So you can either visit http://brew.sh and follow the directions or just kick off this curl request.
linux
Protect files in a directory from being deleted
Sometimes you may want a shared dropbox folder where users from all over can add files but you do not want them to be able to delete them. This is where you ...
Change to stronger SHA-512 passwords for system
I want to set a requirement of at least 1 uppercase, 1 lowercaser, 1 number, & 1 special character. First we will modify /etc/pam.d/system-auth and cha...
Set default timeout for bash
Create the following in the /etc/profile.d/tmout.sh TMOUT=900 readonly TMOUT export TMOUT Now chmod 755 that file and your good to go.
Test CPU
This is the quickest way to do a quick CPU test. Just download the latest kernel source and run. make oldmenuconfig Just hit enter for all then make a shell...
mac
MacPorts and osX
Install a port port install port_name Install pre-compiled binary port port pkg port_name Create osX DMG file from port port dmg port_name Create RPM file...
Windows 7 64bit and Macbook Pro (osX)
So the first hurdle I had to overcome was a bad bootable disc that was given to us from Microsoft. Whenever I used the CD they gave us in my macbook I woul...
Postfix+Amavisd+ClamAV+SpamAssassin+Razor+SMTP Auth
First lets install the require software yum install clamd amavisd-new spamassassin razor-agents cyrus-sasl-md5 Now lets add some entries to the /etc/postfix...
Sendmail to Postfix
Stop your current MTA service sendmail stop Install Postfix yum install postfix Set Postfix to be new MTA alternatives --set mta /usr/sbin/sendmail.postfix...
Use mutt to check mail
Simple connection test to verify your mail setup. mutt imaps://server.yourdomain.com Obviously you can change the protocol and specify the username after yo...
Mail only works on localhost
This happens quite often with new users or admins who are not familiar with mail setups. Postfix (/etc/postfix/main.cf
mysql
Log vsftpd to MySQL
First lets build the pam_mysql package. There is more then one way to do this I just decided to use a SRC RPM I found for FC9. wget http://rpm.pbone.net/inde...
Show MySQL queries in real time
Here is a quick one line to allow you to watch current MySQL queries. mysqladmin -vi 1 proc
List a MySQL user
This one is simple but I get tickets for it all the time.
Change a MySQL MyISAM table to a InnoDB engine
This is easy on smaller tables but on larger ones all data should be backed up first to CYA and changes should be done during off hours to avoid downtime.
Import a plain CSV file into MySQL
This assumes you have already created the required table with all of the correct fields. Also this assumes you are using , as the field separator.
Create a simple MySQL index
Here is how you can create a MySQL index. Be aware of where you are using indexes they can be just as beneficial as they can be disastrous to performance.
Change MySQL open file limit
This one used to get new techs because they would see the error message and think the file limit error was pertaining to the kernel and not MySQL. You can ad...
MySQL unauthenticated user
Often time you will see stacked MySQL queries with the listing of “unauthenticated user”. This is a known bug in MySQL right now where it cannot perform a va...
Change a MySQL database charset
Sometime you may need to change your database to use a different charset. Just issue the following from a MySQL prompt.
network
Find processes that are in a LISTEN state
I just use a lsof to pull the network stack and then look for LISTEN status lsof -n | grep LISTEN
Redirect traffic to a new IP address
First make sure you enable forwarding
ICMP address mask
So I recently had a customer who needed to have the address mask reply and request disabled for his server. On linux this sysctl value is not the same as F...
ntp
ntpdate – no server suitable for synchronization
This is caused by the ntpdate binary not being able to pass data back because of a firewall or something similar. You can either update the FW rules or use...
php
Use Xcache 1.21 with Zend Optimizer 3.3.0
The error you get when trying to make this work can be quite deceiving but the real issue is the same that you get in FreeBSD where the module load order can...
plesk
Change domain name in Plesk
You do not need to migrate data to change a domain name in plesk just do from the control panel and it will changes all required aspects. Domains -> doma...
Get PHP5, PSA 7.5.4, & Horde to work
You will need to perform the following to allow Horde on PSA 7.5.4 to work with PHP5. pear upgrade DB cp /usr/share/pear/DB.php /usr/share/psa-horde/pear/DB....
Reset mailman users password for Plesk
User –help to find any additional options you may be wandering about.
Check for weak passwords in Plesk mail accounts
You can change the password string to some of the more known ones such as 12345, password123, pass123, god, etc..
Show all catchall email addresses in Plesk
These need to be monitored because all to often domains with these catch alls are used as SPAM reply to addresses in email.
Change the TTL for a domain in plesk
To lower the TTL for a domain in Plesk simply go to the domain or server section and choose DNS. Next choose the SOA icon and from there you can lower the TT...
Non-static method PMA_Config::isHttps() should not be called statically
This looks worse then it really is in plesk. The password in the PSA DB does not match the one set for the user in mysql.user. Just reset the password in the...
redhat
Set service to start on reboot
Come across this one all the time still. To set a service from init.d to start on reboot you can doo the following. First list the service that are available...
sar
GNU plot your SAR data
So recently I had to assemble some sar data into some nice graphs that the higher ups could understand. So I decided to write out a small script to graph o...
security
Check for POST spam abuse
Just use a quick 1 liner like this to get some info on what IP has been trying to POST the most and to what script. grep POST /home/httpd/vhosts/*/statistics...
Deny certain users access to a console
Add the required pam_access line to your system-auth or login file in the /etc/pam.d directory. This needs to be the first auth line to override the previous...
Kill all processes for a user
Sometimes you need to kill off any running processes do you can remove a exploited account. Here is a simple quick way. Using pkill
Check for DoS or DDoS connections
This is just a quick snippet to see what is going on with connection on your server. We are checking port 80 in this example but you can replace 80 with what...
spamassassin
Using Spamassassin with Webmin
It appears that some versions on certain mirrors do not include the spamassassin webmin module. You can get this from their site as it is now part of the d...
ssh
One line to put SSH key on remote host
cat ~/.ssh/id_rsa.pub | ssh user@hostname 'cat >> .ssh/authorized_keys' or ssh-copy-id user@host
ssl
Find Non-SSL links in a SSL page
This can help you narrow down certificate warnings about mixed content. curl -I domain.com | grep "http:\"
Check SSL expiration date
Nifty little script for doing a simple SSL verify. OpenSSL #!/bin/bash [ $# -ne 1 ] >> { printf "%s: site:port\n" $0; printf "Usage: %s www.example.com...
Fun with OpenSSL
Here are some quick one liners to do a laundry list of things with openssl. openssl s_client -connect domain.com:443 or for more info openssl s_client -stat...
Rewrite Non-SSL to SSL
Simple rewrite rule to send all HTTP requests for any URL to a HTTPS connection.
storage
Extend LVM partition
This is really easy and is something every linux admin should know. In this example we are going to extend it to be 500MB. If I wanted to add 500MB then I wo...
Mount ISO as a loopback device
Mount a ISO file as a loopback device for access. cd /path/to/dir/with/ISO mount yourfile.iso -o loop /mnt
MegaCLI cheat sheet part 1
Here are some quick commands that I have to use on a daily basis for RAID automation issues. You can either keep -aall in there or if you have more then on...
Expand array with MegaCLI
Recently I needed to add 2 more 1tb drives to my current RAID5 x3 1TB setup. This was all done with a hotswap cage and no downtime. I will show you how I a...
Report current disk usage
This is good for trying to chase down which directories are eating up the most space and give you a file with the report sorted by size in MB.
sudo
Grant sudo access to group with no password
While I am not a fan of this setup sometimes there is a special request and it needs to be setup.
svn
Subversion Berkeley DB error while opening environment for filesystem
This seems to be caused by versions before 1.4.3 because of the difference in the set fstype for create. To correct this problem you need to specify the co...
vsftpd
vsftpd with SSL
First lets generate the PEM file. openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem Now lets ad...
Log vsftpd to MySQL
First lets build the pam_mysql package. There is more then one way to do this I just decided to use a SRC RPM I found for FC9. wget http://rpm.pbone.net/inde...
webmin
Using Spamassassin with Webmin
It appears that some versions on certain mirrors do not include the spamassassin webmin module. You can get this from their site as it is now part of the d...
windows
Windows 7 64bit and Macbook Pro (osX)
So the first hurdle I had to overcome was a bad bootable disc that was given to us from Microsoft. Whenever I used the CD they gave us in my macbook I woul...
Windows needs LS
For some reason no matter how many times I have worked with windows I still find myself typing ls. I just make a ls.bat with the following to squash my short...