Tag: linux

Categories
Linux

Linux Failed Attempt Account Lockout (Time Based)

Add the following appended to the pam_tally.so:

onerr=fail deny=5 unlock_time=1800

Relevant entries in bold in /etc/pam.d/system-auth:

auth        required      /lib/security/$ISA/pam_env.so
auth        required      /lib/security/$ISA/pam_tally.so onerr=fail deny=5 unlock_time=1800
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so
account     sufficient    /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account     required      /lib/security/$ISA/pam_permit.so
account     required      /lib/security/$ISA/pam_tally.so
Categories
Freebsd

Add timestamps to history

Add the following to your .bashrc:

export HISTTIMEFORMAT="%h/%d – %H:%M:%S "

The result is this:

[root@server ~]# history
    1  Mar/16 – 18:09:00 cd /etc
    2  Mar/16 – 18:09:10 vi fstab
    3  Mar/16 – 18:09:43 ls -la

Categories
Linux

How to re-scan the SCSI bus on Linux

How to re-scan the SCSI bus on Linux.

echo "- – -" > /sys/class/scsi_host/host0/scan

Categories
Linux

Linux hugepage script for oracle

Here is the script to calculate hugepages for oracle db

#!/bin/bash
#
# hugepages_settings.sh
#
# Linux bash script to compute values for the
# recommended HugePages/HugeTLB configuration
#
# Note: This script does calculation for all shared memory
# segments available when the script is run, no matter if it
# is an Oracle RDBMS shared memory segment or not.

# Check for the kernel version
KERN=`uname -r | awk -F. ‘{ printf("%d.%dn",$1,$2); }’`

# Find out the HugePage size
HPG_SZ=`grep Hugepagesize /proc/meminfo | awk ‘{print $2}’`

# Start from 1 pages to be on the safe side and guarantee 1 free HugePage
NUM_PG=1

# Cumulative number of pages required to handle the running shared memory segments
for SEG_BYTES in `ipcs -m | awk ‘{print $5}’ | grep "[0-9][0-9]*"`
do
   MIN_PG=`echo "$SEG_BYTES/($HPG_SZ*1024)" | bc -q`
   if [ $MIN_PG -gt 0 ]; then
      NUM_PG=`echo "$NUM_PG+$MIN_PG+1" | bc -q`
   fi
done

# Finish with results
case $KERN in
   ‘2.4’) HUGETLB_POOL=`echo "$NUM_PG*$HPG_SZ/1024" | bc -q`;
          echo "Recommended setting: vm.hugetlb_pool = $HUGETLB_POOL" ;;
   ‘2.6’) echo "Recommended setting: vm.nr_hugepages = $NUM_PG" ;;
    *) echo "Unrecognized kernel version $KERN. Exiting." ;;
esac

# End
 

Categories
Openbsd

Adding color, colour to bash scripts

I was curious about just adding colour to echos that I do in scripts and here is how:

echo -e "This is red->e[00;31mREDe[00m"

 

I havent found out how the colours actually work (eg tables of colours) but if you experiment with the numbers you can come up with different foreground and background colours.

UPDATE:

Ok here is a script to dump out the various colour combos.

#/bin/sh
# Show all the colors of the rainbow, should be run under bash
for STYLE in 0 1 2 3 4 5 6 7; do
  for FG in 30 31 32 33 34 35 36 37; do
    for BG in 40 41 42 43 44 45 46 47; do
      CTRL="33[${STYLE};${FG};${BG}m"
      echo -en "${CTRL}"
      echo -n "${STYLE};${FG};${BG}"
      echo -en "33[0m"
    done
    echo
  done
  echo
done
# Reset
echo -e "33[0m"

 

 

Categories
Freebsd

Creating command line options in a bash script

Ok, so for a while I have done this a bunch of different ways but I think the best way I found is with a simple case statement. In here you can set variables, execute commands, functions, nest statements etc… It works out really well. here is a snippet to show you what i mean.

while [ $# -gt 0 ]
do
        case $1
        in
        -v)
                VERBOSE=YES
                shift 1
     
        ;;

        -l)
                echo "$MODULES"
                exit 0
        ;;

        -os)
                if [ -z $2 ]
                then
                        echo "You must choose a VERSION"
                        exit 1
                else
                        for MOD in $MODULES
                        do
                                if [ "$MOD" = "$2" ]
                                then
                                        LISTED=YES
                                fi
                        done
                        if [ "$LISTED" = "YES" ]
                        then
                                VERSION=$2
                                shift 2
                        else
                                echo "Module not found. Use -l for listing"
                                exit 1
                        fi
                fi
        ;;

        -h)
                HELPMENU
                exit 1
        ;;

        –help)
                HELPMENU
                exit 1
        ;;

        *)
                HELPMENU
                exit 1
        ;;
        esac
done

 

Categories
Freebsd

Passwordless ssh login with keys

Create a key with no passphrase on the source machine

[install@source ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/install/.ssh/id_rsa):
Created directory ‘/home/install/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/install/.ssh/id_rsa.
Your public key has been saved in /home/install/.ssh/id_rsa.pub.
The key fingerprint is:
66:c1:3f:95:c6:a9:d6:99:49:bf:a0:57:4f:a3:78:49 install@localhost.localdomain

Copy it to the destination machine…

[install@source ~]$ scp id_rsa.pub 10.50.2.50:~

On the destination machine create the .ssh directory and copy the id_rsa.pub to authorized_keys. If you have multiple keys you can just append it, something like this “cat id_rsa.pub >> authorized_keys”

[install@destination ~]$ mkdir .ssh
[install@destination ~]$ chmod 700 .ssh
[install@destination ~]$ cp id_rsa.pub .ssh/authorized_keys

Now you should be able to login…

[install@source .ssh]$ ssh 10.50.2.50
Last login: Fri Sep  5 14:18:01 2008 from 10.50.2.51
[install@destination ~]$

Categories
Openbsd

Creating a memory leak on Linux/Unix

I recently had to create a memory leak to do some testing, here is a snippet of code that I used to create a leak. You can adjust malloc size to allocate more memory, or adjust the usleep to adjust how aggressive it is. the code below on a machine with 500M of memory would chew up about 1% memory a second. Enjoy!

#include <stdlib.h>
#include <unistd.h>

int main(void) {
    /* An infinite loop. */
    while (1) {
       /* Try to allocate some memory. */
       malloc(8386080);
       /* sleep for a bit so its not so aggressive */
       usleep(10000);
    }
    return EXIT_SUCCESS;
}

Categories
Openbsd

wget through proxy tutorial

Ok so I had an issue using wget from the cmd line on my linux box, so here is how to get a proxy to work with wget:

First off export a variable called "http_proxy":

export http_proxy=192.168.1.2

This will try to get to your proxy via port 80, you could also specify like this(if you are on another port):

export http_proxy=192.168.1.2:8080

Then connect specifying your auth creds if you need to pass any:

wget –proxy-user=myusername –proxy-password=mypassword http://www.myserver.com/download/strace-4.5.15-1.el5.x86_64.rpm

 

And you should be good to go!

Categories
Linux

Setting cpu affinity on linux

Here is a simple way to bind a proc to a cpu. The taskset command is part of the util-linux package.

Bind process 2225 to processor 0:

taskset -p -c 0 2225

Bind process 2225 to processor 1:

taskset -p -c 1 2225

Bind process 2225 to processor 0 and 1:

taskset -p -c 0,1 2225

You can also bind a process at execution:

taskset -c 0 sshd

Retrieving the pids current affinity:

[root@localhost ~]# taskset -p 2225
pid 2225’s current affinity mask: 3