Category Archives: Operating System

How to free PHP-fpm Memory at Server

  Often when you are running PHP with any web server (Apache or Nginx), the FastCGI process manager eats up a lot of your RAM, by forking multiple subprocesses for every request, which in turn leads to memory leakage. To avert this, it is desirable to schedule a shell script and reduce this memory leakage. Save the below command as

Read more

HospitalRun – Docker Containerized

Hi Guys, i just ran the containerized version of the HospitalRun Application on my digitalocean droplet using my own self signed certificate. Please Watch my Youtube Video:- apt-get install \ apt-transport-https \ ca-certificates \ curl \ gnupg-agent \ software-properties-common curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add – apt-key fingerprint 0EBFCD88 add-apt-repository \ “deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable”

Read more

Process Management in Linux

Process Types Before we start talking about Linux process management, we should review process types. There are four common types of processes: Parent process Child process Orphan Process Daemon Process Zombie Process Parent process is a process which runs the fork() system call. All processes except process 0 have one parent process. Child process is created by a parent process.

Read more

How To Patch and Protect Linux Kernel Stack Clash Vulnerability CVE-2017-1000364 [ 19/June/2017 ]

Avery serious security problem has been found in the Linux kernel called “The Stack Clash.” It can be exploited by attackers to corrupt memory and execute arbitrary code. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative/root account privileges. How do I fix this problem on Linux? The Qualys Research Labs discovered various problems

Read more

Cpustat – Monitors CPU Utilization by Running Processes in Linux

Cpustat is a powerful system performance measure program for Linux, written using Go programming language. It attempts to reveal CPU utilization and saturation in an effective way, using The Utilization Saturation and Errors (USE) Method (a methodology for analyzing the performance of any system). It extracts higher frequency samples of every process being executed on the system and then summarizes

Read more

Linux security alert: Bug in sudo’s get_process_ttyname() [ CVE-2017-1000367 ]

Skip to contCa There is a serious vulnerability in sudo command that grants root access to anyone with a shell account. It works on SELinux enabled systems such as CentOS/RHEL and others too. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. Patch your system as soon as possible.It

Read more

Impermanence in Linux – Exclusive (By Hari Iyer)

Impermanence, also called Anicca or Anitya, is one of the essential doctrines and a part of three marks of existence in Buddhism The doctrine asserts that all of conditioned existence, without exception, is “transient, evanescent, inconstant” On Linux, the root of all randomness is something called the kernel entropy pool. This is a large (4,096 bit) number kept privately in the kernel’s

Read more

/etc/security/limits.conf file – In A Nutshell

The /etc/security/limits.conf file contains a list line where each line describes a limit for a user in the form of: <Domain> <type> <item> <shell limit value> Where: <domain> can be: an user name a group name, with @group syntax the wildcard *, for default entry the wildcard %, can be also used with %group syntax, for maxlogin limit <type> can have the

Read more

Linux KVM: Disable virbr0 NAT Interface

The virtual network (virbr0) used for Network address translation (NAT) which allows guests to access to network services. However, NAT slows down things and only recommended for desktop installations. To disable Network address translation (NAT) forwarding type the following commands: Display Current Setup Type the following command: # ifconfig Sample outputs: virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0

Read more

TIBCO Administrator – Error (Core Dump Error)

Sometimes the administrator process in UNIX Platform Stops intermittently and then in the following location, $TIBCO_HOME/administrator/<version>/tomcat/hs_err_pid<pid_of_admin>.log file you will see a core dump error something like this # # A fatal error has been detected by the Java Runtime Environment: # # SIGSEGV (0xb) at pc=0x00007efcdb723df8, pid=12496, tid=139624169486080 # # JRE version: Java(TM) SE Runtime Environment (8.0_51-b16) (build 1.8.0_51-b16) #

Read more

10 Important “rsync” command – UNIX

Rsync (Remote Sync) is a most commonly used command for copying and synchronizing files and directories remotely as well as locally in Linux/Unix systems. With the help of rsync command you can copy and synchronize your data remotely and locally across directories, across disks and networks, perform data backups and mirroring between two Linux machines. This article explains 10 basic

Read more

How to use parallel ssh (PSSH) for executing ssh in parallel on a number of Linux/Unix/BSD servers

Recently I come across a nice little nifty tool called pssh to run a single command on multiple Linux / UNIX / BSD servers. You can easily increase your productivy with this SSH tool. More about pssh pssh is a command line tool for executing ssh in parallel on some hosts. It specialties includes: Sending input to all of the

Read more

30 Shades of “Alias” Command – UNIX

You can define various types aliases as follows to save time and increase productivity. #1: Control ls command output The ls command lists directory contents and you can colorize the output: ## Colorize the ls output ## alias ls=’ls –color=auto’   ## Use a long listing format ## alias ll=’ls -la’   ## Show hidden files ## alias l.=’ls -d

Read more

Error :- sudo: effective uid is not 0, is sudo installed setuid root?

We all as a Linux administrator must have come across this error sometime in our lives. [user@host dir]$ sudo bash sudo: effective uid is not 0, is sudo installed setuid root? This happens when sudo does not get the right access permissions. The Solution for this error is giving the following permissions as root user chmod u+s /usr/bin/sudo That Must

Read more

/proc/sys for you to manipulate a running kernel

The /proc/sys directory in the /proc virtual filesytem contains a lot of useful and interesting files and directories. Many kernel settings can be manipulated by writing to files in the proc filesystem. A lot of important information can be retrieved from these files. This is especially useful when you are troubleshooting or fine tuning your linux system. Following is a

Read more

Linux – Concepts – IPTABLES v/s FIREWALLD

Today we will walk through iptables and firewalld and we will learn about the history of these two along with installation & how we can configure these for our Linux distributions. Let’s begin wihtout wasting further more time. What is iptables? First, we need to know what is iptables. Most of senior IT professionals knows about it and used to work with

Read more

Linux Command – Using Netstat the Proper Way !!

How to install netstat netstat is a useful tool for checking your network configuration and activity. It is in fact a collection of several tools lumped together. Install “net-tools” package using yum [root@livedvd ~]$ sudo yum install net-tools Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: centos.mirror.secureax.com * extras: centos.mirror.secureax.com * updates: centos.mirror.secureax.com Resolving Dependencies –> Running transaction

Read more

Knockd – Detailed And Simpler (Silent Assassin….)

As I could see there are lot of articles about knockd and it’s implementation. So, what are my efforts to make this unique? I made it simple, but detail oriented  and have commented on controversies and criticism that exist. Here is an outline on what I’ve discussed. What is port knocking? What is knockd? How it works? Installation What we

Read more

Linux Command – Dstat (Culprit Catcher)

Introduction Whether a system is used as a web server or a normal PC, in a daily workflow, to keep under control its usage of resources is almost necessary : GNU/Linux provides several tools for monitoring purposes: iostat, vmstat, netstat, ifstat and others. Every system admin know these products, and how to analyse their outputs. However, there’s another alternative, a single program

Read more

Source – UNIX, Destination – Windows Cygwin (SSH Password-less Authentication)

On Windows Server In windows cygwin create user, say MyUser, locally and also create user in cygwin cd C:\cygwin Cygwin.bat   Administrator@MYWINDOWSHOST ~ $ /bin/mkpasswd -l -u MyUser >>/etc/passwd MyUser@MYWINDOWSHOST ~ $ ls MyUser@MYWINDOWSHOST ~ $ ls -al total 24 drwxr-xr-x+ 1 MyUser        None    0 Mar 17 12:54 . drwxrwxrwt+ 1 Administrator None    0 Mar 17 12:54 .. -rwxr-xr-x  1

Read more

Linux Commands – chage (Manage your Passwords for User Accounts in UNIX)

chage chage Enables you to modify the parameters surrounding passwords (complexity, age,expiration). We can edit and manage the password expiration details with the chage command. However, a root user can execute chage command for any user account, but not the other users. Syntax: chage [options] USERNAME Options: -d LAST_DAY Indicates the day the password was last changed -E EXPIRE_DATE Sets

Read more

Hack #1 -> Define CD Base Directory Using CDPATH

If you are frequently performing cd to subdirectories of a specific parent directory, you can set the CDPATH to the parent directory and perform cd to the subdirectories without giving the parent directory path as explained below. # pwd /home/ramesh # cd mail -bash: cd: mail: No such file or directory [Note: The above cd is looking for mail directory

Read more
« Older Entries