Author: Arun Bagul

MySQL full DB dump -shell script

MySQL full DB dump -shell script

By | | Comments 0 Comment

#!/bin/bash
#Shell script to backup MySQL database
#To set permission to user which can take  backup of all the DB in
#MySQL server. plzsee query below
#mysql> grant SELECT, LOCK TABLES  on  *.*  to
#’backup_user’@’localhost’ identified  by  ‘pwd_of_user’;
#
#(c)arunbagul@indiangnu.org
###############################################################
#DB details
user_name=”user”
user_pwd=”password”
myhost=”localhost”

# Linux bin paths, change this if it can’t be autodetected via which command
mysql_cmd=”$(which mysql)”
dump_cmd=”$(which mysqldump)”
CHOWN=”$(which chown)”
CHMOD=”$(which chmod)”
zip_cmd=”$(which gzip)”

# Backup Dest directory, change this if you have someother location
dest_dir=”/var/mysql-backup/

# Get hostname
host_name=”$(hostname)”

# Get data in dd-mm-yyyy format
NOW=”$(date +”%d-%m-%Y”)”

# File to store current backup file
FILE=””
# Store list of databases
DB_list=””

# DO NOT BACKUP these databases
Ignore_db=”test”

[ ! -d $MBD ] && mkdir -p $MBD || :

# Only root can access it!
$CHOWN 0.0 -R $dest_dir
$CHMOD 0600 $dest_dir

# Get all database list first
DB_list=”$($mysql_cmd -u$user_name -h $myhost -p$user_pwd   -Bse ‘show
databases’)”

#send db list to file and clear previous  content
echo “” > $mail_file
echo “” > $database_file

for db in $DB_list
do
skipdb=-1
#send DB list to file
echo $db >> $database_file
echo $db
if [ “$Ignore_db” != “” ];
then
for i in $Ignore_db
do
[ “$db” == “$i” ] && skipdb=1 || :
done
fi

if [ “$skipdb” == “-1″ ] ; then
FILE=”$dest_dir/$db.$host_name.$NOW.gz”
my_file=”$dest_dir/${db}_${host_name}.sql”
# do all inone job in pipe,
# connect to mysql using mysqldump for select mysql database
# and pipe it out to gz file in backup dir 🙂
# $dump_cmd -u $user_name -h $myhost -p$user_pwd $db | $zip_cmd -9 > $FILE
# DB dump start here
########################################
$dump_cmd -u $user_name -h $myhost -p$user_pwd $db > $my_file
if [ $? -eq 0 ]; then
echo $db >> $mail_file
fi
########################################
fi
done

#end

python script for sending mail.

python script for sending mail.

By | | Comments 0 Comment

#!/usr/bin/python
#This  scritp  will send mail  in both HTML and Text format
#@arunbagul@indiangu.org
#@GPL
import smtplib
import os
import sys
from email.MIMEMultipart import MIMEMultipart
from email.MIMEBase import MIMEBase
from email.MIMEText import MIMEText
from email.Utils import COMMASPACE, formatdate
from email import Encoders

#guess = sys.argv[1]
fromaddr = “arunbagul@indiangnu.org”
toaddrs = “toaddress@indiangnu.org”

#———————————–
file_name = “/home/arunbagul/mail-body.txt”
file = open(file_name)
msg = file.read();
#———————————-
#msg = MIMEMultipart()
#msg[‘From’] = fromaddr
#msg[‘To’] = COMMASPACE.join(toaddrs)
#msg[‘To’] = toaddrs
#msg[‘Date’] = formatdate(localtime=True)
#msg[‘Subject’] = “This is my Sub”

server = smtplib.SMTP(‘192.168.1.5’)
#server.set_debuglevel(1)
server.sendmail(fromaddr, toaddrs, msg)
#server.sendmail(fromaddr, toaddrs, msg.as_string())
server.quit()

Load Balancing – shell script

Load Balancing – shell script

By | | Comments 0 Comment

#!/bin/bash
echo “——————————————-”
echo “”
echo -e “Wel come to Load Balancing………….”
echo -e “@arunbagul@indiangnu.org”
echo “”
echo “——————————————-”
#################################
#**root@proxy# cat  /etc/iproute2/rt_tables
#
# reserved values
#
#**255     local
#**254     main
#**253     default
#**0       unspec
#Entry manually added
#please  add this two line each internet connections
#for example two connections
#**251    sify3
#**252    tata
#################################

#specify Details
#Local LAN
LAN_IF=eth0
LAN_IP=192.168.1.68
LAN_NWK=192.168.1.0/24

#INET1 (internet connection )
INET1_IF=eth1
INET1_IP=10.10.172.230
INET1_NWK=10.10.172.0/24
INET1_GW=10.10.172.X

#INET2 (internet connection )
INET2_IF=eth2
INET2_IP=208.259.169.X
INET2_NWK=208.259.169.X/30
INET2_GW=208.259.169.X

#################################
case “$1” in

start)
#Start Load Balancing……..
echo -e “Starting Load Balancing……..”
##################################################################
#step(1)
#Flush out table tata  & sify3 if any routing is their.
/sbin/ip route flush table tata
/sbin/ip route flush table sify3
#################################
echo -e “Creating Kernel routing table::- tata(251)”
# 202.189.249.204/30 is IP n/w of ISP1 with
#gateway is 202.189.249.205 & IP assign
#to eth3  is 202.189.249.206 which is source(src)
/sbin/ip route add $INET2_NWK dev $INET2_IF src $INET2_IP proto kernel table tata
#Add entry for internel n/w
/sbin/ip route add $LAN_NWK dev $LAN_IF proto kernel src $LAN_IP table tata
#Now add default gateway to ISP-I in table tata
/sbin/ip route add default via $INET2_GW table tata
##################################################################
#step(2)
echo -e “Creating Kernel routing table::- sify3(253)”
# 10.10.127.0/24 is IP n/w of ISP2 with
# gateway is 10.10.127.1 & IP assign
#to eth1  is 10.10.127.222 which is source(src)
/sbin/ip route add $INET1_NWK  dev $INET1_IF  src $INET1_IP proto kernel table sify3
#Add entry for internel n/w
/sbin/ip route add $LAN_NWK dev $LAN_IF proto kernel src $LAN_IP table sify3
#Now add default gateway to ISP-II in table sify3
/sbin/ip route add default  via $INET1_GW  table sify3
##################################################################
#step(3)
#set up the routing rules.
#These actually choose what routing table to route with.
/sbin/ip rule  add from $INET2_IP table tata
/sbin/ip rule  add from $INET1_IP table sify3
##################################################################
#step(4)
#Delete default route path form kernel ‘main’ routing table.
/sbin/route del default
if [ $(echo $?) = 0 ] ; then
echo -e “Default gateway removed from ‘main’ table”
fi
/sbin/route del default
echo “Done………”
##################################################################
#step(5)
#now set up the default route to be a multipath route.
#In the default kernel this will balance routes over the two providers.
#/sbin/ip route add default equalize nexthop via $INET1_IP $dev $INET1_IF weight 1 nexthop via $INET2_IP dev $INET2_IF weight 1
/sbin/ip route add default  nexthop  via $INET1_IP dev $INET1_IF weight 1 nexthop via $INET2_IP dev $INET2_IF  weight 1
echo -e ” Thank you….”
##################################################################
;;
stop)
#Stoping Load Balancing….
echo -e “Stoping Load Balancing….”
#Seperating routing decision…
/sbin/ip rule del from $INET1_IP table tata
/sbin/ip rule del from $INET1_IP  table sify3
#Flush out table tata,sify3 and main if any routing is their.
/sbin/ip route flush table tata
/sbin/ip route flush table sify3
/sbin/ip route flush table main
#update kernel ‘main table’————–
#add entry for ‘tata’ connection
/sbin/ip route add $INET2_NWK  dev $INET2_IF  src $INET2_IP  proto kernel  scope link  table main
#add entry for ‘sify’ connection
/sbin/ip route add $INET1_NWK  dev eth1  src $INET1_IP proto kernel  scope link  table main
#Add entry for internel n/w
/sbin/ip route add $LAN_NWK  dev $LAN_IF proto kernel scope link src 192.168.0.3 table main
#Now add default gateway to ISP-I in table main
/sbin/ip route add default via $INET1_GW table main
;;
status)
#Checkng Load Balancing status….
echo -e “Checking Load Bal status…….”
#Check load balancing is successful or not————-
/sbin/ip route show | grep “nexthop” > /dev/null
if [ $(echo $?) = 0 ] ; then
echo -e “Load Balancing is SUCCESSSFUL”
else
echo -e  “Load Balancing FAILED”
echo -e “Load-balancing:: Please try again…”
fi
;;
table)
#Kernel routing table
#################################
echo -e “Kernel routing table ‘tata’ is…..”
/sbin/ip route show table tata
echo -e “Kernel routing table ‘sify3’ is…..”
/sbin/ip route show table sify3
#Now finally check kernel routing with default route as multiple route
echo -e “~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~”
echo -e “Kernel ‘main’ routing table is…(plz check here)”
/sbin/ip route show table  main
echo -e “………..”
/sbin/route -n
echo -e “~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~”
echo -e “!!please run this cmd when ever you will restart n/w service or PC.”
echo -e ” And make sure that both connection are running”
;;

*)
echo “Usage:/sbin/load-balancing {start|stop|status|table}”
exit 1
;;
esac
#################################
#exit 0
#END

Samba as PDC

Samba as PDC

By | | Comments 1 comment

1] Samba Server

We are using samba as PDC so that windows machine will be authenticated using same mysql DB.
But samba as mysql is not supported for practical use. In our case we are using samba with
smbpasswd file and this file ia updated by using samba-Daemon. This daemon is written in python.

* Samba Server can be used as PDC with

1) Roaming profiles and
2) Local profiles
  • We are using samba as PDC with local profile so that we don’t need to create profile and netlogon share in samba.

2] Samba Configuration File

[global] 

#Change this to the workgroup/NT-domain name your Samba server will part of

#############################

workgroup = IndianGNU.org

netbios name = fileserver

os level = 65

prefered master = yes

domain master = yes
local master = yes
domain logons = yes

 ;Domain administrators
 admin users = arun.bagul,nishit


#############################


  ## Networking


   hosts allow = 192.168.0.0/24 127.0.0.1


 ## Authentication #"security = user" is always a good idea.


This will require a Unix account


security = user


;should be true


encrypt passwords = true


 ##If you are using encrypted passwords, Samba will need to know what

#password database type you are using.


#*** passdb backend = tdbsam  ;commented by arun


#############################


#This is the most imp entry for smbpasswd database


passdb backend =  smbpasswd:/etc/samba/smbpasswdobey

pam restrictions = yes

#############################


guest account = nobody

invalid users = root


##Domains


;For roaminf  profiles following line should be uncommented

;logon path = \\%N\profiles\%U


;For Local Profile "logon path" should be nothing

logon path =logon drive = H:


logon home = \\%N\%U


#############################


## Printing


#For samba with CUPS server

loadprinters = yes

printing = cups

printcap name = cups

browseable = yes

printer admin = arun.bagul


#############################


## Misc


##socket options = TCP_NODELAY ; commented by arun

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

######


#############################


##Share defineded here


;Please don't define this share


;[profiles]


#############################


[netlogon]

comment = IndianGNU.org Network Logon Service

path = /etc/samba/netlogon

guest ok = yes

public = no

writable = no

;read only = yes

browseable = no

valid users = %U


#############################


#NOTE- Above [netlogon] share is also not needed for samba with Local profiles


#############################


##Samba share per team


[Team1]

comment = Team1 Share

path = /winbackup/team1


browseable = yes

writable = yesvalid users = @team1


;create mask = 0600

;directory

mask = 0700;

guest ok = yes


#########################

[Team2]

comment = Team2 Share

path = /winbackup/team2

read only = no

browseable = yes

writable = yes

valid users = @team2


;guest ok = yes


#########################


3] Machine Account creation 


To use samba for windows domain controller, We need to create machine account  for each windows machine.


say Netbios name of windows machine  is “systemws” then cmd  for creating machine account is……..


root@fileserver:/etc# useradd -d /dev/null -g 65534 -s /bin/false systemws$


root@fileserver:/etc# useradd -d /dev/null -g 65534 -s /bin/false qawd1$


root@fileserver:/etc# useradd -d /dev/null -g 65534 -s /bin/false qawd2$


root@fileserver:/etc# useradd -d /dev/null -g 65534 -s /bin/false utkarshws$


    

  •  How to add machine account in smpasswd file
    • 



root@fileserver:/etc# smbpasswd -m -a systemws


Added user systemws$.


root@fileserver:/etc# smbpasswd -m -a qawd1


Added user phplws$.


root@fileserver:/etc# smbpasswd -m -a qawd2

Added user qawd1$.

root@fileserver:/etc#




4] User Account creation


To create Normal user account for domain logon


root@fileserver:/etc# smbpasswd -a arun.bagul


 New SMB password:


 Retype new SMB password:


root@fileserver:/etc#


Thank you,


Arun Bagul
Load Balancing for sharing multiple internet connections

Load Balancing for sharing multiple internet connections

By | | Comments 0 Comment

Overview

We have three Internet connection from three different ISP.

Due to hardware limitation we have connected two ISP line connected to one PC.
Details regarding to Interface is-
etho -192.168.0.X
eth1- A.B.C.D

ppp0- W.X.Y.Z

Why Load Balancing ?

The main purpose of load balancing is to share multiple Internet connection from different service provider for maximum utilization of bandwidth. We try to achieve this goal by two method

A) Load Balancing by using EQL interface-

EQL is serial line load balancer which is kernel module. by which we can enslave or tie multiple serial line from different or same provider. But the condition is that this line should be connected through modem. Which is not suitable for us.

B) Load Balancing by IP tables and Routing-

There are many places where a Linux based router/masquerading device can assist in managing multiple Internet connections. We’ll outline here some of the more common setups involving multiple Internet connections and how to manage them with iptables and routing. One of the first distinctions you can make when planning how to use multiple Internet connections is what inbound services you expect to host and how you want to split traffic over the multiple links.

Step by step implementation

When we are using single connection from one ISP in such case our default route will me in ‘main’ routing table of kernel. Now in our case we have connected two connection to proxy server out of that one line is from ‘pacenet’ and other is from ‘sify’. As we have not implemented load balancing the default router in ‘main’ table of kernel will be either fro sify or pacenet.

[1] How it works

Lets us check our ‘main’ routing table ….

magnet@proxy:~$ ip route show table main
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default dev ppp0 scope link
magnet@proxy:~$

root@proxy:~# ip route show table main
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default via 10.X.X.X dev eth1
root@proxy:~#

To use both the line effectively we need to create to two new routing table. So that we can provide default gateway in each routing table separately.

Step [1]

First step in load balancing is to create separate routing table for each connection. Lets create table.

root@proxy:~# tail /etc/iproute2/rt_tables
253 sify3
252 sify192
251 pacenet
root@proxy:~#

Whenever we want to create new routing table we need to add entries in above file.

step [2]

Now we will add routing details in this table

root@proxy:~# ip route add 25.X.X.X dev ppp0 src W.X.Y.Z proto kernel scope link table pacenet
root@proxy:~# ip route add default via 25.X.X.X table pacenet
root@proxy:~# ip route show table pacenet
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
default via 25.X.X.X dev ppp0
root@proxy:~#

As shown above we have created separate routing table ‘pacenet’ for pacenet connection. With default gateway 25.X.X.X and interface ppp0.
Similarly we have created separate routing table ‘sify3’ for sify connection. with defalut gateway 10.X.X.X and interface eth1.

root@proxy:~# ip route add 10.X.X.X/24 dev eth1 src A.B.C.D proto kernel scope link table sify3
root@proxy:~# ip route add default via 10.X.X.X table sify3

root@proxy:~# ip route show table sify3
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default via 10.X.X.X dev eth1
root@proxy:~#

step [3]

One more thing we left here is that we have to add entries for local network in both table. This is basic setup for separating routing decision for both provider.

root@proxy:~# ip route add 192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X table sify3
root@proxy:~# ip route add 192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X table pacenet

Finally we will check entries in each routing table

root@proxy:~# ip route show table sify3
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default via 10.X.X.X dev eth1

root@proxy:~# ip route show table pacenet
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
default via 25.X.X.X dev ppp0
root@proxy:~#

step [4]

Next, we will set up the routing rules. These actually choose what routing table to route with. You want to make sure that you route out a given interface if you already have the corresponding source address:

root@proxy:~# ip rule add from W.X.Y.Z table pacenet
root@proxy:~# ip rule add from A.B.C.D table sify3

Here W.X.Y.Z is the static IP assign to ppp0 interface. The first rule tells to kernel that use table ‘pacenet’ to route all the pkts going out of interface ppp0 similarly for sify connection.

Step [5]  Now delete default route in ‘main’ table.

root@proxy:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
25.X.X.X 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.0.X 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.X.X.X 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 10.X.X.1 0.0.0.0 UG 0 0 0 eth1
root@proxy:~# route del default
root@proxy:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
25.1.1.2 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.10.127.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
root@proxy:~# ip route show
25.1.1.2 dev ppp0 proto kernel scope link src 203.115.69.16
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.3
10.10.127.0/24 dev eth1 proto kernel scope link src 10.10.127.222

Step [6]

Now the question is how to balance traffic going out over the two providers. This is actually not hard if you already have set up split access as above. Instead of choosing one of the two providers as your default route,We will set up the default route to be a multipath route. In the default kernel this will balance routes over the two providers. It is done as follows (once more building on the example in the section on split-access):

root@proxy:~# ip route add default nexthop via 10.X.X.1 dev eth1 weight 1 nexthop via W.X.Y.Z dev ppp0 weight 1

root@proxy:~# ip route show
25.X.X.X dev ppp0 proto kernel scope link src W.X.Y.Z
192.168.0.X/24 dev eth0 proto kernel scope link src 192.168.0.X
10.X.X.X/24 dev eth1 proto kernel scope link src A.B.C.D
default
nexthop via A.B.C.D dev eth1 weight 1
nexthop via W.X.Y.Z dev ppp0 weight 1
root@proxy:~#

This will balance the routes over both providers. The weight parameters can be tweaked to favor one provider over the other.
Note that balancing will not be perfect, as it is route based, and routes are cached. This means that routes to often-used sites will always be over the same provider.
Thank you

Arun Bagul

Reference URL:–
http://linux-ip.net/html/index.html
http://linux-ip.net/html/ch-advanced-routing.html

http://lartc.org/howto/lartc.rpdb.html
http://lartc.org/howto/lartc.rpdb.multiple-links.html

http://www.shorewall.net/

IndianGNU.org – my first anniversary!!

IndianGNU.org – my first anniversary!!

By | | Comments 0 Comment

I am glad to inform you all that today is my first anniversary!!. We have successfully completed one year of social contribution in open source and free software movement. I am very much sure that our existence and contribution is recognized and encouraged by many open source and free software contributors (gurus). It was simply impossible without your support, contribution and hard work. In past one year the number of contributors are grown from 1 to 25!!. This is one of the achievement we have added in our treasury. I am very thankful to all contributors for there contribution, dedication and keen interest.

We started with blogging, sharing our knowledge, ideas and even problem!! also. This is helped us to learn new technologies, problem solving skills and many more things.

What next?
Now it time to think about what Next? What we want to achieve in next one or two years? how we will grow? what we should? and many more things.

For next one year we will continue with blogging and sharing our knowledge, at same time we have to encourage more people to join our community and grow day by day!! I am sure that you are agree to me and wiling to support to archive this goal.

Our focus will be on openLSM– open source or free software project. We have to start actual coding and release beta version of openLSM by end of this year. I am expecting more from all of you. I hope that you will put best effort to achieve this target!!!.

Cheers,
IndianGNU.org

How to delete MySQL command line history

How to delete MySQL command line history

By | | Comments 3 comments

Introduction – On Unix or Linux system, the MySQL client writes a record of executed statements to a history file. By default, the history file is named .mysql_history and is created in your home directory. To specify a different file, set the value of the MYSQL_HISTFILE environment variable.

root@arunbagul:~# ls -l /root/.mysql_history
-rw——- 1 root root 71 2008-03-18 17:25 /root/.mysql_history
root@arunbagul:~#

root@arunbagul:~# cat /root/.mysql_history
show databases;
select * from databases;
show status;
show variables;
root@arunbagul:~#

If you do not want to maintain a history file, first remove .mysql_history if it exists, and then use either of the following techniques:

  • Set the MYSQL_HISTFILE variable to /dev/null. To cause this setting to take effect each time you log in, put the setting in one of your shell’s startup files.
  • Create .mysql_history as a symbolic link to /dev/null
  • ln -s /dev/null $HOME/.mysql_history

How to set Environment variable –

root@arunbagul:~# export MYSQL_HISTFILE=/dev/null

root@arunbagul:~#

** Please add about command in .bashrc file in your home directory so that this variable will be set to /dev/null value every time you lonin ..

root@arunbagul:~# cat /root/.bashrc
root@arunbagul:~#
Check the environment variable –

root@arunbagul:~# echo $MYSQL_HISTFILE
/dev/null
root@arunbagul:~#

NOTE- It’s not secure to save all executed mysql command to $HOME/.mysql_history file!!

Regards,

Arun Bagul

Quota Management

Quota Management

By | | Comments 1 comment

Introduction-

Introduction- Disk space management and disk space allocation among the users and groups is one of the critical task of System Administrator. System Admin has to think in all perspective before finalizing any policy. Quota is a system administration tools for monitoring and limiting users and/or groups disk usage, per file system. Disk quotas can be configured for individual users as well as user groups. This kind of flexibility makes it possible to give each user a small quota to handle “personal” file (such as email and reports), while allowing the projects they work on to have more sizable quotas (assuming the projects are given their own groups).

Quota provides two ways to set limits…

1) Number of inodes that may be allocated to a user or a group.
2) Number of disk blocks amount of space in kilobytes that may be allocated to a user or a group.

In addition, quotas can be set not just to control the number of disk blocks consumed but to control the number of inodes. Because inodes are used to contain file-related information, this allows control over the number of files that can be created. By using Quota, the users are forced by the system administrator to not consume unlimited disk space on a system. This program is handled on per user/group, per file system basis and must be set for each file system separately. The system administrator is alerted before a user consumes too much disk space or a partition becomes full.

What are the types of Quota Format?

Answer -There four type of Quota format/protocol you can use any format ….
1) vfsold – original quota format (version 1 quota)
2) vfsv0 – new quota format (version 2 quota)
3) rpc – use RPC calls (quota over NFS) and
4) xfs – quota on XFS filesystem

Steps to Configure Quota on File System –

Step 1] Check Kernel support?

The first thing you need to do is ensure that your kernel has been built with Quota support enabled. Now a days once you installed Quota package the kernel module for Quota will be enabled. Still you can confirm as given below…

Step 2] Enable quotas per file system by modifying /etc/fstab –

root@arunbagul:~# cat /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
LABEL=/home /home ext3 defaults,usrquota,grpquota 1 2
/dev/hda2 Perform setting for specified format (ie. don’t perform format auto detection). Possible format names are: vfsold (version 1 quota), vfsv0
(version 2 quota), rpc (quota over NFS), xfs (quota on XFS filesystem) swap swap defaults 0 0
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
root@arunbagul:~#

NOTE – ‘usrquota’ for user quota and ‘grpquota’ for group quota…

The /etc/fstab file contains information about the various file systems installed/mounted on your Linux server. Quota must be enabled in the /etc/fstab file before you can use it. Quota must be set for each file system separately. Check the /etc/fstab, in which /home file system has both user and group quotas enabled. Depending on your intentions, needs, etc, you can enable quota only for users, groups or both users and groups.

Step 3] Activate/Enabled Quota on file system (quota.user and quota.group)-

After the modifing /etc/fstab file for Quota, remount each file system whose fstab entry has been modified. If the file system is not in use by any process, use the umount command followed by the mount to remount the file system. If the file system is currently in use, the easiest method for remounting the file system is to reboot the system. we need to reboot the system or remount the file system to activate/establish quota on a file system.
Once quota is activated on given file system, the quota.user and quota.group files will be created on that file system, in parent directory.

command (1) quotacheck – scan a filesystem for disk usage, create, check and repair quota files (quota.user and quota.group). quotacheck examines each
filesystem and builds a table of current disk usage, and compares this table against that recorded in the disk quota file for the filesystem
(this step is ommitted if option -c is specified). If any inconsistencies are detected, both the quota file and the current system copy of the
incorrect quotas are updated. By default, only user quotas are checked. quotacheck expects each filesystem to be checked to have quota files
named as quota.user &[quota.group located at the root of the associated filesystem. If a file is not present, quotacheck will create it.

-u, –user
Only user quotas listed in /etc/mtab or on the filesystems specified are to be checked. This is the default action.

-g, –group
Only group quotas listed in /etc/mtab or on the filesystems specified are to be checked.

-c, –create-files
Don’t read existing quota files. Just perform a new scan and save it to disk. quotacheck also skips scanning of old quota files when they
are not found.

-v, –verbose
quotacheck reports its operation as it progresses. Normally it operates silently. If the option is specified twice, also the current
directory is printed (note that printing can slow down the scan measurably).

root@arunbagul:/home# quotacheck -ugcv /home
quotacheck: Mountpoint (or device) /home not found.
quotacheck: Cannot find filesystem to check or filesystem not mounted with quota option.
root@arunbagul:/home#

NOTE – As I have not added usrquota and grpquota options in /etc/fstab the quotacheck command has failed to detect the quota file system.. so now complete step(2) and remount the file system..,,

root@arunbagul:# umount /home
root@arunbagul:#
root@arunbagul:/home# mount | grep /home
/dev/sda8 on /home type ext3 (rw)
root@arunbagul:/home#

root@arunbagul:/home# mount -a
root@arunbagul:/home# mount | grep /home
/dev/sda8 on /home type ext3 (rw,usrquota,grpquota)
root@arunbagul:/home#

Now run the quotacheck command….

root@arunbagul:/home# ls -F
arun/ guest/
root@arunbagul:/home#

root@arunbagul:/home# quotacheck -ugcv /home
quotacheck: Cannot remount filesystem mounted on /home read-only so counted values might not be right.
Please stop all programs writing to filesystem or use -m flag to force checking.
root@arunbagul:/home#

root@arunbagul:/home# quotacheck -ugcvm /home
quotacheck: Scanning /dev/sda8 [/home] done
quotacheck: Cannot stat old user quota file: No such file or directory
quotacheck: Cannot stat old group quota file: No such file or directory
quotacheck: Checked 7090 directories and 64268 files
quotacheck: Old file not found.
quotacheck: Old file not found.
root@arunbagul:/home#

root@arunbagul:/home# ls -F
aquota.group aquota.user arun/ guest/
root@arunbagul:/home#

** use command quotaon/quotaoff to on/off quota of file system

root@arunbagul:/home# quotaon /home
root@arunbagul:/home#

** Note – please don’t run below command (we are in process of enabling quota..!!)

root@arunbagul:/home# quotaoff /home
root@arunbagul:/home#

Step 4] How to report Quota –

command (2) repquota – summarize quotas for a filesystem repquota prints a summary of the disc usage and quotas for the specified file systems. For
each user the current number of files and amount of space (in kilobytes) is printed, along with any quotas created with edquota.
As repquota has to translate ids of all users/groups to names

-a, –all
Report on all filesystems indicated in /etc/mtab to be read-write with quotas.

-v, –verbose
Report all quotas, even if there is no usage. Be also more verbose about quotafile information.
-g, –group
Report quotas for groups.

-u, –user
Report quotas for users. This is the default.

root@arunbagul:/home/arun# repquota /home
*** Report for user quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
———————————————————————-
root — 237368 0 0 3231 0 0
www-data — 151352 0 0 359 0 0
nobody — 21680 0 0 1875 0 0
arun — 3473212 0 0 44268 0 0
ftp — 4 0 0 1 0 0

root@arunbagul:/home/arun# repquota -u /home
*** Report for user quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
———————————————————————-
root — 237368 0 0 3231 0 0
www-data — 151352 0 0 359 0 0
nobody — 21680 0 0 1875 0 0
arun — 3473212 0 0 44268 0 0
ftp — 4 0 0 1 0 0

root@arunbagul:/home/arun# repquota -g /home
*** Report for group quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
Group used soft hard grace used soft hard grace
———————————————————————-
root — 258992 0 0 5102 0 0
www-data — 113188 0 0 252 0 0
plugdev — 52 0 0 3 0 0
nogroup — 4 0 0 1 0 0
admin — 224236 0 0 21623 0 0
arun — 3473212 0 0 44268 0 0
subversion — 38164 0 0 107 0 0

root@arunbagul:/home/arun# repquota -ug /home
*** Report for user quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
———————————————————————-
root — 237368 0 0 3231 0 0
www-data — 151352 0 0 359 0 0
nobody — 21680 0 0 1875 0 0
arun — 3473212 0 0 44268 0 0
ftp — 4 0 0 1 0 0

*** Report for group quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
Group used soft hard grace used soft hard grace
———————————————————————-
root — 258992 0 0 5102 0 0
www-data — 113188 0 0 252 0 0
plugdev — 52 0 0 3 0 0
nogroup — 4 0 0 1 0 0
admin — 224236 0 0 21623 0 0
arun — 3473212 0 0 44268 0 0
subversion — 38164 0 0 107 0 0

root@arunbagul:/home/arun#

Step 5] Assigning Quotas per User/Group –

command (3) edquota – edquota is a quota editor. One or more users or groups may be specified on the command line. If a number is given in the place of
user/group name it is treated as an UID/GID. Setting a quota to zero indicates that no quota should be imposed. Users are permitted to exceed
their soft limits for a grace period that may be specified per filesystem. Once the grace period has expired, the soft limit is enforced as a
hard limit.
-u, –user
Edit the user quota. This is the default.
-g, –group
Edit the group quota.

-f, –filesystem filesystem
Perform specified operations only for given filesystem (default is to perform operations for all filesystems with quota).

-t, –edit-period
Edit the soft time limits for each filesystem. In new quota format time limits must be specified (there is no default value set in kernel).
Time units of ’seconds’, ’minutes’,’hours’, and ’days’ are understood. Time limits are printed in the greatest possible time unit such that
the value is greater than or equal to one.

root@arunbagul:/home/arun# edquota -u arun
root@arunbagul:/home/arun#

===>

Disk quotas for user arun (uid 1000):
Filesystem blocks soft hard inodes soft hard
/dev/sda8 3473212 0 0 44268 0 0

NOTE – once you run above command, it will open default editor specified in your system and you will see the following content be default in that temp file
modify the value save the file the quota will be set to that user or group

root@arunbagul:/home/arun# edquota -g www-data
root@arunbagul:/home/arun#

===>
Disk quotas for group www-data (gid 33):
Filesystem blocks soft hard inodes soft hard
/dev/sda8 113188 0 0 252 0 0

root@arunbagul:/home/arun# edquota -ug arun -f /home
root@arunbagul:/home/arun#

** How to change soft time limits for each filesystem…(by default it is 7 days)

root@arunbagul:/home/arun# edquota -t -f /home
OR
root@arunbagul:/home/arun# edquota -t
root@arunbagul:/home/arun#

===>
Grace period before enforcing soft limits for users:
Time units may be: days, hours, minutes, or seconds
Filesystem Block grace period Inode grace period
/dev/sda8 7days 7days

command (4) setquota – is a command line quota editor. The filesystem, user/group name and new quotas for this filesystem can be specified on the command
line. Note that if a number is given in the place of a user/group name it is treated as an UID/GID.

-r, –remote
Edit also remote quota use rpc.rquotad on remote server to set quota. This option is available only if quota tools were compiled with
enabled support for setting quotas over RPC.

-F, –format=quotaformat
Perform setting for specified format (ie. don’t perform format auto detection). Possible format names are: vfsold (version 1 quota), vfsv0
(version 2 quota), rpc (quota over NFS), xfs (quota on XFS filesystem)

-u, –user
Set user quotas for named user. This is the default.

-g, –group
Set group quotas for named group.

-t, –edit-period
Set grace times for users/groups. Times block-grace and inode-grace are specified in seconds.

-T, –edit-times
Alter times for individual user/group when softlimit is enforced. Times block-grace and inode-grace are specified in seconds or can be
string ’unset’.

-a, –all
Go through all filesystems with quota in /etc/mtab and perform setting.

** How to use it ?

setquota [-u|-g] [-r] [-F quotaformat] <user|group> <block-softlimit> <block-hardlimit> <inode-softlimit> <inode-hardlimit> -a|<filesystem>…
setquota [-u|-g] [-r] [-F quotaformat] <-p protouser|protogroup> <user|group> -a|<filesystem>…
setquota [-u|-g] [-F quotaformat] -t <blockgrace> <inodegrace> -a|<filesystem>…
setquota [-u|-g] [-F quotaformat] <user|group> -T <blockgrace> <inodegrace> -a|<filesystem>…

root@arunbagul:~# setquota -u arun 1000 1500 0 0 /home
root@arunbagul:~# setquota -g arun 1000 1500 0 0 /home

Step 6] What is Soft and Hard limit –

* Soft – Maximum amount of space or files user/group can use.
* Hard – Only used if grace periods are in effect, otherwise they are ignored and soft limits are used to enforce file system limits.
* Grace Periods – If used, users may exceed their soft limits up to their hard limits for a period of days specified by the grace period.
After the grace period expires, the user can no longer exceed their soft limit.

command (5) quotatool – is a tool for manipulating filesystem quotas. Depending on the command line options given, it can set hard or soft limits on block
and inode usage, set and reset grace periods, for both users and (if your system supports this) groups. The filesystem to set the
quota on is given as the first (and only) non-option element, and it is either the block special file (i.e /dev/sda3) or
the mount point (i.e. /home) for the filesystem.

Step 7] How to install Quota –

** How to install Quota on Debian/Ubuntu system…

root@arunbagul:~# apt-get install quota quotatool
Reading package lists… Done
Building dependency tree
…..
Setting up quota (3.14-8) …
Setting up quotatool (1.4.9-2) …

root@arunbagul:~#

** How to install Quota on Redhat(RHEL)/Fedora/Gentoo/CentOS/Suse/Madriva –

root@arunbagul:~# rpm -ivh <Quota package name>
………….
……….
root@arunbagul:~#

Step 8] Kernel parameters for Quota –

** Check status of kernel parameters values BEFORE activating Quota –

root@arunbagul:/home/arun/perl-prog# sysctl -a | grep quota
fs.quota.lookups = 0
fs.quota.drops = 0
fs.quota.reads = 0
fs.quota.writes = 0
fs.quota.cache_hits = 0
fs.quota.allocated_dquots = 0
fs.quota.free_dquots = 0
fs.quota.syncs = 16
fs.quota.warnings = 1
root@arunbagul:/home/arun/perl-prog#

** Check the Quota parameters values AFTER activating Quota –

root@arunbagul:/home/arun# sysctl -a | grep quota
fs.quota.lookups = 826
fs.quota.drops = 440
fs.quota.reads = 7
fs.quota.writes = 0
fs.quota.cache_hits = 819
fs.quota.allocated_dquots = 7
fs.quota.free_dquots = 0
fs.quota.syncs = 16
fs.quota.warnings = 1
root@arunbagul:/home/arun#

command (6) quotastats – you can use this command to queries the kernel for quota statistics (parameter).

root@arunbagul:~# quotastats
Kernel quota version: 6.5.1
Number of dquot lookups: 920
Number of dquot drops: 534
Number of dquot reads: 7
Number of dquot writes: 0
Number of quotafile syncs: 16
Number of dquot cache hits: 913
Number of allocated dquots: 7
Number of free dquots: 0
Number of in use dquot entries (user/group): 7
root@arunbagul:~#

IMP NOTE :: Quotas over NFS – Since NFS maps remote users to local users, set the quotas on the local users that you plan to map the remote users too.

Thank you,
Arun Bagul

Plesk – “Access Denied” Error while login!!

Plesk – “Access Denied” Error while login!!

By | | Comments 0 Comment

Introduction – Plesk is one of the leading control panel for Web hosting on both Linux and Windows Server. This article only focus on Plesk Server on Linux platform. Default setting for Plesk control panel is stored in file “/etc/psa.conf” from where you can find out the document root of Plesk server and other default setting etc…

admin” user is the default Administrator in Plesk, with full access. Plesk server will set this “admin” user as MySQL administrator.

Problem 1) when trying to login to Plesk as an admin user, a popup says “Access Denied”

Reason :- Plesk has an built-in security feature with account logins (basically only 3 login attempts are allowed). If you enter wrong user name or password 3 times, the server will lock you out. Plesk store MySQL admin or admin user’s password in file “/etc/psa/.psa.shadow”

root@arunbagul:~# mysql -u admin -p

Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql> use psa;

Database changed

mysql>
mysql> DELETE FROM lockout WHERE login = ‘admin’;

mysql> quit
Bye
root@arunbagul:~#

Enjoy you Plesk Server!!

Thank you,

Arun Bagul

IPv6 -Internet Protocol version 6

IPv6 -Internet Protocol version 6

By | | Comments 0 Comment

Introduction – IPv6 is the Network or Internet Layer protocol in ISO/OSI or TCP/IP model. It is designated as the successor of IPv4, the current version of the Internet Protocol. IPv6 address space is extremely large. For example, IPv6 supports 2128 (about 3.4×1038) addresses, or approximately 5×1028 addresses for each of the roughly 6.5 billion people alive today. IPv4 uses 32-bit addresses (4 billion addresses) while IPv6 uses 128-bit addresses (3.4×1038 addresses). Although adoption of IPv6 has been slow due to many reasons… Most transport- and application-layer protocols need little or no change to work over IPv6; exceptions are applications protocols that embed network-layer addresses such as FTP or NTP.

  • The main feature of IPv6 that is driving adoption today is the larger address space.
  • IPv6 hosts can be configured automatically when connected to a routed IPv6 network using ICMPv6 router discovery message.
  • Multicast is part of the base specifications in IPv6
  • IPsec – the protocol for IP network-layer encryption and authentication, is an integral part of the base protocol suite in IPv6.

How to write IPv6 –

IPv6 addresses are normally written as eight groups of four hexadecimal digits, where each group is separated by a colon same as IPv4. like 2001:0db8:0000:0000:0000:0000:1428:57ab

::1/128 — the loopback address is a localhost address.

IPv6 addresses can be split into network and host parts using subnet masks- 128 bit number of bits are separated into a network part (upper 64 bits) and a host part (lower 64 bits), to facilitate auto-configuration.

root@arunbagul:~# ping6 ip6-localhost
PING ip6-localhost(ip6-localhost) 56 data bytes
64 bytes from ip6-localhost: icmp_seq=1 ttl=64 time=0.040 ms
………………………………..
— ip6-localhost ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 2997ms
rtt min/avg/max/mdev = 0.035/0.037/0.040/0.004 ms
root@arunbagul:~#

Thank you,

Arun