This Blog is intended to collect information of my various Intrests,pen my opinion on the information gathered and not intended to educate any one of the information posted,but are most welcome to share there view on them
Sunday, August 15, 2010
Need Help?
You can reach me at suresh.sonu2@gmail.com
You can follow us in any of the following ways...
Google Groups: http://groups.google.com/group/sureshrhce/
Orkut Community: http://www.orkut.co.in/Main#Community?cmm=105390304
Facebook Group: http://www.facebook.com/group.php?gid=131140616930892
Twitter: https://twitter.com/sureshRHCE
SMS Alerts on New Articles: http://labs.google.co.in/smschannels/subscribe/sureshRHCE
RSS Feeds: http://sureshrhce.blogspot.com/feeds/posts/default
Some useful notes for Linux
Task | File / Command |
Startup script | /etc/rc.d/rc |
Kernel | /boot/vmlinuz |
Kernel Parameters | sysctl -a |
Reconfigure the kernel | cd /usr/src/linux make mrproper make menuconfig make dep make clean make bzImage make install make modules make modules_install cp arch/i386/boot/bzImage /boot/vmlinuz-2.2.16 mkinitrd /boot/initrd-2.2.16.img 2.2.16 vi /etc/lilo.conf lilo |
List modules | lsmod |
Load module | insmod |
Unload module | rmmod |
Initialize system | netconf |
Physical RAM | free -m |
Kernel Bits | getconf LONG_BIT |
Crash utility | lcrash |
Trace System Calls | strace |
Machine model | uname -m |
OS Level | uname -r |
Run Level | runlevel |
Hardware Information | dmidecode |
Timezone Management | /etc/sysconfig/clock |
NTP Daemon | /etc/ntp.conf /etc/rc.d/init.d/xntpd |
Show Hidden Files&Folders, If disabled by virus
Method 1:
Go to registry editor by running regedit in the run box.Go to this key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
In the right hand area, double click hidden and change the value to 1.
Now you’re all set to go. Check it in your tools menu if the changes have taken effect.
Method 2:
1. Click “Start” -> “Run…” (or press Windows key + R)
2. Type “regedit” and click “Ok”.
3. Find the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
4. Look at the “CheckedValue” key… This should be a DWORD key. If it isn’t, delete the key.
5. Create a new key called “CheckedValue” as a DWORD (hexadecimal) with a value of 1.
6. The “Show hidden files & folders” check box should now work normally
Go to registry editor by running regedit in the run box.Go to this key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
In the right hand area, double click hidden and change the value to 1.
Now you’re all set to go. Check it in your tools menu if the changes have taken effect.
Method 2:
1. Click “Start” -> “Run…” (or press Windows key + R)
2. Type “regedit” and click “Ok”.
3. Find the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
4. Look at the “CheckedValue” key… This should be a DWORD key. If it isn’t, delete the key.
5. Create a new key called “CheckedValue” as a DWORD (hexadecimal) with a value of 1.
6. The “Show hidden files & folders” check box should now work normally
Restoring a Corrupted Registry using Linux Live CD
To run the following commands, you must either use a Boot CD that will give you read/write access to the Windows partition, or put your drive into a working system and run these commands on your Windows Partition from that system. Note that the Windows
Recovery Console will not work to run these commands because it will not allow read access to the "System Volume Information" folder.
First, backup the existing Registry - You can do this with the following commands using a GNU/Linux Boot CD: mkdir /windrive
ntfs-3g /dev/sda1 /windrive (this could be /dev/hda1 if using ide drives)
mkdir /windrive/regbackup
cp /windrive/WINDOWS/system32/config/system /windrive/regbackup
cp /windrive/WINDOWS/system32/config/software /windrive/regbackup
cp /windrive/WINDOWS/system32/config/sam /windrive/regbackup
cp /windrive/WINDOWS/system32/config/security /windrive/regbackup
cp /windrive/WINDOWS/system32/config/default /windrive/regbackup
cd
umount /windrive
Now, copy a System Restore Point Registry to the config directory - To do this, you have to figure out which System Restore Point is somewhat recent, you can do this using a Linux CD by issuing the "ls -l" command to find out the dates of the folders. The System Restore Points are located in the "System Volume Information" directory. Here is an example (remember that GNU/Linux has Tab Completion): mkdir /windrive
ntfs-3g /dev/sda1 /windrive (this could be /dev/hda1 if using ide drives)
cd /windrive/System\ Volume\ Information
ls -l
cd _restore{2E926FD9-.......} (Select the recently created file like one or two days back)
cd RP1/snapshot
cp _REGISTRY_MACHINE_SYSTEM /windrive/WINDOWS/system32/config/system
cp _REGISTRY_MACHINE_SOFTWARE /windrive/WINDOWS/system32/config/software
cp _REGISTRY_MACHINE_SAM /windrive/WINDOWS/system32/config/sam
cp _REGISTRY_MACHINE_SECURITY /windrive/WINDOWS/system32/config/security
cp _REGISTRY_MACHINE_.DEFAULT /windrive/WINDOWS/system32/config/default
cd /
umount /windrive
Now, when you restart the computer, you will be using the restored Registry.
Recovery Console will not work to run these commands because it will not allow read access to the "System Volume Information" folder.
First, backup the existing Registry - You can do this with the following commands using a GNU/Linux Boot CD: mkdir /windrive
ntfs-3g /dev/sda1 /windrive (this could be /dev/hda1 if using ide drives)
mkdir /windrive/regbackup
cp /windrive/WINDOWS/system32/config/system /windrive/regbackup
cp /windrive/WINDOWS/system32/config/software /windrive/regbackup
cp /windrive/WINDOWS/system32/config/sam /windrive/regbackup
cp /windrive/WINDOWS/system32/config/security /windrive/regbackup
cp /windrive/WINDOWS/system32/config/default /windrive/regbackup
cd
umount /windrive
Now, copy a System Restore Point Registry to the config directory - To do this, you have to figure out which System Restore Point is somewhat recent, you can do this using a Linux CD by issuing the "ls -l" command to find out the dates of the folders. The System Restore Points are located in the "System Volume Information" directory. Here is an example (remember that GNU/Linux has Tab Completion): mkdir /windrive
ntfs-3g /dev/sda1 /windrive (this could be /dev/hda1 if using ide drives)
cd /windrive/System\ Volume\ Information
ls -l
cd _restore{2E926FD9-.......} (Select the recently created file like one or two days back)
cd RP1/snapshot
cp _REGISTRY_MACHINE_SYSTEM /windrive/WINDOWS/system32/config/system
cp _REGISTRY_MACHINE_SOFTWARE /windrive/WINDOWS/system32/config/software
cp _REGISTRY_MACHINE_SAM /windrive/WINDOWS/system32/config/sam
cp _REGISTRY_MACHINE_SECURITY /windrive/WINDOWS/system32/config/security
cp _REGISTRY_MACHINE_.DEFAULT /windrive/WINDOWS/system32/config/default
cd /
umount /windrive
Now, when you restart the computer, you will be using the restored Registry.
Collecting Server Hardware Information in Linux
To Print Entire Hardware Information - dmidecode
To List PCI devices - lspci
To List USB devices - lsusb
To Find CPU Information - cat /proc/cpuinfo
To Find Memory/RAM in Information,
1. cat /proc/meminfo
2. free -m
2. free -m
To find Hard disk Information,
- fdisk –l
- df –h
- vgdisplay
- lvdisplay
To Know SWAP information,
cat /proc/swaps
To detect Hardware Changes,
service kudzu restart
To See Kernel Version, Architecture, OS Release Version, etc..
- uname –a
- cat /etc/redhat-release
Cron Task
Configuring a Cron Task
The main configuration file for cron, /etc/crontab, contains the following lines:SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly |
The first four lines are variables used to configure the environment in which the cron tasks are run. The value of theSHELL variable tells the system which shell environment to use (in this example the bash shell), and the PATHvariable defines the path used to execute commands. The output of the cron tasks are emailed to the username defined with the MAILTO variable. If the MAILTO variable is defined as an empty string (MAILTO=""), email will not be sent (sendmail on ESX is not installed by default). The HOME variable can be used to set the home directory to use when executing commands or scripts.
Each line in the /etc/crontab file has the format:
minute hour day month dayofweek command |
- minute — any integer from 0 to 59
- hour — any integer from 0 to 23
- day — any integer from 1 to 31 (must be a valid day if a month is specified)
- month — any integer from 1 to 12 (or the short name of the month such as jan, feb, and so on)
- dayofweek — any integer from 0 to 7 where 0 or 7 represents Sunday (or the short name of the week such as sun, mon, and so on)
- command — the command to execute. The command can either be a command such as ls /proc >> /tmp/proc or the command to execute a custom script that you wrote.
A hyphen (-) between integers specifies a range of integers. For example, 1-4 means the integers 1, 2, 3, and 4.
A list of values separated by commas (,) specifies a list. For example, 3, 4, 6, 8 indicates those four specific integers.
The forward slash (/) can be used to specify step values. The value of an integer can be skipped within a range by following the range with /<integer>. For example, 0-59/2 can be used to define every other minute in the minute field. Step values can also be used with an asterisk. For instance, the value */3 can be used in the month field to run the task every third month.
Any lines that begin with a hash mark (#) are comments and are not processed.
Examples of crontabs
As you can see from the /etc/crontab file, it uses the run-parts script to execute the scripts in the /etc/cron.hourly,/etc/cron.daily, /etc/cron.weekly, and /etc/cron.monthly files on an hourly, daily, weekly, or monthly basis respectively. The files in these directory should be shell scripts. # record the memory usage of the system every monday
# at 3:30AM in the file /tmp/meminfo
30 3 * * mon cat /proc/meminfo >> /tmp/meminfo
# run custom script the first day of every month at 4:10AM
10 4 1 * * /root/scripts/backup.sh |
If a cron tasks needs to be executed on a schedule other than hourly, daily, weekly, or monthly, it can be added to the /etc/cron.d directory. All files in this directory use the same syntax as /etc/crontab.
The cron daemon checks the etc/crontab file, the etc/cron.d/ directory, and the /var/spool/cron directory every minute for any changes. If any changes are found, they are loaded into memory. Thus, the daemon does not need to be restarted if a crontab file is changed.
Users other than root can configure cron tasks by using the crontab utility. All user-defined crontabs are stored in the/var/spool/cron directory and are executed using the usernames of the users that created them. To create a crontab as a user, login as that user and type the command crontab -e to edit the user's crontab using the editor specified by the VISUAL or EDITOR environment variable. The file uses the same format as /etc/crontab. When the changes to the crontab are saved, the crontab is stored according to username and written to the file /var/spool/cron/username.