Ubuntu Server Setup
Upgrading Ubuntu Server to a new release
- Install update-manager-core if it is not already installed:
- sudo apt-get install update-manager-core
- Launch the upgrade tool:
- sudo do-release-upgrade
Turn on Mod Rewrite
1. a2enmod rewrite 2. restart apache server 3. edit vhost file AllowOverride all
Shell Scripting
• Scripts must be chmod 755 so they can execute • #!/bin/bash (add to the top of the shell script so it can use the bash shell to interpret the script, you can also add python or other shell programs) • Postional Parameters: $0 ... $9 $@ to access all 0-9 // like in a loop • Exit Status return Codes: Range from 0 to 255: 0 = success: Other than 0 = error condition: use man or info to find meanign of exit status &bull, $? contains the return code of the previously executed command ls /not/here echo "$?" Another Code example HOST="google.com" ping -c 1 $HOST # -c 1 means it will send 1 ping if["$?" -eg "0"] then echo "$HOST reachable" else "$HOST unreachable" fi && and || -the second statement only executes if the first one was successfull mkdir /tmp/bak && cp test.txt /tmp/bak/ -the second statement will execute only if the first one fails cp test.txt /tmp/bak/ || cp test.txt /tmp • chain multiple commands together using a ; (semicolon) cp test.txt /tmp/ ; cp test.txt /bak
File Operators (test)
-d FILE -true if is a directory -e FILE True if file exists -f FILE True if file exist and is a regular file -r FILE True if file is readable by you -s FILE True if file exists and is not empty -w FILE True if file is writable by you -x FILE True if file is executable by you -z FILE True if string is empty -n FILE True if string is not empty String1=String2 true if strings are equal String1 != string2 True if the strings are not equal arg1 -eq arg2 equal arg1 -ne arg2 not equal arg1 -lt arg2 less than arg1 -le arg2 less than or equal to arg1 -gt arg2 greater than arg1 -ge arg2 greater than or equal to read -p "Prompt to dispaly" VarableName accepting user input
for loop to rename all jpg files with the date
#!/bin/bash PICTURES=$(ls *.jpg) DATE=$ (date +%F) for PICTURES IN $PICTURES do echo "Renaming ${PICTURE} to ${DATE} - ${PICTURE}" mv $[PICTUE} ${DATE}-${PICTURE} done // Output renaming bear.jpg to 2015-03-06-bear.jpg
Adding exit commands to scripts
#!/bin/bash HOST="google.com" ping -c 1 $HOST IF [ "$?" -ne"0" ] then echo "$HOST unrechale" exit 1 fi exit 0
Creating a Function
function function-name() {# code goes here} Calling a Function function hello() { echo "hello: } hello (you don't need the () just call the name of the function) ** Positional Parameters and passing info to a funciton #!/bin/bash function hello(){ echo "hello $1" } hello robert # robert is passed to the function hello #output is hello Robert ** Outputting miltple calls to a function #!/bin/bahs funciton hello() { for NAME in $@ do echo "Hello $NAME" done } hello robert bob dan Output hello robert bob dan Using Wildcards * -matches zero or more characters *.txt a* a*.txt ? - matches exactly one character ?.txt a? a?.txt [] character class - matches any of the characters included between the brackets. Matches exactly one character. [aeiou]* exampld: ls -la [abge]* ca[nt] matches:(it will match either the n or the t) can, cat, candy, catch [!] Matches any characters NOT included between the brackets. Matches exactly one character. [!aeiou]* would match below bacause it does not start with any of those letters baseball, cricket Select a range [a-g]* matches files that start with a,b,c,d,e,f,g [3-6]* matches all files start with 3,4,5,6 Using predefined Character Classes [[:alpha:]] [[:alnum:]] [[:digit:]] [[:lower:]] [[:upper:]] [[:space:]] #!/bin/bash cd /var/www/bash # there's a space after the "if", space afer ! then a space after "[", space before "]" if [ ! -d /var/www/bash/text/ ] then mkdir /var/www/bash/text fi for FILE in *.txt do echo "Copying $FILE" cp $FILE /var/www/bash/text done Case Statements
Simple Backup bash shell script
#!/bin/bash tar -czf myhome_directory.tar.gz /home/linuxconfig Your backup script and variables: #!/bin/bash OF=myhome_directory_$(date +%Y%m%d).tar.gz tar -czf $OF /home/linuxconfig We can use while loop to check if file does not exists. This script will sleep until file does exists. Note bash negator "!" which negates the -e option. #!/bin/bash while [ ! -e myfile ]; do # Sleep until file does exists/is created sleep 1 done
Apache Commands
- List apache packages and versions
- dpkg -l | grep apache
- shows version of ubnuntu
- cat /etc/issue
- shows version of ubuntu
- cat /etc/*-release
- give detail status of the service
- apachectl status
- Gives info on where config file is located
- apachectl -V
- Search the entire server for the file
- find / | grep "apache2\.conf"
- Info for each line in the .conf File
- Displays Config Info about all Virtual Hosts
- apachectl -t -D DUMP_VHOSTS
- Display All Modules form Apache
- apachectl -t -D DUMP_MODULES
- Enable and Disable Modules
- Directory for Modules
- /etc/apache2/modes-available and /etc/apache2/mods-enabled
- a2enmod and a2dismod will enable of disable modules
- Find where the apache error log is located
- grep -Ri ErrorLog /etc/apache2
- Watch Error log in realtime
- tail -f error.log
- Tools to Analize log files
- AWStats - awstats.sourceforge.net
- GoAccess - Terminal app
- goaccess.prosoftcorp.com
Using SMTP to send email
apt-get install php-pear pear install Mail pear install Net_SMTP restart apache ## you have to include this in your code. require_once 'Mail.php'; ## there is a lot more info you have to provide. do a search or pear mail
Setting up Postfix to send mail
sudo apt-get install postfix Options Satellite domain.com smtp server= ip address or smtp.domain.com service restart postfix Postfix config file /etc/postfix/main.cf
Giving Root Privileges to another Account
edit /etc/sudoers.tmp #User previlege specification root ALL=(ALL:ALL)ALL # copy the settings of the root and adapt it to your username alex ALL=(ALL:ALL)ALL
Installing Node.js
sudo apt-get install python-software-properties add-apt-repository ppa:chris-lea/node.js apt-get update apt-get install nodejs npm
Search Repositories
sudo apt-cache search python will search the cached repo of all python
Changing Mac Address Linux
ifconfig wlan0 down ifconfig wlan0 hw ether de:ad:be:ef:co:fe ifconfig wlan0 up ifconfig wlan0 | grep HWaddr
Repair Perl Locale Errors on Ubuntu
sudo apt-get install language-pack-en-base sudo dpkg-reconfigure locales if that dosent work then try this export LANGUAGE=en_US.UTF-8 export LANG=en_US.UTF-8 export LC_ALL=en_US.UTF-8 locale-gen en_US.UTF-8 apt-get install locales dpkg-reconfigure locales
Remove Old host keys from Known_hosts
ssh-keygen -f "/root/.ssh/known_hosts" -R 192.168.20.133
Sync Time with ntp server
Using the command line, you can use dpkg-reconfigure tzdata. dpkg-reconfigure tzdata Follow instructions install ntp sudo apt-get install ntp
Setting up a Cron Job
Using cron Use the personal crontab to setup your jobs type crontab -e ** use the -e switch, do not edit the file directly Everthing is the same as below except the 6th space in the personal crontab is the field to execute as oposed to the user to run the job example * * * * * /backup/script.sh as opposed to * * * * * root /backup/script.sh crontab -l - shows scheduled jobs crontab -r remove the current crontab file In the /etc directory you will probably find some sub directories called 'cron.hourly', 'cron.daily', 'cron.weekly' and 'cron.monthly'. If you place a script into one of those directories it will be run either hourly, daily, weekly or monthly, depending on the name of the directory. If you want more flexibility than this, you can edit a crontab (the name for cron's config files). The main config file is normally /etc/crontab. On a default RedHat install, the crontab will look something like this: root@pingu # cat /etc/crontab SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root HOME=/ # run-parts 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly The first part is almost self explanatory; it sets the variables for cron. SHELL is the 'shell' cron runs under. If unspecified, it will default to the entry in the /etc/passwd file. PATH contains the directories which will be in the search path for cron e.g if you've got a program 'foo' in the directory /usr/cog/bin, it might be worth adding /usr/cog/bin to the path, as it will stop you having to use the full path to 'foo' every time you want to call it. MAILTO is who gets mailed the output of each command. If a command cron is running has output (e.g. status reports, or errors), cron will email the output to whoever is specified in this variable. If no one if specified, then the output will be mailed to the owner of the process that produced the output. HOME is the home directory that is used for cron. If unspecified, it will default to the entry in the /etc/passwd file. Now for the more complicated second part of a crontab file. An entry in cron is made up of a series of fields, much like the /etc/passwd file is, but in the crontab they are separated by a space. There are normally seven fields in one entry. The fields are: minute hour dom month dow user cmd minuteThis controls what minute of the hour the command will run on, and is between '0' and '59' hourThis controls what hour the command will run on, and is specified in the 24 hour clock, values must be between 0 and 23 (0 is midnight) domThis is the Day of Month, that you want the command run on, e.g. to run a command on the 19th of each month, the dom would be 19. monthThis is the month a specified command will run on, it may be specified numerically (0-12), or as the name of the month (e.g. May) dowThis is the Day of Week that you want a command to be run on, it can also be numeric (0-7) or as the name of the day (e.g. sun). userThis is the user who runs the command. cmdThis is the command that you want run. This field may contain multiple words or spaces. Fields .---------------- minute (0 - 59) | .------------- hour (0 - 23) | | .---------- day of month (1 - 31) | | | .------- month (1 - 12) OR jan,feb,mar,apr ... | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat | | | | | * * * * * If you don't wish to specify a value for a field, just place a * in the field. e.g. 01 * * * * root echo "This command is run at one min past every hour" 17 8 * * * root echo "This command is run daily at 8:17 am" 17 20 * * * root echo "This command is run daily at 8:17 pm" 00 4 * * 0 root echo "This command is run at 4 am every Sunday" * 4 * * Sun root echo "So is this" 42 4 1 * * root echo "This command is run 4:42 am every 1st of the month" 01 * 19 07 * root echo "This command is run hourly on the 19th of July" Notes: Under dow 0 and 7 are both Sunday. If both the dom and dow are specified, the command will be executed when either of the events happen. e.g. * 12 16 * Mon root cmd Will run cmd at midday every Monday and every 16th, and will produce the same result as both of these entries put together would: * 12 16 * * root cmd * 12 * * Mon root cmd Vixie Cron also accepts lists in the fields. Lists can be in the form, 1,2,3 (meaning 1 and 2 and 3) or 1-3 (also meaning 1 and 2 and 3). e.g. 59 11 * * 1,2,3,4,5 root backup.sh Will run backup.sh at 11:59 Monday, Tuesday, Wednesday, Thursday and Friday, as will: 59 11 * * 1-5 root backup.sh Cron also supports 'step' values. A value of */2 in the dom field would mean the command runs every two days and likewise, */5 in the hours field would mean the command runs every 5 hours. e.g. * 12 10-16/2 * * root backup.sh is the same as: * 12 10,12,14,16 * * root backup.sh */15 9-17 * * * root connection.test Will run connection.test every 15 mins between the hours or 9am and 5pm Lists can also be combined with each other, or with steps: * 12 1-15,17,20-25 * * root cmd Will run cmd every midday between the 1st and the 15th as well as the 20th and 25th (inclusive) and also on the 17th of every month. * 12 10-16/2 * * root backup.sh is the same as: * 12 10,12,14,16 * * root backup.sh When using the names of weekdays or months, it isn't case sensitive, but only the first three letters should be used, e.g. Mon, sun or Mar, jul. Comments are allowed in crontabs, but they must be preceded with a '#', and must be on a line by them self.
scp without password - keygen
Generate a public/private key pair on the local machine. ssh-keygen -t rsa In response, you should see: Generating public/private rsa key pair Enter file in which to save the key ... Press Enter to accept this. In response, you should see: Enter passphrase (empty for no passphrase): You don't need a passphrase, so press Enter twice. In response, you should see: Your identification has been saved in ... Your public key has been saved in ... Note the name and location of the public key just generated. It always ends in .pub. Copy the public key id_rsa.pub just generated to all of your remote Linux boxes. You can use scp or FTP or whatever to make the copy. Assuming you're using root--again, see my warning in step 1--the key must be contained in the file /root/.ssh/authorized_keys. Or, if you are logging in as a user, for example, clyde, it would be in /home/clyde/authorized_keys. Notice that the authorized_keys file can contain keys from other PCs. So, if the file already exists and contains text, you need to append the contents of your public key file to what already is there cat id_rsa.pub >> authorized_keys The files are stored in root/.ssh if the authorized_keys file does not exist create it and copy the id_rsa.pub from the other machine and paste in the authorized_keys file do it for each machine so each machine has the other .pub info inthe authorized_key file if the file already exist, just edit it and paste the other machine's .pub info.
Virtual Host Setup to display domain without the www
Setup Virtual host so www.domain.com works and domain.com works. ServerName www.domain.com ServerAlias domain.com This will allow the domain to come up with the www
Finding out Package Dependencies with apt-redepends
1 Installing apt-rdepends apt-rdepends can be installed as follows: apt-get install apt-rdepends If you are on Ubuntu and are not logged in as root, use sudo apt-get install apt-rdepends apt-rdepends can be used as follows: apt-rdepends <packagename> For example, to find out all dependencies of the package wget, run: apt-rdepends wget For most packages, the output is even longer and might not fit on your screen. In these cases you can pipe the output into more (or less), e.g. as follows: apt-rdepends apache2 | more apt-rdepends apache2 | less
Set Time zone in Ubuntu Server
dpkg-reconfigure tzdata
Installing Java in Ubuntu
sudo add-apt-repository ppa:sun-java-community-team/sun-java6 sudo apt-get update sudo apt-get install sun-java6-bin sun-java6-plugin
Install Lamp with 1 command
Open terminal and Type the command :install it first with sudo apt-get install tasksel Now to install LAMP, type "tasksel" in terminal : And select LAMP Server: During the installation you will be asked to insert the mysql root password Now check if php is working : $sudo vi /var/www/info.php and add 1. 2. phpinfo(); 3. ?> save and exit restart apache2 , #sudo /etc/init.d/apache2 restart Now open browser and type : http://ip/info.php or http://localhost/info.php Php is installed. To full manage your lamp Server database, install phpmyadmin sudo apt-get install phpmyadmin To login to phpmyadmin, open browser and type : http://ip/phpmyadmin or http://localhost/phpmyadmin
Remove mysql
dpkg -l | grep mysql sudo dpkg -P –force-all <package name>
Manually install apache2, php5 mysql
sudo apt-get install apache2 sudo apt-get install php5 libapache2-mod-php5 sudo apt-get install mysql-server 6 Getting MySQL Support In PHP5 To get MySQL support in PHP, we can install the php5-mysql package. It's a good idea to install some other PHP5 modules as well as you might need them for your applications. You can search for available PHP5 modules like this: aptitude search php5 Pick the ones you need and install them like this: aptitude install php5-mysql php5-curl php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-mhash php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-json Now restart Apache2:
How to check Ubuntu's version
cat /etc/issue uname -a : print all information uname -r : print the kernel release uname -v : print the kernel version uname -o : print the operating system
How do I find out what version of Linux distribution I'm using
cat /etc/*-release
Installing Curl in ubuntu
sudo apt-get install php5-curl Now you have PHP cURL installed, the next thing you need to do is to restart apache2, run the following command in your terminal: sudo /etc/init.d/apache2 restart
Chmod Octal Codes
Permissions may be granted using human readable assignments "rwx" or octal codes.
Owner/Group/Other
Description | Abreviation | Octal code |
---|---|---|
Read access | r | 4 |
Write (change) permission | w | 2 |
Execute script of binary executable | x | 1 |
Read and Execute | rx | 5 |
Read and Write | rw | 6 |
Read, Write and Execute | rwx | 7 |
Use of octal assignment does not add or remove permission, but assigns the permission explicitly. Examples:
- Assign yourself full access to read and modify the file, allow members of the group to read it and do not allow any others access: *
chmod 640 filename
- Assign execute status to a script with the same access as the previous example. (Without it, a script is like any other text file)*
chmod 740 filename
Modifying Ip Address in Ubuntu Terminal
sudo nano /etc/network/interfaces Once your prefered editor opens the file you want to enter the following information (changing your addresses where necessary): auto lo eth0 iface lo inet loopback iface eth0 inet static address xxx.xxx.xxx.xxx(enter your ip here) netmask xxx.xxx.xxx.xxx gateway xxx.xxx.xxx.xxx(enter gateway ip here) Be sure to save your changes. Step 2.2 – Manually configure your dns configuration file: You can edit the appropriate file by entering the following command into the terminal: sudo nano /etc/resolv.conf Once your preferred editor opens the file you want to enter the following information (changing your addresses where necessary): # Generated by NetworkManager nameserver xxx.xxx.xxx.xxx(enter your dns server ip) nameserver xxx.xxx.xxx.xxx(enter your alt dns server ip) Be sure to save your changes. Step 2.3 – Manually restart your network interface with the new settings: Enter the following command in the terminal: sudo /etc/init.d/networking restart This should return a result that looks like the following: *Reconfiguring network interfaces… [OK] At this point in your terminal you should be able to run the ifconfig command and the results should reflect your new settings. If the addressing is correct you should have full network access, even after a system restart.
Uninstalling an app in shell
sudo apt-get autoremove "appname" then remove any directories that are left over
Ubuntu Php.ini Settings
These are lines i modify in the php.ini file to get joomla working /etc/php5/apache2/php.ini ; Maximum size of POST data that PHP will accept. post_max_size = 100M ; Maximum allowed size for uploaded files. upload_max_filesize = 200M memory_limit = 32M ; Maximum amount of memory a script may consume (16MB)
Setting up a network from the command Line
Network Configuration
Ubuntu ships with a number of graphical utilities to configure your network devices. This document is geared toward server administrators and will focus on managing your network on the command line.
Ethernet
Most Ethernet configuration is centralized in a single file, /etc/network/interfaces. If you have no Ethernet devices, only the loopback interface will appear in this file, and it will look something like this:
- This file describes the network interfaces available on your system
- and how to activate them. For more information, see interfaces(5).
- The loopback network interface
auto lo iface lo inet loopback address 127.0.0.1 netmask 255.0.0.0 If you have only one Ethernet device, eth0, and it gets its configuration from a DHCP server, and it should come up automatically at boot, only two additional lines are required:
auto eth0 iface eth0 inet dhcp The first line specifies that the eth0 device should come up automatically when you boot. The second line means that interface (“iface”) eth0 should have an IPv4 address space (replace “inet” with “inet6” for an IPv6 device) and that it should get its configuration automatically from DHCP. Assuming your network and DHCP server are properly configured, this machine's network should need no further configuration to operate properly. The DHCP server will provide the default gateway (implemented via the route command), the device's IP address (implemented via the ifconfig command), and DNS servers used on the network (implemented in the /etc/resolv.conf file.)
To configure your Ethernet device with a static IP address and custom configuration, some more information will be required. Suppose you want to assign the IP address 192.168.0.2 to the device eth1, with the typical netmask of 255.255.255.0. Your default gateway's IP address is 192.168.0.1. You would enter something like this into /etc/network/interfaces:
iface eth1 inet static address 192.168.0.2 netmask 255.255.255.0 gateway 192.168.0.1 In this case, you will need to specify your DNS servers manually in /etc/resolv.conf, which should look something like this:
search mydomain.example nameserver 192.168.0.1 nameserver 4.2.2.2 The search directive will append mydomain.example to hostname queries in an attempt to resolve names to your network. For example, if your network's domain is mydomain.example and you try to ping the host “mybox”, the DNS query will be modified to “mybox.mydomain.example” for resolution. The nameserver directives specify DNS servers to be used to resolve hostnames to IP addresses. If you use your own nameserver, enter it here. Otherwise, ask your Internet Service Provider for the primary and secondary DNS servers to use, and enter them into /etc/resolv.conf as shown above.
Many more configurations are possible, including dialup PPP interfaces, IPv6 networking, VPN devices, etc. Refer to man 5 interfaces for more information and supported options. Remember that /etc/network/interfaces is used by the ifup/ifdown scripts as a higher level configuration scheme than may be used in some other Linux distributions, and that the traditional, lower level utilities such as ifconfig, route, and dhclient are still available to you for ad hoc configurations.
Managing DNS Entries
This section explains how to configure which nameserver to use when resolving IP addresses to hostnames and vice versa. It does not explain how to configure the system as a name server.
To manage DNS entries, you can add, edit, or remove DNS names from the /etc/resolv.conf file. A sample file is given below:
search com nameserver 204.11.126.131 nameserver 64.125.134.133 nameserver 64.125.134.132 nameserver 208.185.179.218 The search key specifies the string which will be appended to an incomplete hostname. Here, we have configured it to com. So, when we run: ping ubuntu it would be interpreted as ping ubuntu.com.
The nameserver key specifies the nameserver IP address. It will be used to resolve a given IP address or hostname. This file can have multiple nameserver entries. The nameservers will be used by the network query in the same order.
[Warning] If the DNS server names are retrieved dynamically from DHCP or PPPoE (retrieved from your ISP), do not add nameserver entries in this file. It will be overwritten.
Managing Hosts
To manage hosts, you can add, edit, or remove hosts from /etc/hosts file. The file contains IP addresses and their corresponding hostnames. When your system tries to resolve a hostname to an IP address or determine the hostname for an IP address, it refers to the /etc/hosts file before using the name servers. If the IP address is listed in the /etc/hosts file, the name servers are not used. This behavior can be modified by editing /etc/nsswitch.conf at your peril.
If your network contains computers whose IP addresses are not listed in DNS, it is recommended that you add them to the /etc/hosts file.
Iptables open ftp port 21
Use iptables administration tool for IPv4 packet filtering and NAT under Linux to open tcp port 21 (FTP). Following rule-set assumes that your eth0 network interface directly connected to internet. It has public ip (202.54.1.20). FTP use both port 21 and 20 (port 21 for the command port and port 20 for the data). So following iptables rules take care of both ports (add rules to your iptables script): Procedure Add support for FTP connection tracking. Task load required iptables modules First login as the root user. Next type the following command to load two iptables modules: # modprobe ip_conntrack # modprobe ip_conntrack_ftp Now add following iptables rules for incoming request on port 21 (open port 21) to your script: iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.54.1.20 --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 21 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.54.1.20 --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 1024:65535 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -s 202.54.1.20 --sport 20 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 202.54.1.20 --dport 20 -m state --state ESTABLISHED -j ACCEPT