Pages

Showing posts with label LINUX. Show all posts
Showing posts with label LINUX. Show all posts

Tuesday, November 26, 2024

Harvester Setup and Configuration

Harvester is an open-source hyperconverged infrastructure (HCI) software that provides a powerful and easy-to-use platform for deploying and managing virtual machines (VMs). Built on Kubernetes, it simplifies the process of setting up and maintaining a virtualized environment. 

The following steps will guide you in setting up Harvester 

Download the Harvester ISO from the website.

Make a bootable USB from the ISO with any of the following tools

  • https://etcher.balena.io/
  • https://rufus.ie/en/

Once the machine has been booted from USB we will get the following Page



Once booted, follow the steps to complete the installatoon

  1. Cluster Creation:
    • Select "Create a new Harvester Cluster"
  2. Disk Selection:
    • Use the right arrow key to navigate and choose a disk for Harvester's system.
    • Select a separate disk dedicated to storing virtual machine data.
  3. Host Configuration:
    • Enter a hostname for your Harvester node.
  4. Network Setup:
    • Use the right arrow key to select your network interface card (NIC).
    • Choose between DHCP or static IP configuration.
      • If using Static, provide the necessary network details (IP address, subnet mask, gateway).
    • Configure DNS server addresses.
  5. VIP Configuration:
    • Use the right arrow key to navigate, Choose between DHCP or static IP for the Virtual IP (VIP) address.
      • If using Static, enter the desired VIP.
  6. Cluster Token:
    • Set a cluster token. This is crucial for adding more nodes to your cluster later.
  7. Password and SSH:
    • Set a strong password for accessing the node (default SSH user is 'rancher').
  8. NTP Servers:
    • Configure NTP servers (defaults to 0.suse.pool.ntp.org) to ensure time synchronization across all nodes. Use commas to separate multiple server addresses.
  9. Optional Configurations:
    • HTTP Proxy: If needed, provide the proxy URL.
    • SSH Keys: Import SSH keys by providing their HTTP URL (e.g., GitHub public keys).
    • Harvester Configuration: If you have a specific configuration file, enter its HTTP URL.
  10. Review and Install:
    • Review all the settings you've configured.
    • Confirm to start the installation process. This might take a few minutes.
  11. Access Harvester:
    • After the node restarts, the Harvester console will show the management URL and node status.
    • Access the web interface using the provided URL (defaults to https://your-virtual-ip).
    • Use F12 to switch to the shell if needed, and type exit to return to the console.

Latest Steps can be found @  https://github.com/harvester/harvester

Saturday, May 18, 2024

PEAR Management in cPanel

Installing PEAR in cPanel: A Guide for PHP Developers

PEAR (PHP Extension and Application Repository) is a valuable resource for PHP developers, offering a framework and distribution system for reusable PHP components. Whether you're building custom web applications or need specific functionality, PEAR can streamline your development process.

In this guide, we'll walk you through the steps for installing PEAR in your cPanel environment. The process varies slightly depending on your PHP version:

PHP Versions Less Than 5.3

  1. Download go-pear: Use the following command in your terminal or SSH session:

    wget http://pear.php.net/go-pear
  2. Install PEAR: Run the downloaded script:

    php go-pear.php

    Follow the on-screen prompts to customize your installation.

PHP Versions 5.3 and Above

  1. Download go-pear.phar: Fetch the updated installer:

    wget http://pear.php.net/go-pear.phar
  2. Install PEAR: Execute the installer using the following command:

    php go-pear.phar
    

Important Notes

  • Root Access: You'll need root access (via SSH or console) to perform these commands. If you're not comfortable with server administration, contact your hosting provider for assistance.
  • Alternative Method: cPanel may have a built-in PEAR installer available in the software section. Check if this option exists for a more user-friendly installation.
Once PEAR is installed, you can manage packages using the pear command line tool:
  • Installing a Package:
    pear install <package_name>
  • Upgrading a Package:
    pear upgrade <package_name>
  • Uninstalling a Package:
    pear uninstall <package_name>
  • Listing Installed Packages:
    pear list

Why PEAR Matters

PEAR simplifies PHP development by providing:

  • Reusable Components: A vast library of code packages for various tasks.
  • Consistent Structure: A standardized way to organize and manage PHP projects.
  • Easy Installation: Simple commands for adding and updating packages.
  • Community Support: A large and active community of developers for troubleshooting and support.

By leveraging PEAR's capabilities, you can save time and effort while building robust and reliable PHP applications.

Let me know if you have any further questions about using PEAR with cPanel!

Recovering Mistakenly Deleted LVM Partitions: A Lifesaver for Linux Admins

We've all been there – a moment of inattention or a typo, and suddenly a crucial LVM partition is gone. Thankfully, Linux offers a built-in safety net for these scenarios. The vgcfgrestore command can be your lifeline for recovering accidentally deleted LVM partitions, saving you from potential data loss and downtime.

Understanding the Safety Net: LVM Configuration Backups

Linux diligently maintains backup copies of your LVM configurations in the /etc/lvm/archive directory. This archive acts as a time machine, allowing you to rewind and restore your LVM setup to a previous state.

Recovering a Deleted LVM Partition: Step-by-Step

Let's walk through a real-world scenario. Suppose you've accidentally deleted a 10GB LVM partition belonging to a volume group named "my-vg." Here's how to recover it:

Step 1: Locate the Backup Configuration

First, you need to find the relevant backup file in the /etc/lvm/archive directory. The vgcfgrestore command makes this easy:

sudo vgcfgrestore --list my-vg

This will list all available backup configurations for your "my-vg" volume group. The output might look something like this:

my-vg_00001-123456789.vg
my-vg_00002-692643462.vg  
... 

Identify the backup file you want to use (e.g., my-vg_00002-692643462.vg).

Step 2: Restore the LVM Partition

Now, you can restore the LVM configuration using the backup file and the vgcfgrestore command:

sudo vgcfgrestore -f /etc/lvm/archive/my-vg_00002-692643462.vg my-vg

If successful, you'll see the message:

Restored volume group my-vg

Important Note: Before restoring, double-check that you've selected the correct backup file! Restoring the wrong configuration could lead to unintended consequences.

After the Restoration

Once the volume group is restored, you'll need to reactivate it:

sudo vgchange -ay my-vg

You should now be able to see and use your recovered LVM partition again.

Prevention is Key

While vgcfgrestore is a lifesaver, it's always better to prevent data loss in the first place. Consider these best practices:

  • Regular Backups: Always maintain up-to-date backups of your entire system, including LVM metadata.
  • Double-Check Commands: Be extremely careful when executing commands that modify LVM partitions.
  • Use Snapshots: If you're unsure about a change, create an LVM snapshot first to have a rollback point.

Conclusion

The vgcfgrestore command is a powerful tool that can rescue you from the panic of accidentally deleting an LVM partition. By understanding how to use it and following preventive measures, you can confidently manage your LVM environment and ensure the safety of your data.

Using mdadm to Manage RAID and Multipath Storage on Linux: A Practical Guide with Examples

The mdadm command is a powerful tool for managing multiple device sets on Linux systems. It plays a crucial role in creating and maintaining RAID arrays, which provide redundancy and performance benefits, and multipath setups, which ensure data availability in case of hardware failure. Let's delve into how you can use mdadm to harness these powerful storage features, complete with practical examples.

Creating RAID Devices with mdadm

1. Define Your Configuration:

The /etc/mdadm.conf file is where you specify the devices and RAID level for your array.

Example: RAID 1 (Mirroring)

DEVICE /dev/sd[b,c]1  
ARRAY /dev/md0 level=raid1 raid-devices=2 /dev/sdb1 /dev/sdc1

This configuration creates a RAID 1 array (/dev/md0) that mirrors data across two devices (/dev/sdb1 and /dev/sdc1).

Example: RAID 5 (Striping with Parity)

DEVICE /dev/sd[b-d]1
ARRAY /dev/md0 level=raid5 raid-devices=3 /dev/sdb1 /dev/sdc1 /dev/sdd1

This configuration creates a RAID 5 array (/dev/md0) that stripes data across three devices with parity information for fault tolerance.

2. Create the RAID Array:

Use mdadm with the -C (create) option and the details from your configuration:

# RAID 1 example sudo mdadm -C /dev/md0 --level=raid1 --raid-devices=2 /dev/sdb1 /dev/sdc1 # RAID 5 example sudo mdadm -C /dev/md0 --level=raid5 --raid-devices=3 /dev/sdb1 /dev/sdc1 /dev/sdd1

3. Verify RAID Status:

Check the status of your newly created RAID array:

sudo mdadm --detail /dev/md0

You should see information about the RAID level, state (active, syncing, etc.), device status, and more.

Creating Multipath Devices with mdadm

Multipathing provides an additional layer of reliability by creating multiple paths to access a storage device.

sudo mdadm -C /dev/md1 --level=multipath --raid-devices=2 /dev/mapper/mpatha /dev/mapper/mpathb

This command creates a multipath device (/dev/md1) using two paths (/dev/mapper/mpatha and /dev/mapper/mpathb) that likely correspond to different physical disks.

Key Considerations

  • Choose the Right RAID Level:
    • RAID 0: Best for performance but no redundancy.
    • RAID 1: Offers redundancy with mirroring.
    • RAID 5: Good balance of performance and redundancy.
    • RAID 6: More redundancy than RAID 5 but slightly slower.
    • RAID 10: Combines mirroring and striping for both performance and redundancy.
  • Data Backup: RAID is not a backup solution; always maintain regular backups.
  • Hardware Compatibility: Ensure your hardware (controllers, disks) supports your chosen RAID level.

Conclusion

mdadm empowers you to create robust and fault-tolerant storage solutions on Linux. By mastering its capabilities, you can optimize your server's performance and protect your valuable data.

Let me know if you'd like more in-depth examples or have any specific scenarios you'd like to explore!

Mastering Installatron: A Guide to Installing and Uninstalling on Linux Servers

Installatron is a powerful web application installer that simplifies the deployment of popular scripts and CMS platforms like WordPress, Joomla, Drupal, and many more. It's a valuable tool for web hosting providers and system administrators who want to automate the process of setting up websites and applications for their clients.

In this guide, we'll walk you through the steps for installing and uninstalling Installatron on your Linux or FreeBSD server.

Installing Installatron

  1. Download the Installer Script: Open your terminal and run the following command to download the Installatron installation script:
wget http://data.installatron.com/installatron-plugin.sh
  1. Make the Script Executable: Give the script execute permissions:
chmod +x installatron-plugin.sh
  1. Run the Installer: Execute the script to begin the installation process:
./installatron-plugin.sh -f

The -f flag indicates a forced installation, which might be necessary in some cases.

The script will automatically install Installatron and its dependencies.

Uninstalling Installatron

If you need to remove Installatron from your server, follow these steps:

  1. Remove the Core Components: Execute the following commands to remove the core Installatron files:
rpm -e installatron-server rm -fr /usr/local/installatron rm -f /etc/cron.d/installatron
  1. Delete User Install Data (Optional): If you want to completely remove all traces of Installatron and the applications it installed, you can delete the user install data. Exercise caution here, as this will delete all data associated with installed applications.
rm -fr /var/installatron

Important Considerations:

  • Backups: Before installing or uninstalling any software, including Installatron, it's always a good practice to back up your server's data. This ensures you can easily restore your system in case anything goes wrong.
  • Dependencies: Installatron may rely on certain dependencies (like PHP or MySQL). Make sure these dependencies are installed and configured correctly before installing Installatron.
  • User Data: If you decide to remove user install data, be absolutely sure you don't need any of the installed applications or their data.

By following these instructions, you can confidently install and uninstall Installatron on your Linux server, giving you a versatile tool for managing web applications efficiently.

Lynis: Elevate Your Server Security with a Powerful Auditing Tool

In the ever-evolving landscape of cybersecurity, proactive security measures are paramount. One tool that can significantly bolster your server's defenses is Lynis, a comprehensive auditing and hardening tool designed to uncover vulnerabilities and security issues.

What is Lynis?

Lynis is an open-source security auditing tool that meticulously scans your server, assessing its configuration, software components, and potential weaknesses. It provides valuable insights into your system's overall security posture, enabling you to take proactive steps to harden it against potential threats.

Why Choose Lynis?

  • Comprehensive Scanning: Lynis analyzes a wide range of aspects, including operating system settings, network configuration, installed software, user accounts, file permissions, and much more.
  • Customizable Tests: You can tailor Lynis to focus on specific areas of concern, ensuring it aligns with your unique security requirements.
  • Detailed Reports: The tool generates detailed reports highlighting potential vulnerabilities, configuration issues, and recommendations for remediation.
  • Easy to Use: Lynis is designed to be user-friendly, even for those without deep security expertise.

Installing Lynis

  1. Create a Directory: Use the following command to create a directory where you'll store Lynis:

    mkdir /usr/local/lynis
  2. Download Lynis: Navigate to the new directory and download the latest stable version:

    cd /usr/local/lynis
    wget http://www.rootkit.nl/files/lynis-1.3.0.tar.gz 
    
  3. Extract the Files: Unpack the downloaded archive:

    tar -xvf lynis-1.3.0.tar.gz

Running and Using Lynis

  1. Become Root: You'll need root privileges to run Lynis because it accesses system-level information and writes logs.

  2. Run Lynis: Navigate to the Lynis directory and execute the script:

    cd lynis-1.3.0
    ./lynis

Lynis will begin its comprehensive scan, analyzing your server's configuration and security settings. The process may take a while, depending on the size and complexity of your system.

Reviewing the Report

Once the scan completes, Lynis will generate a detailed report. Typically, you'll find it in /var/log/lynis.log. This report is a goldmine of information, including:

  • Warnings: Potential vulnerabilities or misconfigurations that need your attention.
  • Suggestions: Recommendations for hardening your system based on Lynis' findings.
  • Details: In-depth explanations of each issue and why it matters.

Take the time to carefully review the report, prioritize the identified issues, and implement the suggested fixes.

Regular Audits

Remember, security is an ongoing process. Schedule regular Lynis scans to keep your server's security posture up-to-date and address any new vulnerabilities that may arise.

Lynis is an indispensable tool in your arsenal for maintaining a secure and resilient server environment. By proactively identifying and addressing vulnerabilities, you'll be well-equipped to protect your data and defend against potential threats.

Securing Your Linux System with SELinux: A Step-by-Step Installation Guide

Security-Enhanced Linux (SELinux) is a powerful security mechanism built into the Linux kernel. It provides an additional layer of protection beyond standard user permissions, helping to prevent unauthorized access and malicious activity. If you're serious about Linux security, understanding and using SELinux is a must.

In this guide, we'll walk you through the process of installing and configuring SELinux on your system.

Step 1: Install the SELinux Packages

Open your terminal and run the following command as the root user:

yum install -y selinux-policy-targeted selinux-policy libselinux libselinux-python libselinux-utils policycoreutils policycoreutils-python setroubleshoot setroubleshoot-server setroubleshoot-plugins

Verify that the packages are installed correctly:

rpm -qa | grep selinux
rpm -q policycoreutils
rpm -qa | grep setroubleshoot


Step 2: Prepare for Labeling

Before enabling SELinux, you need to label every file on your system with an SELinux context. To ensure a smooth boot, set SELinux to permissive mode in the /etc/selinux/config file:

SELINUX=permissive SELINUXTYPE=targeted

Step 3: Reboot and Label

Reboot your system. During the boot process, watch for a message indicating that files are being labeled with an SELinux context:

*** Warning -- SELinux targeted policy relabel is required. *** Relabeling could take a very long time, depending on file *** system size and speed of hard drives. ****


Step 4: Check for Denials (Permissive Mode)

While in permissive mode, SELinux doesn't enforce policies but logs any actions that would be denied in enforcing mode. Run the following command to check the logs:

grep "SELinux is preventing" /var/log/messages

If you see no output, it means there were no denied actions.

Step 5: Enable Enforcing Mode

If everything looks good, switch SELinux to enforcing mode in /etc/selinux/config:

SELINUX=enforcing SELINUXTYPE=targeted
Reboot again.

Step 6: Verify SELinux Status

After the reboot, verify that SELinux is running in enforcing mode:
getenforce
You should see the output "Enforcing."

Step 7: Check User Mappings

Finally, run this command to view the mapping between SELinux and Linux users:

semanage login -l

If the mappings aren't correct, follow the instructions in the content you provided to fix them.

The output should look like this:
Login Name SELinux User MLS/MCS Range __default__ unconfined_u s0-s0:c0.c1023 root unconfined_u s0-s0:c0.c1023 system_u system_u s0-s0:c0.c1023

Fixing Incorrect User Mappings:

If your output doesn't match the above, run the following commands as the root user. These commands ensure the correct mapping between Linux user accounts and their SELinux roles. If you see warnings about "SELinux-user username is already defined," you can safely ignore them.

semanage user -a -S targeted -P user -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u semanage login -m -S targeted -s "unconfined_u" -r s0-s0:c0.c1023 __default__ semanage login -m -S targeted -s "unconfined_u" -r s0-s0:c0.c1023 root semanage user -a -S targeted -P user -R guest_r guest_u semanage user -a -S targeted -P user -R xguest_r xguest_u

 

Important Considerations:
  • Permissive Mode vs. Enforcing Mode: Start with permissive mode to identify potential issues before switching to enforcing mode, where SELinux actively blocks unauthorized actions.
  • Troubleshooting: SELinux denials can be cryptic. To resolve issues, familiarize yourself with SELinux logs and troubleshooting tools like troubleshoot.
  • Customization: SELinux policies are highly customizable. Learn how to create custom policies to tailor SELinux to your specific environment.

By following these steps, you can effectively leverage SELinux to enhance the security of your Linux system.

Tuesday, May 14, 2024

Creating a New ReiserFS Partition for /var on HDD Using GParted: A Step-by-Step Guide

I will walk you through the process of creating a new ReiserFS partition for your /var directory on your hard drive using GParted, and configuring your system to use it. This can help in managing disk space more efficiently and improving system performance.

Step 1: Create a New ReiserFS Partition

Open GParted:Boot into a live session of your preferred Linux distribution and open GParted.
Identify the hard drive where you want to create the new partition (e.g., /dev/sda).


Create the Partition:Select the unallocated space or the partition you want to resize.
Create a new partition and choose "ReiserFS" as the file system.
Label the new partition as "var".

Step 2: Reboot into Emergency Mode

Reboot your system into emergency mode:This can be done by adding systemd.unit=emergency.target to the kernel parameters in your bootloader.


Remount Root as Read-Write:Once in emergency mode, remount the root filesystem as read-write


mount -o remount,rw /


Step 3: Mount the New PartitionMount the new partition to a temporary location


mount /dev/sda8 /mnt/new_var


Step 4: Copy the Existing /var Contents

Copy the contents of /var to the new partition

cd /var cp -Rax * /mnt/new_var/




Move back to the root directory

cd /




Rename the old /var directory

mv var var.old

Unmount the new partition from the temporary location

umount /mnt/new_var


Step 5: Mount the New Partition as /var

Create a new empty /var directory

mkdir /var

Mount the new partition to /var

mount /dev/sda8 /var


Step 6: Update /etc/fstabAdd the new partition to /etc/fstab for automatic mounting on boot:Open /etc/fstab in your preferred text editor

nano /etc/fstab


Add the following line

/dev/sda8 /var reiserfs defaults 0 2


Conclusion

By following these steps, you have successfully created a new ReiserFS partition for your /var directory and configured your system to use it. This process can help improve system performance and manage disk space more efficiently. If you encounter any issues, you can always revert to the old /var by mounting it back from the renamed var.old directory.

Remember to double-check your backups and ensure all critical data is secured before making such changes to your filesystem. Happy partitioning!

Thursday, May 9, 2024

How to Install and Configure Linux Socket Monitor (LSM) for Network and Inter-Process Monitoring

Linux Socket Monitor (LSM) is a powerful tool designed to monitor changes to ports and sockets, including both network and inter-process communication (IPC) sockets used between applications on the same machine. By comparing snapshots of socket configurations, LSM provides valuable insights into network activity and facilitates security monitoring. This guide walks you through the process of installing and configuring LSM on your Linux system.

1. Download LSM: Begin by downloading the latest version of LSM from the developer's website. Use the wget command to fetch the tarball
wget http://www.rfxn.com/downloads/lsm-current.tar.gz
2. Extract the Tarball: Once the download is complete, extract the contents of the tarball using the tar command:
tar -xvfz lsm-current.tar.gz
3. Install LSM: Navigate to the extracted directory and run the installation script
cd lsm-0.6 ./install.sh
Upon completion, you will receive a confirmation message displaying installation details and the path to the LSM executable.
4. Configure LSM: Open the LSM configuration file using a text editor (e.g., nano)
nano /usr/local/lsm/conf.lsm
Locate the line with the USER variable and replace the default value (typically "root") with your email address. This allows LSM to send notifications to the specified email address.
Example
USER="your_email@example.com"
Save the changes and exit the text editor.
5. Managing Snapshots: LSM creates snapshots of socket configurations for comparison. You can manage these snapshots using the following commands:Delete snapshots:
/usr/local/sbin/lsm -d
Manually run a comparison test: /usr/local/sbin/lsm -c
Generate base comparison files: /usr/local/sbin/lsm -g
By installing and configuring Linux Socket Monitor (LSM), you gain a powerful tool for monitoring network and inter-process communication on your Linux system. With LSM's ability to track changes to ports and sockets, you can enhance security monitoring and gain valuable insights into network activity.

Resolving SAR Error: "Cannot open /var/log/sa/sa08"

System Activity Reporter (SAR) is a powerful tool for monitoring system performance, but encountering errors can be frustrating. One common issue users face after installing SAR is the error message "Cannot open /var/log/sa/sa08: No such file or directory" when attempting to run the sar -q command. In this guide, we'll explore why this error occurs and provide step-by-step instructions to resolve it.

Understanding the Error: When executing sar -q, the system is unable to locate the specified SAR data file sa08. This file should be located in the directory /var/log/sa/. The absence of this file indicates that SAR has not been collecting data properly or has encountered an issue during data collection.

Troubleshooting Steps: Follow these steps to troubleshoot and resolve the SAR error:

Check SAR Installation: Ensure that SAR is installed correctly on your system. If not, install it using your package manager.


Verify SAR Data Collection: Confirm whether SAR is actively collecting system activity data. SAR typically collects data at regular intervals and stores it in the /var/log/sa/ directory. Use the command sar -q to check if the data file sa08 exists.


Check Cron Service: SAR relies on the cron service to schedule data collection. Check if the cron service is running by executing

/etc/init.d/crond status
If the service is not running, restart it using

/etc/init.d/crond restart
Restart syslog Service: SAR also depends on the syslog service for logging. Restart the syslog service to ensure proper functioning

/etc/init.d/syslog restart
Verify Data Collection Intervals: SAR collects data at regular intervals defined by cron jobs. Review the cron configuration to ensure that SAR cron jobs are configured correctly and running as expected.


Check File Permissions: Ensure that the /var/log/sa/ directory and SAR data files have appropriate permissions for SAR to read and write data. Correct any permission issues if found.

Conclusion: By following these troubleshooting steps, you can resolve the SAR error "Cannot open /var/log/sa/sa08: No such file or directory" and ensure that SAR functions properly for system performance monitoring. Regular monitoring with SAR is essential for identifying performance bottlenecks and optimizing system resources effectively.

Sunday, May 5, 2024

Resolving Email Sending and Receiving Issues in cPanel with a ClamAV Update

Introduction:

Email communication is fundamental in today's business landscape. However, disruptions in email services can occur, leading to significant communication breakdowns. This blog post explains a common issue encountered in cPanel related to email delivery and the steps we took to resolve it using the "Force ClamAV Update" feature in WHM's “ConfigServer MailScanner FE”.

The Challenge: Suddenly, our organization faced an email outage where neither incoming nor outgoing emails were being processed. This issue caused delays and affected our daily operations, emphasizing the need for a swift solution.

Diagnosing the Issue: Upon discovering the email delivery problem, our technical team immediately began troubleshooting. We checked the email queue and server logs in cPanel but didn't find any obvious errors. We suspected the issue might involve the email scanning tool integrated into our server—specifically ClamAV, a popular antivirus engine used to scan incoming and outgoing emails for threats.

Implementing the Solution: To address potential issues with ClamAV:

  1. We logged into the WHM (WebHost Manager).
  2. Navigated to “ConfigServer MailScanner FE” under the plugins section.
  3. Clicked on “Force ClamAV Update” to manually update the antivirus definitions.

Results: Shortly after updating ClamAV, the email functionality returned to normal. This indicated that the issue was likely due to outdated or corrupted antivirus definitions that interfered with email processing.

Why This Solution Worked: The "Force ClamAV Update" effectively refreshes ClamAV's database, ensuring that all email scans use the latest definitions. This is crucial because outdated definitions can lead to false positives or failures in properly scanning emails, which in turn can block legitimate emails from being sent or received.

Preventative Measures: To prevent similar issues in the future, consider the following steps:

  • Regular Monitoring: Keep an eye on the email system’s performance and logs for any unusual activity.
  • Scheduled Updates: Set automatic updates for ClamAV and other critical software to ensure all components are current.
  • Training: Educate your technical team on recognizing and resolving email delivery issues quickly and efficiently.

Conclusion: Email disruptions can cripple business operations, but many issues are manageable with the right tools and a proactive approach. The "Force ClamAV Update" feature in WHM's “ConfigServer MailScanner FE” is a vital tool for maintaining the integrity and functionality of your email systems. By sharing this solution, we hope to assist others in swiftly resolving similar email delivery challenges.

Resetting the Root Password in Rescue Mode: A Step-by-Step Guide

In critical situations where access to your server's root account is lost or compromised, resetting the root password becomes essential for restoring control over your system. This guide provides a comprehensive walkthrough of resetting the root password in rescue mode, ensuring you regain access to your server without data loss or downtime.

Losing access to the root account on a server can be a daunting scenario, but with the right approach, it's possible to regain control swiftly and securely. In this guide, we'll walk you through the step-by-step process of resetting the root password using rescue mode, a powerful tool that allows you to access and modify your server's filesystem even when it's unable to boot normally.

Step 1: Logging in to Rescue Mode Firstly, access your server through SSH console in rescue mode. This specialized mode provides a safe environment for performing critical operations on your server's filesystem.

Step 2: Identifying the Disk Partition Once logged in, use the fdisk -l command to list all disk partitions and identify the correct one where your root filesystem is located. Typically, this will be indicated by the size of the disk.

Step 3: Mounting the Disk Partition With the correct partition identified, mount it to a temporary directory using the mount /dev/xvda1 /mnt command, replacing /dev/xvda1 with the appropriate partition name.

Step 4: Entering the Mounted Filesystem If the chroot /mnt command doesn't work, try chroot /mnt /bin/bash to enter the mounted filesystem environment, allowing you to execute commands as if you were operating from the root directory.

Step 5: Resetting the Root Password Once inside the mounted filesystem, use the passwd root command to set a new password for the root account. Follow the prompts to enter and confirm the new password securely.

Step 6: Exiting the Chroot Environment After resetting the root password, exit the chroot environment by typing exit in the terminal, returning you to the rescue mode shell.

Step 7: Unmounting the Temporary Partition To finalize the process, unmount the temporary partition with the umount /mnt command, ensuring all changes are properly applied.

Step 8: Rebooting the Server Finally, reboot your server using the reboot command to apply the changes and allow the system to boot normally.

By following this step-by-step guide, you can confidently reset the root password in rescue mode, enabling you to regain control over your server and resume normal operations swiftly and securely. Remember to exercise caution and verify each step carefully to avoid unintended consequences.

Friday, April 26, 2024

Bash Shell Scripting

These tutorials cover various aspects of bash shell scripting, starting with basic script creation and execution, then progressing to more advanced topics such as variables, loops, conditional statements, quoting, arithmetic operations, and file redirections. Each section provides practical examples and explanations to help beginners understand and apply bash scripting concepts effectively.

1. Hello bourne - Bash Shell Scripting
First you need to find out where is your bash interpreter located. Enter the following into your command line:
$ which bash

bash interpreter location:
/bin/bash
Open up you favorite text editor and a create file called hello_BOURNE.sh. Insert the following lines to a file:
NOTE:Every bash shell script in this tutorial starts with shebang:"#!" which is not read as a comment. First line is also a place where you put your interpreter which is in this case: /bin/bash.
Here is our first bash shell script example:

#!/bin/bash
# declare STRING variable
STRING="Hello bourne"
#print variable on a screen
echo $STRING


Navigate to a directory where your hello_bourne.sh is located and make the file executable:

$ chmod +x hello_bourne.sh


Make bash shell script executable
Now you are ready to execute your first bash script:


./hello_bourne.sh


Example of simple bash shell script


2. Simple Backup bash shell script

#!/bin/bash
tar -czf myhome_directory.tar.gz /home/linuxconfig


Simple Backup bash script

3. Variables
In this example we declare simple bash variable and print it on the screen ( stdout ) with echo command.
#!/bin/bash
STRING="HELLO BOURNE!!!"
echo $STRING
Bash string Variables in bash script

Your backup script and variables:
#!/bin/bash
OF=myhome_directory_$(date +%Y%m%d).tar.gz
tar -czf $OF /home/linuxconfig
Bash backup Script with bash Variables

3.1. Global vs. Local variables
#!/bin/bash
#Define bash global variable
#This variable is global and can be used anywhere in this bash script
VAR="global variable"
function bash {
#Define bash local variable
#This variable is local to bash function only
local VAR="local variable"
echo $VAR
}
echo $VAR
bash
# Note the bash global variable did not change
# "local" is bash reserved word
echo $VAR
Global vs. Local Bash variables in bash script

4. Passing arguments to the bash script
#!/bin/bash
# use predefined variables to access passed arguments
#echo arguments to the shell
echo $1 $2 $3 ' -> echo $1 $2 $3'

# We can also store arguments from bash command line in special array
args=("$@")
#echo arguments to the shell
echo ${args[0]} ${args[1]} ${args[2]} ' -> args=("$@"); echo ${args[0]} ${args[1]} ${args[2]}'

#use $@ to print out all arguments at once
echo $@ ' -> echo $@'

# use $# variable to print out
# number of arguments passed to the bash script
echo Number of arguments passed: $# ' -> echo Number of arguments passed: $#'

/arguments.sh Bash Scripting Tutorial

Passing arguments to the bash script
5. Executing shell commands with bash

#!/bin/bash
# use backticks " ` ` " to execute shell command
echo `uname -o`
# executing bash command without backticks
echo uname -o
Executing shell commands with bash

6. Reading User Input
#!/bin/bash
echo -e "Hi, please type the word: \c "
read word
echo "The word you entered is: $word"
echo -e "Can you please enter two words? "
read word1 word2
echo "Here is your input: \"$word1\" \"$word2\""
echo -e "How do you feel about bash scripting? "
# read command now stores a reply into the default build-in variable $REPLY
read
echo "You said $REPLY, I'm glad to hear that! "
echo -e "What are your favorite colours ? "
# -a makes read command to read into an array
read -a colours
echo "My favorite colours are also ${colours[0]}, ${colours[1]} and ${colours[2]}:-)"

Reading User Input with bash
7. Bash Trap Command
#!/bin/bash
# bash trap command
trap bashtrap INT
# bash clear screen command
clear;
# bash trap function is executed when CTRL-C is pressed:
# bash prints message => Executing bash trap subrutine !
bashtrap()
{
echo "CTRL+C Detected !...executing bash trap !"
}
# for loop from 1/10 to 10/10
for a in `seq 1 10`; do
echo "$a/10 to Exit."
sleep 1;
done
echo "Exit Bash Trap Example!!!"

8. Arrays


8.1. Declare simple bash array

#!/bin/bash
#Declare array with 4 elements
ARRAY=( 'Debian Linux' 'Redhat Linux' Ubuntu Linux )
# get number of elements in the array
ELEMENTS=${#ARRAY[@]}

# echo each element in array
# for loop
for (( i=0;i<$ELEMENTS;i++)); do
echo ${ARRAY[${i}]}
done
Declare simple bash array

8.2. Read file into bash array

#!/bin/bash
# Declare array
declare -a ARRAY
# Link filedescriptor 10 with stdin
exec 10<&0
# stdin replaced with a file supplied as a first argument
exec < $1
let count=0

while read LINE; do

ARRAY[$count]=$LINE
((count++))
done

echo Number of elements: ${#ARRAY[@]}
# echo array's content
echo ${ARRAY[@]}
# restore stdin from filedescriptor 10
# and close filedescriptor 10
exec 0<&10 10<&-

Bash script execution with an output:
linuxconfig.org $ cat bash.txt
Bash
Scripting
Tutorial
Guide

linuxconfig.org $ ./bash-script.sh bash.txt
Number of elements: 4
Bash Scripting Tutorial Guide
linuxconfig.org $

9. Bash if / else / fi statements

9.1. Simple Bash if/else statement

Please note the spacing inside the [ and ] brackets! Without the spaces, it won't work!
#!/bin/bash
directory="./BashScripting"

# bash check if directory exists
if [ -d $directory ]; then
echo "Directory exists"
else
echo "Directory does not exists" 
fi
Bash if else fi statement

9.2. Nested if/else

#!/bin/bash
# Declare variable choice and assign value 4
choice=4
# Print to stdout
echo "1. Bash"
echo "2. Scripting"
echo "3. Tutorial"
echo -n "Please choose a word [1,2 or 3]? "
# Loop while the variable choice is equal 4
# bash while loop
while [ $choice -eq 4 ]; do

# read user input
read choice
# bash nested if/else
if [ $choice -eq 1 ] ; then

echo "You have chosen word: Bash"

else

if [ $choice -eq 2 ] ; then
echo "You have chosen word: Scripting"
else

if [ $choice -eq 3 ] ; then
echo "You have chosen word: Tutorial"
else
echo "Please make a choice between 1-3 !"
echo "1. Bash"
echo "2. Scripting"
echo "3. Tutorial"
echo -n "Please choose a word [1,2 or 3]? "
choice=4
fi
fi
fi
done

10. Bash Comparisons

10.1. Arithmetic Comparisons

-lt <
-gt >
-le <=
-ge >=
-eq ==
-ne !=


#!/bin/bash
# declare integers
NUM1=2
NUM2=2
if [ $NUM1 -eq $NUM2 ]; then
echo "Both Values are equal"
else
echo "Values are NOT equal"
fi
Bash Arithmetic Comparisons - values are NOT equal


#!/bin/bash
# declare integers
NUM1=2
NUM2=1
if [ $NUM1 -eq $NUM2 ]; then
echo "Both Values are equal"
elif [ $NUM1 -gt $NUM2 ]; then
echo "NUM1 is greater then NUM2"
else
echo "NUM2 is greater then NUM1"
fi



Bash Arithmetic Comparisons - greater then

10.2. String Comparisons

= equal
!= not equal
< less then
> greater then
-n s1 string s1 is not empty
-z s1 string s1 is empty


#!/bin/bash
#Declare string S1
S1="Bash"
#Declare string S2
S2="Scripting"
if [ $S1 = $S2 ]; then
echo "Both Strings are equal"
else
echo "Strings are NOT equal"
fi
Bash String Comparisons - values are NOT equal

#!/bin/bash
#Declare string S1
S1="Bash"
#Declare string S2
S2="Bash"
if [ $S1 = $S2 ]; then
echo "Both Strings are equal"
else
echo "Strings are NOT equal"
fi
bash interpreter location: /bin/bash

11. Bash File Testing

-b filename Block special file
-c filename Special character file
-d directoryname Check for directory existence
-e filename Check for file existence
-f filename Check for regular file existence not a directory
-G filename Check if file exists and is owned by effective group ID.
-g filename true if file exists and is set-group-id.
-k filename Sticky bit
-L filename Symbolic link
-O filename True if file exists and is owned by the effective user id.
-r filename Check if file is a readable
-S filename Check if file is socket
-s filename Check if file is nonzero size
-u filename Check if file set-ser-id bit is set
-w filename Check if file is writable
-x filename Check if file is executable

#!/bin/bash
file="./file"
if [ -e $file ]; then
echo "File exists"
else
echo "File does not exists"
fi
Bash File Testing - File does not exist Bash File Testing - File exists

Similarly for example we can use while loop to check if file does not exists. This script will sleep until file does exists. Note bash negator "!" which negates the -e option.
#!/bin/bash

while [ ! -e myfile ]; do
# Sleep until file does exists/is created
sleep 1
done

12. Loops

12.1. Bash for loop


#!/bin/bash

# bash for loop
for f in $( ls /var/ ); do
echo $f
done


Running for loop from bash shell command line:
$ for f in $( ls /var/ ); do echo $f; done

Bash for loop

12.2. Bash while loop

#!/bin/bash
COUNT=6
# bash while loop
while [ $COUNT -gt 0 ]; do
echo Value of count is: $COUNT
let COUNT=COUNT-1
done




Bash while loop

12.3. Bash until loop

#!/bin/bash
COUNT=0
# bash until loop
until [ $COUNT -gt 5 ]; do
echo Value of count is: $COUNT
let COUNT=COUNT+1
done




Bash until loop

12.4. Control bash loop with
Here is a example of while loop controlled by standard input. Until the redirection chain from STDOUT to STDIN to the read command exists the while loop continues.
#!/bin/bash
# This bash script will locate and replace spaces
# in the filenames
DIR="."
# Controlling a loop with bash read command by redirecting STDOUT as
# a STDIN to while loop
# find will not truncate filenames containing spaces
find $DIR -type f | while read file; do
# using POSIX class [:space:] to find space in the filename
if [[ "$file" = *[[:space:]]* ]]; then
# substitute space with "_" character and consequently rename the file
mv "$file" `echo $file | tr ' ' '_'`
fi;
# end of while loop
done




Bash script to replace spaces in the filenames with _

13. Bash Functions

!/bin/bash
# BASH FUNCTIONS CAN BE DECLARED IN ANY ORDER
function function_B {
echo Function B.
}
function function_A {
echo $1
}
function function_D {
echo Function D.
}
function function_C {
echo $1
}
# FUNCTION CALLS
# Pass parameter to function A
function_A "Function A."
function_B
# Pass parameter to function C
function_C "Function C."
function_D




Bash Functions

14. Bash Select

#!/bin/bash

PS3='Choose one word: '

# bash select
select word in "linux" "bash" "scripting" "tutorial"
do
echo "The word you have selected is: $word"
# Break, otherwise endless loop
break
done

exit 0




Bash Select

15. Case statement conditional

#!/bin/bash
echo "What is your preferred programming / scripting language"
echo "1) bash"
echo "2) perl"
echo "3) phyton"
echo "4) c++"
echo "5) I do not know !"
read case;
#simple case bash structure
# note in this case $case is variable and does not have to
# be named case this is just an example
case $case in
1) echo "You selected bash";;
2) echo "You selected perl";;
3) echo "You selected phyton";;
4) echo "You selected c++";;
5) exit
esac




bash case statement conditiona

16. Bash quotes and quotations
Quotations and quotes are important part of bash and bash scripting. Here are some bash quotes and quotations basics.

16.1. Escaping Meta characters
Before we start with quotes and quotations we should know something about escaping meta characters. Escaping will suppress a special meaning of meta characters and therefore meta characters will be read by bash literally. To do this we need to use backslash "\" character. Example:
#!/bin/bash

#Declare bash string variable
BASH_VAR="Bash Script"

# echo variable BASH_VAR
echo $BASH_VAR

#when meta character such us "$" is escaped with "\" it will be read literally
echo \$BASH_VAR

# backslash has also special meaning and it can be suppressed with yet another "\"
echo "\\"



escaping meta characters in bash

16.2. Single quotes
Single quotes in bash will suppress special meaning of every meta characters. Therefore meta characters will be read literally. It is not possible to use another single quote within two single quotes not even if the single quote is escaped by backslash.
#!/bin/bash

#Declare bash string variable
BASH_VAR="Bash Script"

# echo variable BASH_VAR
echo $BASH_VAR

# meta characters special meaning in bash is suppressed when using single quotes
echo '$BASH_VAR "$BASH_VAR"'




Using single quotes in bash

16.3. Double Quotes
Double quotes in bash will suppress special meaning of every meta characters except "$", "\" and "`". Any other meta characters will be read literally. It is also possible to use single quote within double quotes. If we need to use double quotes within double quotes bash can read them literally when escaping them with "\". Example:
#!/bin/bash

#Declare bash string variable
BASH_VAR="Bash Script"

# echo variable BASH_VAR
echo $BASH_VAR

# meta characters and its special meaning in bash is
# suppressed when using double quotes except "$", "\" and "`"

echo "It's $BASH_VAR and \"$BASH_VAR\" using backticks: `date`"



Using double quotes in bash

16.4. Bash quoting with ANSI-C style
There is also another type of quoting and that is ANSI-C. In this type of quoting characters escaped with "\" will gain special meaning according to the ANSI-C standard.








































\a alert (bell) \b backspace
\e an escape character \f form feed
\n newline \r carriage return
\t horizontal tab \v vertical tab
\\ backslash \` single quote
\nnn octal value of characters ( see [http://www.asciitable.com/ ASCII table] ) \xnn hexadecimal value of characters ( see [http://www.asciitable.com/ ASCII table] )

The syntax fo ansi-c bash quoting is: $'' . Here is an example:
#!/bin/bash

# as a example we have used \n as a new line, \x40 is hex value for @
# and \56 is octal value for .
echo $'web: www.linuxconfig.org\nemail: web\x40linuxconfig\56org'




quoting in bash with ansi-c stype

17. Arithmetic Operations


17.1. Bash Addition Calculator Example

#!/bin/bash

let RESULT1=$1+$2
echo $1+$2=$RESULT1 ' -> # let RESULT1=$1+$2'
declare -i RESULT2
RESULT2=$1+$2
echo $1+$2=$RESULT2 ' -> # declare -i RESULT2; RESULT2=$1+$2'
echo $1+$2=$(($1 + $2)) ' -> # $(($1 + $2))'




Bash Addition Calculator

17.2. Bash Arithmetics

#!/bin/bash

echo '### let ###'
# bash addition
let ADDITION=3+5
echo "3 + 5 =" $ADDITION

# bash subtraction
let SUBTRACTION=7-8
echo "7 - 8 =" $SUBTRACTION

# bash multiplication
let MULTIPLICATION=5*8
echo "5 * 8 =" $MULTIPLICATION

# bash division
let DIVISION=4/2
echo "4 / 2 =" $DIVISION

# bash modulus
let MODULUS=9%4
echo "9 % 4 =" $MODULUS

# bash power of two
let POWEROFTWO=2**2
echo "2 ^ 2 =" $POWEROFTWO

echo '### Bash Arithmetic Expansion ###'
# There are two formats for arithmetic expansion: $[ expression ]
# and $(( expression #)) its your choice which you use

echo 4 + 5 = $((4 + 5))
echo 7 - 7 = $[ 7 - 7 ]
echo 4 x 6 = $((3 * 2))
echo 6 / 3 = $((6 / 3))
echo 8 % 7 = $((8 % 7))
echo 2 ^ 8 = $[ 2 ** 8 ]

echo '### Declare ###'

echo -e "Please enter two numbers \c"
# read user input
read num1 num2
declare -i result
result=$num1+$num2
echo "Result is:$result "

# bash convert binary number 10001
result=2#10001
echo $result

# bash convert octal number 16
result=8#16
echo $result

# bash convert hex number 0xE6A
result=16#E6A
echo $result




Bash Arithmetic Operations

17.3. Round floating point number

#!/bin/bash
# get floating point number
floating_point_number=3.3446
echo $floating_point_number
# round floating point number with bash
for bash_rounded_number in $(printf %.0f $floating_point_number); do
echo "Rounded number with bash:" $bash_rounded_number
done




Round floating point number with bash

17.4. Bash floating point calculations

#!/bin/bash
# Simple linux bash calculator
echo "Enter input:"
read userinput
echo "Result with 2 digits after decimal point:"
echo "scale=2; ${userinput}" | bc
echo "Result with 10 digits after decimal point:"
echo "scale=10; ${userinput}" | bc
echo "Result as rounded integer:"
echo $userinput | bc


Bash floating point calculations

18. Redirections


18.1. STDOUT from bash script to STDERR

#!/bin/bash

echo "Redirect this STDOUT to STDERR" 1>&2

To prove that STDOUT is redirected to STDERR we can redirect script's output to file:


STDOUT from bash script to STDERR

18.2. STDERR from bash script to STDOUT

#!/bin/bash

cat $1 2>&1

To prove that STDERR is redirected to STDOUT we can redirect script's output to file:


STDERR from bash script to STDOUT

18.3. stdout to screen
The simple way to redirect a standard output ( stdout ) is to simply use any command, because by default stdout is automatically redirected to screen. First create a file "file1":
$ touch file1
$ ls file1
file1


As you can see from the example above execution of ls command produces STDOUT which by default is redirected to screen.

18.4. stdout to file
The override the default behavior of STDOUT we can use ">" to redirect this output to file:
$ ls file1 > STDOUT
$ cat STDOUT
file1




18.5. stderr to file
By default STDERR is displayed on the screen:
$ ls
file1 STDOUT
$ ls file2
ls: cannot access file2: No such file or directory


In the following example we will redirect the standard error ( stderr ) to a file and stdout to a screen as default. Please note that STDOUT is displayed on the screen, however STDERR is redirected to a file called STDERR:

$ ls
file1 STDOUT
$ ls file1 file2 2> STDERR
file1
$ cat STDERR
ls: cannot access file2: No such file or directory




18.6. stdout to stderr
It is also possible to redirect STDOUT and STDERR to the same file. In the next example we will redirect STDOUT to the same descriptor as STDERR. Both STDOUT and STDERR will be redirected to file "STDERR_STDOUT".

$ ls
file1 STDERR STDOUT
$ ls file1 file2 2> STDERR_STDOUT 1>&2
$ cat STDERR_STDOUT
ls: cannot access file2: No such file or directory
file1



File STDERR_STDOUT now contains STDOUT and STDERR.

18.7. stderr to stdout
The above example can be reversed by redirecting STDERR to the same descriptor as SDTOUT:

$ ls
file1 STDERR STDOUT
$ ls file1 file2 > STDERR_STDOUT 2>&1
$ cat STDERR_STDOUT
ls: cannot access file2: No such file or directory
file1




18.8. stderr and stdout to file
Previous two examples redirected both STDOUT and STDERR to a file. Another way to achieve the same effect is illustrated below:

$ ls
file1 STDERR STDOUT
$ ls file1 file2 &> STDERR_STDOUT
$ cat STDERR_STDOUT
ls: cannot access file2: No such file or directory
file1



or

$ ls file1 file2 >& STDERR_STDOUT
$ cat STDERR_STDOUT
ls: cannot access file2: No such file or directory
file1