Saturday, February 15, 2014

RHEL - Trouble Shoot with 2 screen in 1 SSH session


Install the screen package.
  • Create a screen RC file called /root/monitor.scr:

screen -t "Log Monitor" 1 tail -f /var/log/messages
screen -t "Command Window" 2 bash
split
select 1
focus
select 2
startup_message off
 
  • Start the split screen log monitor:

# screen -c /root/monitor.scr
 
  • Send an update to /var/log/messages:

# logger "This is a test"
  • To scroll back on the top window use CTRL+a, release, then press TAB.
    • Enter copy mode, use CTRL+a, release, then press [.
    • When in copy mode you can use j for up and k for down or use the up/down arrow keys.
    • Use CTRL+a then press TAB to toggle back to the command line screen.
  • To exit screen, use CTRL+a, release, then type :quit.
  • Create a copy of the /etc/ssh/sshd_config file.
  • Make a change to it
  • See how diff can find differences between files:

# cp /etc/ssh/sshd_config /root/mysshd_config
# vim /root/mysshd_config
 

LogLevel DEBUG
Port 2222
 

# diff /etc/ssh/sshd_config /root/mysshd_config
 
  • Create a screen RC file called /root/monitor_sshd.scr , this will start a test instance of SSHD when you start screen:

# screen -t "SSHD Monitor" 1 /usr/sbin/sshd -De -f
/root/mysshd_config
screen -t "Command Window" 2 bash
split
select 1
focus
select 2
startup_message off
 
  • Start the split screen SSHD monitor:

# screen -c /root/monitor_sshd.scr
 
  • SSH into the test SSHD instance from the bottom screen:

# ssh localhost -p 2222
 
Posted by at No comments:

Wednesday, February 5, 2014

Setup Postfix Mail Server in CentOS /RHEL



Mail server admins may often have to deal with different types of requirements based on service policies or customer-specific requests.

Useful Postfix Commands
Before we start, let us look at some commands related to Postfix.
1. postfix reload vs. service postfix restart
To reload Postfix with any updated configuration files, two commands can be used.
  • postfix reload: This command will check configuration files, and will update Postfix accordingly. As this command does not cause Postfix to shut down, it is highly recommended in production environments.
  • service postfix restart: This command will first shut down Postfix, and then start it again. This command will start a fresh instance of Postfix.
Depending on requirements or convenience, we can choose either option to reload Postfix.
2. postconf
postconf is a very useful Postfix command. The following are some example usages of postconf.
To show the values of all Postfix parameters:
# postconf
To see the value of a specific Postfix parameter, grep can be used to filter the output:
# postconf | grep myorigin
append_at_myorigin = yes
myorigin = example.tst
postconf can also be used to set the value of a particular Postfix parameter at run time.
# postconf -e 'myorigin = example.tst'
Note that any Postfix parameter changed by postconf command does not persist across reboots. If you want to change a Postfix parameter permanently, you need to modify the configuration file at /etc/postfix/main.cf.
"Always BCC" Policy
In Postfix, this can be achieved by modifying one line in the configuration file.
# vim /etc/postfix/main.cf
## assuming that the account is allmail@example.tst ##
always_bcc = allmail
# service postfix restart
Bypassing DNS Lookup
Postfix can be configured in such a way that DNS lookup for a specific domain always resolves to a predetermined IP address. This is very useful in test environments as well as in domains that use multiple mail servers for different purposes.
For example, if we want Postfix to send all emails with a destination domain abcd.com to a mail server with IP address 8.8.8.8, we can do it by modifying Postfix configuration as follows.
# vim /etc/postfix/transport
abcd.com smtp:[8.8.8.8]
# postmap /etc/postfix/transport
# service postfix restart
NOTE: make sure that the variable transport_maps is properly set in /etc/postfix/main.cf as follows.
transport_maps = hash:/etc/postfix/transport
Using Relayhost
A relayhost aka smarthost is an ISP's mail server that accepts all outbound mails originating from its customer's mail servers. The customer can choose to hand over all outgoing mails to the relayhost instead of directly sending it over to the Internet. A relayhost can also be configured to accept incoming emails on behalf of a customer's mail server by tweaking MX records. The configuration of a relayhost is done as follows.
main.cf is modified to specify relayhost:
# vim /etc/postfix/main.cf
relayhost = mail.providermx.com

## in case of IP address ##
## [ ] disables DNS lookups ##
relayhost = [100.200.100.200]
# service postfix restart
Sender Email Account Verification
To protect against spamming, it is sometimes useful to verify the validity of the sender's email account on local domain.
The following method can be used to double-check whether the local sender's address of an outgoing mail is valid.
First, we add all the valid accounts.
# vim /etc/postfix/sender_access
user1@example.tst              OK
user2@examle.tst               OK
user3@example.tst              OK
user4@example.tst              OK
## emails sent from user5 will be rejected ##
user5@example.tst              REJECT
# postmap /etc/postfix/sender_access
Next, sender restrictions are implemented as follows.
# vim /etc/postfix/main.cf
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access, reject_unauth_destination, reject_unknown_sender_domain
# service postfix restart
At this point, the only valid senders would be user1, user2, user3, and user4. user5 and any other sender address will be blocked.
Blocking Specific Addresses or Domains
Postfix can be configured to block incoming and outgoing mails from specific sender addresses or specific domains. The following configuration can do the trick.
# vim /etc/postfix/access
user@qwer.com  550            address blocked
wxyz.com       550            domain blocked
# postmap access
# vim /etc/postfix/main.cf
smtpd_recipient_restrictions = hash:/etc/postfix/access, permit_mynetworks, permit_sasl_authenticated,reject_unauth_destination
# service postfix restart
Note: it is possible to use one file to block both sender and recipient, instead of using separate files sender_access (described earlier) and access. Personally, I prefer keeping them separate for ease of troubleshooting.
Set Maximum Email Size and Mailbox Quota
The following parameters can be tuned to specify the size of an email message and also the size of a user mailbox.
# vim /etc/postfix/main.cf
## maximum email size in bytes, including header information ##
message_size_limit = 10240000

## maximum mailbox size in bytes. 0 denotes no quota ##
mailbox_size_limit = 0
# service postfix restart
Posted by at No comments:

Sunday, February 2, 2014

Compile Linux Kernel from Source 3.13.1


Linux kernel is the life force of all Linux family of operating systems including Ubuntu, CentOS, and Fedora.
For most part, you don’t need to compile the kernel, as it is installed by default when you install the OS. Also, when there is a critical update done to the kernel, you can use yum, or apt-get to update the kernel on your Linux system.

However you might encounter certain situation, where you may have to compile kernel from source. The following are few situation where you may have to compile Kernel on your Linux system.
  • To enable experimental features that are not part of the default kernel.
  • To enable support for a new hardware that is not currently supported by the default kernel.
  • To debug the kernel
  • Or, just to learn how kernel works, you might want to explore the kernel source code, and compile it on your own.
In this tutorial, we’ll explain how to compile Linux kernel from source.
Also, please note that if you just want to compile a driver, you don’t need to compile the kernel. You need only the linux-headers package of the kernel.

1. Download the Latest Stable Kernel

The first step is to download the latest stable kernel from kernel.org.
# cd /usr/src/

# wget https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.13.1.tar.xz

2. Untar the Kernel Source

The second step is to untar the kernel source file for compilation.
# tar -xvJf linux-3.13.1.tar.xz

3. Configure the Kernel

The kernel contains nearly 3000 configuration options. To make the kernel used by most people on most hardware, the Linux distro like Ubuntu, Fedora, Debian, RedHat, CentOS, etc, will generally include support for most common hardware. You can take any one of configuration from the distro, and on top of that you can add your own configuration, or you can configure the kernel from scratch, or you can use the default config provided by the kernel.
# cd linux-3.13.1

# make menuconfig
The make menuconfig, will launch a text-based user interface with default configuration options as shown in the figure. You should have installed “libncurses and libncurses-devel” packages for this command to work.

We will use the default config provided by the kernel. So select “Save” and save the config in the file name “.config”.
The following is a sample of the “.config” file:
CONFIG_MMU=y
CONFIG_NEED_DMA_MAP_STATE=y
CONFIG_NEED_SG_DMA_LENGTH=y
CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENERIC_BUG=y
CONFIG_GENERIC_HWEIGHT=y

4. Compile the Linux Kernel

Compile the main kernel:
# make
Compile the kernel modules:
# make modules
Install the kernel modules:
# make modules_install
At this point, you should see a directory named /lib/modules/3.13.1/ in your system.

5. Install the New Kernel

Install the new kernel on the system:
# make install
The make install command will create the following files in the /boot directory.
  • vmlinuz-3.13.1 – The actual kernel
  • System.map-3.13.1 – The symbols exported by the kernel
  • initrd.img-3.13.1 – initrd image is temporary root file system used during boot process
  • config-3.13.1 – The kernel configuration file
The command “make install” will also update the grub.cfg by default. So we don’t need to manually edit the grub.cfg file.

6. Boot Linux to the new Kernel

To use the new kernel that you just compiled, reboot the system.
# reboot
Since, in grub.cfg, the new kernel is added as default boot, the system will boot from the new kernel. Just in case if you have problems with the new kernel, you can select the old kernel from the grub menu during boot and you can use your system as usual.
Once the system is up, use uname command to verify that the new version of Linux kernel is installed.
$ uname -r
3.13.1
Posted by at No comments:
Subscribe to: Posts (Atom)