Linux 4 All

Best Linux tricks source

Posts in the RedHat category

Here is a little curl magic to get you how long it it will take to connect to a site. It will display time to connect, time to namelookup, time to first byte and so on.

curl -s -w "\ntime connect: %{time_connect}\ntime namelookup: %{time_namelookup}\ntime pretransfer: %{time_pretransfer}\ntime redirect: %{time_redirect}\ntime to first byte: %{time_starttransfer}\ntime total: %{time_total}\nhttp code: %{http_code}\n\n" -o /dev/null http://linux4all.uk

time connect: 0.165
time namelookup: 0.133
time pretransfer: 0.166
time redirect: 0.000
time to first byte: 0.392
time total: 0.432
http code: 200

rm -rf is gone

It looks like you cannot run rm -rf as root on CentOS or RHEL6 boxes.

# cat /etc/redhat-release 
CentOS release 6.5 (Final)
# rm -vrf /               
rm: it is dangerous to operate recursively on `/'
rm: use --no-preserve-root to override this failsafe
# 

Don’t try this on a RHEL5 boxes.

To disable cluster services and change VG locking type to no:

service rgmanager stop && chkconfig rgmanager off
vgchange -c n $CLUSTERED_VG_GROUP
sed -i 's/locking_type = 3/locking_type = 1'
service clvmd stop && chkconfig clvmd off
service cman stop && chkconfig cman off

To enable cluster services and change VG locking type to yes:

service cman start && chkconfig cman on
service clvmd start && chkconfig clvmd on
sed -i 's/locking_type = 1/locking_type = 3'
vgchange -c y $CLUSTERED_VG_GROUP
service rgmanager start && chkconfig rgmanager on

Should you need to disable Trace and Track methods on Apache, add the following lines to httpd.conf and restart Apache.


 RewriteEngine on
 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
 RewriteRule .* - [F]

TraceEnable off

In a previous post I was explaining how to log visitor real IP address in access_log. Now it’s time to do the same for error_log.

For this we are going to compile and install a module called mod_vgremoteip

Steps outlined bellow:

1. Get the module

git clone https://github.com/vgno/mod_vgremoteip.git

2. Install gcc and httpd-devel tools
yum install httpd-devel
yum install gcc

3. Compile the module
apxs -a -i -c mod_vgremoteip.c

4. Configure Apache to use it
LoadModule vgremoteip_module  modules/mod_vgremoteip.so

# Name of header which contains the 'real' client IP.
 VGRemoteIPHeader X-Forwarded-For
# Subnet to mark as trusted subnet (this ip will be allowed to set the X-Forwarded-For header and marked as a proxy ip).
# You should specify this.
VGTrustedProxy 10.0.0.0/8
# You can also specify a single ip addresses.
# Do not specify hostnames.
VGTrustedProxy 127.0.0.1

5. Restart Apache and you are done.
service httpd restart

Get mail queue

When dealing with mail issues, the following one-liner will display all Postfix mail IDs from the queue.

postqueue -p | egrep -v ^[[:space:]] | grep -v ^$ | awk '{print $1}' | grep -v ^\( | grep -v ^\- | sed -e 's/\*//g'

The following one-liner will display number of Apache PIDs and sort them after memory usage:

ps aux | awk '$11 ~ /httpd/ {c++; SUM +=$6; print $6/1024" MB, PID:", $2|"sort -rn| head"} END {print c" Total Apache Processes"} END {print SUM/1024" MB Total Memory"} END {print "Top 10 Memory users:"}'

When Apache is running on a server behind a Load Balancer, by default all traffic will come from Load Balancer IP, thus Apache will only log the Load Balancer IP. In order to get your visitor real IP address, you can use X-Forwarded-For header.

Here is how Apache needs to be configured to log real IP addresses:

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" forwarded
SetEnvIf X-Forwarded-For "." forwarded=1
CustomLog logs/access_log combined env=!forwarded
CustomLog logs/access_log forwarded env=forwarded

Basically you were adding a new LogFormat with X-Forwarded-For value named forwarded and configure CustomLog to use combined if the request was sent directly to the server: such as a curl cronjob, or forwarded if the request was passed through the Load Balancer.

In order to change the system timezone, there are 6 simple steps you need to follow:

1. Edit /etc/sysconfig/clock. It’s up to you if you’d like UTC to be false or true.

ZONE="Europe/London"
UTC=false

2. Edit /etc/php.ini

date.timezone = Europe/London

3. Update system time. If you are running it on a cloud server, second command is not required.

tzdata-update
hwclock --systohc

4. Restart all effected services, including MySQL if necessary.

service crond restart
service rsyslog restart
service syslog restart
service httpd restart
service mysqld restart

5. Restart NTP

service ntpd stop
ntpdate 0.centos.pool.ntp.org
service ntpd start

6. Run date to confirm date was changed on your server.

A small and simple script to get users from a RHEL/CentOS box. It assumes that first UID is 500 and it won’t go beyond UID 999

1. Get all users

awk -F ":"  '$3>=500 && $3<1000  {print $1}' /etc/passwd

2. Get users with valid shell.

awk -F ":"  '($3>=500 && $3<1000) && ($7 ~ /sh/) {print $1,$7}' /etc/passwd

3. Get ftp users

awk -F ":"  '($3>=500 && $3<1000) && ($7 !~ /sh/) {print $1,$7}' /etc/passwd