Sunday, August 15, 2010

Need Help?


You can reach me at suresh.sonu2@gmail.com

You can follow us in any of the following ways...

Google Groups: http://groups.google.com/group/sureshrhce/

Orkut Community: http://www.orkut.co.in/Main#Community?cmm=105390304

Facebook Group: http://www.facebook.com/group.php?gid=131140616930892

Twitter:  https://twitter.com/sureshRHCE

SMS Alerts on New Articles: http://labs.google.co.in/smschannels/subscribe/sureshRHCE

RSS Feeds: http://sureshrhce.blogspot.com/feeds/posts/default

Some useful notes for Linux



TaskFile / Command
Startup script/etc/rc.d/rc
Kernel/boot/vmlinuz
Kernel Parameterssysctl -a
Reconfigure the kernelcd /usr/src/linux  
make mrproper   
make menuconfig   
make dep   
make clean   
make bzImage  
make install  
make modules  
make modules_install
cp arch/i386/boot/bzImage /boot/vmlinuz-2.2.16  
mkinitrd /boot/initrd-2.2.16.img 2.2.16  
vi /etc/lilo.conf  
lilo
List moduleslsmod
Load moduleinsmod
Unload modulermmod
Initialize systemnetconf
Physical RAMfree -m
Kernel Bitsgetconf LONG_BIT
Crash utilitylcrash
Trace System Callsstrace
Machine modeluname -m
OS Leveluname -r
Run Levelrunlevel
Hardware Informationdmidecode
Timezone Management/etc/sysconfig/clock
NTP Daemon/etc/ntp.conf 
/etc/rc.d/init.d/xntpd

Show Hidden Files&Folders, If disabled by virus

Method 1:


Go to registry editor by running regedit in the run box.Go to this key: 


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
  
In the right hand area, double click hidden and change the value to 1.
Now you’re all set to go. Check it in your tools menu if the changes have taken effect.


Method 2:


1. Click “Start” -> “Run…” (or press Windows key + R)
2. Type “regedit” and click “Ok”.
3. Find the key:  
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL


4. Look at the “CheckedValue” key… This should be a DWORD key. If it isn’t, delete the key.
5. Create a new key called “CheckedValue” as a DWORD (hexadecimal) with a value of 1.
6. The “Show hidden files & folders” check box should now work normally

Restoring a Corrupted Registry using Linux Live CD

To run the following commands, you must either use a Boot CD that will give you read/write access to the Windows partition, or put your drive into a working system and run these commands on your Windows Partition from that system. Note that the Windows
Recovery Console will not work to run these commands because it will not allow read access to the "System Volume Information" folder.


First, backup the existing Registry - You can do this with the following commands using a GNU/Linux Boot CD: mkdir /windrive
ntfs-3g /dev/sda1 /windrive (this could be /dev/hda1 if using ide drives)
mkdir /windrive/regbackup
cp /windrive/WINDOWS/system32/config/system /windrive/regbackup
cp /windrive/WINDOWS/system32/config/software /windrive/regbackup
cp /windrive/WINDOWS/system32/config/sam /windrive/regbackup
cp /windrive/WINDOWS/system32/config/security /windrive/regbackup
cp /windrive/WINDOWS/system32/config/default /windrive/regbackup
cd
umount /windrive


Now, copy a System Restore Point Registry to the config directory - To do this, you have to figure out which System Restore Point is somewhat recent, you can do this using a Linux CD by issuing the "ls -l" command to find out the dates of the folders. The System Restore Points are located in the "System Volume Information" directory. Here is an example (remember that GNU/Linux has Tab Completion): mkdir /windrive
ntfs-3g /dev/sda1 /windrive (this could be /dev/hda1 if using ide drives)
cd /windrive/System\ Volume\ Information
ls -l
cd _restore{2E926FD9-.......} (Select the recently created file like one or two days back)
cd RP1/snapshot
cp _REGISTRY_MACHINE_SYSTEM /windrive/WINDOWS/system32/config/system
cp _REGISTRY_MACHINE_SOFTWARE /windrive/WINDOWS/system32/config/software
cp _REGISTRY_MACHINE_SAM /windrive/WINDOWS/system32/config/sam
cp _REGISTRY_MACHINE_SECURITY /windrive/WINDOWS/system32/config/security
cp _REGISTRY_MACHINE_.DEFAULT /windrive/WINDOWS/system32/config/default
cd /
umount /windrive
Now, when you restart the computer, you will be using the restored Registry.

Collecting Server Hardware Information in Linux


To Print Entire Hardware Information - dmidecode
To List PCI devices - lspci 
To List USB devices - lsusb
To Find CPU Information - cat /proc/cpuinfo
To Find Memory/RAM in Information,
    1. cat /proc/meminfo 
    2. free -m
To find Hard disk Information,
  • fdisk –l
  • df –h
  • vgdisplay
  • lvdisplay
To Know SWAP information,
   cat /proc/swaps
To detect Hardware Changes,
    service kudzu restart
To See Kernel Version, Architecture, OS Release Version, etc..
  • uname –a
  • cat /etc/redhat-release

Cron Task


Configuring a Cron Task

The main configuration file for cron, /etc/crontab, contains the following lines: 
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly


The first four lines are variables used to configure the environment in which the cron tasks are run. The value of theSHELL variable tells the system which shell environment to use (in this example the bash shell), and the PATHvariable defines the path used to execute commands. The output of the cron tasks are emailed to the username defined with the MAILTO variable. If the MAILTO variable is defined as an empty string (MAILTO=""), email will not be sent (sendmail on ESX is not installed by default). The HOME variable can be used to set the home directory to use when executing commands or scripts. 
Each line in the /etc/crontab file has the format: 


minute   hour   day   month   dayofweek   command
  • minute — any integer from 0 to 59
  • hour — any integer from 0 to 23
  • day — any integer from 1 to 31 (must be a valid day if a month is specified)
  • month — any integer from 1 to 12 (or the short name of the month such as jan, feb, and so on)
  • dayofweek — any integer from 0 to 7 where 0 or 7 represents Sunday (or the short name of the week such as sun, mon, and so on)
  • command — the command to execute. The command can either be a command such as ls /proc >> /tmp/proc or the command to execute a custom script that you wrote.
For any of the above values, an asterisk (*) can be used to specify all valid values. For example, an asterisk for the month value means execute the command every month within the constraints of the other values. 
A hyphen (-) between integers specifies a range of integers. For example, 1-4 means the integers 1, 2, 3, and 4. 
A list of values separated by commas (,) specifies a list. For example, 3, 4, 6, 8 indicates those four specific integers. 
The forward slash (/) can be used to specify step values. The value of an integer can be skipped within a range by following the range with /<integer>. For example, 0-59/2 can be used to define every other minute in the minute field. Step values can also be used with an asterisk. For instance, the value */3 can be used in the month field to run the task every third month. 
Any lines that begin with a hash mark (#) are comments and are not processed. 
Examples of crontabs
# record the memory usage of the system every monday
# at 3:30AM in the file /tmp/meminfo
30 3 * * mon cat /proc/meminfo >> /tmp/meminfo
# run custom script the first day of every month at 4:10AM
10 4 1 * * /root/scripts/backup.sh
As you can see from the /etc/crontab file, it uses the run-parts script to execute the scripts in the /etc/cron.hourly,/etc/cron.daily/etc/cron.weekly, and /etc/cron.monthly files on an hourly, daily, weekly, or monthly basis respectively. The files in these directory should be shell scripts. 
If a cron tasks needs to be executed on a schedule other than hourly, daily, weekly, or monthly, it can be added to the /etc/cron.d directory. All files in this directory use the same syntax as /etc/crontab
The cron daemon checks the etc/crontab file, the etc/cron.d/ directory, and the /var/spool/cron directory every minute for any changes. If any changes are found, they are loaded into memory. Thus, the daemon does not need to be restarted if a crontab file is changed. 
Users other than root can configure cron tasks by using the crontab utility. All user-defined crontabs are stored in the/var/spool/cron directory and are executed using the usernames of the users that created them. To create a crontab as a user, login as that user and type the command crontab -e to edit the user's crontab using the editor specified by the VISUAL or EDITOR environment variable. The file uses the same format as /etc/crontab. When the changes to the crontab are saved, the crontab is stored according to username and written to the file /var/spool/cron/username

Starting and Stopping the Service

To start the cron service, use the command /sbin/service crond start. To stop the service, use the command/sbin/service crond stop. It is recommended that you start the service at boot time.