Ed Skinner wrote:
> I have submitted MiscHowTo.txt.gz for consideration for the PLUG download
> area. While pending approval for inclusion there, it is available now at:
> http://www.flat5.net/MiscHowTo.txt.gz
>
> Best regards to everyone...
>
>
>
> On Friday 11 June 2004 07:43, Ed Skinner wrote:
>
>> I have something for the PLUG Website that should be of interest to
>>newbies and possbly even old-farts such as myself. For some years I've
>>slowly accumulated a list of notes on doing various things in Linux. I
>>think of it as my personal "big dummy" list -- it's how to do various
>>things that I don't do often enough to memorize. Some of the things go in
>>categories (setting up CUPS, printers and printing files in various ways)
>>and some things end up in a "one-liners list" of simple, one-line commands
>>for various purposes. Some are entries gleaned from this mailing list, by
>>the way. (Thank you!) I'm looking for a "good place" on the PLUG website
>>but the content crosses the boundary between FAQ (or more likely, "Not So
>>FAQ But Wish I Had") and something in the Downloads which, unfortunately,
>>ends up somewhat buried and hidden.
>> Where do you think it should go?
>
>
Installment #1 from my brain (AKA PDA) - random thoughts. I separated
each entry with ==='s. In my PDA, these are all individual entries in
the "Geekdom" category.
Apache: Curing [crit] (17)File exists: unable to create scoreboard
(name-based shared memory failure)
[root@somebox https-somebox-80]# ps -ef | grep http
root 8419 1 0 14:32 ? 00:00:00 /opt/IBMIHS/bin/httpd -d
/opt/IB
http 8420 8419 0 14:32 ? 00:00:00 /opt/IBMIHS/bin/httpd -d
/opt/IB
:
:
:
(Note the master PID: 8419 - look for it in the following command)
[root@somebox https-somebox-80]# ipcs -p
------ Shared Memory Creator/Last-op --------
shmid owner cpid lpid
0 root 1078 8605
32769 root 8419 8419
------ Message Queues PIDs --------
msqid owner lspid lrpid
(Note the shmid and kill it)
[root@somebox https-somebox-80]# ipcrm shm 32769
resource(s) deleted
[root@somebox https-somebox-80]#
=======================================================================================
Apache: mod_ssl cert
Create Key:
openssl genrsa -des3 -rand file1:file2:file3:file4:file5 -out server.key
1024
where file1:file2:etc represents the random compressed files
Alternate: openssl genrsa -des3 -out server.key 1024
Remove passphrase from Key for unattended startups:
openssl rsa -in server.key -out server.pem
*** PROTECT THIS FILE!!!
Create CSR:
openssl req -new -key server.key -out server.csr
Generate Self-Signed Cert:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out
server.crt
Installing Certs:
- Fedora:
cp server.crt /etc/httpd/conf/ssl.crt
(passwordless startup):
cp server.pem /etc/httpd/conf/ssl.key/server.key
(password startup):
cp server.key /etc/httpd/conf/ssl.key
/etc/init.d/httpd stop
/etc/init.d/httpd start
Ref:
http://slacksite.com/apache/certificate.html
=======================================================================================
Apache: SSL Cert
cd /usr/local/ssl/bin
./openssl req -new > new.cert.csr
./openssl rsa -in privkey.pem -out new.cert.key
./openssl x509 -in new.cert.csr -out new.cert.vert -req -signkey
new.cert.key -days 365
Then do:
cp new.cert.key /usr/local/apache/conf/ssl.key/server.key
cp new.cert.cert /usr/local/apache/conf/ssl.crt/server.crt
Restart Apache.
=======================================================================================
Apache: Test URL using telnet
telnet boxname port
GET /path/to/file/index.html HTTP/1.0
GET /path/file.html HTTP/1.1
Host:
www.host1.com:80
[blank line here]
Ref:
www.jmarshall.com/easy/http/
or
http://216.239.41.104/search?q=cache:WSiZbtuWfr4J:www.jmarshall.com/easy/http/+telnet+http+1.1+get&hl=en
=======================================================================================
HTTP: Javascript: Redirects
<script>window.location.href = location.protocol + "//" + location.host +
"where-ever.html"</script>
=======================================================================================
HTTP: Protocol Error Codes
100 Continue
101 Switching Protocols
200 OK
201 Created
202 Accepted
203 Non-Authoritative Information
204 No Content
205 Reset Content
206 Partial Content
300 Multiple Choices
301 Moved Permanently
302 Moved Temporarily
303 See Other
304 Not Modified
305 Use Proxy
400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Time-Out
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Request Entity Too Large
414 Request-URL Too Large
415 Unsupported Media Type
500 Server Error
501 Not Implemented
502 Bad Gateway
503 Out of Resources
504 Gateway Time-Out
505 HTTP Version not supported
=======================================================================================
IEEE 802 Working Groups
802.1 - High Level Interface
802.2 - Logical Link Control (LLC)
802.3 - CSMA/CD (Ethernet)
802.4 - Token Bus
802.5 - Token Ring
802.6 - Metropolitan Area Network (MAN)
802.7 - Broadband Technical Advisory
802.8 - Fiber Optics Technical Advisory
802.9 - Integrated Services LAN
802.10 - Standard for Interoperable LAN Security
802.11 - Wireless LAN (WLAN)
802.12 - Demand Priority Working Group
802.13 -
802.14 - Cable TV Broadband Communication Network
802.15 - Wireless Personal Area Network (WPAN)
802.16 - Broadband Wireless Area Network (BBWAN)
802.17 - Resilient Packet Ring (RPR)
802.18 - Radio Regulatory
802.19 - Coesistance Technical Advisory
802.20 - Mobile Wireless Access
=======================================================================================
iPlanet Web Server CSR
iPlanet 4:
http://certs.ipsca.com/Support/CSRiPlanet-Enterprise-Server-4.1.asp
=======================================================================================
iPlanet Web Server: Recovering Admin password
cd <admin server root>/config
echo "admin: " > admpw
log in via GUI with blank password
=======================================================================================
ISO HTML Standard
ISO/IEC 15445:2000 Hyper Text Markup Language
http://www.w3.org/TR/html401/cover.html
=======================================================================================
ISO: Editing ISO images
[mount cd in /mnt/cd]
cp -a /mnt/cd /tmp/myhappytestdir
umount cd
eject
[edit files in /tmp/myhappytestdir]
mkisofs -rtm /tmp/myhappytestdir
mount -o loop mynewdisk.iso /tmp/spot # to test
cdrecord -rtm mynewdisk.iso
reboot
=======================================================================================
ISO: Mounting CD Images
The one-liner is this:
# mount -t iso9660 whatever.iso /mnt/iso/ -o loop
=======================================================================================
Lynx: Using Proxy
Add the following lines to your environment:
export http_proxy="
http://192.168.10.11:8080"
export ftp_proxy="
http://192.168.10.11:8080"
Ref:
http://wiki.archlinux.org/index.php/How%20to%20make%20wget%20to%20work%20with%20proxy%20and%20proxy%20authentification
=======================================================================================
Mail Testing: POP
telnet domain.com 110
+OK <blah>
user
user@domain.com
+OK
pass password
+OK
list
+OK
1 blah
.
quit
+OK
=======================================================================================
Mail Testing: SMTP
telnet domain.com 25
HELO domain
MAIL FROM: <reverse-path>
RCPT TO:<forward-path>
DATA
mail here
.
QUIT
=======================================================================================
Networking: Data Rates
T-1 - 1.544 Mbps
T-3 - 44.736 Mbps AKA DS-3
OC-1 - 51.84 Mbps
OC-3 - 155.52 Mbps
OC-12 - 622.08 Mbps
OC-x -> 51.84*x
DS-0 - 64Kbps
DS-1 - 1.544 Mbps
DS-2 - 6.312 Mbps
DS-3 - 44.736 Mbps
=======================================================================================
Networking: nslookup, dig, whois,etc on the web
http://www.canufly.net/~georgegg/dns/
http://www.webdevelopersjournal.com/lookup_tools.html
=======================================================================================
Networking: RJ-45 Connector Sequence
Note: RJ-45 Connector Plug faces up w/ latch facing away from you
10/100 Straight-thru
Pin Connector #1 -- Connector #2
1 - white/orange -- white/orange
2 - orange/white -- orange/white
3 - white/green -- white/green
4 - blue/white -- blue/white
5 - white/blue -- white/blue
6 - green/white -- green/white
7 - white/brown -- white/brown
8 - brown/white -- brown/white
10/100 Xover
pin Connector #1 -- Connector #2
1 - white/orange -- white/green
2 - orange/white -- green/white
3 - white/green -- white/orange
4 - blue/white -- blue/white
5 - white/blue -- white/blue
6 - green/white -- orange/white
7 - white/brown -- brown/white
8 - brown/white -- white/brown
Gigabit Xover
Pin Connector #1 -- Connector #2
1 - white/orange -- white/green
2 - orange/white -- green/white
3 - white/green -- white/orange
4 - blue/white -- white/brown
5 - white/blue -- brown/white
6 - green/white -- orange/white
7 - white/brown -- blue/white
8 - brown/white -- white/blue
Note: Ensure jacket of cable extends past "strain relief" of plug when
inserted into the plug
Ref:
http://logout.sh/computers/net/gigabit/
=======================================================================================
QMAIL Notes
Human-readable times: /usr/local/bin/tailocal
Life With qmail:
http://www.lifewithqmail.org/
http://www.securityfocus.com/guest/5418
=======================================================================================
RAID
Reference:
http://www.raid5.com and
http://csrc.nist.gov/publications/nistpubs/800-34/sp800-34.pdf
RAID 0 is the simplest RAID level, relying solely on striping. RAID-0 has
a higher performance in read/write speeds than the other levels, but it
does not provide data redundancy. Thus, RAID-0 is not recommended as a
data recovery solution.
Pro: Fast, easy to implement
Con: Not fault tolerant - failure of one drive results in data loss
RAID-1 (Mirroring and Duplexing) uses mirroring to create and store
identical copies on two drives. RAID-1 is simple and inexpensive to
implement; however, 50 percent of storage space is lost because of data
duplication.
Pro: Redundant storage, easy to implement
Con: Implemented in software - requires processor time
RAID-2 uses bit-level striping; however, the solution is not often
employed because the RAID controller is expensive and difficult to
implement. (Hamming Code ECC; Includes error correction (Hamming code) on
another drive.)
Pro: "On the fly" data error correction
Con: More expensive
RAID-3 uses byte-level striping with dedicated parity. RAID-3 is an
effective solution for applications handling large files; however, fault
tolerance for the parity information is not provided because that parity
data is stored on one drive.
Pro: "On the fly" data error correction
Con: Difficult to perform in software
RAID-4 is similar to RAID-3, but it uses block-level rather than
byte-level striping. The advantage of this technique is that the block
size can be changed to meet the application’s needs. With RAID-4, the
storage space of one disk drive is lost.
Pro: High aggregate Read transfer rate
Con: Difficult and inefficient data rebuild in the event of disk failure
RAID-5 uses block-level striping and distributed parity. This solution
removes the bottleneck caused by saving parity data to a single disk in
RAID-3 and RAID-4. In RAID-5, parity is written across all drives along
with the data. Separating the parity information block from the actual
data block provides fault tolerance. If one drive fails, the data from the
failed drive can be rebuilt from the data stored on the other drives in
the array. Additionally, the stripe set can be changed to fit the
application’s needs. With RAID-5, the storage space of one disk drive is
lost.
Pro: Good aggregate transfer rate
Con: Difficult to rebuild in the event of a disk failure (as compared to
RAID level 1)
RAID-6 Independent Data disks with two independent distributed parity
schemes
Pro: Data is striped on a block level across a set of drives, just like in
RAID 5, and a second set of parity is calculated and written across all
the drives; RAID 6 provides for an extremely high data fault tolerance and
can sustain multiple simultaneous drive failures
Con: Controller overhead to compute parity addresses is extremely high
7 -
10 - Combination of RAID 1 and RAID 0
53 - Combination of RAID 5 and RAID 3
=======================================================================================
Resize NTFS
In Windows Safe Mode, defrag the hard drive
Boot SuSE 9.0 install CD-ROM and load rescue system.
See how much space can be reclaimed:
ntfsresize --info /dev/hdc1
:
:
:
You could resize at 10196025344 bytes or 10197 MB (freeing 10194 MB).
Dry run the resize:
ntfsresize --no-action --size 11000M /dev/hdc1
:
:
:
The read-only test run ended successfully.
do it:
ntfsresize --size 11000M /dev/hdc1
:
:
:
Repartition drive. See reference.
Ref:
http://mlf.linux.rulez.org/mlf/ezaz/ntfsresize.html#static
=======================================================================================
RFC Index
RFC 1960 - LDAP
RFC 1738 - URL Uniform Resource Locators (URL) Encoding
RFC 1777 - LDAP
RFC 1778 - LDAP String Representation of Standard Attribute Syntaxes
RFC 1779 - LDAP String Representation of Distinguished Names
RFC 1808 - Relative Uniform Resource Locators
RFC 1866 - HTML
RFC 1960 - LDAP
RFC 2222 - Simple Authentication and Security Layer (SASL)
RFC 2254 - String Representation of LDAP
RFC 2256 - LDAP Acronyms
RFC 2616 - HTTP
RFC 2829 - Authentication Methods for LDAP
=======================================================================================
SASL
SASL is the Simple Authentication and Security Layer, a method for
adding authentication support to connection-based protocols. To use
SASL, a protocol includes a command for identifying and authenticating a
user to a server and for optionally negotiating protection of subsequent
protocol interactions. If its use is negotiated, a security layer is
inserted between the protocol and the connection.
- RFC 2222, Simple Authentication and Security Layer (SASL)
- RFC 2444, The One-Time-Password SASL Mechanism
- RFC 2245, Anonymous SASL Mechanism
- RFC 2831, Using Digest Authentication as a SASL Mechanism
=======================================================================================
SDLC
- System Concept
- Planning
- Requirements
- Design
- Development
- Integration & Test
- Implementation
- Operation & Maintenance
- Disposition
=======================================================================================
Serial Console Linux Settings:
/etc/lilo.conf: add the append line append=”console=tty0
console=ttyS0,9600
/etc/inittab: add the line below # Run getttys in standard runlevels:
co:2345:respawn:/sbin/agetty –h –L 9600 ttyS0 vt100
/etc/securetty: add: ttyS0 to the end of the file
=======================================================================================
Signals
Name Value Default Event
SIGHUP 1 Exit Hangup (see termio(7I))
SIGINT 2 Exit Interrupt (see termio(7I))
SIGQUIT 3 Core Quit (see termio(7I))
SIGILL 4 Core Illegal Instruction
SIGTRAP 5 Core Trace or Breakpoint Trap
SIGABRT 6 Core Abort
SIGEMT 7 Core Emulation Trap
SIGFPE 8 Core Arithmetic Exception
SIGKILL 9 Exit Killed
SIGBUS 10 Core Bus Error
SIGSEGV 11 Core Segmentation Fault
SIGSYS 12 Core Bad System Call
SIGPIPE 13 Exit Broken Pipe
SIGALRM 14 Exit Alarm Clock
SIGTERM 15 Exit Terminated
SIGUSR1 16 Exit User Signal 1
SIGUSR2 17 Exit User Signal 2
SIGCHLD 18 Ignore Child Status Changed
SIGPWR 19 Ignore Power Fail or Restart
SIGWINCH 20 Ignore Window Size Change
SIGURG 21 Ignore Urgent Socket Condition
SIGPOLL 22 Exit Pollable Event (see streamio(7I))
SIGSTOP 23 Stop Stopped (signal)
SIGTSTP 24 Stop Stopped (user) (see termio(7I))
SIGCONT 25 Ignore Continued
SIGTTIN 26 Stop Stopped (tty input) (see termio(7I))
SIGTTOU 27 Stop Stopped (tty output) (see termio(7I))
SIGVTALRM 28 Exit Virtual Timer Expired
SIGPROF 29 Exit Profiling Timer Expired
SIGXCPU 30 Core CPU time limit exceeded (see
getrlimit(2))
SIGXFSZ 31 Core File size limit exceeded (see
getrlimit(2))
SIGWAITING 32 Ignore Concurrency signal reserved by
threads library
SIGLWP 33 Ignore Inter-LWP signal reserved by threads
library
SIGFREEZE 34 Ignore Check point Freeze
SIGTHAW 35 Ignore Check point Thaw
SIGCANCEL 36 Ignore Cancellation signal reserved by
threads library
SIGRTMIN * Exit First real time signal
(SIGRTMIN+1) * Exit Second real time signal
...
(SIGRTMAX-1) * Exit Second-to-last real time signal
SIGRTMAX * Exit Last real time signal
=======================================================================================
SiteMinder: WebAgent
Agent Error Codes
Format = [AREA]-[ERROR] (example: 00-0001)
[00] Miscellaneous Errors
[0001] Unable to resolve Agent Name from IP address.
[0002] Illegal characters in URL.
[0003] Cookie received from a different IP address than the one to which
it was issued.
[0004] SLL Credentials variable contains a status of ERROR, indicating
that the SSL Credential provider could not return valid credentials.
[0005] FORM Credentials variable contains a status of ERROR, indicating
that the FORM Credential provider could not return valid credentials.
[0006] NTLM protected Resource not found in resource cache as expected.
[10] HTTP Header parsing Errors
[0001] Unable to read 'SERVER_NAME' HTTP variable.
[0002] Unable to read 'url' HTTP variable.
[0003] Unable to read 'method' HTTP variable.
[0004] Unable to read 'host' HTTP variable.
[0005] Unable to read 'uri' HTTP variable.
[0006] Unable to read 'REMOTE_USER' HTTP variable.
[0007] Url too long.
[20] SiteMinder Communication Errors
[0001] Unable to reach SiteMinder accounting server.
[0002] Unable to reach SiteMinder authentication server.
[0003] Unable to reach SiteMinder policy server.
[30] SiteMinder Password Services Error Codes
[0026] Password Services redirect URL is not available.
=======================================================================================
SSL Certificate Dates
openssl s_client -connect host:port l openssl x509 -dates
=======================================================================================
Sun Parts
http://www.ajava.biz/sun/7digitParts/index/index7.html
=======================================================================================
Troubleshooting: RPC
Program not Registered
This is caused by the NFS server not running. To fix:
# cd /etc/init.d
# ./nfs.server start
=======================================================================================
vi Tips
- Search and replace:
:<startline>,<endline>s/<search text>/<repl text>/g
:s/this/that/g
- Search and replace with confirm:
:<startline>,<endline>s/<search text>/<repl text>/gc
:s/this/that/gc
- Moving text:
:<startline>,<endline>m<new location>
:1,2m5
- Copying text:
:<startline>,<endline>co<new location>
:1,2co5
- Delete line that contains "string"
:<startline>,<endline>g/string/d
- Delete line that does not contain "string"
:<startline>,<endline>v/string/d
Ranges:
$ = last line
. = current line
___________________
Cursor Movement
G = end of file
$ = end of line
Interact with Unix
- Execute the command "pwd" on unix and return to vi
:!pwd
- Execute the command "pwd" on unix and capture the output into the file
being edited
!!pwd
- Exit out of the file being edited into unix temporarily
:sh
Read / Write from another file
- Write lines 1 through 10 from the current file to outfile
:1,10 w outfile
- Write lines 1 through 10 from the current file to outfile forcefully
:1,10 w! outfile
- Append lines 1 through 10 from the current file to outfile
:1,10 w >> outfile
- Read from infile to the current file below current line
:r infile
- Read from infile to the current file below line 23 of current file
:23r infile
Misc
- Set line numbers to visible
:set numbers
- Remove line numbers
:set nonumbers
=======================================================================================
Video: Convert MPG to AVI
$ mencoder -lavcopts vcodec=mpeg1video:vhq movie.mpg -o movie.avi
=======================================================================================
Video: Convert MPG to VCD
vcdimager movie1.mpg [movie2.mpg [movie3.mpg [...]]]
=======================================================================================
Video: Rip DVD to AVI
mencoder -dvd <track no> -lavcopt vcodec=mpeg1video:vhq -o <output
filename.avi>
=======================================================================================
Windows: Get XPHome to Join a Domain
This is accomplished with the free and widely available Xteq X-Setup 6.1
by navigating to the "Network \ Auto Login \ Windows NT/2K/XP \ Settings"
option within X-Setup. Simply enter the appropriate information and click
"Apply Changes" - upon your next reboot, you can then join domains with
WinXP Home Edition.
Ref:
http://vowe.net/archives/001639.html
=======================================================================================
Windows: Multiple Monitors
http://www.computerhope.com/issues/ch000195.htm
=======================================================================================
Xterm: Change Title Bar
echo "\033]2;your string\007"
=======================================================================================
xterm: Logging Keystrokes for xterm/dtterm
xterm -sb -sl 5000 -l -lf /var/adm/xterm.NAME.CSSREQ#.log -bg red -fg
black -ms red -title "ROOT WINDOW `uname -a`" -display xxx.xxx.xxx.xxx:0.0
&
dtterm -sl 5000 -l -lf /var/adm/xterm.NAME.CSSREQ#.log -bg red -fg black
-ms red -title "ROOT WINDOW `uname -a`" -display xxx.xxx.xxx.xxx:0.0 &
--
George Toft, CISSP, MSIS
AGD,LLC
www.agdllc.com
623-203-1760
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)