December 7, 2015

Counting number of users in a group - Linux

Here is a small command to find number of users in particular group on a *nix system. An example for wheel group:


grep wheel /etc/group | fgrep -o , | wc -m

Now here's a catch, this command actually counts the commas in the line from the group file. So if there are 5 users in the group, the output will be 4. You will have to add a 1 to the output.

So when using it in scripts, one can use it like this:


VAR1=$(($(grep wheel /etc/group | fgrep -o , | wc -m) + 1))
echo $VAR1
5

Explanation:

First grep will print only the group and its members. The members are seperated by a comma. Next we print the commas using -o option and later count them using wc command. The second example will just add a 1 to it.

Let me know if you have a better idea for the same!

Labels: , , , , ,

September 5, 2014

Kickstart and Hostnames

The basic purpose to use kickstarts is to install numerous systems at a time with given para.
Configuring each system post install is tedious.
I found a workaround (that worked for me on Oracle Linux 6 and RHEL 6 and should most probably work for similar distros) to automate this task post install as well. If you know better solution, drop a comment below.

In the %post% section,

Add this:

 exec < /dev/tty6 > /dev/tty6 2> /dev/tty6  
 chvt 6  

This will switch to the 6th TTY and will drop into interactive shell. This allows installer to ask for information.

Let's try to ask for information:

 echo -n "Enter Hostname: "  
 read HOSTNAME1  
 echo -n "Enter IP Address: "  
 read IPADDR  
 echo -n "Enter Netmask: "  
 read NETMASK  
 echo -n "Enter Gateway: "  
 read GATEWAY  

Now that we have information, we can use the inbuilt cmd to configure the interface. I assumed first interface as eth0 (which it is in most cases. If you are not sure, you might want to add this to automation to detect what interface you have).


  echo -n "Applying network settings..."  
 echo "DeviceList.Ethernet.eth0.BootProto=static  
 DeviceList.Ethernet.eth0.IP=$IPADDR  
 DeviceList.Ethernet.eth0.Netmask=$NETMASK  
 DeviceList.Ethernet.eth0.Gateway=$GATEWAY  
 ProfileList.default.DNS.Hostname=$HOSTNAME1.domain.com  
 ProfileList.default.DNS.Domainname=domain.com" > /tmp/network-config  
 system-config-network-cmd -i -f /tmp/network-config &> /dev/null  
 service network restart &> /dev/null 

The system-config-network-cmd helps us import /tmp/network-config file.

Restarting network service later loads the new configuration.

To drop out of the TTY 6 and resume back to anaconda use chvt trick again:


 chvt 1  
 exec < /dev/tty1 > /dev/tty1 2> /dev/tty1  

Credits for chvt trick: Hintshop blog.

Labels: , , , ,

April 11, 2013

Making you SD card work with your Ubuntu / Linux Laptop or Desktop

You insert you SD card in your Ubuntu PC and it simply does not work. Most probably your kernel has not loaded module required for recognizing your SD card.

You must run all commands in this post as root.
[Optional] : To run commands as root run command "sudo su root" and to switch user as root.

First check if your PC detects the SD Card controller.
For that run command
lspci | grep -i sd


  root@ubuntu:~# lspci | grep -i sd   
  23:00.1 System peripheral: JMicron Technology Corp. SD/MMC Host Controller (rev 30)   
  23:00.2 SD Host controller: JMicron Technology Corp. Standard SD Host Controller (rev 30)   

As you can see above, my PC recognised JMicron SD Card controller.

To make your OS load module for SD Card controller, simply run these commands.



  root@ubuntu:~# echo tifm_sd >> /etc/modules   
 root@ubuntu:~# echo mmc_block >> /etc/modules   


And then reboot. Your OS should recognise your SD card.

Labels: , , ,

September 14, 2012

Publish SSH Server through TMG

Yet another casual but useful post.

Here's how I did it.

If you have a look at all the protocols available in Forefront Threat Management Gateway Toolbox, SSH is there, but it is outbound.

TMG forwards only inbound protocols. So, You will have to create a new protocol definition with nay name you like, port 22 and "inbound". And then create a non-web server protocol publishing rule.

It seems dumb but ate my 10 minutes.

That's it.

Labels: , , , ,

August 12, 2012

RTNETLINK answers: File exists

If you've come across error "RTNETLINK answers: File exists" when using dhclient to renew IP address, here's how I did it:

root@SERVER02 :dhclient eth0 -r  
root@SERVER02 :dhclient eth0  

The -r option releases current configuration for the interface, allowing dhclient to create new config file.

Labels: , , ,

August 4, 2012

Solving basics hell out of vsftpd

Configuring vsftpd isn't a very hard thing. If you haven't read the docs, then its crucial to go.

I had a fresh installation of vsftpd on CentOS 6.2
I tweaked hardly one or two params in /etc/vsftpd/vsftpd.conf such as "anonymous_enable=NO"
Then created a new user using:

 #useradd -m -d /home/user1 -s /bin/bash user1  

Then I tried to connect to the server using our brand new user1.
Here's what I got:
500 OOPS: cannot change directory :/home/user1

After a bit digging on Google and thanks to this link, I was able to do it when I ran following command:

 /usr/sbin/setsebool -P ftp_home_dir 1  

This command takes a while to run, but it worked for me after that.
The setsebool sets boolean variables in SELinux.

Labels: , , , , , , ,

July 18, 2012

Stopping OpenLDAP

This is most dumb but useful post. How to turn off slapd.

You know how to start the slapd:

 #/usr/local/libexec/slapd  [-option..]

however, pkill slapd is not the correct way to turn off slapd.

Here's how you turn it off:

 #kill -INT `cat /usr/local/var/slapd.pid`  

This will send appropriate signal to slapd process, and will store any cached data and close gracefully.

Labels: , , , , ,

July 17, 2012

OpenLDAP 2.4 on CentOS 6.2 Part 1

It is painful when you have errors and somehow you aren't getting way around it.

Here's how I did my Installation:

Downloaded Latest release of OpenLDAP (2.4.31) from here.

Transferred the file to the CentOS 6.2 Server using Secure Copy (SCP). The directory on server can be any with sufficient space in it. I used /home.

The downloaded package was openldap-2.4.31.tgz.
Extract it.


 # tar -xvf openldap-2.4.31.tgz  

This will create a directory /home/openldap-2.4.31
cd to that Directory.

Here you will have some files including the "configure" script.
To check what options the script provides, perform following command


 #./configure --help  

It is always better to let the script decide what options are best for you. We will choose options later as required.


 #./configure

It will start to configure the build.

Here's first error I encountered:

configure: error: Unable to locate cc(1) or suitable replacement.  Check PATH or set CC.

Then I did


 yum install gcc

Which installed development tools, C compiler etc.

The next error, most common:

configure: error: MozNSS not found - please specify the location to the NSPR and NSS header files in CPPFLAGS and the location to the NSPR and NSS libraries in LDFLAGS (if not in the system location)

Location for NSPR and NSS Libraries and Headers varies with Operating System. However, I was unable to find that. I will update soon as soon as I find it.

I tried following option


 #./configure --with-tls=no  

This option bypassed the tls check.

WARNING: Your LDAP Server will then be unable to have TLS Data Protection.

The next error:
configure: error: BDB/HDB: BerkeleyDB not available

This made me download and install BerkeleyDB from here.
To install Berkeley DB see the documentation. I copied it to /home and installed it as follows:


 #tar -xvf db-5.3.21.gz  
 #cd db-5.3.21  
 #make  
 #make install  

Even after installing Berkely DB, it didn't let me proceed with same error. What was missing?
Well I set a few Variables, and I was off.


 CPPFLAGS="-I/usr/local/BerkeleyDB.5.3/include"  
 export CPPFLAGS  
 LDFLAGS="-L/usr/local/lib -L/usr/local/BerkeleyDB.5.3/lib -R/usr/local/BerkeleyDB.5.3/lib"  
 export LDFLAGS  
 LD_LIBRARY_PATH="/usr/local/BerkeleyDB.5.3/lib"  
 export LD_LIBRARY_PATH  

Make sure you put a capital "I" instead of "i" in CPPFLAGS or it may throw following error:


configure:5251: error: C compiler cannot create executables
See `config.log' for more details.

Then the harsh configure was done.
Next command, Run "make depend", then "make", then "make test" and last "make install"!

Continuing in Part 2, the configuration after installing OpenLDAP.

Labels: , , ,

April 18, 2012

Print first column of passwd

The delimiter used to differentiate different fields in the /etc/passwd files is colon ' : ' . Therefore we need to look only after the semicolon.
To deal with column based files or formatted text the most commonly used command is awk.
Command below will print out the first column of /etc/passwd file:

 awk < /etc/passwd -F: '{ print $1 }'

Here

awk             is the text processor

< /etc/passwd    will serve as input file for awk

-F:             is a parameter for awk that specifies the delimiter. In our      
                           case is colon.

{ print $1 }    This will print the first line. You can put $2, $3 etc. to
                           print respective column.

My command produced following output:

 root  
 daemon  
 bin  
 sys  
 adm  
 lp  
 uucp  
 nuucp  
 smmsp  
 listen  
 gdm  
 webservd  
 postgres  
 svctag  
 nobody  
 noaccess  
 nobody4  

Labels: , , , , , ,

April 8, 2012

Quick Configure Subversion on Ubuntu 11.10 oneiric

Subversion is quiet good version control system, used by many developers across the world and is awesome!
I searched throughout Google to find a simple guide to deploy a least working subversion just to see it and was unable to.

(Note: use sudo whenever required.)
To install and get a simple up and running subversion on Ubuntu:
First install subversion packages

sudo apt-get install subversion libapache2-svn

After packages got installed, you need to create repositories.
To create a repository, I used my home directory.

mkdir /home/kaustubh/project1

Then create a repository

sudo svnadmin create /home/kaustubh/project1

Then open repository/conf/svnserve.conf (/home/kaustubh/project1/conf/svnserve.conf in my case) in your favorite text editor.
uncomment following parameters in the file. (Note: There should be no spaces before or after any parameter line. The svnserve will then be unable to read the config.) Most commonly made mistake.

auth-access = write
password-db = passwd

Then open repository/conf/passwd (/home/kaustubh/project1/conf/passwd in my case) in your favorite text editor.
Add lines below everything in following format

username = password

Its time to fire up the server
Enter following to start the server and after its started, use ctrl+c to kill the server.

svnserve -d --foreground -r /home/kaustubh

Here, -d means demon mode, --foreground means it will run in foreground, -r specifies path to repository.

Now you can easily connect to your repository using

svn://servername/project1

You will have to enter username and password mentiond in your repo/conf/passwd file.

Labels: , ,