Welcome to WordPress.com. This is your first post. Edit or delete it and start blogging!
Recent Comments
Mr WordPress on Hello world! chen on Linux: Sharing a bash session… 人豪 on Linux: Sharing a bash session…
Linux: Sharing a bash session for training staff
Sometimes when you need to show more than a few people how to do something having the audience standing behind you looking over your should might not be practical. Maybe some are in remote locations.
Or maybe you have to maintain or troubleshoot a host located else where but the remote administrator what to follow the progress.
This is where the "screen" is practical. This will most likely require a package install.
This is what you do from the administering host.
First you create a named session. In this case we just call it training but could be almost anything.
screen -S training
The add the users that is allowed to attend. In this example Ill just use root again. A list of users should be devided with commas.
Press CTRL-A and type in :addacl root
If needed you can use below to set alternate permission for the attending users.
Users could be one user, a list of users seperated by comma or * for all users.
permbits represent r, w and x prefixed with + or – to set or remove read, write or execute permissions in the session.
The list should be # for all windows and ? for all commands.
Press CTRL-A and type in :chacl username permbits list
ex. :chacl kiddie +rwx "#?"
Then turn on multiuser mode.
Press CTRL-A and type in :multiuser on
From the joining clients you do the following to join the session.
screen -x 192.68.1.2/training
Ofcourse you should pick the IP number or hostname that fit your environment.
Now you are up and running. What ever you type in will be shown in all the shells that joined the session.
Remark that this assume you did not change your meta key from CTRL-A.
To verify this you can do an "echo $SHLVL" to see what ID your screen session is. It should be greater than 1 if it worked.
When you are done you kill the session.
Press CTRL-A and type in :quit or press CTRL-A and press K
All users will be able to both read and write from the shell if you dont change the permissions
.
If you are used to use the VI editor this should come quite easy as these sessions have the same look and feel.
It is also quite handy to use screen if you do some work from the office and need to connect to the same shell from home to verify things are stil well. And maybe even use the same screen the next day at work.
Another usefull thing about this is that if you are working on at server at the office from a remote location and get disconnected you can use screen -d -r to reconnect and detach first if needed. Then you dont loose a lot of work.
When you are in screen mode the CTRL-A :windowlist will present you with all available windows.
Each window can be renamed to something usefull using CTRL-A :title NewWindowTitle to ease working with several windows.
I recommend checking out the man and info pages on this tool. it is quite handy for a lot of things.
I hope this is somewhat usefull
Regards
Posted in Computers and Internet
3 Comments
Linux: How to clear the bash screen when logging out
Private information can be a lot of things. Sometimes information is exposed by the shouldersurfing person next to you or the dumbsterdiving cleaning lady. Sometimes it is just some left over text on a logged-out console screen.
Here I will show you how to have the screen cleared by automation when logging out of your console.
Basically there are two ways of doing it but some paranoid administrators might do both.
The first way is to just put a "clear" in the ".bash_logout" script placed in your home folder.
Add the following entry.
[ "$PS1" ] && clear
Another way of doing it is to create a trap that is executed on shell termination.
This should be placed in the ".bash_profile" file also located in your home directory.
trap ‘ [ "$PS1" ] && clear ‘ 0
If you want it to work for new users also it would be best to put those in the files placed in the "/etc/skel" directory also.
This is where new users get their ".profile" and ".basl_logout" files from when they are first created.
Remark that this will not work if you use a remote ssh client like Putty or TeraTerm. The screen will be cleared but the clients has a local buffer and it will most likely be possible to just scroll up the screen using the scroll bar.
Also this do not affect the command history.
You should always clear the client buffer or exit it all together when you leave your computer unattended.
I hope this is somewhat usefull.
Regards
Posted in Computers and Internet
Leave a comment
Linux: How to learn what libraries a program need to call
Sometimes it comes in handy to know what libraries and what versions of those libraries some software is depending on.
This is quite easy and is done with the "ldd" command.
Here are the dependencies that the "ls" command has. Remark that you have to use the absolute path as ldd does not support the use of the search path stated in the environment variable PATH.
# ldd /bin/ls
linux-gate.so.1 => (0xb7fd4000)
librt.so.1 => /lib/i686/cmov/librt.so.1 (0xb7fb0000)
libselinux.so.1 => /lib/libselinux.so.1 (0xb7f97000)
libacl.so.1 => /lib/libacl.so.1 (0xb7f8f000)
libc.so.6 => /lib/i686/cmov/libc.so.6 (0xb7e34000)
libpthread.so.0 => /lib/i686/cmov/libpthread.so.0 (0xb7e1b000)
/lib/ld-linux.so.2 (0xb7fd5000)
libdl.so.2 => /lib/i686/cmov/libdl.so.2 (0xb7e17000)
libattr.so.1 => /lib/libattr.so.1 (0xb7e12000)
For version information you just add the "-v" option for verbose output. The output will be quite a bit longer but helps while debugging.
# ldd -v /bin/ls
linux-gate.so.1 => (0xb7fa7000)
librt.so.1 => /lib/i686/cmov/librt.so.1 (0xb7f83000)
libselinux.so.1 => /lib/libselinux.so.1 (0xb7f6a000)
libacl.so.1 => /lib/libacl.so.1 (0xb7f62000)
libc.so.6 => /lib/i686/cmov/libc.so.6 (0xb7e07000)
libpthread.so.0 => /lib/i686/cmov/libpthread.so.0 (0xb7dee000)
/lib/ld-linux.so.2 (0xb7fa8000)
libdl.so.2 => /lib/i686/cmov/libdl.so.2 (0xb7dea000)
libattr.so.1 => /lib/libattr.so.1 (0xb7de5000)
Version information:
/bin/ls:
librt.so.1 (GLIBC_2.2) => /lib/i686/cmov/librt.so.1
libacl.so.1 (ACL_1.0) => /lib/libacl.so.1
libc.so.6 (GLIBC_2.2.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.1) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.1.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.2) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.0) => /lib/i686/cmov/libc.so.6
/lib/i686/cmov/librt.so.1:
ld-linux.so.2 (GLIBC_PRIVATE) => /lib/ld-linux.so.2
libpthread.so.0 (GLIBC_2.1) => /lib/i686/cmov/libpthread.so.0
libpthread.so.0 (GLIBC_2.2) => /lib/i686/cmov/libpthread.so.0
libpthread.so.0 (GLIBC_PRIVATE) => /lib/i686/cmov/libpthread.so.0
libpthread.so.0 (GLIBC_2.0) => /lib/i686/cmov/libpthread.so.0
libc.so.6 (GLIBC_2.1.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.3.2) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.1) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.2) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_PRIVATE) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.0) => /lib/i686/cmov/libc.so.6
/lib/libselinux.so.1:
ld-linux.so.2 (GLIBC_2.3) => /lib/ld-linux.so.2
libdl.so.2 (GLIBC_2.1) => /lib/i686/cmov/libdl.so.2
libdl.so.2 (GLIBC_2.0) => /lib/i686/cmov/libdl.so.2
libc.so.6 (GLIBC_2.1.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.3.4) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.2) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.1) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.0) => /lib/i686/cmov/libc.so.6
/lib/libacl.so.1:
libattr.so.1 (ATTR_1.0) => /lib/libattr.so.1
libc.so.6 (GLIBC_2.1.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.1) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.2) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.0) => /lib/i686/cmov/libc.so.6
/lib/i686/cmov/libc.so.6:
ld-linux.so.2 (GLIBC_PRIVATE) => /lib/ld-linux.so.2
ld-linux.so.2 (GLIBC_2.3) => /lib/ld-linux.so.2
ld-linux.so.2 (GLIBC_2.1) => /lib/ld-linux.so.2
/lib/i686/cmov/libpthread.so.0:
ld-linux.so.2 (GLIBC_2.3) => /lib/ld-linux.so.2
ld-linux.so.2 (GLIBC_2.1) => /lib/ld-linux.so.2
ld-linux.so.2 (GLIBC_PRIVATE) => /lib/ld-linux.so.2
libc.so.6 (GLIBC_2.1.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.1) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.3.2) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.2) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_PRIVATE) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.0) => /lib/i686/cmov/libc.so.6
/lib/i686/cmov/libdl.so.2:
ld-linux.so.2 (GLIBC_PRIVATE) => /lib/ld-linux.so.2
libc.so.6 (GLIBC_2.1.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.1) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.0) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_PRIVATE) => /lib/i686/cmov/libc.so.6
/lib/libattr.so.1:
libc.so.6 (GLIBC_2.1.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.2.3) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.2) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.1) => /lib/i686/cmov/libc.so.6
libc.so.6 (GLIBC_2.0) => /lib/i686/cmov/libc.so.6
The first part of the output is the same as without the verbose output but the extended part will show the needed versions of each library for ls to work properly.
Ofcourse this is not as useful for the "ls" command but this will work with almost anything. Even your own software.
Give it a try!
I hope that this is somewhat useful.
Regards
Posted in Computers and Internet
Leave a comment
Linux: Keeping an eye on a logfile using tail, last and watch
If you want to watch a log file and have it update when ever new content is added the "tail" command is an easy on-the-fly tool to use.
Ofcourse for long term use other implementations of log file analyzers or syslog services would be better.
Here is a short example and some sample output showing a failed root login attempt.
# tail -n 20 -f -s 5 /var/log/auth.log
Feb 17 04:11:09 testbox login[4822]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty2 ruser= rhost= user=root
Feb 17 04:11:12 testbox login[4822]: FAILED LOGIN (1) on ‘tty2′ FOR `root’, Authentication failure
Feb 17 04:11:18 testbox login[4822]: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Feb 17 04:11:18 testbox login[5020]: ROOT LOGIN on ‘tty2’
Feb 17 04:11:20 testbox login[4822]: pam_unix(login:session): session closed for user root
This will output to stdout and autoupdate when ever entries is being added to the auth.log file.
The "-n" option sets how many lines from the file to display so in this example the latest 20 lines will be displayed.
The "-f" option is what makes this autoupdate whenever new entries are added.
The default read rate from the log file is 1 second but this is here set to 5 seconds using the "-s" option.
Ofcourse this can be done on any text file you have permission to read and is not limited to log files.
Check out the man or info page for additional options.
In addition you can try out the "last" command that will display the last logged in users.
This also has some additional options but here is some basic output.
# last
root tty1 Thu Feb 18 00:13 still logged in
root tty1 Thu Feb 18 00:13 – 00:13 (00:00)
reboot system boot 2.6.26-2-686 Thu Feb 18 00:09 – 22:13 (22:04)
root tty1 Wed Feb 17 21:50 – down (00:29)
root tty1 Wed Feb 17 21:50 – 21:50 (00:00)
reboot system boot 2.6.26-2-686 Wed Feb 17 21:49 – 22:20 (00:30)
root tty1 Wed Feb 17 18:00 – down (00:59)
root tty1 Wed Feb 17 18:00 – 18:00 (00:00)
reboot system boot 2.6.26-2-686 Wed Feb 17 17:55 – 19:00 (01:04)
root tty2 Wed Feb 17 04:11 – 04:11 (00:00)
Remark the newest entries are the first ones to be listed. Log files usually have the most recent data at the bottom.
The "watch" command is a bit odd but can also be useful now and then.
It executes one command of your choice repeatedly. That is that it defaults to repeat the command 2 seconds after the previous one ends. In this example I use the "watch" command combined with grep.
# watch –differences=cumulative ‘grep FAILED /var/log/auth.log’
I do not show any output from this one but output form above will be every line from auth.log containing the word FAILED and whenever a new match is found the new match will be highlighted. When this is possible with grep it gets very powerfull. I recommend checking out the man page for additional features on both watch and grep.
I hope that this is somewhat usefull.
Regards
Posted in Computers and Internet
Leave a comment
Linux: Runlevels
Runlevels.., what is that? It is not as bad as it sounds.
A runlevel just tell the kernel what processes to spawn when a host is booted up and which ones not to run. During boot the runlevel will always be "S" or "s". After the system is fully loaded the runlevel configured in "/etc/inittab" will be entered.
The command "init" is run as the last step in the kernel boot sequence and is what handle the runlevels.
This is why "init" always get the PID set to "1". Init will look for the "initdefault" parameter in the "/etc/inittab" file as described later. This will determine the initial runlevel.
If none is present in "inittab" a runlevel has to be given from the CLI.
It is possible to change the runlevel of a running system using the "init" command which is located in the "/sbin" folder. It exist in the search path so it is not neccesary to use the absolute path when executing it.
Those processes that should not run after a runlevel change will receive a SIGTERM and those that do not exit within the default 5 seconds is killed by a SIGKILL signal. The 5 second timer can be changed with the -t option.
Entering runlevel 5 is initiated using "init 5". This is also how you enter any other runlevel.
If "init 0" is issued the system shutdown will be initiated, "init 6" will initiate a reboot and "init 1" will enter single user mode. Remark that it requires root privileges to change the runlevel of a running host. On Debian you cannot return to runlevel 2-5 if runlevel 1 has been entered.
Processes that is needed for normal use is killed when entering runlevel 1. The system should be rebooted.
Runlevel 1 is usually only used for debugging and maintenance and the like so to decrease the risk of something faulty from trying to execute, everything not needed in runlevel 1 is killed.
This will prevent process to enter a run/crash loop. I need to mention that the "init" process has ways of keeping an eye out for this to minimize waisted resources. If a process fails and restart more than 10 times within 2 minutes init will assume an issue exist and will prompt an error message to the console and not respawn the process for another 5 minutes.
The "init" command sets following environment variables:
PATH /bin:/usr/bin:/sbin:/usr/sbin
INIT_VERSION Tell if /sbin/init or the link /sbin/telinit has been called.
RUNLEVEL Set the current runlevel.
PREVLEVEL Set to last runlevel after a runlevel change.
CONSOLE If the kernel did not set this one init will set it to /dev/console
Init also spawn the TTYs, handle CTRL+ALT+DEL and powerfailure/UPS control.
Below is a list of runlevels. Though the description might vary runlevel 0, 1 and 6 always stay the same amongst all distributions. Runlevel 7-9 are not listed here as they are not really documented and they are rarely used.
Runlevel Descsription
S,s Initial runlevel. S and s are the same and also represent Single User Mode.
0 Halt
1 Single User Mode
2 Multiuser (Console)
3 Multiuser (Console)
4 Multiuser (X-Windows)
5 Multiuser (X-Windows)
6 Reboot
What runlevel to boot into is configured in the "/etc/inittab" file. Below configuration from "inittab" boot this host into runlevel 5.
id:5:initdefault:
Another section in the "inittab" file look like following:
l0:0:wait:/etc/init.d/rc 0
l1:1:wait:/etc/init.d/rc 1
l2:2:wait:/etc/init.d/rc 2
l3:3:wait:/etc/init.d/rc 3
l4:4:wait:/etc/init.d/rc 4
l5:5:wait:/etc/init.d/rc 5
l6:6:wait:/etc/init.d/rc 6
The "l0:" is just the runlevel marker, "0:" is the actual runlevel, "wait:" is a pause issued to wait for the filesystems to be mounted.
This will execute "/etc/init.d/rc" with the runlevel as a parameter. Ex. runlevel 0 execute rc as following: "/etc/init.d/rc 0" but it could be any runlevel available.
Rc will then execute all scripts pointed to in the "/etc/rc0.d/" folder that has a "K" or "S" as initial letter.
The 0 in "/etc/rc0.d/" is the runlevel indicator.
The files in "/etc/rc{runlevel}.d/" are links to scripts placed in various locations depending on what software they came with.
Remark that these have to be upper case letters or they will not be executed. linux differ between upper and lower case.
Examples of scipts in "/etc/rc5.d/" could be:
S89cron which is a link to "/etc/init.d/cron" which is an ordinary shell script that came with cron.
K84ssh which is a link to "/etc/init.d/ssh" which is also an ordinary shell script that came with ssh.
…
The "S" tell rc that this is starting something as in "S89cron" will start the Cron scheduler when the system enter runlevel 5. This is because the "S89cron" script is located in the runlevel 5 folder.
The "89" is a prioity or order in which this script is started. Other scripts that start processes reside in the "/etc/rc5.d/" folder and the order of execution sometimes matter. This prevents scripts from starting before preceding scripts has run.
The "K" as in "K84ssh" tell "rc" that this process has to be killed if it is currently running.
Again the "84" is just the order in which the script is executed.
Ex. The script "S20sysstat" that I have in runlevel 5 will be executed prior to "S89cron" because of the lower value.
Among scripts with equal numbers the order has no importance.
On a Debian box it is recomended use "rcconf" to edit the current runlevel. This might require a package to be installed. Rcconf will set what to spawn and what not to spawn in the current runlevel. Another option is to avoid scripts from being run is to change the name to have the initial letter as lowercase.
I recommend you browse these files and directories to see what they look like. This will help you understand how it is all connected. If you think some processes are missing in the "/etc/rc5.d/" folder remember that "/etc/rcS.d/" has also been executed at boot time. The "/etc/rcS.d/" is configured in "/etc/inittab" as following:
si::sysinit:/etc/init.d/rcS
Even though "/etc/init.d/rcS" is just a one line shell script that execute "rc" with runlevel S.
#! /bin/sh
#
# rcS
#
# Call all S??* scripts in /etc/rcS.d/ in numerical/alphabetical order
#
exec /etc/init.d/rc S
Remark that the file locations vary depending on your Linux Distribution. It is highly recommended that you read the man and info pages for detailed information.
I hope that this is somewhat useful.
Regards
Posted in Computers and Internet
Leave a comment
Linux: Browsing your hardware
Sometimes it can be quite a challenge to find out what hardware you have but it is actually quite easy.
Here are a few commands and some sample output for you.
USB devices are usually easy to identify because you can just pick them up and look at them.
Below will help you out with the few that just say NoName on it. Often those noname ones are the same as the named ones just with another wrapping. Below display a list of detected USB devices.
# lsusb
Bus 004 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 003: ID 0461:4d03 Primax Electronics, Ltd Kensington Mouse-in-a-box
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
The PCMCIA port is not that common anymore or at least not commonly used.
But this is how you list the detected PCMCIA devices. I dont have anything plugged in so this example might not hand you the big picture.
# lspcmcia
Socket 0 Bridge: [yenta_cardbus] (bus ID: 0000:00:08.0)
Below will display the loaded modules and what is using it. I cut away some of the entries to make it readable.
The output will differ on your system anyway.
# lsmod
Module Size Used by
binfmt_misc 7560 1
ipv6 235396 14
dm_snapshot 14340 0
dm_mirror 15136 0
dm_log 8452 1 dm_mirror
dm_mod 46216 3 dm_snapshot,dm_mirror,dm_log
i2c_dev 5256 0
eeprom 5232 0
…
The next one is a listing of the Hardware Abstraction Layer. I can actually be quite handy but you definently want to use grep with this one. It has a lot of output depending on how many HAL objects you have in the device database.
I did the lshal with no filters because I wanted to show what you can find here.
Try out something like "lshal |grep cdrom" on your systen to see what information you get.
# lshal
…
info.product = ‘IDE device (master)’ (string)
info.subsystem = ‘ide’ (string)
…
pci.product = ’65x/M650/740 PCI/AGP VGA Display Adapter’ (string)
pci.product_id = 25381 (0x6325) (int)
pci.subsys_product_id = 4127 (0x101f) (int)
pci.subsys_vendor = ‘Fujitsu Siemens Computers’ (string)
…
pci.vendor = ‘Silicon Integrated Systems [SiS]’ (string)
pci.vendor_id = 4153 (0x1039) (int)
Dumped 87 device(s) from the Global Device List.
————————————————
Yes I admit it. The next one is only included because of the fun of it. I guess it is only usable if you are in the shell already and what to see what you have in your DVD drive and dont want to bend down and eject your DVD..
I cut away some of the output here also. This will give a brief rapport on what is in your DVD drive.
# lsdvd
Disc Title: IP_MAN_DISC_1
Title: 01, Length: 00:00:21.140 Chapters: 03, Cells: 03, Audio streams: 01, Subpictures: 00
Title: 02, Length: 01:46:20.210 Chapters: 23, Cells: 24, Audio streams: 02, Subpictures: 01
…
Title: 17, Length: 00:01:38.040 Chapters: 01, Cells: 01, Audio streams: 01, Subpictures: 01
Title: 18, Length: 00:01:25.240 Chapters: 01, Cells: 01, Audio streams: 01, Subpictures: 01
Longest track: 02
The next one is one of the most useful ones. This will display the detected devices attached to the PCI bus to help you load the matching module.
# lspci
00:00.0 Host bridge: Silicon Integrated Systems [SiS] 650/M650 Host (rev 11)
00:01.0 PCI bridge: Silicon Integrated Systems [SiS] Virtual PCI-to-PCI bridge (AGP)
00:02.0 ISA bridge: Silicon Integrated Systems [SiS] SiS962 [MuTIOL Media IO] (rev 04)
00:02.1 SMBus: Silicon Integrated Systems [SiS] SiS961/2 SMBus Controller
00:02.3 FireWire (IEEE 1394): Silicon Integrated Systems [SiS] FireWire Controller
00:02.5 IDE interface: Silicon Integrated Systems [SiS] 5513 [IDE]
00:02.6 Modem: Silicon Integrated Systems [SiS] AC’97 Modem Controller (rev a0)
00:02.7 Multimedia audio controller: Silicon Integrated Systems [SiS] AC’97 Sound Controller (rev a0)
00:03.0 USB Controller: Silicon Integrated Systems [SiS] USB 1.1 Controller (rev 0f)
00:03.1 USB Controller: Silicon Integrated Systems [SiS] USB 1.1 Controller (rev 0f)
00:03.2 USB Controller: Silicon Integrated Systems [SiS] USB 1.1 Controller (rev 0f)
00:03.3 USB Controller: Silicon Integrated Systems [SiS] USB 2.0 Controller
00:04.0 Ethernet controller: Silicon Integrated Systems [SiS] SiS900 PCI Fast Ethernet (rev 91)
00:08.0 CardBus bridge: O2 Micro, Inc. OZ601/6912/711E0 CardBus/SmartCardBus Controller
01:00.0 VGA compatible controller: Silicon Integrated Systems [SiS] 65x/M650/740 PCI/AGP VGA Display Adapter
One way of using this could be as below.
# lspci |grep audio
00:02.7 Multimedia audio controller: Silicon Integrated Systems [SiS] AC’97 Sound Controller (rev a0)
The last one I will present is kind of off topic but it comes in handy now and then. It is in the "ls-family" so I might just as well sneak it in. This command will display all open files on your running host. At least all visible to you and me.
I do not show you a full listing with no filters because it is trivial and quite long. Instead Ill show you how I use it.
I am a big fan of Google and ofcourse I use Chrome on my Linux boxes. For the most part at least. If I want to know which files, which includes sockets as they also figure as files, I would do as below.
Here I also cut out some of the output. You will be surpriced when you learn how many file handles Chrome will open.
testbox:~# lsof |grep chrome
chrome 5335 root cwd DIR 3,1 4096 741889 /root
chrome 5335 root rtd DIR 3,1 4096 2 /
chrome 5335 root txt REG 3,1 34523900 81894 /opt/google/chrome/chrome
chrome 5335 root 7r FIFO 0,6 90387 pipe
chrome 5335 root 10u unix 0xdcbea480 91241 socket
chrome 5335 root 14w FIFO 0,6 91244 pipe
chrome 5335 root 15u 0000 0,7 0 13 anon_inode
chrome 5335 root 16u unix 0xda565280 91245 socket
chrome 5335 root 19w FIFO 0,6 91247 pipe
chrome 5335 root 20u 0000 0,7 0 13 anon_inode
chrome 5335 root 23u unix 0xda565680 91275 socket
chrome 5335 root 25r FIFO 0,6 91277 pipe
chrome 5335 root 27u unix 0xdcf1a900 91280 /root/.config/google-chrome/SingletonSocket
chrome 5335 root 28r CHR 1,9 1078 /dev/urandom
chrome 5335 root 31u REG 3,1 598016 763191 /root/.cache/google-chrome/Cache/data_0
chrome 5335 root 32u unix 0xdc678d80 91289 socket
chrome 5335 root 50u REG 3,1 0 242726 /var/tmp/etilqs_rJBsKMyT353qFkg (deleted)
chrome 5335 root 53u REG 3,1 9216 763171 /root/.pki/nssdb/cert9.db
chrome 5335 root 54u REG 3,1 11264 763172 /root/.pki/nssdb/key4.db
chrome 5335 root 55u unix 0xdcbea680 91938 socket
chrome 5335 root 58u REG 3,1 2048 243899 /var/tmp/etilqs_ThKaQy9AsxEIvQY (deleted)
chrome 5335 root 68ur REG 3,1 9895936 763180 /root/.config/google-chrome/Default/History Index 2010-01
chrome 5335 root 70u unix 0xdb1bcd80 91945 socket
chrome 5335 root 121uw REG 3,1 729088 763181 /root/.config/google-chrome/Default/History Index 2009-11
chrome 5335 root 126u REG 3,1 6704 763417 /root/.config/google-chrome/Default/History Index 2009-11-journal
chrome 5338 root cwd DIR 3,1 4096 741889 /root
chrome 5338 root rtd DIR 3,1 4096 2 /
chrome 5338 root txt REG 3,1 34523900 81894 /opt/google/chrome/chrome
chrome 5338 root 0r FIFO 0,6 8059 pipe
chrome 5338 root 2w REG 3,1 58944806 743133 /root/.xsession-errors
chrome 5338 root 6u unix 0xdcb70b80 90386 socket
chrome 5338 root 7r FIFO 0,6 90387 pipe
chrome 5340 root cwd DIR 3,1 0 792348 /tmp/chrome-sandbox-chroot-b8Y67N (deleted)
chrome 5340 root rtd DIR 3,1 0 792348 /tmp/chrome-sandbox-chroot-b8Y67N (deleted)
chrome 5340 root txt REG 3,1 34523900 81894 /opt/google/chrome/chrome
chrome 5340 root 0r FIFO 0,6 8059 pipe
chrome 5340 root 3u unix 0xdcf2c300 90389 socket
chrome 5340 root 4r FIFO 0,6 90410 pipe
chrome 5340 root 5u unix 0xdcf2cd00 90385 socket
chrome 5340 root 6u unix 0xdcaa7b00 90408 socket
chrome 5340 root 7u unix 0xdcf2c500 90390 socket
chrome 5340 root 8w FIFO 0,6 90410 pipe
chrome 5340 root 9r REG 3,1 1391223 82124 /opt/google/chrome/chrome.pak
chrome 5340 root 10r REG 3,1 132294 82087 /opt/google/chrome/locales/en-US.pak
chrome 5340 root 11r CHR 1,9 1078 /dev/urandom
chrome 5409 root cwd DIR 3,1 0 792348 /tmp/chrome-sandbox-chroot-b8Y67N (deleted)
chrome 5409 root 9r REG 3,1 1391223 82124 /opt/google/chrome/chrome.pak
chrome 5409 root 10r REG 3,1 132294 82087 /opt/google/chrome/locales/en-US.pak
chrome 5409 root 11r CHR 1,9 1078 /dev/urandom
chrome 5409 root 15u unix 0xdcb70780 91942 socket
chrome 5409 root 16r FIFO 0,6 91943 pipe
chrome 5409 root 17w FIFO 0,6 91943 pipe
chrome 5409 root 20u REG 0,16 262148 91403 /dev/shm/com.google.chrome.zdBQER (deleted)
chrome 5409 root 21u REG 0,16 8 91282 /dev/shm/com.google.chrome.MvCFoG (deleted)
Did you notice that Chrome actually use the /dev/urandom device?
I hope that this is somewhat useful to you.
Regards
Posted in Computers and Internet
Leave a comment
Linux: Knowing your system performance and state
Here are a few command line tools that will help you estimate your system usage and performance.
There is a lot more information on this in the man pages so take a look there also. If you dont know your average system load you will not be able to determine if the load is in a peaking state or if the host is able to handle more load.
Note that some commands might require installation of a few packages.
Below gives a nice simple performance view of a HDU. Ofcourse running this on a fully loaded system will lower the values. Do this verification just after installation. I usually only use it if I think the system is running slow and I want to see if the disk load is too high. And yes.., this is an old laptop so dont comment on the measurements.
# hdparm -gTt /dev/hda1
/dev/hda1:
geometry = 65535/16/63, sectors = 13671252, start = 63
Timing cached reads: 518 MB in 2.04 seconds = 254.40 MB/sec
Timing buffered disk reads: 66 MB in 3.00 seconds = 21.99 MB/sec
Below present a report on CPU usage. But even more useful is the I/O statistics for devices and partitions.
It is also able to display I/O for NFS but I dont have any mounted in this example.
# iostat
Linux 2.6.26-2-686 (testbox) 02/17/2010 _i686_
avg-cpu: %user %nice %system %iowait %steal %idle
30.61 0.00 3.57 4.62 0.00 61.20
Device: tps Blk_read/s Blk_wrtn/s Blk_read Blk_wrtn
hda 6.99 156.13 81.45 3618343 1887544
hda1 5.73 81.70 69.33 1893342 1606784
hda2 0.00 0.00 0.00 6 0
hda5 0.06 1.63 3.88 37765 89960
hda6 1.19 72.80 8.23 1687014 190800
hdc 2.30 533.78 0.00 12370344 0
Below will display a usefull compact overall report of the system state. This clearly indicate an overloaded host.
Some information is trivial. You can see that in many ways. Pick whatever you like best.
# vmstat
procs ———–memory———- —swap– —–io—- -system– —-cpu—-
r b swpd free buff cache si so bi bo in cs us sy id wa
1 0 12128 215028 520 114336 1 2 346 40 369 1476 31 4 61 5
The description of each field from the man page is as following:
Procs
r: The number of processes waiting for run time.
b: The number of processes in uninterruptible sleep.
Memory
swpd: the amount of virtual memory used.
free: the amount of idle memory.
buff: the amount of memory used as buffers.
cache: the amount of memory used as cache.
inact: the amount of inactive memory. (-a option)
active: the amount of active memory. (-a option)
Swap
si: Amount of memory swapped in from disk (/s).
so: Amount of memory swapped to disk (/s).
IO
bi: Blocks received from a block device (blocks/s).
bo: Blocks sent to a block device (blocks/s).
System
in: The number of interrupts per second, including the clock.
cs: The number of context switches per second.
CPU
These are percentages of total CPU time.
us: Time spent running non-kernel code. (user time, including nice time)
sy: Time spent running kernel code. (system time)
id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.
wa: Time spent waiting for IO. Prior to Linux 2.5.41, included in idle.
st: Time stolen from a virtual machine. Prior to Linux 2.6.11, unknown.
Below is generating a rapport of CPU related information. Load for both applications and kernel, idle time etc.
This is very handy on a host with more CPUs installed. Unfortunately below is from a host with one CPU having only one core. Ill try to redo this later.
# mpstat
Linux 2.6.26-2-686 (testbox) 02/17/2010 _i686_
02:58:27 AM CPU %user %nice %sys %iowait %irq %soft %steal %idle intr/s
02:58:27 AM all 30.58 0.00 3.04 4.62 0.46 0.07 0.00 61.23 368.12
Below will display used and free memory. Though this rapport do not tell the whole truth. Some of the memory stated as used might not be. It might be reserved for buffers etc. The amount of free memory will always be rounded down.
# free -ml
total used free shared buffers cached
Mem: 472 354 117 0 10 240
Low: 472 354 117
High: 0 0 0
-/+ buffers/cache: 103 368
Swap: 1349 7 1341
Below will display a summery of disk space usage. You can find information on your mounts in the /etc/mtab file.
You might modify this file yourself from time to time or when mounting a device. If you insert a CD into your cd drive and your system is set to auto mount, below rapport will include this as a ISO9660 type aswell.
# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda1 6.5G 4.7G 1.5G 76% /
tmpfs 237M 0 237M 0% /lib/init/rw
udev 10M 752K 9.3M 8% /dev
tmpfs 237M 0 237M 0% /dev/shm
/dev/hda6 29G 19G 9.1G 68% /home
Another way of verifying the usage of a HDU, partition or directory tree is to use below command.
I cut off much of the output because it will display a lot. You might want to filter or sort the output using grep or the like.
Check out the man page for this one aswell. Using this command is a handy way of finding large files if you are running low on diskspace. below is often used in shell scripts.
# du -ch
…
176M ./.cache/google-chrome
176M ./.cache
8.0K ./.putty/sessions
12K ./.putty
1.4M ./Downloads
8.0K ./.icons
12K ./.licq/history
164K ./.licq/users
4.0K ./.licq/qt-gui
224K ./.licq
4.0K ./GNUstep/Library
8.0K ./GNUstep
4.0K ./.opensync-0.22/engines
8.0K ./.opensync-0.22
36K ./Vocabularies
396K ./.gstreamer-0.10
699M .
699M total
I hope this information is at least somewhat useful.
Regards
Posted in Computers and Internet
Leave a comment
linux: How to log out IDLE bash users
Do you ever worry about users not logging out of the bash when leaving the computer unattended?
I do! Especially the Linux root account.
There is actually a way to set a timeout on this.
You can set the TMOUT environment variable to the timeout in seconds.
Below example sets the timeout to 600 seconds.
I do! Especially the Linux root account.
There is actually a way to set a timeout on this.
You can set the TMOUT environment variable to the timeout in seconds.
Below example sets the timeout to 600 seconds.
declare -r TMOUT=600
or
readonly TMOUT=600
The above two lines do the exact same thing.
The -r parameter in the first line makes it read only.
I believe it should work from both "/etc/profile" and "/etc/bashrc".
Adding it to a system wide file that users have read only acces to should be our first choice.
It should also work fine from the "~/.bashrc" and "~/.profile" in the home folders.
To avoid adding this manually for all future users you can modify "/etc/skel/.bashrc" or "/etc/skel/.profile".
Wether both .bashrc and /.profile are always executed I dont know.
Remark that this is not bullet proof.
The timer works from when a prompt is opened. When the timeout occour the user is logged out.
Is the shell executed from the X environment the bash will simply exit. It shouldnt be a problem in X if the screensaver locks the screen. Sometimes the screensaver doesnt work as intended on the root user.
Posted in Computers and Internet
1 Comment
Cisco Switch: Setting up a SPAN port
This is the very basic of setting op a port as a Switched Port Analyzer (SPAN).
This comes in handy if you are setting up a packet sniffer or a IDS/IPS system.
This comes in handy if you are setting up a packet sniffer or a IDS/IPS system.
First we decide what traffic we want to go to the span port.
In this example we set up an interface as the source of data for the monitor session.
monitor session 1 source interface fastethernet 1/1 both
Above command define session "1" that is just some session identifier we choose.
The "both" keyword define that we want both RX and TX traffic from fa1/1 meaning both data send and received on that source.
We could also use a vlan instead of an interface as done with vlan 1 here.
monitor session 1 source vlan 1 both
Remark that you can have more than one source but only one destination.
I guess i doesnt really make any sense to have more than one span port per switch anyway.
As always vlan 1 should never be used in a production environment.
You can also set a list of vlans to be filtered out to limit the SPAN source traffic.
monitor session 1 filter vlan 100
Now set the destination for session 1.
monitor session 1 dest interface fastethernet 1/24
This command set the raw traffic defined for session 1 to go out on fa1/24.
This example is quite simple and you can actually do quite a lot with this.
It is important to make sure you get all the important packets but still filter out all the trivial useless data.
An IDS/IPS system do realtime packet analyzing and serving the system all the traffic from the network would load the IDS/IPS unnessesarily.
The IDS/IPS should not generate any traffic on the switched port it is listening on. Hackers might notice the IDS/IPS and compromise it. Therefore it is common to not assign any IP address on the interface of the IDS/IPS plugged into the span port.
Some cut the wires in the cable connecting the IDS/IPS that is used for sending packets from the IDS/IPS to the switch port so it is unable to send data. How this work for the layer 2 negotiations (duplex etc) I dont know. It shouldnt matter when the NIC is in promiscuous mode.
The IDS/IPS will use another interface to send blocking ACL rules, alarms, e-mails etc. on another interface in a seperate broadcast domain.
Posted in Computers and Internet
Leave a comment
SpaceMike Spaceship 