Archive for May, 2013

Every file on our Linux system, including directories, is owned by a specific user and group. Therefore, file permissions are defined separately for users, groups, and others.

User: The username of the person who owns the file. By default, the user who creates the file will become its owner.

Group: The usergroup that owns the file. All users who belong into the group that owns the file will have the same access permissions to the file. This is useful if, for example, we have a project that requires a bunch of different users to be able to access certain files, while others can’t. In that case, we’ll add all the users into the same group, make sure the required files are owned by that group, and set the file’s group permissions accordingly.

Other: A user who isn’t the owner of the file and doesn’t belong in the same group the file does. In other words, if we set a permission for the “other” category, it will affect everyone else by default. For this reason, people often talk about setting the “world” permission bit when they mean setting the permissions for “other.”

There are three types of access permissions on Linux: read, write, and execute. These permissions are defined separately for the file’s owner, group and all other users.

Read permission. On a regular file, the read permission bit means the file can be opened and read. On a directory, the read permission means we can list the contents of the directory.

Write permission. On a regular file, this means we can modify the file, aka write new data to the file. In the case of a directory, the write permission means we can add, remove, and rename files in the directory. This means that if a file has the write permission bit, we are allowed to modify the file’s contents, but we’re allowed to rename or delete the file only if the permissions of the file’s directory allow us to do so.

Execute permission. In the case of a regular file, this means we can execute the file as a program or a shell script. On a directory, the execute permission (also called the “search bit”) allows us to access files in the directory and enter it, with the cd command, for example. However, note that although the execute bit lets us enter the directory, we’re not allowed to list its contents, unless we also have the read permissions to that directory.

We can view the access permissions of a file by doing the long directory listing with the ls -l command. This is what a long directory listing might look like:


jijo.tj@4wing2:~$ ls -l
total 457
-rw-r–r– 1 jijo.tj pivusers 14737 2012-09-15 08:57 Analysed Tickets.txt~
-rw-r–r– 1 jijo.tj pivusers 8839 2012-11-12 22:38 Assignment
-rw-r–r– 1 jijo.tj pivusers 10988 2012-11-13 18:54 Assignment – Apache

The very first column, shows the file type and permissions. The second column shows the number of links (directory entries that refer to the file), the third one shows the owner of the file, and the fourth one shows the group the file belongs to. The other columns show the file’s size in bytes, date and time of last modification, and the filename.

The first column, the one that shows the file’s permissions, is organized into four separate groups.

The first group consists of only one character, and it shows the file’s type. For example, d means a directory and – means a normal file.

The first character can be any of these:

d = directory
– = regular file
l = symbolic link
s = Unix domain socket
p = named pipe
c = character device file
b = block device file

The next nine characters show the file’s permissions, divided into three groups, each consisting of three characters. The first group of three characters shows the read, write, and execute permissions for user, the owner of the file. The next group shows the read, write, and execute permissions for the group of the file. Similarly, the last group of three characters shows the permissions for other, everyone else. In each group, the first character means the read permission, the second one write permission, and the third one execute permission.

The characters are pretty easy to remember.

r = read permission
w = write permission
x = execute permission
– = no permission

chmod

We can set file permissions with the chmod command. Both the root user and the file’s owner can set file permissions. chmod has two modes, symbolic and numeric.

The symbolic mode is pretty easy to remember. First, we decide if we set permissions for the user (u), the group (g), others (o), or all of the three (a). Then, we either add a permission (+), remove it (-), or wipe out the previous permissions and add a new one (=). Next, we decide if we set the read permission (r), write permission (w), or execute permission (x). Last, we’ll tell chmod which file’s permissions we want to change.

Let’s have a couple of examples. Suppose we have a regular file called testfile, and the file has full access permissions for all the groups (long directory listing would show -rwxrwxrwx as the file’s permissions).

Wipe out all the permissions but add read permission for everybody:
$ chmod a=r testfile
After the command, the file’s permissions would be -r–r–r–

Add execute permissions for group:
$ chmod g+x testfile
Now, the file’s permissions would be -r–r-xr–

Add both write and execute permissions for the file’s owner. Note how we can set more than one permission at the same time:
$ chmod u+wx testfile
After this, the file permissions will be -rwxr-xr–

Remove the execute permission from both the file’s owner and group. Note, again, how we can set them both at once:
$ chmod ug-x testfile
Now, the permissions are -rw-r–r–

The other mode in which chmod can be used is the numeric mode. In the numeric mode, the file permissions aren’t represented by characters. Instead, they are represented by a three-digit octal number.

4 = read (r)
2 = write (w)
1 = execute (x)
0 = no permission (-)

To get the permission bits we want, we add up the numbers accordingly. For example, the rwx permissions would be 4+2+1=7, rx would be 4+1=5, and rw would be 4+2=6. Because we set separate permissions for the owner, group, and others, we’ll need a three-digit number representing the permissions of all these groups.

Let’s have an example.
$ chmod 755 testfile
This would change the testfile’s permissions to -rwxr-xr-x. The owner would have full read, write, and execute permissions (7=4+2+1), the group would have read and execute permissions (5=4+1), and the world would have the read and execute permissions as well.

Let’s have another example:
$ chmod 640 testfile
In this case, testfile’s permissions would be -rw-r—–. The owner would have read and write permissions (6=4+2), the group would have read permissions only (4), and the others wouldn’t have any access permissions (0).

The numeric mode may not be as straightforward as the symbolic mode, but with the numeric mode, we can more quickly and efficiently set the file permissions.

chown

we can change the owner and group of a file or a directory with the chown command. Please, keep in mind we can do this only if we are the root user or the owner of the file.

Set the file’s owner:
$ chown username somefile
After giving this command, the new owner of a file called somefile will be the user username. The file’s group owner will not change. Instead of a user name, we can also give the user’s numeric ID here if we want.

we can also set the file’s group at the same time. If the user name is followed by a colon and a group name, the file’s group will be changed as well.
$ chown username:usergroup somefile
After giving this command, somefile’s new owner would be user username and the group usergroup.

we can set the owner of a directory exactly the same way we set the owner of a file:
$ chown username somedir
Note that after giving this command, only the owner of the directory will change. The owner of the files inside of the directory won’t change.

In order to set the ownership of a directory and all the files in that directory, we’ll need the -R option:
$ chown -R username somedir
Here, R stands for recursive because this command will recursively change the ownership of directories and their contents. After issuing this example command, the user username will be the owner of the directory somedir, as well as every file in that directory.

Tell what happens:

$ chown -v username somefile
changed ownership of ‘somefile’ to username

Here, v stands for verbose. If we use the -v option, chown will list what it did (or didn’t do) to the file.

The verbose mode is especially useful if we change the ownership of several files at once. For example, this could happen when we do it recursively:

$ chown -Rv username somedir
changed ownership of ‘somedir/’ to username
changed ownership of ‘somedir/boringfile’ to username
changed ownership of ‘somedir/somefile’ to username

As we can see, chown nicely reports to we what it did to each file.

chgrp

In addition to chown, we can also use the chgrp command to change the group of a file or a directory. we must, again, be either the root user or the owner of the file in order to change the group ownership.

chgrp works pretty much the same way as chown does, except it changes the file’s user group instead of the owner, of course.
$ chgrp usergroup somefile
After issuing this command, the file somefile will be owned by a user group usergroup. Although the file’s group has changed to usergroup, the file’s owner will still be the same.

The options of using chgrp are the same as using chown. So, for example, the -R and -v options will work with it just like they worked with chown:

$ chgrp -Rv usergroup somedir
changed group of ‘somedir/’ to usergroup
changed group of ‘somedir/boringfile’ to usergroup
changed group of ‘somedir/somefile’ to usergroup

chown nicely reports to we what it did to each file.

CLI shortcuts

Posted: May 2, 2013 in General linux

Some shortcuts which can be used in the command line.

Ctrl + a -> Move to the start of line

Ctrl + e -> Move to the end of line

Alt + b -> Move one word backward

Alt + f -> Move one word front

Ctrl +b -> Move one letter backward

Ctrl +f -> Move one letter forward

Ctrl-u -> Delete from the cursor to the beginning of the line.

Ctrl-k -> Delete from the cursor to the end of the line.

Ctrl-w ->

Alt-r -> Undo all changes to the line.

Ctrl-y -> Pastes text from the clipboard.

Exim cheat sheet

Posted: May 2, 2013 in Mail Servers

1. To remove all mails from exim queue :

rm -rf /var/spool/exim/input/*

2. Deleting Frozen Mails:

exim -bpr | grep frozen | awk {‘print $3’} | xargs exim -Mrm

exiqgrep -z -i | xargs exim -Mrm

3. To delete only frozen messages older than a day:

exiqgrep -zi -o 86400 | xargs exim -Mrm

where you can change 86400 depending on the time frame you want to keep.( 1 day = 86400 seconds. ).

4. To forcefully deliver mails in queue, use the following exim command:

exim -bpru |awk ‘{print $3}’ | xargs -n 1 -P 40 exim -v -M

5. To flush the mail queue:

exim -qff

/usr/sbin/exim -qff

exim -qf – Force another queue run

6. To clear spam mails from Exim Queue:

grep -R -l [SPAM] /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm

7.To clear frozen mails from Exim Queue.

grep -R -l ‘*** Frozen’ /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm

8. To clear mails from Exim Queue for which recipient cannot not be verified.

grep -R -l ‘The recipient cannot be verified’ /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm

9. To find exim queue details. It will show ( Count Volume Oldest Newest Domain ) details.

exim -bp |exiqsumm

10. To remove root mails from exim queue :

When mail queue is high due to root mails, and you only need to remove the root mails and not any other valid mails.

exim -bp |grep “”|awk ‘{print $3}’|xargs exim -Mrm

Replace “HOSTNAME” with server hostname

11. To remove nobody mails from exim queue :

When you need to clear nobody mails, you can use the following command.

exiqgrep -i -f nobody@HOSTNAME | xargs exim -Mrm (Use -f to search the queue for messages from a specific sender)

exiqgrep -i -r nobody@HOSTNAME | xargs exim -Mrm (Use -r to search the queue for messages for a specific recipient/domain)

Replace “HOSTNAME” with server hostname

12. Run a pretend SMTP transaction from the command line, as if it were coming from the given IP address. This will display Exim’s checks, ACLs, and filters as they are applied. The message will NOT actually be delivered.

# exim -bh

13. To forcefully deliver mails of a particular domain :

exim -v -Rff domain

14. To find the number of frozen mails in queue :

exim -bpr | grep frozen | wc -l

15. To find the number of mails in Queue:

exim -bpr | grep “<" | wc -l

exim -bpc

16. To view the log for the message :

exim -Mvl message ID

17. To show the mail in queue for $name

exim -bp|grep $name

18. To view the message header

exim -Mvh $MSGID

19. To view the message body

exim -Mvb $MSGID

20. To forcefully deliver the message

exim -M $MSGID

21. To view the transact of the message

exim -v -M $MSGID

22. To remove message without sending any error message

exim -Mrm messageID

23. To check the mails in the queue

exim -bp

24. To check the syntactic errors

exim -C /config/file.new -bV

25. To delete mails for a particular domain

exim -bp | grep "” | awk {‘print $3’} | xargs exim -Mrm

26. To view number of mails in queue for each domain

exim -bp | exiqsumm | grep -v ‘\-\-‘ | grep -v ‘Volume’ | grep -v ‘^$’ | sort -bg | awk ‘{print “Volume: ” $1 ” \t Domain: ” $5}’A

Run the following command to pull the most used mailing script’s location from the Exim mail log:

grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F”cwd=” ‘{print $2}’ | awk ‘{print $1}’ | sort | uniq -c | sort -n

Some .htaccess rules

Posted: May 2, 2013 in General linux

Redirect non-www to www

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www\.

RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

1. To enable directory browsing

Options +Indexes

## block a few types of files from showing

IndexIgnore *.wmv *.mp4 *.avi

2. To disable directory browsing

Options All -Indexes

DenyIp adresses from accesssing the domain –

order allow,deny
allow from all

deny from 10.114.43.102
deny from 10.224.160.4

3. To get SSL working with HTML/SHTML

AddType text/html .html

AddType text/html .shtml

AddHandler server-parsed .html

AddHandler server-parsed .shtml

# AddHandler server-parsed .htm

4. To block users from accessing the site

order deny,allow

deny from 10.54.122.33

deny from 10.70.44.53

deny from .spammers.com

allow from all

5. To allow only LAN users

order deny,allow

deny from all

allow from 192.168.0.0/24

6. To Redirect Visitors to New Page/Directory

Redirect oldpage.html http://www.domainname.com/newpage.html

Redirect /olddir http://www.domainname.com/newdir/

If you only want to allow a certain range of IP addresses inside of 10.50.0.0 (such as from 10.50.10.20 through 10.50.10.80) you can use the following command:

iptables -A INPUT -i eth1 -m iprange –src-range 10.50.10.20-80 -j ACCEPT

7. To block site from specific referrers

RewriteEngine on

RewriteCond %{HTTP_REFERER} site-to-block\.com [NC]

RewriteCond %{HTTP_REFERER} site-to-block-2\.com [NC]

RewriteRule .* – [F]

8. To Block Hot Linking/Bandwidth hogging

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]

RewriteRule \.(gif|jpg)$ – [F]

9. To Stop .htaccess (or any other file) from being viewed

order allow,deny

deny from all

10. To Avoid the 500 Error

# Avoid 500 error by passing charset

AddDefaultCharset utf-8

11. To Grant CGI Access in a directory

Options +ExecCGI

AddHandler cgi-script cgi pl

# To enable all scripts in a directory use the following

# SetHandler cgi-script

12. To Change Script Extensions

AddType application/x-httpd-php .gne

gne will now be treated as PHP files! Similarly, x-httpd-cgi for CGI files, etc.

13. To Enable Gzip – Save Bandwidth

# BEGIN GZIP

# Combine the below two lines – I’ve split it up for presentation

AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css

application/x-javascript application/javascript

# END GZIP

14. To Turn off magic_quotes_gpc

# Only if you use PHP

php_flag magic_quotes_gpc off

15. To block access to foles during certain hours of the day

Options +FollowSymLinks

RewriteEngine On

RewriteBase /

# If the hour is 16 (4 PM) Then deny all access

RewriteCond %{TIME_HOUR} ^16$

RewriteRule ^.*$ – [F,L]

16.To password protect 1 file alone

Order deny,allow

Deny from all

AuthName “htaccess password prompt”

AuthType Basic

AuthUserFile /home/askapache.com/.htpasswd

Require valid-user

AuthName “htaccess password prompt”

AuthType Basic

AuthUserFile /home/askapache.com/.htpasswd

Order deny,allow

Deny from all

Require valid-user

17. To password protect multiple files

Order deny,allow

Deny from all

AuthName “htaccess password prompt”

AuthUserFile /.htpasswd

AuthType basic

Require valid-user

18. To allow network/netmask pair

Order deny,allow

Deny from all

Allow from 10.1.0.0/255.255.0.0

19. To allow IP address

Order deny,allow

Deny from all

Allow from 10.1.2.3

20.To allow more than 1 IP address

Order deny,allow

Deny from all

Allow from 192.168.1.104 192.168.1.205

21. To Partial IP addresses, first 1 to 3 bytes of IP, for subnet restriction

Order deny,allow

Deny from all

Allow from 10.1

Allow from 10 172.20 192.168.2

22. To allow accessing site from one IP without password and allow from any address with password prompt

Order deny,allow

Deny from all

AuthName “htaccess password prompt”

AuthUserFile /home/askapache.com/.htpasswd

AuthType Basic

Require valid-user

Allow from 172.17.10.1

Satisfy Any

23. Add a .htaccess file in the directory you want to protect with the following code.

AuthType Basic

AuthName “Restricted Files”

AuthUserFile /path/to/htpwd/.htpasswd

Require valid-user

Then chmod with following commands

$ chmod 644 .htaccess

$ chmod 640 .htpasswd

IPtables&CSF

Posted: May 2, 2013 in General linux

1. To check if an ip is blocked in a server or not.

csf -g IP

grep 81.226.54.65 /etc/csf/csf.deny

grep 81.226.54.65 /var/log/lfd.log

Using IP tables

iptables -nL|grep IP

2. To unblock IP in iptables

iptables -A INPUT -s 74.129.142.20 -j ACCEPT

3. To delete an entry in iptables

iptables -D INPUT -s xx.xxx.xx.xx/yy -j DROP

iptables -D INPUT -p tcp –dport 6588 -j DROP

iptables -D INPUT -s “207.58.140.12” -j DROP

4.To restart

csf> csf -r

5. When you are not able to telnet localhost 25

check /etc/csf/csf.conf

smtp_block=’0′

6. To save new rules

/etc/init.d/iptables save

7. To block a specific IP

iptables -I INPUT -s “207.58.140.12” -j DROP

8. To Allow incoming to port 22 and 80:

iptables -A INPUT -p tcp -i eth0 –dport 80 –sport 1024:65535 -m state \–state NEW -j ACCEPT

iptables -A INPUT -p tcp -i eth0 –dport 22 –sport 1024:65535 -m state \–state NEW -j ACCEPT

9. To View all current iptables rules:

iptables -L -v

10. To View all INPUT rules:

iptables -L INPUT -nv

How to block and unblock all ports:

11. To block port 25:

iptables -A INPUT -p tcp –dport 25 -j DROP

iptables -A INPUT -p udp –dport 25 -j DROP

12. To enable port 25:

iptables -A INPUT -p tcp –dport 25 -j ACCEPT

iptables -A INPUT -p udp –dport 25 -j ACCEPT

13. To track the connection state

iptables -A INPUT -p tcp -m state –state ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p tcp -m state –state NEW,ESTABLISHED -j ACCEPT

14. To Drop incoming UDP packets on port 137 and 138 without logging

iptables -A INPUT -p UDP –dport 137 -j DROP

iptables -A INPUT -p UDP –dport 138 -j DROP

15. To Accept all other incoming UDP packets

iptables -A INPUT -p UDP -j ACCEPT

16. To View max tracked connections

cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max

17. To Set max tracked connections

# add the following line to rc.local if sysctl.conf doesn’t exist

echo 128000 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max

18. To View Current HASHSIZE

cat /proc/sys/net/ipv4/netfilter/ip_conntrack_buckets

iptable rule to block an IP from accessing a domain

07 Sunday Oct 2012

Posted by cpanel stuffs in ip block, iptables

≈ Leave a Comment

You can use the following rule to block an IP from accessing a single domain.

iptables -I INPUT -s SOURCE_IP -p tcp –dport 80 -m string –string domain.com –algo bm -j DROP

Some Mysql commands

Posted: May 2, 2013 in Mysql

1. To select a database

mysql> USE database;

Mysql cpanel – mysql -uroot -p`grep pass /root/.my.cnf | cut -d ‘”‘ -f 2`

2. To list databases

mysql> SHOW DATABASES;

3. To list tables in a db

mysql> SHOW TABLES;

4. To describe the format of a table

mysql> DESCRIBE table;

5. To create a database

mysql> CREATE DATABASE db_name;

6. To create a table

mysql> CREATE TABLE table_name (field1_name TYPE(SIZE), field2_name TYPE(SIZE));

Ex: mysql> CREATE TABLE pet (name VARCHAR(20), sex CHAR(1), birth DATE);

7. To Load tab-delimited data into a table

mysql> LOAD DATA LOCAL INFILE “infile.txt” INTO TABLE table_name;

(Use \n for NULL)

8. To insert one row at a time into the table

mysql>l;

(Use NULL for NULL)

9. To retrieve information

mysql> SELECT from_columns FROM table WHERE conditions;

All values: SELECT * FROM table;

Some values: SELECT * FROM table WHERE rec_name = “value”;

Multiple critera: SELECT * FROM TABLE WHERE rec1 = “value1” AND rec2 = “value2”;

10. To reload a new data into the existing table

mysql> SET AUTOCOMMIT=1; # used for quick recreation of table

mysql> DELETE FROM pet;

mysql> LOAD DATA LOCAL INFILE “infile.txt” INTO TABLE table;

11. To fix all records with a certain value

mysql> UPDATE table SET column_name = “new_value” WHERE record_name = “value”;

12. To select specific column

mysql> SELECT column_name FROM table;

13. To retrieve unique output records

mysql> SELECT DISTINCT column_name FROM table;

14. To sort columns

mysql> SELECT col1, col2 FROM table ORDER BY col2;

15. For data calculations

mysql> SELECT CURRENT_DATE, (YEAR(CURRENT_DATE)-YEAR(date_col)) AS time_diff [FROM table];

MONTH(some_date) extracts the month value and DAYOFMONTH() extracts day.

Backwards: SELECT col1, col2 FROM table ORDER BY col2 DESC;

16. To count number of rows

mysql> SELECT COUNT(*) FROM table;

17. To select from multiple tables

mysql> SELECT pet.name, comment FROM pet, event WHERE pet.name = event.name;

(You can join a table to itself to compare by using ‘AS’)

18.For Auto incrementing rows

mysql> CREATE TABLE table (number INT NOT NULL AUTO_INCREMENT, name CHAR(10) NOT NULL);

mysql> INSERT INTO table (name) VALUES (“tom”),(“dick”),(“harry”);

19. To add a column to the already created table

mysql> ALTER TABLE tbl ADD COLUMN [column_create syntax] AFTER col_name;

20. To backup a database with mysqldump

# mysqldump –opt -u username -p database > database_backup.sql

(Use ‘mysqldump –opt –all-databases > all_backup.sql’ to backup everything.)

21. To login (from unix shell) use -h only if needed.

# [mysql dir]/bin/mysql -h hostname -u root -p

22. To delete a db.

mysql> drop database [database name];

23. To delete a table.

mysql> drop table [table name];

24. To Show all data in a table.

mysql> SELECT * FROM [table name];

25. To returns the columns and column information pertaining to the designated table.

mysql> show columns from [table name];

26. To Show certain selected rows with the value “whatever”.

mysql> SELECT * FROM [table name] WHERE [field name] = “whatever”;

27. To Show all records containing the name “Bob” AND the phone number ‘3444444’.

mysql> SELECT * FROM [table name] WHERE name = “Bob” AND phone_number = ‘3444444’;

28. To Show all records not containing the name “Bob” AND the phone number ‘3444444’ order by

the phone_number field.

mysql> SELECT * FROM [table name] WHERE name != “Bob” AND phone_number = ‘3444444’ order by phone_number;

29. To Show unique records.

mysql> SELECT DISTINCT [column name] FROM [table name];

30. To Show selected records sorted in an ascending (asc) or descending (desc).

mysql> SELECT [col1],[col2] FROM [table name] ORDER BY [col2] DESC;

31. To Sum column.

mysql> SELECT SUM(*) FROM [table name];

32. To Change a users password from unix shell.

# [mysql dir]/bin/mysqladmin -u username -h hostname.blah.org -p password ‘new-password’

33. To Change a users password from MySQL prompt. Login as root. Set the password. Update

privs.

# mysql -u root -p

mysql> SET PASSWORD FOR ‘user’@’hostname’ = PASSWORD(‘passwordhere’);

mysql> flush privileges;

34. To Set a root password if there is on root password.

# mysqladmin -u root password newpassword

35. To Update a root password.

# mysqladmin -u root -p oldpassword newpassword

36. To Delete a row(s) from a table.

mysql> DELETE from [table name] where [field name] = ‘whatever’;

37. To Delete a column.

mysql> alter table [table name] drop column [column name];

38. To Delete unique from table.

mysql> alter table [table name] drop index [colmn name];

39. To Dump one database for backup.

# [mysql dir]/bin/mysqldump -u username -ppassword –databases databasename >/tmp/databasename.sql

40. To Dump a table from a database.

# [mysql dir]/bin/mysqldump -c -u username -ppassword databasename tablename > /tmp/databasename.tablename.sql

41. To Restore database (or database table) from backup.

# [mysql dir]/bin/mysql -u username -ppassword databasename < /tmp/databasename.sql

Some Tips

Posted: May 2, 2013 in General linux

1. To check the CPU usage of the process running

ps -e -o pcpu,cpu,nice,state,cputime,args –sort pcpu | sed ‘/^ 0.0 /d’

2. To check whether any Zombie process are running

ps aux | awk ‘{ print $8 ” ” $2 }’ | grep -w Z

3. To store all the processes both parent and child in a file sample.txt

pstree -paul >sample.txt

4. To check the files with GB size under /backup/cpbackup

ls -lsh ./*/* |grep G

5. To exclude particular directory or file.

Step 1: Create cpbackup-exclude.conf in the user home directory.

/home/user/cpbackup-exclude.conf

Step 2: Add the files u need to exclude in that file.

Step 3: If u need to add directory dont add a trailing slash at the end it will exclude all files from directory.

6. To check Which are IP’s listening mostly to port x(example :80):

netstat -plan |grep :80|awk ‘{print $5}’ |cut -d: -f1 |sort |uniq -c |sort -n

7.To display history without line numbers:

history | perl -i -pe ‘s/^([ ]*)([0-9]*)(.*)$/$3/gi’

8. To display the date range for a site’s certs

openssl s_client -connect http://www.google.com:443 &0 |openssl x509 -dates -noout

9. To verify whether the RSA private key and certificate match you can use the following command

Save the key file as key.txt and certificate file as crt.txt

openssl rsa -modulus -noout -in key.txt | openssl md5 > key.out

openssl x509 -modulus -noout -in crt.txt | openssl md5 > crt.out

Now check both file are same using the following command:

diff key.out crt.out