Memo
From AleikoumWiki
m (→Divers) |
m (→Divers) |
||
Line 7: | Line 7: | ||
=== Divers === | === Divers === | ||
<pre> | <pre> | ||
+ | |||
+ | # find remote adresse mac | ||
+ | arp-scan 192.168.200.0/24 | ||
# taille du fichier | # taille du fichier |
Revision as of 13:33, 30 September 2013
Au moins je suis sur de rien perdre comme ca !
Contents |
Commandes Linux diverses
Divers
# find remote adresse mac arp-scan 192.168.200.0/24 # taille du fichier stat -c '%s' file.txt # timestamp de la derniere modif du fichier stat -c '%Y' file.txt # math en bash ! je passe par perl perl -E "say 1-($PLOP-$PLIP)" update-locale LC_ALL=en_US.UTF-8 update-locale LC_TYPE=en_US.UTF-8 # le resultat sont les lignes uniquement dans file1 diff <(sort file1) <(sort file2) # smartctl smartctl -a /dev/sda # then status=$? for ((i=0; i<8; i++)); do echo "Bit $i: $((status & 2**i && 1))" done # understand the bits: http://smartmontools.sourceforge.net/man/smartctl.8.html # tester un plugin munin munin-run --debug --config /etc/munin/munin-node.conf nom_plugin # pas oublier le sed -i ! ca evite de passer par un fichier temp ! # Cette ligne va unlink tout les pipes contenu dans /tmp for i in `ls -la /tmp | grep '^prwxrwxrwx' |tr -s ' '|cut -d' ' -f9`; do `unlink /tmp/$i`;done # Efface tout les liens du repertoire courant for i in `ls -la . | grep '^lrwxrwxrwx' |tr -s ' '|cut -d' ' -f9`; do `rm -rf $i`;done # TEST for a in `grep -rn "_msg" * | sed "s/.*_msg \(....\).*/\1/g"`; do cat /users/too00/data/ecrit_log.msg | grep $a > /dev/null && echo "$a orphelin : $?" ; done # tronquer les lignes au de X caracteres de nom_fichier fold -w X nom_fichier # et hop type en majuscule ! $type=`echo "$type" | tr '[:lower:]' '[:upper:]'` # Liste le contenu du repertoire courant en classant par ordre croissant de creation, la date est de type : date +"%s" ls -l --time-style=+%s | sed -e 's/^.* \([0-9]*\) \([^ ]*\)$/\1 \2/' # Liste le contenu du repertoire courant en classant par ordre decroissant de creation, la date est de type : date +"%s" ls -rl --time-style=+%s | sed -e 's/^.* \([0-9]*\) \([^ ]*\)$/\1 \2/' # au lieu de faire un head | tail sed 'debut_bloc,fin_bloc!d' nom_fichier # megacommande perso rpm -qil -g PSA | grep "Build Date" | sed "s/.*Build Date: \(.*\)/\1/g" | while read a;do date -d "$a" +%Y%m%d;done | sort | tail -n 1 ou rpm -qil -g PSA | grep "Build Date" | awk -F: '{print "date -d \""$3"\" +%Y%m%d"}'|sh|sort -u | tail -1 # Connaitre la taille du contenu d'un repertoire du -hs le_rep # Petite manip $ aa="test" $ bb="rere" $ testrere="ajourdhui" $ port=$aa$bb $ echo $port testrere $ echo ${!port} ajourdhui # Code retour d'une commande [toto@p00]$ ll ~ [toto@p00]$ echo $? --> 0 [toto@p00]$ ll /root [toto@p00]$ echo $? --> 1, si pas le droit ! # Copie d'un groupe de fichier en le renommant for i in `ls *.cgi`; do cp $i $i.bkp ; done # ici tous les .cgi sont COPIES et RENOMMES en .bkp # Changer un mot dans une liste de fichier for a in `grep -rl 'httpd2' *` ; do echo "traite $a"; sed -e 's,/httpd2/,/httpd/,g' $a > out.sed && mv -f out.sed $a ; done # remplace le mot /httpd2/ contenu dans tout les fichiers du repertoire courant et le remplace par /httpd/ #Formattage en ext3 avec le label plop ! mke2fs -j /dev/PARTITION -L plop # en fat32 mkdosfs -v -F 32 /dev/PARTITION -n plop #Monter un lecteur NFS : en read only avec le no lock ! mount -o ro,nolock @serveur_nfs:/usr/local/plop /mnt/temp/ #Envoie de mail a la volee sendmail -f plop@oo.com -F "plop le ouf" erwan@oo.com echo "Subject: Le sujet" | cat fichier | /usr/sbin/sendmail -F "plop le ouf" -f plop.oo.cim erwan@oo.com uuencode Master.csv Master.csv | /usr/sbin/sendmail -f erwan@eo.com -F "Test" erwan@eo.com # la même chose en mode compile : $ echo "Subject:Plop" > plop $ echo -e "lalalalala des barres\n" >> plop $ uuencode Master.csv Master.csv >> plop $ /usr/sbin/sendmail -f erwan@linkeo.com -F "Test" erwan@linkeo.com < plop #Recherche d'un fichier (correspondant à une pattern) dans une arborescence donné find /home/plop/public/BACKUPS-MACHINES/Ntbackup/ -name "1-*" -print -follow 2> /dev/null # find /srv/optimail/private-maildirs/9/u000003019/Maildir/new/ -ctime -5 -print -exec cp {} /srv/optimail/private-maildirs/local/u000002520/Maildir/.copie5j/new/ \; # find /var/linkfirst/www/preprod/ -not -user www-data -exec chown www-data:www-data {} \; # astuce de find touch --date "2010-01-05" /tmp/foo # Find files newer than 2010/Jan/05, in /data/images find /data/images -newer /tmp/foo # split cat file | split -d -l $NUMBER - file-split. # umask pour avoir du 664 a mettre dans le bashrc umask 0002 #convertir un timestamp en date classique date -d "1970-01-01 UTC + $TIMESTAMP seconds" +"%Y/%m/%d %H:%M:%S" #l'inverse date -d $AAAA-$MM-$JJ +"%s" #mysql divers > show variables; # petit truc avec find find ./ -size +200000k -printf "Size: %kK\tPath: %p\n" find /tmp/erwan/letestrm/* -mtime +30 -delete #efface tout les fichiers modifie la derniere fois il y a plus 30jours ! find /tmp/erwan/letestrm/* -type f -ctime +30 -exec rm -v {} \; #efface tout les fichiers modifie la derniere fois il y a plus 30jours ! find /tmp/erwan/letestrm/* -mtime -30 -delete #efface tout les fichiers modifie la derniere fois il y a moins 30jours ! find /srv/samba/lnk_crea/ -maxdepth 0 -mtime +30 -exec du -sh {} \; for dossier in `find /mnt/vd0/administratif-* -maxdepth 0 -mtime +10`; do echo "plop : $dossier"; done #astuce sur : http://www.ai.univ-paris8.fr/~fb/Cours/Exposes0405-1/find.html # oui parle moi petit serveur nmap -sV -p port addresse server # avec -O on peut avoir l'OS !! # scanner par ping son reseau nmap -sP A.B.C.* * port ouvert d'une machine nmap -sS A.B.C.D # un ps pratique ps -eo pcpu,pmem,args | sort -k 1 -r # fork bomb :(){ :|:& };: # on previent ce danger via : /etc/security/limits.conf en limitant simplement le nombre de processus par user # qu est ce qu on graphe dans notre base RRD ? bref quelles sont les ordonnees qu'on a dans un fichier rrd rrdtool info fichier.rrd | grep ds | grep type | cut -d [ -f 2 | cut -d ] -f 1 #en test : validation d une adresse IP expr match 40.255.255.26 '[0-2]\{0,1\}[0-5]\{0,1\}[0-9]\{1,2\}.[0-2]\{0,1\}[0-5]\{0,1\}[0-9]\{1,2\}.[0-2]\{0,1\}[0-5]\{0,1\}[0-9]\{1,2\}.[0-2]\{0,1\}[0-5]\{0,1\}[0-9]\{1,2\}$' #retirer le dernier caractere expr "bonjour" : "\(.*\).$" # parcourir un fichier ligne a ligne, ouais ouais je sais des fois j'oublie ! cat /etc/ntp.conf | while read ligne do echo "plop : $ligne" done # autre methode while read ligne do echo "ma ligne : $ligne" done < /tmp/plop #creer un splash screen a partir d une image donne convert -resize 640x480 -colors 14 wallpaper.jpg imagepourgrub.xpm gzip imagepourgrub.xpm #manip printf #adding leading zero in bash printf "%03d" "0" va donner 000 printf %02d 3 va donner 03 printf "%0.3f" 1234567.1 va donner 1234567.100 #afficher toutes les adresses ip montees for addr in `ifconfig | grep "inet addr" | cut -d":" -f 2 | cut -d" " -f 1` do listaddr="$listaddr$addr," done listaddr=`expr $listaddr : "\(.*\).$" #calcul let a=$b+3 #ou a=`expr $b+3` #ou a=$[$b+3] # remove package debian in rc dpkg -l | grep ^rc | cut -d' ' -f3|xargs dpkg -P #un exemple d utilisation de sed soit le fichier test.txt contenant : -rw-r--r-- 1 helbi helbi 6679 2008-05-09 17:24 nagios of a i lover.dia -rw-r--r-- 1 helbi helbi 28186 2008-05-16 10:30 nagiosofailover-d ou b lon.png -rw-r--r-- 1 helbi helbi 74846 2008-05-09 17:53 nagiosofailover.png Je souhaite recuperer le nom du fichier... avec les espaces et tout et tout ! voici une methode : sed 's/.*\(nagios.*\)/\1/' test.txt enjoy ! #avoir le dernier mot d'une ligne avec sed : echo $phrase | sed 's/^.* //' #site howto NTP : http://www.traduc.org/docs/HOWTO/lecture/TimePrecision-HOWTO.html # To automatically launch 'screen' WINDOW=${WINDOW:-notset} # If 'WINDOW' is not set, then its value is 'notset' # In this case, we can launch 'screen', else, we do nothing if [[ "$WINDOW" == "notset" ]] && [[ "$TERM" == "xterm" ]]; then screen -URD fi # un cron le dernier jour du mois ? facil 58 23 * * * [ `date -d tomorrow +%d` -eq '01' ] && echo "on est le dernier jour du mois !" # outil diff plus facil a comprendre :) : http://os.ghalkes.nl/dwdiff.html # genere mdp sous forme MD5 qu'on peut apres rejouer par exemple pour changer un password mkpasswd -H md5 monmdp #on peut rejouer ce resultat de la facon suivante : echo $result | chpasswd -e #hop mdp passe change ! cette manip peut etre interessante pour changer des passwords sans que ces #derniers passent en clair ! # getopts OPTERR=0 # pour ne pas afficher les erreurs retournees par getopts while getopts "h:dw:" optionName; do # toutes options suivies des : attends un parametre case "$optionName" in h) echo "option h avec $OPTARG" ;; d) echo "option d sans arg" ;; w) echo "option w avec $OPTARG" ;; [?]) # pour une option inconnue echo "option inconnue" exit 1 ;; esac done shift $(($OPTIND -1)) # smbclient smbclient \\\\IP_machine\\share -U user%password < commandes.txt avec commandes : get rep_origine\file_origine rep_distant\file_distant quit ou mount -t smbfs -o username="$LOGIN",password="$PASSWD" //$HOST$THESHARE $MONTAGE lister : smbclient -L <IP> -U <user> #monter partage windows sous linux : mount-t cifs -o username=toto,password=monsecret //adresseip/dossier /media/dossier # on sait jamais si je dois refaire du float ! echo "scale=2;2/3" | bc | sed "s/\.\(.*\)/0.\1/g" # shell and perl pour convertir des entrees en base64 cat file \ | perl -e 'use MIME::Base64;while (<>) { if (/^(.*):: (.*)$/) { print "$1: ".decode_base64($2)."\n";} else {print $_;}}' #tcpdump tcpdump -X src host A.B.C.D port xxxx #divers petite chose sur apt-get apt-config dump # pour avoir la conf apt-cache search plop # recherche de paquet plop dpkg -l # liste des paquets installes # monter une iso mount -o loop -t iso9660 /home/erwan/plop.iso /mnt/iso #bigmem or not ? grep HIGHMEM /boot/config-`uname -r` # envoie d'email par sendmail en ligne de commande cat test | sendmail -toi -vv -f plop@plop.com cat test = To:plip@plip.com Subject:Essai Test de mail . #afficher le contenu d'un fichier PEM : openssl x509 -inform PEM -in file -noout -text #afficher le contenu d'un fichier PKCS#12 : openssl pkcs12 -in file #afficher le contenu d'un fichier CSR (certificate signing request) : openssl req -noout -text -in server.csr #Postfix Voir la queue de postfix : postqueue -p La queue est la liste des courriels en attente. Vider la queue : postqueue -f Supprimer un courriel dans la queue : postsuper -d ID (l’ID est donné par la commande postqueue -p) Voir les statistiques de la queue : qshape incoming active deferred Les journaux d’activité sont /var/log/mail.*. # le repo d'archi debian http://archive.debian.org/debian-archive/debian/ # wget recursif wget -r -p http://ton.url.com # pour avoir des stats sur les connexions tcp/ip netstat -an|awk '/tcp/ {print $6}'|sort|uniq -c # dump dans des sql != BDDLIST=$(mysql -s -e "show databases;") for BASE in $BDDLIST do mysqldump --opt -Q -B "$BASE" | gzip > "$PATH_BCK"/"$DATE"_"$BASE".sql.gz done # les options pour un dump lisible : mysqldump -uLOGIN -p --opt --skip-extended-insert MABASE > /home/erwan/MABASE-`date +%Y%m%d`.sql # a ne pas oublier pour changer les options apt ! dpkg-reconfigure debconf # montage dumb : dans la fstab /srv/pureftpd/video/partage /srv/pureftpd/video/claire/partage none bind # mysql -e "SELECT * INTO OUTFILE '${dump_dir}/${i}_week_${date}.csv' FIELDS TERMINATED BY ';' OPTIONALLY ENCLOSED BY '"'"'"' LINES TERMINATED BY '\n' FROM ${base}.${i};" # tu veux tout flusher dans ton iptables #!/bin/sh echo "Stopping firewall and allowing everyone..." iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT # compter le nombre d'inodes find /tmp -printf "%i\n" | sort -u | wc -l # rebalancer les mails de la mailqueue sendmail -q -v # java keytool -import -alias aleikoum.net -keystore $JAVA_HOME/jre/lib/security/cacerts -file cert.crt keytool -list -keystore $JAVA_HOME/jre/lib/security/cacerts keytool -delete -alias aleikoum.net -keystore $JAVA_HOME/jre/lib/security/cacerts # wget de la mort wget -r --level=0 -E --ignore-length -x -k -p -erobots=off -np -N http://url.com/dir --user=USER --password=PASSWORD # passer des arguments avec des quotes en shell... plus un probleme command2="$command1 $count \"$myarg\"" eval $command2 # interessant a retenir THIRD_CHAR=`printf "%s" ${MY_STRING:2:1}` # logcheck test su logcheck -s /bin/bash -c "/usr/sbin/logcheck -l <logfile> -o -t" # a ne pas oublier :) [ "$(ls -A /tmp)" ] && echo "Not Empty" || echo "Empty" # astuce pour les separateurs lors d'un read qui par defaut est <tab> et <space> IFS=, echo $'one\t\tthree' | tr \\11 , | ( read one two three printf '<%s> ' "$one" "$two" "$three"; printf '\n' ) # sort on multiple fields cut -f3 plop.txt | sort -t / -k1n -k2n -n | uniq # multiple var quand on ne peut pas faire : printf '$CHAINE%.0s' {0..4} x() { # usage: x string num for i in $(seq 1 $2); do printf "%s" "$1"; done # print a newline only if the string does not end in a newline [[ "$1" == "${1%$'\n'}" ]] && echo "" } x "$CHAINE" $VAR # convertisseur de colonne number en colonne "excel" #!/bin/bash COLONNE=$1 if [ $COLONNE -lt 27 ] then let ASCII_VALUE=64+$COLONNE printf \\$(printf '%03o' $ASCII_VALUE) else let PARTIE_ENTIERE=$COLONNE/26 /tmp/plop.sh $PARTIE_ENTIERE let MODULO=$COLONNE%26 /tmp/plop.sh $MODULO fi # dec > hex hex() { echo $1 16op | dc; } hex() { printf "%X\n" $1; } # tu clones ta virtual box debian et tu n as pas de carte reseau ? rm /etc/udev/rules.d/70-persistent-net.rules reboot
Random Value in shell
Voici un petit script qui va permettre de generer des valeurs aleatoire en shell ouhou !
# If you need a random int within a certain range, use the 'modulo' operator. # This returns the remainder of a division operation. RANGE=500 echo number=$RANDOM let "number %= $RANGE" echo "Random number less than $RANGE --- $number" echo # If you need a random int greater than a lower bound, # then set up a test to discard all numbers below that. FLOOR=200 number=0 #initialize while [ "$number" -le $FLOOR ] do number=$RANDOM done echo "Random number greater than $FLOOR --- $number" echo # May combine above two techniques to retrieve random number between two limits. number=0 #initialize while [ "$number" -le $FLOOR ] do number=$RANDOM let "number %= $RANGE" # Scales $number down within $RANGE. done echo "Random number between $FLOOR and $RANGE --- $number" echo # Generate binary choice, that is, "true" or "false" value. BINARY=2 number=$RANDOM T=1 let "number %= $BINARY" # let "number >>= 14" gives a better random distribution # (right shifts out everything except last binary digit). if [ "$number" -eq $T ] then echo "TRUE" else echo "FALSE" fi echo
Base pour shell
mouais normalement on doit retrouver ceci :P :
# DEBUG_VALUE=0 : on affiche rien # DEBUG_VALUE=1 : seulement les ERR/CRITICAL # DEBUG_VALUE=2 : ERR/CRITICAL et WARN # DEBUG_VALUE=3 : ERR/CRITICAL, WARN et INFO # DEBUG_VALUE=4 : DEBUG max export DEBUG_VALUE=4 export NOM_SHELL="$0" export SORTIE="/dev/stdout" #... #puis dans le code #... [ $DEBUG_VALUE -ge 1 ] && echo "$NOM_SHELL - CRITICAL : cas critique" >> $SORTIE [ $DEBUG_VALUE -ge 2 ] && echo "$NOM_SHELL - WARNING : cas warning" >> $SORTIE [ $DEBUG_VALUE -ge 3 ] && echo "$NOM_SHELL - INFO : cas info" >> $SORTIE [ $DEBUG_VALUE -ge 4 ] && echo "$NOM_SHELL - DEBUG : cas debug" >> $SORTIE
Nota :
export SORTIE="/dev/stdout" ... [ $DEBUG_VALUE -ge 1 ] && echo "$NOM_SHELL - CRITICAL : cas critique" >> $SORTIE 2>&1
Verifier qu un element est dans une liste !
function elementExists() { myexcluded_list=$2 if [ -z "$1" ] then return fi for i in ${myexcluded_list[@]} do if [ $i == $1 ] then return 1 fi done return 0 }
Divers perl
# connaitre la version de manip perl -MDate::Manip -e 'print "$Date::Manip::VERSION\n"'
# connaitre le 3eme samedi du mois courant use Date::Manip; $days = ParseDate("today" ); #recherche du mois courant $mois=UnixDate($days,"%B" ); print $mois;print "\n"; $date = ParseDate("3rd saturday in $mois" ); print &UnixDate($date,"%Y-%m-%d" ); # qqmanipulations avec Manip # convertir un timestamp my $date = DateCalc("Jan 1, 1970 00:00:00 GMT","+ $secs"); $date = UnixDate($date,"%Y%m%d.%H%M%S"); # pour manipuler des date au format DD/MM/YYYY Date_Init("Language=French", "DateFormat=non-US"); # my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst)=localtime(time); my $file_timestamp = sprintf "%4d%02d%02d%02d%02d%02d",$year+1900,$mon+1,$mday,$hour,$min,$sec;
# ma gestion du debug et des sorties en Perl my ($sortie_err,$sortie_std)=("STDERR","STDOUT"); # debug_value=0 : on affiche rien # debug_value=1 : seulement les ERR/CRITICAL # debug_value=2 : ERR/CRITICAL et WARN # debug_value=3 : ERR/CRITICAL, WARN et INFO # debug_value=4 : DEBUG max my $debug_value=4; GetOptions ( 'E=s' => \ $sortie_err, 'err=s' => \ $sortie_err, 'S=s' => \ $sortie_std, 'std=s' => \ $sortie_std ); open(STDERR, ">>$sortie_err") || die "Erreur E/S:$!\n" if ($sortie_err != "STDERR"); open(STDOUT, ">>$sortie_std") || die "Erreur E/S:$!\n" if ($sortie_std != "STDOUT"); print STDERR "sur erreur\n" if ($debug_value >= 1); print STDOUT "sur standard\n" if ($debug_value >= 4); close (STDOUT) if ($sortie_std != "STDOUT"); close (STDERR) if ($sortie_err != "STDERR");
# lors du cgi # Récupération de input # Si GET my $input=$ENV{'QUERY_STRING'}; # Si passage en ligne de commande alors prime devant le reste $input = $ARGV[0] if (defined $ARGV[0]); # Si POST read(STDIN, $input, $ENV{'CONTENT_LENGTH'}) if ($ENV{'REQUEST_METHOD'} eq 'POST'); $input=~s/\+/ /g; $input=~s/%40/\\@/g; $input=~s/%2C/,/g; # Donnée rangée dans un hash my @liste_arg = split(/&/,$input); my %rarg; for (@liste_arg) { my ($key,$val) = split(/=/,$_,2); $rarg{$key} = $val; }
Certificat Auto-signed
# Creation de la cle du CA et de son certif openssl req -new -x509 -days 365 -keyout ca.key -out ca.crt # Creation du certificat openssl genrsa -out what.cert 1024 # Requete pour signer le certif openssl req -in what.cert -out what.req -keyout what.key -new -nodes # Signature du certificat par le CA openssl x509 -req -in what.req -out what.crt -CA ca.crt -CAkey ca.key -days 2000 -CAcreateserial # le pem est généré de la facon suivante cat what.crt what.key > what.pem
IMAP en Telnet
$ telnet <@_serveur> <port> Trying X.X.X.180... Connected to X.X.X.180. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information. A LOGIN "<login>" "<password>" A OK LOGIN Ok. BC SELECT "Inbox" * FLAGS (\Draft \Answered \Flagged \Deleted \Seen \Recent) * OK [PERMANENTFLAGS (\Draft \Answered \Flagged \Deleted \Seen)] Limited * 0 EXISTS * 0 RECENT * OK [UIDVALIDITY 1214902187] Ok * OK [MYRIGHTS "acdilrsw"] ACL BC OK [READ-WRITE] Ok ZZZZ LOGOUT * BYE Courier-IMAP server shutting down ZZZZ OK LOGOUT completed Connection closed by foreign host.
SMTP en Telnet
elnet servername portnumber MAIL FROM Admin@test.com RCPT TO: User@Domain.Com DATA Subject: test message This is a test message you will not see a response from this command. . QUIT
Postfix Astuces
convertir un mail encode sur 8bits en 7bits
Okay, firstly this may not be the best solution or even a solution at all...! It's just that I had to implement a 'per specific destination' configuration (in order to force 7-bit encoding for some recipients) and so a variation on my solution could well work for you. I don't want to imply I'm an 'expert' in all of this - I just learnt enough to achieve what I wanted to do... Hence, I will show you my relevent config verbatim then you can change it, and yours, to suit. Firstly, in /etc/master.cf I added the following line (leaving the default smtp service line alone): no8bitmimesmtp unix - - - - - smtp -o smtp_never_send_ehlo=yes Hence, in my case, this set up a service (callable by no8bitmimesmtp - you call yours something suitable) which simply runs the smtp dameon with the smtp_never_send_ehlo=yes directive set (i.e. all over config remains the same). In your case you'd need to instead force the sender_cananonical_maps... directive. Now, this 'modified' service needs to be called on a per-destination basis and this is done using a transport table. So, in /etc/postfix/transport I added the following: orange.net no8bitmimesmtp:[smtp.blueyonder.co.uk] This meant that all mail to orange.net would be 'ran through' the special no8bitmimesmtp service (with smtp.blueyonder.co.uk set as the next hop - modify to suit or check the check out the transport manpage to see how to modify accordingly and do more-specific/fancy matching etc). After creating/modifying /etc/postfix/transport create the database version using postmap (which I'm guessing you're familiar with). Then, finally(!), in /etc/postfix/main.cf, I added the following line: transport_maps = hash:/etc/postfix/transport ..to check the above transport table for matches (and corresponding actions). I think that's pretty much it. If it looks like this method could be of use, and you need anything elaborating on, just shout. I've kept it brief as it could work out-of-the-box for you (modified to suit) or it could be way off target.... either way it'd be a waste to add any more detail! ;)
source : http://ubuntuforums.org/archive/index.php/t-235886.html
Gnome
auto exec
On souhaite lancer un exec apres le chargement de gnome et de son environnement
exemple ici avec firefox lancer au demarrage
Creer un fichier dans le rep /etc/xdg/autostart/ (dans notre cas /etc/xdg/autostart/firefoxquickstart.desktop)
puis editer ce fichier ainsi :
[Desktop Entry] X-SuSE-translate=true Encoding=UTF-8 Name=Firefox Quickstart Comment=Firefox Quickstart GenericName=Firefox Quickstart Exec=/usr/bin/firefox http://quickstart/ Terminal=false Type=Application NoDisplay=false Categories=FirefoxQuickstart;
ecran de login
Tout se passe
chargement de Gnome
Tout se passe ici /etc/opt/gnome/gconf/gconf.xml.defaults/apps/gnome-session/options/%gconf.xml
site pratique
http://asher256.tuxfamily.org/index.php?2005/12/29/10-personnaliser-gnome-avec-gconf
Algo
un peu de dichotomie
#!/bin/sh max=999 fic="/tmp/erwan/liste-fic" flag="NOT-FIND" pattern="fichier" # premier test : y a t il de la place ? nb_lignes=`wc -l $fic | cut -d " " -f 1` echo "nb_lignes == $nb_lignes" if [[ $nb_lignes -gt $max ]] then echo "il n y a pas de place dispo" exit 1 fi # initialisation des variables pour la recherche let limite_haute=$max limite_basse=0 let compteur=$nb_lignes/2 while [[ $flag == "NOT-FIND" ]] do # sauvegarde des bornes de recherches o_limite_haute=$limite_haute o_limite_basse=$limite_basse # dans le $fic les lignes sont sous la forme : $pattern.nnn fic_temp=`cat $fic | head -n $compteur | tail -n 1 | sed "s/$pattern\.\(...\)/\1/g" | sed "s/^0\(..\)/\1/g" | sed "s/^0\(.\)/\1/g"` # on compare l'indice ($fic_temp) du fichier avec compteur ($compteur) # qui correspond a la moyenne entre [$limite_basse,$limite_haute] if [[ $compteur -eq $fic_temp ]] then #echo "compteur $compteur egal a $fic_temp" limite_basse=$fic_temp elif [[ $compteur -lt $fic_temp ]] then #echo "compteur $compteur inf a $fic_temp" limite_haute=$fic_temp elif [[ $compteur -gt $fic_temp ]] then #echo "compteur $compteur sup a $fic_temp" limite_basse=$fic_temp fi let compteur=($limite_haute+$limite_basse)/2 #echo "les limites deviennent [$limite_basse;$limite_haute]" #echo "les anciennes limites deviennent [$o_limite_basse;$o_limite_haute]" if [[ $limite_haute -eq $o_limite_haute ]] && [[ $limite_basse -eq $o_limite_basse ]] then let compteur=$limite_basse+1 flag="FIND" fi #echo"" done compteur=`printf "%03d" "$compteur"` echo "fic est $pattern.$compteur" echo "fin" exit 0
Git
useful commands
# some git stuff git clone git@machine:repo git config --global user.name "Erwan Ben Souiden" git config --global user.email "erwan.bensouiden@plop.com # nombre de commits par commiters git shortlog -s -n # liste les differents commiters d'un projet git log --format='%aN' | sort -u # nombre de commits sans compter les merges git log --pretty=oneline --no-merges | wc -l # obtenir la liste des operations d'un repository for a in `git rev-list $ID_LAST_COMMIT`;do git diff-tree -r -c -M -C --root --no-commit-id $a >> /tmp/list;done # date des tags git log --tags --simplify-by-decoration --pretty="format:%ai %s" # liste de tous les tags git for-each-ref --sort='*authordate' --format='%(refname:short)' refs/tags # info sur le taf git show TAG_NAME # really useful for your post-merge script git diff --name-only HEAD@{1}..HEAD
PostgreSQL
bases
# equivalent du use \c dbname # show tables \d # desc table \d tablename # show databases \l # list users \du # pour bash psql $BASE -t --no-align --field-separator ';' -c "$QUERY" # just in case psql -U $USER --host $hOST --port $PORT $BASE -t --no-align --field-separator ';' -c "$QUERY" # createuser -D -R -S -P -E yourusername createdb -O yourusername yourDB # change password ALTER USER youruser WITH ENCRYPTED PASSWORD 'password'; # ## list all triggers select * from pg_trigger; ## display triggers in psql select prosrc from pg_trigger,pg_proc where pg_proc.oid=pg_trigger.tgfoid and pg_trigger.tgname = 'TRIGGER_NAME' # enable plpgsql createlang -U postgres plpgsql DATABASE_NAME # list all enabled languages of a database createlang -U postgres -l DATABASE_NAME
requetes pratiques
# voir ce qui se passe au global select * from pg_stat_activity; # reduction sur les current queries SELECT datname,procpid,current_query FROM pg_stat_activity; # voir ce qui se passe avec tri sur les 10 plus vieilles SELECT datname,procpid,current_query, query_start FROM pg_stat_activity ORDER BY query_start limit 10; # voir qui et avec quelle requete on squatte le plus la base SELECT count(*) as cnt, usename, current_query FROM pg_stat_activity GROUP BY usename,current_query ORDER BY cnt DESC; # stats sur les IO et le cache avec le ratio SELECT datname, blks_read, blks_hit, round((blks_hit::float/(blks_read+blks_hit+1)*100)::numeric, 2) as cachehitratio FROM pg_stat_database ORDER BY datname, cachehitratio ; # voir tout un tas d'info show seq_page_cost;show random_page_cost; show cpu_tuple_cost; show cpu_index_tuple_cost; show cpu_operator_cost; show effective_cache_size; # info sur les DB SELECT datname, numbackends, xact_commit, xact_rollback, blks_read, blks_hit FROM pg_stat_database ORDER BY datname ; # taille des tables de la base sur laquelle on est connecte SELECT schemaname||'.'||tablename as table,pg_total_relation_size(schemaname||'.'||tablename) as size from pg_tables order by size desc; # taille d'une DB SELECT pg_database_size('mydb'); SELECT pg_size_pretty(pg_database_size('mydb')); # taille d'une table SELECT pg_size_pretty(pg_total_relation_size('mytable')); # meme mais sans index SELECT pg_size_pretty(pg_relation_size('mytable')); #creer un index CREATE INDEX name ON table USING index_type (column); # changer le display equivalent au \G mysql \x # ecrire dans un fichier \o /tmp/plop # lister les index d'une base SELECT c.relname as "Name" FROM pg_catalog.pg_class c LEFT JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace LEFT JOIN pg_catalog.pg_index i ON i.indexrelid = c.oid LEFT JOIN pg_catalog.pg_class c2 ON i.indrelid = c2.oid WHERE c.relkind IN ('i','') AND n.nspname <> 'pg_catalog' AND n.nspname <> 'information_schema' AND n.nspname !~ '^pg_toast' AND pg_catalog.pg_table_is_visible(c.oid); # stats sur les index SELECT schemaname, relname, indexrelname, idx_scan, idx_tup_read, idx_tup_fetch FROM pg_stat_all_indexes where schemaname='public' ORDER BY schemaname, relname; # affiche toutes les commandes pour vider une base SELECT 'TRUNCATE TABLE ' || tablename || ' CASCADE;' FROM pg_tables WHERE tableowner='msot-user'; # mais astuce DROP DATABASE mydb; CREATE DATABASE mydb TEMPLATE my_template; drop view pg_buffercache; drop function pg_buffercache_pages(); create extension pg_buffercache;
droit en lecture seulement
postgres@infra:~$ createuser -S -R -D -P -E backupUser
for table in `echo "SELECT relname FROM pg_stat_all_tables;" | psql $DATABASENAME | grep -v "pg_" | grep "^ "`; do echo "GRANT SELECT ON TABLE $table to \"backupUser\";" echo "GRANT SELECT ON TABLE $table to \"backupUser\";" | psql $DATABASENAME done
lire en plus: http://www.ruizs.org/archives/89 extrait:
I’m guessing 95% of postgres users just use the default “public” schema, and as such, you need to revoke create privileges from the PUBLIC group. Otherwise, your “read-only” user will still be allowed to create tables that it owns, even if you’ve only given it read only access to all other objects in your database. For this example, we’ll use database name “mydb”, database user/owner “mydbuser”, and we’ll create a read-only user named “mydbuser_ro”. This assumes that you did not define a schema for your database and are using the default “public” schema. # Revoke default permissions from public group: REVOKE CREATE ON SCHEMA public FROM PUBLIC; REVOKE USAGE ON SCHEMA public FROM PUBLIC; # Add back permissions for your database owner: GRANT CREATE ON SCHEMA public TO mydbuser; GRANT USAGE ON SCHEMA public TO mydbuser; # Create the new user via the command line, or pgadmin/etc: psql -U postgres -t -c "create role mydbuser_ro password 'abc123' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN; # Grant usage permissions for your read-only user: GRANT USAGE ON SCHEMA public TO mydbuser_ro; # Grant select permissions on all database tables from the command line: psql -U postgres -qAt -c "select 'grant select on ' || tablename || ' to \"mydbuser_ro\";' from pg_tables where schemaname = 'public'" mydb | psql -U postgres mydb #note: chaque table est sur ce schema REVOKE ALL ON TABLE mytable FROM PUBLIC; REVOKE ALL ON TABLE mytable FROM mydbuser; GRANT ALL ON TABLE mytable TO mydbuser; GRANT SELECT ON TABLE mytable TO "mydbuser_ro";
a propos des dumps
# only le schema pg_dump --schema-only
changer le owner de toutes les tables/vues/sequences
for tbl in `psql -qAt -c "select tablename from pg_tables where schemaname = 'public';" YOUR_DB` ; do psql -c "alter table $tbl owner to NEW_OWNER" YOUR_DB ; done for tbl in `psql -qAt -c "select sequence_name from information_schema.sequences where sequence_schema = 'public';" YOUR_DB` ; do psql -c "alter table $tbl owner to NEW_OWNER" YOUR_DB ; done for tbl in `psql -qAt -c "select table_name from information_schema.views where table_schema = 'public';" YOUR_DB` ; do psql -c "alter table $tbl owner to NEW_OWNER" YOUR_DB ; done
about log
Voici deux confs qu'on pourra switcher uniquement via un reload (et donc sans avoir a restart le service)
no log
attention il y aura un log mais qui ne contiendra que les erreurs (login rate, connection echouee...)
... log_destination = 'stderr' logging_collector = on log_directory = 'pg_log' log_filename = 'postgresql-only_error.log' log_rotation_size = 10MB client_min_messages = error log_min_messages = fatal log_min_error_statement = error log_checkpoints = off log_connections = off log_disconnections = off log_duration = off log_error_verbosity = verbose log_hostname = off log_line_prefix = '%t [%p]: [%l-1] db=%d,user=%u ' log_statement = 'none' ...
with log
... log_destination = 'stderr' logging_collector = on log_directory = 'pg_log' log_filename = 'postgresql-%Y-%m-%d.log' log_min_duration_statement = 0 log_checkpoints = on log_connections = on log_disconnections = on log_duration = on log_error_verbosity = default log_hostname = on log_line_prefix = '%t [%p]: [%l-1] db=%d,user=%u ' log_lock_waits = on log_statement = 'none' log_temp_files = 0 ..
Avec pgfouine il ne reste qu'a analyser
pgfouine /home/postgresql/9.0/main/pg_log/postgresql-$yesterday-$h.log > /root/pgfouine-devel/postgresql-$yesterday-$h.html 2> /dev/null
various links
http://forums.postgresql.fr/viewtopic.php?id=1333 : réplication des stats générées par le vaccum (hot stand by)
MySQL
droits pour un user backup
il faut creer un user avec des privileges particuliers
mysql> GRANT RELOAD,SELECT,LOCK TABLES ON *.* TO 'backupuser'@localhost IDENTIFIED BY 'passwordenclair';
puis il suffit juste de
mysqldump -ubackupuser -ppasswordenclair --all-databases --flush-privileges --lock-all-tables > /tmp/plop
Drop toutes les tables d'une base
mysqldump -u[USERNAME] -p[PASSWORD] --add-drop-table --no-data [DATABASE] | grep ^DROP | mysql -u[USERNAME] -p[PASSWORD] [DATABASE]
Drop de toutes les DB sauf les exludes
USER="root" PASS="password" HOST="127.0.0.1" PORT="3307" EXCLUDE="\(plop\|mysql\|test\)" ######################## COMMANDE="mysql -N -u${USER} -p${PASS} --host=${HOST} --port=${PORT}" #MYSQL=$(mysql -N -u${USER} -p${PASS} --host=${HOST} --port=${PORT} <<<"SHOW DATABASES" | grep -v -e $EXCLUDE | tr "\n" " ") DB=$($COMMANDE <<<"SHOW DATABASES" | grep -v -e $EXCLUDE) for a in $DB do echo "$COMMANDE -e \"drop database \`$a\`\"" $COMMANDE -e "drop database \`$a\`" done
Apache
compression avec mod_deflate
extrait d'une conf d'un virtual host
... # Activation de la compression pour les fichiers html, css et js AddOutputFilterByType DEFLATE text/html text/plain text/css text/javascript application/x-javascript BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html # Pour debugger le mod_deflate #DeflateFilterNote Input input_info #DeflateFilterNote Output output_info #DeflateFilterNote Ratio ratio_info #LogFormat '"%r" %{output_info}n/%{input_info}n (%{ratio_info}n%%)' deflate #CustomLog /usr/local/web2rama/logs/access_log deflate ...
gestion des url avec des separateurs encodes
AllowEncodedSlashes On
gestion cache
ExpiresActive On ... <Directory /mypath/> Options ExecCGI FollowSymLinks AllowOverride all Allow from all Order allow,deny ExpiresDefault "access plus 1 week" Header append Cache-Control "public" </Directory> ...
limitation par ip
Order deny,allow Allow from 10.0.2.0/24 Deny from all Satisfy Any
Exim
useful commands
# info sur un mail exim4 -d -bt $ID_MAIL # forcer la relance des frozen exim -qff # afficher des infos sur la queue (qui quand comment) exiqgrep # supprimer les messages frozen de la queue exiqgrep -z -i | xargs exim -Mrm # releaser manuellement un mail exim -v -M $ID_MAIL
SVN
Log XML problem
It's relatively rare but sometimes when you dump a log in xml format. E.g :
$ svn log --xml -v https://pyx4j.com/svn/pyx4me/pyx4me-maven-plugins/proguard-maven-plugin > /tmp/proguard-maven-plugin-DUMP
And if you read /tmp/proguard-maven-plugin-DUMP you'll find this :
<?xml version="1.0"?> <log> <logentry revision="4011"> <author>vlads</author> <date>2009-09-10T16:17:24.482460Z</date> <paths> <path kind="" action="M">/pyx4me/pyx4me-maven-plugins/j2me-maven-plugin/pom.xml</path> <path kind="" action="M">/pyx4me/pyx4me-maven-plugins/obex-maven-plugin/pom.xml</path> <path kind="" action="M">/pyx4me/pyx4me-maven-plugins/pom.xml</path> <path kind="" action="M">/pyx4me/pyx4me-maven-plugins/proguard-maven-plugin/pom.xml</path> </paths> ...
The kind attribut is empty.
We test it with several SVN client version and still got the same "problem".
So we decide to download the subversion sources and check it. And we find the following interesting lines in the file /path/subversion-1.6.13/subversion/svn/schema/log.rnc :
... ## Path within repository. path = element path { attlist.path, text } attlist.path &= ## "action code": A)dd, D)elete, R)eplace or M)odify attribute action { "A" | "D" | "R" | "M" }, ## kind is "" when repository was < 1.6 when committing attribute kind { "file" | "dir" | "" }, ( ## The copyfrom path within repository. attribute copyfrom-path { text }, ## Copyfrom revision number. attribute copyfrom-rev { revnum.type })? ...
It seems to depend of the subversion server version when you commit your changes !
But why do we see this only on few repositories (reminder : subrversion v1.6 was released on 20/03/2009) ?
- there are stil some old subversion servers
- some subversion servers seem to be upgraded in a badly way thus the kind attribut stay empty...
Hack the date of a revision
If you want to change the date of a revision
- First create this file in your repo : <path_to_repo>/hooks/pre-revprop-change (please be sure this file is executable :) )
#!/bin/sh REPOS="$1" REV="$2" USER="$3" PROPNAME="$4" ACTION="$5" if [ "$ACTION" = "M" -a "$PROPNAME" = "svn:log" ]; then exit 0; fi if [ "$ACTION" = "M" -a "$PROPNAME" = "svn:date" ]; then exit 0; fi echo "Changing revision properties other than svn:log or svn:date is prohibited" >&2 exit 1
- Then you just have to run the following command in your copy :
$ svn propset -r2 --revprop svn:date "2018-03-10T03:00:00.000000Z"
!!! the date must follow the ISO date format.