<columns 80%  ->

===== Networks =====

[[ tcpdump | TCP Dump ]]

[[ wireshark | Wireshark ]]

[[ strace | strace ]]

[[ nmap | nmap ]]

[[ iptables | iptables ]]

[[ nis | NIS ]]

[[ RHEL Net | rhelnet ]]

[[ ip | IP ]]

[[ fibrechannel | Fibre Channel ]]
<newcolumn>

===== System =====

[[ bash | bash ]]

[[ awk | awk ]]

[[ vi | vi ]]

[[ screen | screen ]]

[[ ldap_auth | ldap auth ]]

[[ imagemagick | ImageMagick ]]

[[ fs_xfs | FS: XFS ]]

[[ regex | RegEx ]]

[[ ldap | ldap ]]

[[ vmware | VMWare ]]

[[ acl | acl ]]

[[ quota | quota ]]

[[ openssl | openssl ]]

[[ crypto | crypto ]]

[[ zfs | ZFS ]]

<newcolumn>

===== Services =====

[[ sendmail | sendmail ]]

[[ printing | Linux Printing ]]

[[ apache | apache ]]

[[ samba3 | samba3 ]]

[[ subversion | subversion ]]

[[ awstats | AwStats ]]

[[ mysql | mysql ]]

[[ postfix | postfix ]]

[[ munin | munin ]]

[[ php | php ]]

[[ rmail2mbox | rmail2mbox ]]

[[ observium | observium ]]

</columns>

===== Misc =====

[[ tmux | tmux ]]

==== Modern GNU ====

<code bash>
httppie     # wget curl
bat         # cat
ncdu        # du
htop        # top
fd          # find
exa         # la
duf         # df
tldr        # man
neovim      # vim
</code>


==== LetsEncrypt on DigitalOcean ====


Use this when the authentication method fails


<code bash>
# Specify the webroot verification method
certbot --authenticator webroot --installer apache
</code>


==== List out kernel module options ====
<code bash>
cat /proc/modules | cut -f 1 -d " " | while read module; do \
 echo "Module: $module"; \
 if [ -d "/sys/module/$module/parameters" ]; then \
  ls /sys/module/$module/parameters/ | while read parameter; do \
   echo -n "Parameter: $parameter --> "; \
   cat /sys/module/$module/parameters/$parameter; \
  done; \
 fi; \
 echo; \
done
</code>


==== Find stuff ====
<code bash>
# Find empty directories, delete them
find test -depth -empty -delete
</code>

==== Disk clone with progress ====
<code bash>
(pv -n /dev/sda | dd of=/dev/sdb bs=128M conv=notrunc,noerror) 2>&1 | dialog --gauge "Running dd command (cloning), please wait..." 10 70 0
</code>

==== Monitoring dd progress with pv ====
<code>
sudo dd if=/dev/sdb | pv -s 2G | dd of=DriveCopy1.dd bs=4096

# 440MB 0:00:38 [11.6MB/s] [======>                             ] 21% ETA 0:02:19
</code>


==== Recovering a blown LVM disk ====
<code>
#Recover disk to image with some kind of image copy
dd if=/dev/sdc of=/mnt/bigstorage/mydisk.img bs=1M

# Loop the disk
losetup /dev/loop2 /mnt/bigstorage/mydisk.img

# Find the partitions
fdisk -l /dev/loop2

# Remove disk loop
losetup -d /dev/loop2

# Make the disk the size of the original disk if dd stopped early
truncate -s nnnnn  /mnt/bigstorage/mydisk.img

# Loop the partition
#  offset it sector start (found in the fdisk) times the sector size
#  i.e. start sector 2048, sector size 512 = 1048576
losetup --offset xxxx /dev/loop3 /mnt/bigstorage/mydisk.img

# Scan for the disk
pvs

# Check it came online
lvdisplay

# Check it
fsck /dev/mapper/...
</code>


==== Testing multi-cast traffic ====
<code bash>
# on receiver
iperf -s -u -B 224.0.0.1 -i 1

# on sender
iperf -c 224.0.0.1 -u -T 32 -t 3 -i 1

# data will appear on receiver
</code>

==== Get notifications of file updates ====
<code bash>
yum install inotify-tools

# Use this to rsync files to remote server in near real time
inotifywait -r -m -e close_write --format '%w%f' . | while read MODFILE; do echo $MODFILE; done
</code>

==== Assign AD Unix Attr ====
<code>
#CN=shared,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=shared,DC=sydney,DC=edu,DC=au

</code>

==== Reapply Default RHEL Perms ====

<code bash>
# Will take some time, dont run stoopid cmds
#  in the first place and this wouldn't happen!
for u in $(rpm -qa); do rpm --setugids $u; done
for p in $(rpm -qa); do rpm --setperms $p; done

# Verify all packages
rpm -Va
</code>
==== .bashrc ====

[[ sysadmin:bashrc | .bashrc script ]]

==== SSH Keys ====

<code bash>
ssh-keygen -t rsa -C "Comment"

# View the randomart
#
# add to command line:  -o VisualHostKey=yes 
# or in ~/.ssh/config
# VisualHostKey=yes 


</code>

==== Wordpress reverse proxy ====

<code php>
// Fixes wp-admin/ stripping the basedir
//  add to wp-config.php, before define('WP_HOME'...
$_SERVER['HTTP_HOST'] = $_SERVER['HTTP_X_FORWARDED_HOST'];
$_SERVER['REQUEST_URI'] = '/sub-dir' . $_SERVER['REQUEST_URI'];
$_SERVER['SCRIPT_NAME'] = '/sub-dir' . $_SERVER['SCRIPT_NAME'];
$_SERVER['PHP_SELF'] = '/sub-dir' . $_SERVER['PHP_SELF'];
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
</code>

==== EPEL Repo ====

<code bash>
rpm --import https://rhnss.usyd.edu.au/pub/RPM-GPG-KEY-EPEL-6
</code>

==== Ubuntu 14.10 Oracle Java ====
<code bash>
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java8-installer
</code>

==== PAM Tally ====
<code bash>
# Unlock a user locked by tally
pam_tally2 --user pfowler --reset=0
</code>

==== Create shadow password hash ====
<code bash>
# $<type>$<salt>$<encrypted password>
# $1$ = MD5
# $5$ = SHA-256
# $6$ = SHA-512

#MD5
openssl passwd -1 -salt <salt> <password>
mkpasswd -m md5 <password><salt>

# Sha
mkpasswd -m sha-512 <password> <salt>
</code>
==== Colorful ====
<code bash>
# Print all the pwetty colors
for i in {0..255} ; do
    printf "\x1b[38;5;${i}mcolour${i}\n"
done
</code>

==== TCP ====
<code>
# Prevent idle connections drop from know it all network admins
# /etc/sysctl.conf
net.ipv4.tcp_keepalive_time = 1800   # Time from last packet till begin keepalive (seconds)
net.ipv4.tcp_keepalive_intvl = 75    # how often to send keepalives (seconds)
net.ipv4.tcp_keepalive_intvl = 20    # How many failed ACKs until determining connection is dead

# Windows
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
DWORD KeepAliveInterval=120000 (2 minutes)
DWORD KeepAliveTime=1000 (1 second)
</code>


==== Pear ==== 
<code bash>
# Set proxy server
sudo pear config-set http_proxy http://www-cache.usyd.edu.au:8080
# Install package
sudo pear install DB
</code>

==== Recover files on Networker ==== 
<code bash>
# Go into directory, then recover console
cd /data/
recover

# List of versions available
recover> versions /etc

# Set a point in time to look at
recover> changetime 10/1/2011

# Add files to be recovered
recover> add logs

# Recover files
recover> recover

# Or recover into new directory
recover> recover -d /data/logs_recovered/
</code>

==== Hot Add RAM to RHEL VM ==== 
<code bash>

# Check for offline blocks
grep offline /sys/devices/system/memory/*/state

# Online each of the mem blocks
IFS='
'
for x in $(grep offline /sys/devices/system/memory/*/state); do MEM=$(echo $x | cut -d: -f1); echo online > $MEM; done
</code>

==== Hot Add HDD to RHEL VM ====

<code>

# Find the host bus number
grep mpt /sys/class/scsi_host/host?/proc_name

# Which will return the host?
# /sys/class/scsi_host/host0/proc_name:mptspi

# Set it to scan
# controller, channel, lun
echo "- - -" > /sys/class/scsi_host/host0/scan

# Check that it was found
dmesg
</code>

==== Online Resize VM disk ==== 
<code>
echo 1 > /sys/block/sdb/device/rescan
dmesg
#sdb: detected capacity change from 21474836480 to 42949672960
#SCSI device sdb: 83886080 512-byte hdwr sectors (42950 MB)
pvresize /dev/sdb
</code>

==== SSH Tunnel ==== 
<code bash>
# Tunnel from local server, through middle, to remote
# This example connects to the web server on remove
ssh pfowler@middle.server.com -NL 10080:remote.server.com:80
# Then connect to the newly created local port
telnet localhost 10080
# This will bind to all interfaces (Instead of just localhost)
ssh pfowler@middle.server.com -NL 0.0.0.0:10080:remote.server.com:80

# Socks proxy
ssh -D 0.0.0.0:3128 pfowler@inetserver

# Chaining
ssh -NL 6000:B:22 -o TCPKeepAlive=no -o ServerAliveInterval=15 A &
ssh -NL 6001:C:22 -o TCPKeepAlive=no -o ServerAliveInterval=15 localhost -p 6000 &
ssh -NL 6002:D:22 -o TCPKeepAlive=no -o ServerAliveInterval=15 localhost -p 6001 &
ssh -NL 6003:E:22 -o TCPKeepAlive=no -o ServerAliveInterval=15 localhost -p 6002 &
ssh localhost -p 6003
Welcome to E!
$ 
</code>

==== Obby ==== 

<code bash>
# Install
sudo apt-get install infinoted kobby

# Create a certificate (Watch the double '-' f'ing up in Wiki)
mkdir /opt/obby && cd /opt/obby
infinoted --create-key --create-certificate -k keyE.pem  -c cert.pem

# Add to rc.local
/usr/bin/infinoted -k /opt/obby/key.pem  -c /opt/obby/cert.pem
</code>

==== NetCat ==== 

{{:sysadmin:netcat_cheat_sheet_v1.pdf|Cheat Sheet}}

<code bash>
# Listen on a port
nc -l <port>

# Port scanner
nc -v -w 1 localhost -z 1-3000

# File Transfer
nc -lp 2222 > file.zip  # Destination
nc -w 1 10.48.2.40 2222 < file.zip  # Source

# Telnet server
nc -lp 2222 -e /bin/bash

# Simple web server
while true; do nc -l -p 80 -q 1 < error.html; done

# Hard drive cloning
dd if=/dev/sda | nc 192.168.0.1 9000  # Source
nc -l -p 9000 | dd of=/dev/sda   # Destination

</code>


==== DIG ==== 

http://www.madboa.com/geek/dig/

==== Mount a dir on another dir ==== 
<code>
mount -t none -o rw,bind /mnt/newdisk/tmp /tmp
</code>

==== Find hardware model ==== 
<code>
/usr/sbin/dmidecode | grep "Product Name" | head -1
</code>

==== 3TB Partitions ====

<code>
(parted) mklabel gpt
(parted) unit TB
#(parted) mkpart primary 0.00TB 3.00TB
# Use all space instead
(parted) mkpart primary 0% 100%
(parted) print
(parted) quit
</code>


==== LVM in 3 Minutes ==== 

[[http://www.walkernews.net/2007/07/02/how-to-create-linux-lvm-in-3-minutes/]]

<code bash>
# Create partition on drives
fdisk /dev/sdb
fdisk /dev/sdc
# Create the physical volumes
pvcreate /dev/sdb1
pvcreate /dev/sdc1
# Create the volumne group
vgcreate -s 16M vg00 /dev/sdb1 /dev/sdc1
# Create logical group
lvcreate -L 100G -n lvol0 vg00
lvcreate -l 100%FREE -n lvol1 vg00
# Make Ext4 parition
mkfs.ext4 /dev/mapper/vg00-lvol0
# Mount the mofo
mount /dev/mapper/vg00-lvol0 /mnt/storage
</code>

==== Resize a partition ====
<code bash>
parted /dev/sda
(parted) resizepart 1 100%
(parted) quit
resize2fs /dev/sda
</code>


==== Update DNS with hostname ==== 
<code>
# Add to /etc/sysconfig/network-scripts/ifcfg-eth0
DHCP_HOSTNAME=$HOSTNAME
</code>

==== Discover DHCP servers on network ====
<code>
nmap --script broadcast-dhcp-discover -e enp5s0f0
</code>
==== LSOF ==== 

http://www.ibm.com/developerworks/aix/library/au-lsof.html

<code bash>
# Top 10 open files
lsof | sort -n -k7 -r |  uniq -f8 | head
# Open From directory
lsof +D /path/to/dir/
# By PID
lsof -a -p <pid>
</code>

==== Tar over Network ==== 
<code bash>
#Create a tmp file
TEMPFILE=$(mktemp -p /var/tmp)


# Alternative:
cat file.tar.gz | ssh -C user@serverip 'cd /un/tar/dir && tar -xvp'
</code>

==== Dialog and XDialog ==== 

[[http://linuxgazette.net/101/sunil.html]]

==== Packages Stuff ==== 
<code bash>
# List installed packages
rpm -qa
dpkg-query -l *

# List files from install package
rpm -ql foo
dpkg-query -L foo

# What package owns a file
rpm -qf /usr/bin/mysql
dpkg-query -S /usr/bin/cupsdconf

# What files are in a package
rpm -qpl  pkg.rpm

# Remove a package
dpkg -r <package name>

# Verify all installed packages
rpm -Va

# Rebuild corrupted DB
cd /var/lib/rpm
rm __db*
rpm --rebuilddb
rpmdb_verify Packages

</code>

==== Australian Timezones ==== 

^ OS   ^ Config File   ^
| RHEL5  | /etc/sysconfig/clock   |
| Debian   | /etc/timezone   |

And update localtime:

<code bash>
ln -sf /usr/share/zoneinfo/Australia/Sydney /etc/localtime
</code>


<code>
Australia/ACT
Australia/Adelaide
Australia/Brisbane
Australia/Broken_Hill
Australia/Canberra
Australia/Currie
Australia/Darwin
Australia/Eucla
Australia/Hobart
Australia/LHI
Australia/Lindeman
Australia/Lord_Howe
Australia/Melbourne
Australia/NSW
Australia/North
Australia/Perth
Australia/Queensland
Australia/South
Australia/Sydney
Australia/Tasmania
Australia/Victoria
Australia/West 
</code>