• VMware

    Learn about VMware virtualization for its products like vsphere, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Life always offers you a second chance...Its called tomorrow!!!

    Monday, September 29, 2014

    How to do a case sensitive search inside vi editor in Linux

    VI editor can sometimes be very tricky and irritating if you are not fully aware of those small arguments which could make your life much easier while working on the editor. One such thing when are trying to search a string and you want the search to be case sensitive.

    Let me tell you some special arguments which can be used for this purpose

    How to search a string in vi editor?

    • Exit the editing mode i.e. INSERT mode by pressing "Esc" from your keyboard
    • Then press Forward Slash "/"
    • Next type the string you want to search which should appear at the lower left bottom of the editor
    • Hit Enter

    If the searched string exists in the file, then it would be  highlighted  in some color.

    To perform a Case sensitive search

    Using the above method the search is normal and not case sensitive so there is a probability that you might miss out any word with a different case. To make sure you get everything as required follow the below steps

    • Press "Esc" to exit the INSERT mode
    • Then type ":set smartcase"

    Now if you search for "The" string then you will get all the words having "The" with capital "T" and others would be skipped i.e. "the".

    To remove a case sensitive search


    • Press "Esc" to exit the INSERT mode.
    • Then type ":set ignorecase"

    Using this if you search "THE", then all the words ir-respective of their case would be highlighted

    You can also use ":set ic" to set ignore space and ":set noic" to set smartcase.

    NOTE: Once all the search strings are highlighted you can go the next matched word by pressing "n" and in case you want to search backward then press "N". To go the first search in the file press "ggn"

    I hope this article was useful.

    Related Articles:
    10 practical examples to use USERADD command in linux
    10 Practical Examples for using FIND Command in Linux
    10 examples to help you understand top command usage in Unix/Linux
    15 tips to enhance security of your Linux machine


    Follow the below links for more tutorials

    How to configure iscsi target using Red Hat Linux
    What are the different types of Virtual Web Hosting in Apache
    Comparison and Difference between VMFS 3 and VMFS 5
    How to configure PXE boot server in Linux using Red Hat 6
    How to secure Apache web server in Linux using password (.htaccess)
    How to register Red Hat Linux with RHN (Red Hat Network )
    How does a DNS query works when you type a URL on your browser?
    How to create password less ssh connection for multiple non-root users
    How to create user without useradd command in Linux
    How to give normal user root privileges using sudo in Linux/Unix
    How to do Ethernet/NIC bonding/teaming in Red Hat Linux
    How to install/uninstall/upgrade rpm package with/without dependencies
    Why is Linux more secure than windows and any other OS
    What is the difference between "su" and "su -" in Linux?
    What is the difference/comparison between Unix and Linux ?
    RAID levels 0, 1, 2, 3, 4, 5, 6, 0+1, 1+0 features explained in detail

    How does a successful or failed login process works in Linux

    In this article I will try to explain all the events which happens in the background after your Linux machine boots up and you make an attempt to login into the console.

    In my last article I had told you regarding Step by Step Procedures of Linux Booting Process in which I ended the article where you get the GUI prompt if loaded into level 5 or a CLI terminal if loaded into level 3. 

    Lets continue the story of what happens to our hero and heroine after that... :-)

    When the Linux system boots up you get a console similar to below,
    machine_name login:

    This prompt is generated by a program called getty which is regenerated every time when an incorrect password is provided, by the init process which is again created by fork function.

    NOTE: Fork is a function which creates a new process by duplicating the calling process. The new process, referred to as the child, is an exact duplicate of the calling process, referred to as the parent.

    To be brief the Linux login works as per the below steps

    1. Getty process presents the login prompt to the user console
    2. Once the username is provided, the password is validated and if successful the user is allowed to login into the shell
    3. If there is a failure getty process is re-initiated by the fork function and the password prompt re-appears.
    4. The maximum number of failure attempts would be allowed as defined under the pam configuration.
    5. Eventually once the maximum no. of failure attempts is reached the gety process would be suspended for a timeout value as defined in pam configuration after which again the login prompt would appear starting from Step 1.

    Now the above steps were explained only in relative to the process used and it functions. But there are alot of other things happening in the background so lets get a overview on those topics as well.

    Below are the steps using which the login process can be summarized

    Login Prompt

    Getty Process
    As soon as you reach the console you will get a login console which is presented to you by getty process as explained above where you need to put the username using which you will be login into your account.

    Files checked
    Once you enter the username below are few files which are checked w.r.t. the name provided which determines the next course of action.

    Filename
    Desciption
    /etc/nologin
    If this file exists and the user is not root then the contents of this file will be printed to the screen and the login is terminated.
    /etc/usertty
    If special access restrictions are specified for the user logging in in this file, the restrictions must be met or the log in will be denied and the program syslog will log the attempt.
    /etc/issue
    Next if any content has been stored inside this file is printed on the screen before the password prompt appears. This is basically a pre-login message and identification file.

    Now if the above conditions are met you will get a successful password prompt

    Password Prompt

    Next you get the prompt as shown below where you provide the password for your username(which is hidden as you type).

    But how does the system verifies if the password provided is correct or incorrect?

    If you recall there are two files which stores information about each user's password i.e. /etc/passwd and /etc/shadow, so the password is verified as per the username provided  from the password section inside /etc/passwd and /etc/shadow file.

    From here there are two possibilities whether the password provided is correct or incorrect so we will look into both the scenarios

    Password Incorrect
    • If the provided pasword is incorrect the getty process will be re-initiated again prompting for the password.
    • This will continue till you reach maximum allowed failed attempts of login as defined under the below mentioned files, a login failure message will be reported in syslog facility.
    /etc/pam.d/login,
    /etc/pam.d/system-auth
    /etc/pam.d/sshd (if logging in through ssh)

    • Once the maximum no. of failed attempts is reached the login process is suspended for a timeout value again as defined in /etc/pam.d/system-auth file.
    • In this period you won't be allowed to make another attempt of login. Once the timeout value is finished again you will get a login prompt where you will have to give your username.

    Password Correct
    • The password provided is verified with respect to the encrypted password as present in /etc/shadow.
    • Also other password aging factors are verified in case the password is expired or locked using the same file as well as /etc/passwd.
    • If the provided password ad all other required parameters are correct the getty process will next check for all other functions of the user profile as provided under /etc/passwd and /etc/shadow
    At this point the login program would perform the below task
    • Setting up UID and GID
    • The HOME, PATH, SHELL, TERM, MAIL, and LOGNAME environment variables are set.
    • Setting up environment variables as defined under user's login shell i.e. ~/.bash_profile for /bin/bash shell
    • The users shell is started. The shell is specified in the file "/etc/passwd

    NOTE: If the user has /sbin/nologin or any other shell restricting his/her login access then the below steps would not be executed and the user login process would be terminated here itself.

    • If the file "~/.hushlogin" exists in the user's home directory then a "quiet" login is performed which disables checking of mail and the printing of the last login time and the message of the day.
    • Otherwise if the file "/var/log/lastlog" exists the last login time is printed and then the current login is recorded in this file.
    • Next in case you have added any content to /etc/motd file then that will echoed to the screen. After which you will get you login console in your home directory as specified by user's HOME variable.
    • Another function that login will perform is to update the user accounting login files which are "/var/run/utmp" and "/var/log/wtmp" which hold information about the amount of time users have been on the system along with when they logged on and off.

    Files used by the login program

    Filename
    Description
    /etc/nologin
    This file is used to prevent users from logging into the system.
    /etc/securetty
    Controls the terminals that the root user can login on
    ~/.hushlogin
    When this file exists in the user's home directory, it will prevent check for mail, printing of the last login time, and the message of the day when the user logs in.
    /var/log/lastlog
    Contains information about the last time a login was done on the system.
    /etc/passwd
    Contains information about the user including the ID, name, home directory, and the path to the preferred shell program.

    I would appreciate your feedback in case I missed something or you would like to update my content, do notify me through the below comment box.

    Related Articles:
    How to prevent a command from getting stored in history in Linux
    How to check the lock status of any user account in Linux
    How to track all the successful and failed login attempts by users in Linux
    How to check last login time for users in Linux


    Follow the below links for more tutorials

    How to configure iscsi target using Red Hat Linux
    What are the different types of Virtual Web Hosting in Apache
    Comparison and Difference between VMFS 3 and VMFS 5
    How to configure PXE boot server in Linux using Red Hat 6
    How to secure Apache web server in Linux using password (.htaccess)
    How to register Red Hat Linux with RHN (Red Hat Network )
    15 tips to enhance security of your Linux machine
    How does a DNS query works when you type a URL on your browser?
    How to create password less ssh connection for multiple non-root users
    How to create user without useradd command in Linux
    How to give normal user root privileges using sudo in Linux/Unix
    How to do Ethernet/NIC bonding/teaming in Red Hat Linux
    How to install/uninstall/upgrade rpm package with/without dependencies
    Why is Linux more secure than windows and any other OS
    What is the difference between "su" and "su -" in Linux?
    What is the difference/comparison between Unix and Linux ?

    Friday, September 26, 2014

    How to find all the process accessing a file in Linux

    There might be a case mostly observed while unmounting, you are unable to unmount a share even though as per your knowledge no one is accessing the share. The possible error which you might get is

    Error:
    Device busy
    Mount Point busy
    Text File is busy

    In those cases you need to find out all the processes which are still accessing those paths or files which can be done using lsof or fuser command.

    Solution:
    For example you want to find out all the process which are using /mnt
    # fuser -uvm /mnt
                         USER        PID ACCESS COMMAND
    /mnt:                root       7899 ..c.. (root)bash

    or you can also use
    # lsof /mnt
    COMMAND  PID USER   FD   TYPE DEVICE SIZE   NODE NAME
    bash    7899 root  cwd    DIR   0,18 4096 535032 /mnt (192.168.1.11:/work)


    In case you are pretty sure you want to kill all the process using /mnt run the below command
    # fuser -km /mnt
    /mnt:                 7899c

    Re verify
    # fuser -uvm /mnt
    So now none of the processes are using /mnt and it can be safely unmounted.

    Search for deleted processes occupying the filesystem

    Again I have seen cases where there are some deleted process which still lock the files unless their parent process or application relating to that process is completely executed. To view those files you might need to use extra parameters like as shown below
    # lsof +aL1 /var
    COMMAND PID USER FD TYPE DEVICE SIZE NLINK NODE NAME
    rhn_check 31261 root 8u REG 253,2 22082560 0 327733 /var/cache/yum/prod-03-epel-x86_64-server-5-rhel5/primary.xml.gz.sqlite (deleted)
    rhn_check 31261 root 9u REG 253,2 78848 0 327737 /var/cache/yum/prod-03-likewise-x86_64-client-5-rhel5/primary.xml.gz.sqlite (deleted)
    rhn_check 31261 root 10u REG 253,2 144384 0 327741 /var/cache/yum/prod-03-mssb-x86_64-server-5/primary.xml.gz.sqlite (deleted)
    rhn_check 31261 root 11u REG 253,2 54056960 0 327748 /var/cache/yum/prod-03-rhel-x86_64-server-5/primary.xml.gz.sqlite (deleted)
    rhn_check 31261 root 12u REG 253,2 9275392 0 327752 /var/cache/yum/prod-03-rhel-x86_64-server-supplementary-5/primary.xml.gz.sqlite (deleted)
    rhn_check 31261 root 13u REG 253,2 582656 0 327756 /var/cache/yum/prod-03-rhn-tools-rhel-x86_64-server-5-rhel5/primary.xml.gz.sqlite (deleted)

    Description
    When +L is followed by a number, only files having a link count less than that number will be listed. (No number may follow -L.) A specification of the form +L1 will select open files that have been unlinked. A specification of the form +aL1 <file_system> will select unlinked open files on the specified file system.

    I hope I made myself clear.

    Related Articles:
    How to keep a track of all the commands run by any user in Linux
    How do you check Linux machine is Physical or Virtual remotely?
    df shows 100% full partition even when there is space on the disk
    How to check the lock status of any user account in Linux


    Follow the below links for more tutorials

    How to configure iscsi target using Red Hat Linux
    What are the different types of Virtual Web Hosting in Apache
    Comparison and Difference between VMFS 3 and VMFS 5
    How to configure PXE boot server in Linux using Red Hat 6
    How to secure Apache web server in Linux using password (.htaccess)
    How to register Red Hat Linux with RHN (Red Hat Network )
    15 tips to enhance security of your Linux machine
    How does a DNS query works when you type a URL on your browser?
    How to create password less ssh connection for multiple non-root users
    How to create user without useradd command in Linux
    How to give normal user root privileges using sudo in Linux/Unix
    How to do Ethernet/NIC bonding/teaming in Red Hat Linux
    How to install/uninstall/upgrade rpm package with/without dependencies
    Why is Linux more secure than windows and any other OS
    What is the difference between "su" and "su -" in Linux?

    How to exclude multiple directories from du command in Linux

    In case you don't know du command is used to find out the size of directories and files in Linux. It summarizes disk usage of each FILE, recursively for directories.

    But in case you want to skip out any specific directory from the usage calculation you can use the below steps

    Now I have a directory "work". lets check out the size of the files inside this directory
    [root@nfsserver work]# du -sch *
    1.2G    deep
    58M     dir1
    81M     dir2
    18M     dir3
    595M    myfile.txt
    1.9G    total

    -s, --summarize : display only a total for each argument
    -c, --total : produce a grand total
    -h, --human-readable : print sizes in human readable format (e.g., 1K 234M 2G)

    This gave us an output with size of all the directories inside work. But what if I want to skip "deep" from the calculation?

    Observe the below command
    [root@nfsserver work]# du --exclude=deep -sch *
    58M     dir1
    81M     dir2
    18M     dir3
    595M    myfile.txt
    751M    total

    So as you see "deep" directory was not touched for size calculation. Similarly if you want to exclude multiple directories use the below method
    [root@nfsserver work]# du --exclude=deep --exclude=dir1 --exclude=dir2 -sch *
    18M     dir3
    595M    myfile.txt
    613M    total

    You can also sort the output according to the size of the files using below command
    # du -sch * | sort -h -r
    1.9G    total
    1.2G    deep
    595M    myfile.txt
    81M     dir2
    58M     dir1
    18M     dir3

    I hope I made my self clear.

    Related Articles:
    How to check the lock status of any user account in Linux
    How to exclude some directories from find command in Linux
    How to mount windows share on linux

    Follow the below links for more tutorials

    How to secure Apache web server in Linux using password (.htaccess)
    How to register Red Hat Linux with RHN (Red Hat Network )
    Red hat Enterprise Linux 5.5 Installation Guide (Screenshots)
    15 tips to enhance security of your Linux machine
    Why is Linux more secure than windows and any other OS
    What is the difference between "su" and "su -" in Linux?
    What is swappiness and how do we change its value?
    How to log iptables messages in different log file
    What are the s and k scripts in the etc rcx.d directories
    How to check all the currently running services in Linux
    How to configure PXE boot server in Linux using Red Hat 6
    How to detect new hard disk attached without rebooting in Linux
    How to detect new NIC/Ethernet card without rebooting in Linux

    How to configure autofs in Linux and what are its advantages?

    I have already written an article to configure NFS server which you can go to using the below link

    What is Autofs?

    Autofs is used to automatically mount any filesystem on demand as and when you access them and not only it will mount automatically but it can automatically unmount any filesystem when not in used for a particular predefined timeout value.

    Why should I use Autofs ?

    I understand a question which generally pops up in people's mind that even putting nfs share entry in /etc/fstab makes it auto mountable so how does it differs from autofs? Well as I defined above autofs is not only/at all about mounting the share on every reboot.

    Take a scenario where a nfs share is supposed to be mounted at boot but it is not accessibe due to some reasons which will lead to delayed startup or even there might be a case when your OS will not at all boot up.

    Advantages of AutoFS

    • Shares are accessed automatically and transparently when a user tries to access any files or directories under the designated mount point of the remote filesystem to be mounted.
    • Booting time is significantly reduced because no mounting is done at boot time.
    • Network access and efficiency are improved by reducing the number of permanently active mount points.
    • Failed mount requests can be reduced by designating alternate servers as the source of a filesystem.

    How to resize software raid partition in Linux

    In my last article I showed you steps to configure software RAID 1 in Linux. Now in this article I will show you steps to add/remove partitions from your raid partition.

    While configuring RAID it is always advised to add a spare partition to your raid device so that in case of any hard disk failure the spare partition can be utilized

    Lets add a new virtual hard disk to our machine.

    To keep this article strictly on the roadmap I will assume that you already have created a new partition and changed the partition type from default to "Linux RAID". If not you can follow my last article where I had explained in detail to do the same.

    So we will now just add the new partition to our raid device
    # mdadm --manage /dev/md0 --add /dev/sdd1
    mdadm: added /dev/sdd1