Wednesday, April 27, 2011

How to Reset debian Root Password

If you forgot your root password for your debian server use the following procedure to reset.
Boot to the GRUB menu. Then, press <e> (for edit) before Linux has a chance to boot.

Using your keyboard arrow keys, move the cursor down a line or so, and press <e> (for edit) again, you should now be on the kernel line, and press <End> to go out to the very end of that line. Now hit the spacebar once, if necessary, to add a space, and then add one of the folllowing:
init=/bin/bash
or
init=/bin/sh
Then press <Enter>, and you’re back at the kernel line, press <b> (for boot) and the computer will proceed to boot to a root prompt.
At this point, the root file system is still mounted read-only, so enter the following command:
mount -n -o remount,rw /
Then type:
passwd
Enter your new password. Retype if asked to confirm.
Then restart the machine by typing:
reboot
Now you should be able to login with your new root password as required.

Monitoring Debian Servers Using Monit

monit is a utility for managing and monitoring, processes, files, directories and devices on a UNIX system. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations.
Monit Features
* Daemon mode - poll programs at a specified interval
* Monitoring modes - active, passive or manual
* Start, stop and restart of programs
* Group and manage groups of programs
* Process dependency definition
* Logging to syslog or own logfile
* Configuration - comprehensive controlfile
* Runtime and TCP/IP port checking (tcp and udp)
* SSL support for port checking
* Unix domain socket checking
* Process status and process timeout
* Process cpu usage
* Process memory usage
* Process zombie check
* Check the systems load average
* Check a file or directory timestamp
* Alert, stop or restart a process based on its characteristics
* MD5 checksum for programs started and stopped by monit
* Alert notification for program timeout, restart, checksum, stop resource and timestamp error
* Flexible and customizable email alert messages
* Protocol verification. HTTP, FTP, SMTP, POP, IMAP, NNTP, SSH, DWP,LDAPv2 and LDAPv3
* An http interface with optional SSL support to make monit accessible from a webbrowser
Install Monit in Debian
#apt-get install monit
This will complete the installation with all the required software.
Configuring Monit
Default configuration file located at /etc/monit/monitrc you need to edit this file to configure your options
Sample Configuration file as follows and uncomment all the following options
## Start monit in background (run as daemon) and check the services at 2-minute
## intervals.
#
set daemon 120
## Set syslog logging with the ‘daemon’ facility. If the FACILITY option is
## omited, monit will use ‘user’ facility by default. You can specify the
## path to the file for monit native logging.
#
set logfile syslog facility log_daemon
## Set list of mailservers for alert delivery. Multiple servers may be
## specified using comma separator. By default monit uses port 25 - it is
## possible to override it with the PORT option.
#
set mailserver localhost # primary mailserver
## Monit by default uses the following alert mail format:
From: monit@$HOST # sender
Subject: monit alert -- $EVENT $SERVICE # subject
$EVENT Service $SERVICE
Date: $DATE
Action: $ACTION
Host: $HOST # body
Description: $DESCRIPTION
Your faithful,
monit
## You can override the alert message format or its parts such as subject
## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc.
## are expanded on runtime. For example to override the sender:
#
set mail-format { from: monit@monitorserver.com }
## Monit has an embedded webserver, which can be used to view the
## configuration, actual services parameters or manage the services using the
## web interface.
#
set httpd port 2812 and
use address localhost # only accept connection from localhost
allow localhost # allow localhost to connect to the server and
allow 172.29.5.0/255.255.255.0
allow admin:monit # require user ‘admin’ with password ‘monit’
# Monitoring the apache2 web services.
# It will check process apache2 with given pid file.
# If process name or pidfile path is wrong then monit will
# give the error of failed. tough apache2 is running.
check process apache2 with pidfile /var/run/apache2.pid
#Below is actions taken by monit when service got stuck.
start program = “/etc/init.d/apache2 start”
stop program = “/etc/init.d/apache2 stop”
# Admin will notify by mail if below of the condition satisfied.
if cpu is greater than 60% for 2 cycles then alert
if cpu > 80% for 5 cycles then restart
if totalmem > 200.0 MB for 5 cycles then restart
if children > 250 then restart
if loadavg(5min) greater than 10 for 8 cycles then stop
if 3 restarts within 5 cycles then timeout
group server
#Monitoring Mysql Service
check process mysql with pidfile /var/run/mysqld/mysqld.pid
group database
start program = “/etc/init.d/mysql start”
stop program = “/etc/init.d/mysql stop”
if failed host 127.0.0.1 port 3306 then restart
if 5 restarts within 5 cycles then timeout
#Monitoring ssh Service
check process sshd with pidfile /var/run/sshd.pid
start program “/etc/init.d/ssh start”
stop program “/etc/init.d/ssh stop”
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout
You can also include other configuration files via include directives:
include /etc/monit/default.monitrc
include /etc/monit/mysql.monitrc
This is only sample configuration file. The configuration file is pretty self-explaining; if you are unsure about an option, take a look at the monit documentation http://www.tildeslash.com/monit/doc/manual.php
After configuring your monit file you can check the configuration file syntax using the following command
#monit -t
Once you don’t have any syntax errors you need to enable this service by changing the file /etc/default/monit
# You must set this variable to for monit to start
startup=0
to
# You must set this variable to for monit to start
startup=1
Now you need to start the service using the following command
#/etc/init.d/monit start
Monit Web interface
Monit Web interface will run on the port number 2812.If you have any firewall in your network setup you need to enable this port.
Now point your browser to http://yourserverip:2812/ (make sure port 2812 isn’t blocked by your firewall), log in with admin and monit.If you want a secure login you can use https check here
Monitoring Different Services
Here’s some real-world configuration examples for monit. It can be helpful to look at the examples given here to see how a service is running, where it put its pidfile, how to call the start and stop methods for a service, etc. Checkhere for more examples.

Display top CPU processes Using htop

htop is a very competent interactive process viewer for the shell, providing all the functionality - and more - that the top utility does, in an easier and more intuitive way. htop provides easy-to-use menus for most operations and also has support for using a mouse.
htop is an easier to use and friendlier version of top. While it hasn’t as much time behind it and therefore is less tested, it seems to work very well both locally and over SSH, and it’s well worth taking it for a spin. It’s just one of those small utilities that makes life a bit easier.
Install htop in debian
#apt-get install htop
This will complete the installation.Now if you want to check this application just type the following command from your terminal
#htop
You should see the following screen

If you want to know about the more available option check htop man page
Comparison between htop and top
In ‘htop’ you can scroll the list vertically and horizontally to see all processes and complete command lines.
In ‘top’ you are subject to a delay for each unassigned key you press (especially annoying when multi-key escape sequences are triggered by accident).
‘htop’ starts faster (‘top’ seems to collect data for a while before displaying anything).
In ‘htop’ you don’t need to type the process number to kill a process, in ‘top’ you do.
In ‘htop’ you don’t need to type the process number or the priority value to renice a process, in ‘top’ you do.
‘htop’ supports mouse operation, ‘top’ doesn’t
‘top’ is older, hence, more used and tested.

How to install 4pane file manager in debian Squeeze/Lenny

4Pane is a multi-pane, detailed-list file manager for Linux. It is designed to be fully-featured without bloat, and aims for speed rather than visual effects. In addition to standard file manager things, it offers multiple undo and redo of most operations (including deletions), archive management including ‘virtual browsing’ inside archives, multiple renaming/duplication of files, a terminal emulator and user-defined tools.

Install 4pane in debian squeeze and lenny
Edit /etc/apt/sources.list file
gksudo gedit /etc/apt/sources.list
Add one of the following line
For debian squeeze users
deb http://www.4pane.co.uk/debian/ squeeze contrib
For debian lenny user
deb http://www.4pane.co.uk/debian/ lenny contrib
Save and exit the file
Add GPG key
sudo apt-key adv --fetch-keys http://www.4pane.co.uk/4Pane.asc
Update source list
sudo apt-get update
Install 4pane
sudo apt-get install 4pane

Recover Data From a dead hard drive using dd

The ‘ dd ‘ command is one of the original Unix utilities and should be in everyone’s tool box. It can strip headers, extract parts of binary files and write into the middle of floppy disks; it is used by the Linux kernel Makefiles to make boot images. It can be used to copy and convert magnetic tape formats, convert between ASCII and EBCDIC, swap bytes, and force to upper and lowercase.
For blocked I/O, the dd command has no competition in the standard tool set. One could write a custom utility to do specific I/O or formatting but, as dd is already available almost everywhere, it makes sense to use it.
Hard drive failures can occur for many reasons one of the most common thing every user can observer is if your hard disk is having some problems it does make some clicking noise this is one hint i would suggest every user can follow.
If you don’t hear any clicking noise it might be some electonics failure in such cases you can use hdparm to turn off some advanced drive features that will get around the part of the electronic component that has failed.Most important setting is turnning off DMA access.If you want more details about hdparm check this article.
Like most well-behaved commands, dd reads from its standard input and writes to its standard output, unless a command line specification has been given. This allows dd to be used in pipes, and remotely with the rsh remote shell command.
Unlike most commands, dd uses a keyword=value format for its parameters. This was reputedly modeled after IBM System/360 JCL, which had an elaborate DD ‘Dataset Definition’ specification for I/O devices. A complete listing of all keywords is available from GNU dd with.
dd Syntax
dd [OPERAND]…
or: dd OPTION
# dd --help
This will provide all the available options for dd
For more options check dd man page here
Using dd you can create backups of an entire harddisk or just a parts of it. This is also usefull to quickly copy installations to similar machines. It will only work on disks that are exactly the same in disk geometry, meaning they have to the same model from the same brand.
Creating a hard drive backup directly to another hard drive
dd bs=4k if=/dev/hdx of=/dev/hdy conv=noerror,sync or dd bs=4k if=/dev/hdx of=/path/to/image conv=noerror,sync
Now we i will explain above example one by one
if=file
Specifies the input path. Standard input is the default.
of=file
Specifies the output path. Standard output is the default. If the seek=expr conversion is not also specified, the output file will be truncated before the copy begins, unless conv=notrunc is specified. If seek=expr is specified, but conv=notrunc is not, the effect of the copy will be to preserve the blocks in the output file over which dd seeks, but no other portion of the output file will be preserved. (If the size of the seek plus the size of the input file is less than the previous size of the output file, the output file is shortened by the copy.)
bs=n
Sets both input and output block sizes to n bytes, superseding ibs= and obs=. If no conversion other than sync, noerror, and notrunc is specified, each input block is copied to the output as a single block without aggregating short blocks.
conv=value[,value. . . ]
Where values are comma-separated symbols
noerror
Does not stop processing on an input error. When an input error occurs, a diagnostic message is written on standard error, followed by the current input and output block counts in the same format as used at completion. If the sync conversion is specified, the missing input is replaced with null bytes and processed normally. Otherwise, the input block will be omitted from the output.
sync
Pads every input block to the size of the ibs= buffer, appending null bytes. (If either block or unblock is also specified, appends SPACE characters, rather than null bytes.)
Compression Backup
dd if=/dev/hdx | gzip > /path/to/image.gz
Hdx could be hda, hdb etc. In the second example gzip is used to compress the image if it is really just a backup.
Restore Backup of hard disk copy
dd if=/path/to/image of=/dev/hdx
gzip -dc /path/to/image.gz | dd of=/dev/hdx
MBR backup
In order to backup only the first few bytes containing the MBR and the partition table you can use dd as well.
dd if=/dev/hdx of=/path/to/image count=1 bs=512
MBR restore
dd if=/path/to/image of=/dev/hdx
Add “count=1 bs=446″ to exclude the partition table from being written to disk. You can manually restore the table.
More Examples
dd bs=4k if=/dev/sda1 of=/dev/sda2/backup.img conv=noerror,sync
This command is used often to create a backup of a drive (/dev/sda1) directly to another hard drive (/dev/sda2). The option “bs=4k” is used to specify the block size used in the copy. The default for the dd command is 512 bytes: use of this small block size can result in significantly slower copying. However, the tradeoff with larger block sizes is that when an error is encountered, the remainder of the block is filled with zero-bytes. So if you increase your block size when copying a failing device, you’ll lose more data but also spend less time trying to read broken sectors.
If you’re limited on local space you can use a pipe to gzip instead of the “of=” option.
dd bs=1024 if=/dev/sda1 conv=noerror,sync | gzip -9 > /dev/sda2/backup.dmg.gz
Here dd is making an image of the first harddrive, and piping it through the gzip compression program. The compressed image is then placed in a file on a seperate drive.

Backup Basics and Different types of backup

Most of the people want to know about the backups because one of the other day you will definitely need backup of your data.There are many different types of backups and here i try to cover some of them.If something is missing or something need to be added to this article you can post your suggestions.

Why do you need backup?
Backups are needed in case a file or a group of files is lost. The reasons for losing files include
Hardware failure like disk breaking,accidentally deleting wrong file and computer being stolen.
Backups help in all the above situations. In addition, it may be good to have access to older versions of files, for example a configuration file worked a week ago, but since then it has been changed and nobody remembers how, its just not working anymore.
There are other solutions, and they are good to have if you can afford them. These include
redundant disks (RAID 1 or 5), so that one disk can break without loss of data,using an undelete system (or not making mistakes when deleting files locking up computers.
These help, but if there is anything you do not want to lose on the computer, make sure there are backups and they can be restored.
What to backup?
If there is room on the backup media, and time limits permit running backups long enough, it probably is wisest to back up everything. You may skip /tmp or other places where it is known there are only temporary files that nobody wants to backup.
If space or time limits place restrictions, consider not backing up the following
Files that come directly from a CD or other removable media. It may even be faster to copy them again from CD than restoring from backup media.
Files that can be regenerated easily. For example, object files that can be made with make. Just make sure all the source files and compilers are backed up.
If the Internet connection is fast, it may be easy enough to download files again. Just keep a list of the files and where to download them from.
Backup devices and media
You need some media to store the backups. It is preferable to use removable media, to store the backups away from the computer and to get “unlimited” storage for backups.
If the backups are on-line, they can be wiped out by mistake. If the backups are on the same disk as the original data, they do not help at all if the disk fails and is not readable anymore. If the backup media is cheap, it is possible to take a backup every day and store them indefinitely.
Floppy,Disk,Tapes,CD-R and CD-RW are the medias available for backup
Planning a Backup
Before doing a backup, plan it carefully. Consider
Which files are irreplaceable without a back up. Irreplaceable files probably include those in users’ home directories (including /root), and configuration files, such as those in the /etc/ directory.
Which files are on removable drives, such as cd s or floppies. Since you probably do not need to back up removable drives, you might unmount them before doing a complete system backup.
Which files can be easily replaced by installing a package or doing a selective install or upgrade of the operating system. You can save time and storage space by not including these files in a backup.
Which files are unnecessary or dangerous to backup. For example, files in /tmp are probably unnecessary, while restoring some files that are in the /proc directory could crash the system.
Whether to compress files using gzip or bzip2 . Compressing saves space, but adds another step to the backup. Also, while compression is generally reliable, it creates another stage at which the process can fail.
Whether users are responsible for backing up their own files. Since only the root user has full permissions for all files on the system, usually backups are best done by the root user. However, if users back up their own files, you might omit backing up the home directory, or at least not back it up regularly.
Choosing a Backup Tool
Linux has several tools for backing up and restoring files
dump / restore : Old tools that work with filesystems, rather than files, and can back up unmounted devices. Although you can easyly control what is backed up with dump by editing a single column in the /etc/fstab file, for some reason these utilities have fallen into disuse. Today, many distributions of Linux, including Debian, do not even include them by default. If you want to use dump and restore , you must install them yourself.
tar : A standard backup tool, and by far the easiest to use. It is especially useful for backing up over multiple removable devices using the -M option.
cpio : A very flexible command, but one that is hard to use because of the unusual way in which the command must be entered.
dd : The dd command is one of the original Unix utilities and should be in everyone’s tool box. It can strip headers, extract parts of binary files and write into the middle of floppy disks; it is used by the Linux kernel Makefiles to make boot images.
Mondo : Mondo is reliable. It backs up your GNU/Linux server or workstation to tape, CD-R, CD-RW, DVD-R[W], DVD+R[W], NFS or hard disk partition. In the event of catastrophic data loss, you will be able to restore all of your data [or as much as you want], from bare metal if necessary. Mondo is in use by Lockheed-Martin, Nortel Networks, Siemens, HP, IBM, NASA’s JPL, the US Dept of Agriculture, dozens of smaller companies, and tens of thousands of users.
Dar: dar is a shell command that backs up directory trees and files. It has been tested under Linux, Windows, Solaris, FreeBSD, NetBSD, MacOS X and several other systems
Many commercial or free software back up tools are also available.
Types of Backup
There are different kinds of backups, the following lists some of them:
Full Backup
Full backup is the starting point for all other backups, and contains all the data in the folders and files that are selected to be backed up. Because full backup stores all files and folders, frequent full backups result in faster and simpler restore operations. Remember that when you choose other backup types, restore jobs may take longer.
Advantages
Restore is the fastest
Disadvantages
Backing up is the slowest
The storage space requirements are the highest
Incremental Backup
Incremental backup means backing up everything that has changed since last full backup.
Advantages
Backing up is the fastest
The storage space requirements are the lowest
Disadvantages
Restore is the slowest
Differential Backup
Differential seems to be another name for incremental.differential backup offers a middle ground by backing up all the files that have changed since the last full backup
Advantages
Restore is faster than restoring from incremental backup
Backing up is faster than a full backup
The storage space requirements are lower than for full backup
Disadvantages
Restore is slower than restoring from full backup
Backing up is slower than incremental backup
The storage space requirements are higher than for incremental backup
Network Backup
Network backup usually means backing up a client to a backup server, this means the client sends the files to the server and the server writes them to backup medium.
Dump Backup
Dump backups are not ordinary file by file backups. The whole disk partition or file system is “dumped” to the backup medium as is. This means it is also necessary to restore the whole partition or file system at one go. The dump backup may be a disk image, which means it must be restored to a similar disk with same disk geometry and bad blocks in same places. Watch out for this.
Level 0 - 9 Backup
Level 0 to 9 backups are a finer grained version of incremental backups. Level N backup means backing up everything that has changed since a same or lower lever backup.
Check the backup can be restored, with original file owners, permissions and timestamps.
To be useful, you must be able to restore the backup. Very often not only the contents of file are important, but their time stamps, permissions and owners. Check that you can restore the backup so that all these are preserved.