Archive
Tag "Linux"

Any ded­i­cated server host­ing some web­sites that get mean­ing­ful traf­fic will quickly our­grow Cpanel's default /tmp folder size of 512MB. It houses PHP ses­sion files, tem­po­rary file uploads, your data­base tem­po­rary files, your web server's cache includ­ing the one from caches such as APC or eAc­cel­er­a­tor, and other such stuff.

With the tmp par­ti­tion full, the server will expe­ri­ence many ran­dom issues such as server crashes. Your sites will quickly go down and leave you head-scratching.

For­tu­nately, it's quite easy to resize the /tmp par­ti­tion on cPanel servers — espe­cially if it is the default one cre­ated by cPanel installs. There's a handy script at /scripts/securetmp.

Open this file:

pico /scripts/securetmp

And find this line:

my $tmpdsksize = 512000; # Must be larger than 250000

Change it to a larger num­ber than 512 MB. Say you want it to be 2 GB:

my $tmpdsksize = 2097152; # 2GB for the /tmp folder

Now close and save the file.

We need to stop all ser­vices that may be using this folder. For me, this includes MySQL, Apache and Nginx.

service mysql stop
service nginx stop
service httpd stop

Now we will sim­ply unmount the /tmp folder and recre­ate it. Here's the sequence of com­mands to cre­ate it:

lsof /tmp
umount -l /tmp
umount -l /var/tmp
rm -fv /usr/tmpDSK
/scripts/securetmp

Done. You can ver­ify the size of the /tmp folder among others:

df -h

This should show you some­thing like this:

...
/usr/tmpDSK ext3 2.0G 996M 1.1G 51% /tmp
...

NOTE: If you have any prob­lems, for instance, the size of the recre­ated /tmp folder is not really 2GB despite that code in the /scripts/securetmp we changed, it may be because of some set­tings you have in the /etc/fstab file. Take a look at it and com­ment out any lines that inter­fere with the LABEL for /tmp mount.

Read More

Any­one who runs hosted remote servers and has to log into remote ter­mi­nals for reg­u­lar use, it is vital to have short­cuts that allow for quick login. SSH2 is the rec­om­mended way.

On Win­dows, there is the fan­tas­tic SSH2 tool Secure­CRT. Or if you're cash crunched, a com­bi­na­tion of Putty and Putty Con­nec­tion Man­ager works for many.

On Mac OSX and Unix/Linux sys­tems, one doesn't truly need an SSH client at all, because the "Ter­mi­nal" appli­ca­tion is inbuilt. Peo­ple talk of iTerm and such, but I have still to see a value add for such tools.

But one does miss the con­ve­nience of Secure­CRT on OSX, because I have still to find a true Secure­CRT alter­na­tive for the Mac plat­form. Some­thing that allows me to make pre-determined con­nec­tions so I can just click on them to con­nect (which tools like Jel­ly­fiSSH do) and then logs me in directly with­out prompt­ing for a pass­word (which Jel­ly­fiSHH does not do).

So I have sim­ply made aliases in my [code].profile[/code] file, which gets exe­cuted every­time you start your Ter­mi­nal win­dow (so it's a good place to put your short­cuts and any code you wish to exe­cute when the ter­mi­nal starts, such as paths).

  1. Start the Terminal.
  2. Open the pro­file file for the cur­rent user (you).
  3. pico .profile
  4. Enter a new line for our shortcut.
  5. alias s='ssh -2 -p 22 user@host.com'

Quick expla­na­tion for that com­mand in step 3. The let­ter "s" is the short­cut I make for con­nect­ing to the sniptools.com server. Change it to what you wish. This will mean that when I start Ter­mi­nal, all I need to do is type "s" and it con­nects me via SSH to the sniptools.com server. The "-p" switch is an impor­tant one because some of us with para­noid secu­rity set­tings might have a dif­fer­ent port num­ber than the default port 22 for secure SSH. The rest user/host stuff is self-explanatory. The "-2" is to force SSH2 con­nec­tions instead of older vanilla SSH.

Now. Save the pro­file file and source it to try it out:

source .profile

Sourc­ing is only for this one time, for your cur­rent Ter­mi­nal win­dow, which had already exe­cuted the pro­file file *before* we added this alias. When you start a new Ter­mi­nal ses­sion, these aliases et al will be auto­mat­i­cally set for you.

Done. Now your pro­file has the alias for "s". From now when you type "s" in your Ter­mi­nal, it will con­nect, but it will ask you for a pass­word. To get rid of the nag­ging pass­word, we need to cre­ate pub­lic authen­ti­ca­tion key for the domain. This, in fact is what Secure­CRT does behind the scenes on Win­dows too.

Here are the steps to accom­plish this. Run these one-time com­mands in order from the Ter­mi­nal window.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# generate pub and priv keys, leave the passphrase empty
# (simply press ENTER when asked for it)
ssh-keygen
 
#copy the pub key to the remote computer
#(change port number if different from the usual 22)
#change "user" to your user name
#change "host" to your domain name
scp -P 22 ~/.ssh/id_rsa.pub user@host:~/
 
#log on to the remote computer
ssh -p 22 user@host
 
#create the .ssh directory in the root login directory, if it doesn't already exist
mkdir .ssh
 
#append key to file
cat id_rsa.pub >> ~/.ssh/authorized_keys
 
#delete the public key file, no longer needed
rm -f id_rsa.pub
 
#log off the remote server
exit
 
#logon to the remote server, without password prompt
ssh -2 -p 22 user@host

That's it. This is a huge time­saver. Now all I need to do to login to the sniptools.com server is type one let­ter, "s" in the Ter­mi­nal, and I'm on! Fol­low these instruc­tions for each host you con­nect to on a reg­u­lar basis and you'll love the con­ve­nience henceforth.

Read More

Post­greSQL is a full-fledged enterprise-grade data­base brought into the pub­lic domain. Many home­made web­mas­ters now have to deal with what is a very viable — if not an out­right bet­ter — alter­na­tive to the rag­ing pop­u­lar­ity of a sig­nif­i­cantly sim­pler MySQL.

Yet, for all its mer­its and addic­tive fea­tures, Post­greSQL is a beast to upgrade between major ver­sion releases.

If you were going from 8.2.x to the lat­est sta­ble at the time of this writ­ing, 8.3.x, then the move from the 8.2 series to 8.3 would require you to dump/restore your entire data­base. Not a sim­ple chore if you have a 100 GB worth of crit­i­cal data, but you have no choice as the innards of PG typ­i­cally change between "major upgrades". For this, repli­ca­tion tech­nolo­gies such as Slony are a use­ful option as you can install the new data­base sep­a­rately, repli­cate the data over, and then make a switch when the two data­bases are mir­rored — thereby avoid­ing the down­time of the has­sle (here's an infor­ma­tive PGCON pre­sen­ta­tion).

For­tu­nately, minor ver­sion upgrades are much simpler.

No dump/restore is needed. If you were to go from, say 8.2.3 to 8.2.9, all you would have to do is to upgrade the RPMs. I'm assum­ing Linux here but the same would work for other platforms.

  1. Check what ver­sion you have cur­rently installed:
    rpm -qa | grep postgres | tee /root/rpm_pgsql
  2. Stop your post­gres server
    /sbin/service postgresql stop
  3. We will now sim­ply exe­cute the RPM upgrade com­mand, which of course assumes that you have the lat­est RPMs down­loaded from the PG web­site. Notice below that they're all lumped into the same com­mand to pre­vent any (unlikely) pos­si­bil­ity of depen­dency issues, so make sure all of this appears on one line — the back­slash is included here for for­mat­ting (so it won't break on the com­mand line).
    rpm -Uvh 
      postgresql-8.2.9-1PGDG.rhel4.i386.rpm 
      postgresql-contrib-8.2.9-1PGDG.rhel4.i386.rpm 
      postgresql-devel-8.2.9-1PGDG.rhel4.i386.rpm 
      postgresql-libs-8.2.9-1PGDG.rhel4.i386.rpm 
      postgresql-server-8.2.9-1PGDG.rhel4.i386.rpm
  4. Hope­fully that went with­out a hitch. Now restart the post­gresql server:
    service postgresql restart

That's it. That should do it. It is highly unlikely that you'll see errors. And if you're run­ning an older 8.2.x, it's highly rec­om­mended you upgrade to 8.2.9 any­way due to per­for­mance increases and some bug fixes.

Read More

There are sev­eral ways to do this, the most preva­lent among sys admins being this:

find {/path/to/folder/} -type f -size +{size-in-kb}k -exec ls -lh {} \; | awk '{ print $9 ": " $5 }'

Which lists the largest files in the folder /path/to/folder. You could just use the ls com­mand too, as such:

ls -lhS

But there is a sim­pler, more effi­cient method to do this:

du -xak .|sort -n|tail -50

But the best method involves a small Perl hack that shows a very neatly laid out list­ing of largest files:

du -k | sort -n | perl -ne 'if ( /^(\d+)\s+(.*$)/){$l=log($1+.1);$m=int($l/log(1024)); printf  ("%6.1f\t%s\t%25s  %s\n",($1/(2**(10*$m))),(("K","M","G","T","P")[$m]),"*"x (1.5*$l),$2);}'
Read More