Yearly Archives: 2017

YUM automatic updates! Save your valuable time!

Learn how to schedule YUM automatic updates to upgrade all system packages to the available latest version in the background without manual intervention!

Set YUM to update packages automatically

Recently we published a post about how to update packages in the RHEL system using YUM. In this post, we have explained how to update single or multiple packages and even all packages at once using the command line. But these ways are manual tasks and needs human intervention to complete them.

In this post, we will see how to set automatic updates using YUM-cron. This will save sysadmin time which is invested in updating packages manually.

Setting this up is not recommended in the production system since they always need a risk analysis of their environment before processing updates.

Setting YUM automatic updates in production servers not recommended. Since production servers seek analysis on who updates will impact the operation of the server and its hosted apps. And this process is completely automatic and runs in the background, it’s advisable to refrain implementing it on critical servers.

YUM-cron is service available on RHEL which runs in background and updates packages on the system automatically. It’s like cron for YUM like we have crons for scripts/commands in Linux. It’s available with the package name yum-cron. Let’s see stepwise install and configure the process of it.

Install yum-cron

yum-cron package is available on optional and supplementary channels. Your YUM should be configured to fetch packages from these channels. Install these packages using :

# yum install yum-cron

Once installed, you need to enable this service since its disabled by default. Enable service using chkconfig & start it manually:

# chkconfig yum-cron on
# service yum-cron start

Configure yum-cron:

yum-cron configuration file is /etc/sysconfig/yum-cron & /etc/sysconfig/yum-cron-houely.conf. In this configuration file, you can set the frequency and extent of updates.

It has majorly three important fields to set as highlighted below :

# Whether a message should emitted when updates are available.
update_messages = yes

# Whether updates should be downloaded when they are available. Note
# that updates_messages must also be yes for updates to be downloaded.
download_updates = yes

# Whether updates should be applied when they are available.  Note
# that both update_messages and download_updates must also be yes for
# the update to be applied
apply_updates = yes

In the hourly conf file you can set security updates with below settings to make sure your system running latest secured packages and not missing any important security update :

#  What kind of update to use:
# default                            = yum upgrade
# security                           = yum --security upgrade
# security-severity:Critical         = yum --sec-severity=Critical upgrade
# minimal                            = yum --bugfix update-minimal
# minimal-security                   = yum --security update-minimal
# minimal-security-severity:Critical =  --sec-severity=Critical update-minimal

You can also configure email ID so that notification will be sent out after yum-cron finishes its tasks. This can be defined against MAILTO or email_to variable in the configuration file.

Once configuration is done restart yum-cron service.

That’s it! you are done. Now yum-cron service runs in the background quietly. It will update packages on the system (configured as per extent) on time set by frequency in the config and send you an email notification (if configured). You can use your valuable time in other sysadmin tasks!

4 tools to download any file using the command line in Linux

Leave a reply

Learn how to download any file using the command line from the internet or FTP servers to your Linux server. Get files in your server in seconds!

How to download any file using command line

There are many times when you want a file on your Linux server from the Internet or FTP server and you are on command line terminal! When using the GUI of Linux, it’s easy to get files by using browsers but for command-line, it’s a little bit difficult.

We have 4 tools here to help you with the task! They are :

wget
curl
elinks
w3m

wget

Most popular utility! wget is a package you can install and use it right out of the box. You can install it with YUM or APT package. Once installed you can use it with supplying URL of the targeted download.

# wget https://kerneltalks.com/image.png
--2017-03-05 06:56:54--  https://kerneltalks.com/image.png
Resolving kerneltalks.com... 208.91.198.91
Connecting to kerneltalks.com|208.91.198.91|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 12477 (12K) [image/png]
Saving to: “image.png”

100%[===================================================================================================================>] 12,477      --.-K/s   in 0s

2017-03-05 06:56:55 (782 MB/s) - “image.png” saved [12477/12477]

In the above example, we have downloaded one picture file from the internet! The file will be saved in your present working directory by default.

# wget ftp://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/s/systemd-233-2.fc27.x86_64.rpm
--2017-03-05 06:58:54--  ftp://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/s/systemd-233-2.fc27.x86_64.rpm
           => “systemd-233-2.fc27.x86_64.rpm.1”
Resolving rpmfind.net... 195.220.108.108
Connecting to rpmfind.net|195.220.108.108|:21... connected.
Logging in as anonymous ... Logged in!
==> SYST ... done.    ==> PWD ... done.
==> TYPE I ... done.  ==> CWD (1) /linux/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/s ... done.
==> SIZE systemd-233-2.fc27.x86_64.rpm ... 3179496
==> PASV ... done.    ==> RETR systemd-233-2.fc27.x86_64.rpm ... done.
Length: 3179496 (3.0M) (unauthoritative)

100%[===================================================================================================================>] 3,179,496   1.85M/s   in 1.6s

2017-03-05 06:58:57 (1.85 MB/s) - “systemd-233-2.fc27.x86_64.rpm.1” saved [3179496]

In this example, we used wget to download file from the FTP server. It used anonymous login to get into the server and download the file!

There are several options which you can use according to your requirement. The listing below a few important ones.

-b: send copy progress in the background
-c: continue download (broken or paused download resume)
-r: recursive (download all files in destination)
-A file extension: download only files with the specified extension

curl

Curl is a simple downloader that supports many protocols for file transfer few being FTP, HTTP, HTTPS, telnet, etc. It can be installed using the same above method yum install curl or apt-get install curl.

Curl renders file downloaded to its best-known way. Like if you try to download HTML URL then it will render it and shows you HTML code on terminal :

# curl https://kerneltalks.com
<!DOCTYPE html><html lang="en-US" prefix="og: http://ogp.me/ns# fb: http://ogp.me/ns/fb#"><head ><meta charset="UTF-8" /><title>Kernel Talks - Unix, Linux & scripts.</title><meta name="viewport" content="width=device-width, initial-scale=1" /><meta name="google-site-verification" content="jeFc7PXM8ZxDY5awb8nCCD5-bYwj5S7bwsAIgp1JIgU" /><meta name="msvalidate.01" content="920806CD9A79B08EC8477C0D440658A4" /><meta name="p:domain_verify" content="738d0b16e329ab01cc894a68d2adda34" /><meta name="yandex-verification" content="bd079834c4df4ebf" />
------output clipped-----

See the above example where it shows the HTML code of URL. Same way if you get text file it will show you text file content on the terminal.

To only download the file without trying to read/open it on terminal use option -o with curl.

# curl -O  ftp://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/s/systemd-233-2.fc27.x86_64.rpm
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 3104k  100 3104k    0     0   361k      0  0:00:08  0:00:08 --:--:--  618k

It will download file and progress will be shown on terminal in real time.

elinks

elinks is a text-based browser that supports colors, rendering, tabbed menus, etc. Mostly it’s preloaded with Installations but if not you can install it using yum or apt-get. Let try to download website using elinks https://kerneltalks.com :

Above example shows elinks renders website in text mode (kind of) on terminal!

If you try to download image (or any type of) file it will show you below the GUI screen (within the terminal) with options to choose from what to do next. If you choose to save then it will download a file and keep it.

w3m

The last tool of this article to download internet-based files is w3m. w3m is a text-based www (world wide web) client. Installation steps remain same yum/apt-get install w3m

It also opens up a text-mode GUI screen like elinks and gives you interactive options to choose actions. w3m ftp://rpmf...../...86_64.rpm opens :

If you right-click on the terminal window (normally we don’t!!) it does show you a menu you can use to perform various actions.

You can navigate through this menu using keyboard arrow keys or even using mouse clicks. You can even use short cut keys defined for each menu item in brackets beside them.

All user interactive commands/options are shown in the lower-left corner of the terminal and choices can be submitted there only.

In all, if you are looking for a simple tool, less eye-rolling on-screen, a fast way to get the file on the server then wget is the choice you should make IMHO! Let me know which command-line tool you use for downloading internet files in comments.

How to upgrade package using YUM in RHEL

Leave a reply

Learn step by step to upgrade the package using YUM on the RHEL system. Insights into how the package upgrade process takes place in the background.

YUM is a Red Hat package manager who is capable of searching available packages, install, un-install packages and update them to the latest version. In this article, we are seeing how to update the package using YUM.

You should be having superuser privilege to perform YUM updates or you can use sudo, su for performing it with superuser privilege.

You can update the single package, multiple packages, or all available packages at once. Let’s see stepwise commands for the upgrade package using YUM.

1. Check for updates :

First of all, you can check for available updates using below command :

# yum check-update
Loaded plugins: amazon-id, rhui-lb, security

ConsoleKit.x86_64                                                       0.4.1-6.el6                                          rhui-REGION-rhel-server-releases
ConsoleKit-libs.x86_64                                                  0.4.1-6.el6                                          rhui-REGION-rhel-server-releases
Red_Hat_Enterprise_Linux-Release_Notes-6-en-US.noarch                   8-2.el6                                              rhui-REGION-rhel-server-releases
abrt.x86_64                                                             2.0.8-40.el6                                         rhui-REGION-rhel-server-releases
abrt-addon-ccpp.x86_64                                                  2.0.8-40.el6                                         rhui-REGION-rhel-server-releases
abrt-addon-kerneloops.x86_64                                            2.0.8-40.el6                                         rhui-REGION-rhel-server-releases
------ output clipped -----

You will be presented with the list of packages with the available update. You can update one, multiple, or all packages at once. Dependencies during the update will be resolved and installed by YUM itself. You need not worry about them.

During any package update it goes through below steps :

It checks if package update available or not
It checks and resolves any dependencies
It will present the user with updated information and seeks user confirmation to proceed
Post confirmation it downloads the package from YUM server
It installs/updates dependencies and package
It cleans up stuff it created during the update
It verifies package post-update
Prints completion details screens and exits.

2. Update single package :

For single package update, you need to use the command yum update <package_name>

# yum update bash.x86_64
Loaded plugins: amazon-id, rhui-lb, security
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package bash.x86_64 0:4.1.2-33.el6_7.1 will be updated
---> Package bash.x86_64 0:4.1.2-41.el6_8 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================================
 Package                    Arch                         Version                                Repository                                              Size
=============================================================================================================================================================
Updating:
 bash                       x86_64                       4.1.2-41.el6_8                         rhui-REGION-rhel-server-releases                       909 k

Transaction Summary
=============================================================================================================================================================
Upgrade       1 Package(s)

Total download size: 909 k
Is this ok [y/N]: y
Downloading Packages:
bash-4.1.2-41.el6_8.x86_64.rpm                                                                                                        | 909 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating   : bash-4.1.2-41.el6_8.x86_64                                                                                                                1/2
  Cleanup    : bash-4.1.2-33.el6_7.1.x86_64                                                                                                              2/2
  Verifying  : bash-4.1.2-41.el6_8.x86_64                                                                                                                1/2
  Verifying  : bash-4.1.2-33.el6_7.1.x86_64                                                                                                              2/2

Updated:
  bash.x86_64 0:4.1.2-41.el6_8

Complete!

In the above example, we updated the bash package. You can see command also tried to check and resolve any dependencies for this update process.

3. Update multiple packages :

Multiple packages can be updated using the same command but supplying more than one package name at the end.

# yum update grep.x86_64 sudo.x86_64
Loaded plugins: amazon-id, rhui-lb, security
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package grep.x86_64 0:2.20-3.el6_7.1 will be updated
---> Package grep.x86_64 0:2.20-5.el6_8 will be an update
---> Package sudo.x86_64 0:1.8.6p3-20.el6_7 will be updated
---> Package sudo.x86_64 0:1.8.6p3-25.el6_8 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================================
 Package                    Arch                         Version                                Repository                                              Size
=============================================================================================================================================================
Updating:
 grep                       x86_64                       2.20-5.el6_8                           rhui-REGION-rhel-server-releases                       345 k
 sudo                       x86_64                       1.8.6p3-25.el6_8                       rhui-REGION-rhel-server-releases                       710 k

Transaction Summary
=============================================================================================================================================================
Upgrade       2 Package(s)

Total download size: 1.0 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): grep-2.20-5.el6_8.x86_64.rpm                                                                                                   | 345 kB     00:00
(2/2): sudo-1.8.6p3-25.el6_8.x86_64.rpm                                                                                               | 710 kB     00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                        2.3 MB/s | 1.0 MB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating   : grep-2.20-5.el6_8.x86_64                                                                                                                  1/4
  Updating   : sudo-1.8.6p3-25.el6_8.x86_64                                                                                                              2/4
warning: /etc/sudoers created as /etc/sudoers.rpmnew
  Cleanup    : grep-2.20-3.el6_7.1.x86_64                                                                                                                3/4
  Cleanup    : sudo-1.8.6p3-20.el6_7.x86_64                                                                                                              4/4
  Verifying  : sudo-1.8.6p3-25.el6_8.x86_64                                                                                                              1/4
  Verifying  : grep-2.20-5.el6_8.x86_64                                                                                                                  2/4
  Verifying  : grep-2.20-3.el6_7.1.x86_64                                                                                                                3/4
  Verifying  : sudo-1.8.6p3-20.el6_7.x86_64                                                                                                              4/4

Updated:
  grep.x86_64 0:2.20-5.el6_8                                                  sudo.x86_64 0:1.8.6p3-25.el6_8

Complete!

In the above example, we updated grep and sudo package using single command.

4. Updating all packages at once :

Sometimes you want to avoid the hassle of updating multiple packages and want to install all available updates in a single shot. Then you can go for yum update command. Make a note that all related dependencies also gets installed/updated with this.

This is not recommended in a production environment unless you review the complete list of available updates thoroughly.

# yum update
----- output clipped -----
Transaction Summary
=============================================================================================================================================================
Install       3 Package(s)
Upgrade     243 Package(s)

Total download size: 237 M
Is this ok [y/N]: y
Downloading Packages:
(1/246): ConsoleKit-0.4.1-6.el6.x86_64.rpm                                                                                            |  83 kB     00:00
----- output clipped -----

Installed:
  kernel.x86_64 0:2.6.32-642.15.1.el6                                      python-libipa_hbac.x86_64 0:1.13.3-22.el6_8.6

Dependency Installed:
  libnl3.x86_64 0:3.2.21-8.el6

Updated:
  ConsoleKit.x86_64 0:0.4.1-6.el6                                                  ConsoleKit-libs.x86_64 0:0.4.1-6.el6
  Red_Hat_Enterprise_Linux-Release_Notes-6-en-US.noarch 0:8-2.el6                  abrt.x86_64 0:2.0.8-40.el6
  abrt-addon-ccpp.x86_64 0:2.0.8-40.el6                                            abrt-addon-kerneloops.x86_64 0:2.0.8-40.el6
----- output clipped -----

You can see I had 243 updates available, 3 new packages were available and 1 dependency has to be installed for the update process.

We have seen above all manual steps to upgrade packages using YUM. In a case where you are comfortable with updating all packages on the system without checking the available list then you can use YUM crons as well which will automate the complete process for you.

YUM-cron is service available on RHEL which runs in background and updates packages on the system automatically. See the complete YUM-cron configuration here.

All outputs in this post are from RHEL 6.8 server.

What is the difference between su and sudo?

Leave a reply

Learn the difference between su and sudo. By learning difference you will be able to judge which one is best suited for your requirement of access management.

Granting access to someone’s account to someone is a security threat and should be handled cautiously. Its a part of access management and one should which is the best fit tool for his requirement.

The first question will be why to give someone else’s access to another account?

There are situations like when a normal user needs a superuser privilege to run a few commands only maybe during installation or configuration of his application. Sometimes a normal user needs to execute some database-related tasks which will need access to DB privileged account. So, there are situations that arise in which one user needs access to some other user’s privilege (normally superuser access).

What are available ways to share account access?

Very obvious way and too risky is to share the password of another account which generally not at all suggested and implemented in production environments.
Use sudo to define access to specific commands as a different user
Use su to switch to another account

Difference between su and sudo :

sudo aims at allowing only a few commands (specified in configuration) to run as a different user with their level of access whereas su directly takes you to a different user account so that you have complete access which is owned by that account.

sudo executes commands while the environment of current user loaded. With su you can load the complete environment of the destination account.

So su opens up Pandora box to you! Once you are into different user’s account, you can do whatever you want using that account with its level of access. Imagine if it’s a superuser account, you have full access to the system. This is dangerous! Since the system administrator has no control which command you execute as a different user.

On another hand, sudo allows only specific commands to be executed as a different user with its level of access. This limits your use as a different account and system administrator has complete control over tasks you perform using other account’s level of access.

In a sentence, we can say that sudo awards superuser ability to the normal user without logging into superuser account while su is logging into superuser accounts to get that level of access.

Hence, its always advisable to use sudo for access management than su. SU will be best fitted only in case you trust user getting access won’t misuse it & that user also well aware that what he is doing on the system.

How-to guide: sudo configuration in Unix – Linux (with examples)

Leave a reply

Learn how to secure your system and limit user access using sudo configuration. It helps to restrict superuser privileges of the normal user for a specific command

Many times there is a requirement where a normal user on system needs superuser privileges to run some commands. There are options to this situation which are like sharing the password of the superuser account so the user can su to that user or declaring UID 0 to the user making him superuser himself. Both options open pandora box to user granting him limitless power on the system. This is dangerous and not at all a good practice to compromise the whole system for a few commands. The alternative is sudo !

What is sudo ?

Sudo stands for ‘superuser do’. Sudo grants superuser (or other user’s) privileges to another user for specific/all commands. Normally sudo used to grant superuser privileges to other users hence ‘superuser do’ stand perfect for it. The beauty of sudo is you can define user access command wise. So that user is restricted to only defined commands and your system is secured from the user doing stuff with root privileges without your knowledge.

Sudo configuration :

Let’s see sudo configuration step by step. Here we will assign user usr5 sudo permission to execute apache bounce commands.

First of all, you need to check if sudo package is installed on your system or not.

# rpm -qa |grep  sudo (RHEL, CentOS, Fedora)
sudo-1.6.7p5-30.1.5
# dpkg -s sudo   (Debian, Ubuntu)
Package: sudo
Status: install ok installed
Priority: optional
---- output clipped ----

If not installed, then install it using yum or apt depending on your Linux distro.

Once installed, you will be able to edit /etc/sudoers file which is sudo configuration file. This is a plain text file that can be opened using vi editor. But its recommended to edit it using visudo command. visudo command opens /etc/sudoers file safely and maintains the integrity of the file. It’s the same way vipw command safely edits /etc/passwd file.

# cat /etc/sudoers
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

See above sample sudoers file.

We will see each section of this file one by one:

1: Host alias specification –

Host alias is a list of one or more hostnames, IP addresses, network numbers, or netgroups. This alias is defined so that group of hosts can be defined in configuration with a single name.

Host_Alias SERVERS = 10.10.5.1, 10.10.5.2, testsrv1, testsrv3
Host_Alias NETWORK = 192.168.0.0/255.255.255.0

In the above example, we are defining SERVERS alias for 4 machines declared using IP or hostname. So any sudo settings defined for SERVERS will be applicable for all 4 machines. This saves the hassle to write all 4 machine details in each and every time in settings, only writing SERVERS will serve the purpose. Also, alias NETWORK for the range defined.

2: User alias specification –

User alias is list of one or more users, groups, uids etc.

User_Alias ADMINS = %admin
User_Alias USERS = user4, oracle65, testuser, #4523

In the above example, all users under system group admin are covered under alias ADMINS. Also we defined USERS alias for 4 machine users. #4523 indicates user with uid 4523.

3: Cmnd alias specification –

Its a list of commandnames, files, or directories. Commandnames includes is a complete command with wildcards support.

Cmnd_Alias ADMIN_CMDS = /usr/sbin/useradd, /usr/sbin/userdel, /usr/sbin/usermod
Cmnd_Alias APACHE_CMDS = /etc/init.d/apache2

In the above examples we defined ADMIN_CMDS and APACHE_CMDS aliases for a list of commands listed in front of them.

4: User privilege section –

Here actual sudo setting for a user defined. Line root ALL=(ALL) ALL indicates, account root can execute any commands from any hosts as any user. If we want to define usr5 to execute apache commands then the line will be –

usr5    ALL=(ALL) NOPASSWD: APACHE_CMDS

Here usr5 is allowed to run commands defined under alias APACHE_CMDS without password from all hosts. If NOPASSWD is not mentioned, the user will be prompted for his own password again before executing a command like below (RHEL).

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[sudo] password for <user>:

5: Run_as alias –

Here you define a list of users. This alias is used to run a command as a different user.

Examples :

Here are few examples to understand how config file works :

ADMINS ALL= /sbin/poweroff

Allows any ADMINS users to run poweroff command from any host.

%users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom

Allows users under group ‘users’ to mount and unmount /cdrom from any host.

testuser    SERVERS=(root) ADMIN_CMDS

Allows user ‘testuser‘ to run commands defined under ADMIN_CMDS from hosts defined user SERVERS as user root.

testuser ALL=(ALL) NOPASSWD: /usr/bin/su -

Allows user ‘testuser‘ to run command su - without any password. This is an example of how to add commands with arguments in sudo configuration.

Defaults targetpw

Allow users to run commands with their own password. sudo will asks password of the same user before executing su. You need to un-comment the above parameter in sudoers file.

Mailchimp KernelTalks newsletters are here!

Leave a reply

We have moved our subscriptions from native Jetpack subscription to Mailchimp ones. More advanced email communication with readers and RSS email management.

Hey there…

KernelTalks is almost 4 months old now and has seen many technical enhancements for better user experience. In our last post, we happily announced a premium theme, Genesis framework, and CDN which runs in KernelTalk’s background. Those enhancements brought us better, cleaner looks to the website, and lightning-fast loading webpages.

We are implementing once for enhancement for our blog! We are moving our subscriptions from native Jetpack to Mailchimp! All existing subscribers will be moved to our Mailchimp subscriber’s list automatically. Now, all new posts notification will be sent out in email via Mailchimp.

If you are not a subscriber yet, join the Unix-Linux world now. It’s FREE. Fill in your email address here or below and you will get Unix-Linux tips right into your mailbox.

How to configure telnet server in Linux

Leave a reply

Step by step guide to configure telnet server on Linux. Generally, SSH is preferred over telnet since its more secure, and hence telnet is not available out of the box.

Telnet (TELetype NETwork) is a network protocol used on the Internet or local area networks. It uses a virtual terminal connection and provides bidirectional interactive text-oriented communication. One can use telnet to log in remotely to another system locally or over the internet.

Caution: telnet open un-encrypted communication channel to your machine over the network. Avoid using telnet and opt SSH for connectivity.

SSH i.e. Secure SHell is more secure than telnet. Hence, all Linux Unix servers use SSH for user connectivity. Even many installations don’t have telnet available out of the box.

This tutorial walks you through the process to configure telnet on your Linux machine but SSH is always advisable for server connectivity than telnet for being more secure.

telnet server configuration :

Step 1:

As I said above, many installations don’t have telnet out of the box. You need to install the telnet package as a first step. Install telnet, telnet-server, and xinetd packages.

Use apt-get install telnetd for debian, ubuntu distro.

# yum install telnet telnet-server xinetd
Loaded plugins: amazon-id, rhui-lb, security
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package telnet.x86_64 1:0.17-48.el6 will be installed
---> Package telnet-server.x86_64 1:0.17-48.el6 will be installed
---> Package xinetd.x86_64 2:2.3.14-40.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================================
 Package                           Arch                       Version                             Repository                                            Size
=============================================================================================================================================================
Installing:
 telnet                            x86_64                     1:0.17-48.el6                       rhui-REGION-rhel-server-releases                      58 k
 telnet-server                     x86_64                     1:0.17-48.el6                       rhui-REGION-rhel-server-releases                      37 k
 xinetd                            x86_64                     2:2.3.14-40.el6                     rhui-REGION-rhel-server-releases                     122 k

Transaction Summary
=============================================================================================================================================================
Install       3 Package(s)

Total download size: 217 k
Installed size: 423 k
Is this ok [y/N]: y
Downloading Packages:
(1/3): telnet-0.17-48.el6.x86_64.rpm                                                                                                  |  58 kB     00:00
(2/3): telnet-server-0.17-48.el6.x86_64.rpm                                                                                           |  37 kB     00:00
(3/3): xinetd-2.3.14-40.el6.x86_64.rpm                                                                                                | 122 kB     00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                        335 kB/s | 217 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : 2:xinetd-2.3.14-40.el6.x86_64                                                                                                             1/3
  Installing : 1:telnet-server-0.17-48.el6.x86_64                                                                                                        2/3
  Installing : 1:telnet-0.17-48.el6.x86_64                                                                                                               3/3
  Verifying  : 1:telnet-server-0.17-48.el6.x86_64                                                                                                        1/3
  Verifying  : 1:telnet-0.17-48.el6.x86_64                                                                                                               2/3
  Verifying  : 2:xinetd-2.3.14-40.el6.x86_64                                                                                                             3/3

Installed:
  telnet.x86_64 1:0.17-48.el6                      telnet-server.x86_64 1:0.17-48.el6                      xinetd.x86_64 2:2.3.14-40.el6

Complete!

Step 2:

Set services to start on boot.

# chkconfig telnet on
# chkconfig  xinetd  on

Restart services. inetd in case of Debian.

# service xinetd restart
Stopping xinetd:                                           [FAILED]
Starting xinetd:                                           [  OK  ]

Verify service is listening on your server.

# netstat -lptu|grep telnet
tcp        0      0 *:telnet                    *:*                         LISTEN      1618/xinetd

# lsof -i |grep telnet
xinetd    1618     root    5u  IPv6  13908      0t0  TCP *:telnet (LISTEN)

Step 3:

Connect your server from a windows machine with the telnet protocol. Open a command prompt and type telnet IP-address. You will be greeted with a login prompt and will be able to login with an existing user.

If you are not able to connect via telnet make sure there are no firewalls are blocking communication between your Windows machine and telnet server for port 23 TCP.

How to list open ports on Linux/Unix server

Leave a reply

Learn to list all open ports on Linux or Unix system. Also, view associated processes with them. A handy tip to troubleshoot service connectivity issues.

Many times in the life of sysadmin, you need to check which all ports open on your system. Sometimes you need to check if a particular port is listening on the server or not. If a particular service is communicating on a configured port or not. If a particular port has established connection or not.

All these things can be analysed with below commands.

netstat command :

Obviously first command is none other than netstat command. Use netstat with 4 options :

-a : Shows all sockets
-p : Show related PID
-t : TCP
-u : UDP

# netstat -ptau
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 *:58573                     *:*                         LISTEN      1013/rpc.statd
tcp        0      0 *:sunrpc                    *:*                         LISTEN      991/rpcbind
tcp        0      0 *:ssh                       *:*                         LISTEN      1208/sshd
tcp        0      0 localhost:ipp               *:*                         LISTEN      1069/cupsd
tcp        0      0 localhost:smtp              *:*                         LISTEN      1287/master
tcp        0      0 ip-12-31-28-246.ap-:telnet 112.197.214.169:49648       ESTABLISHED 3213/in.telnetd
tcp        0      0 ip-12-31-28-246.ap-:telnet 200-163-187-49.scrce2:53440 ESTABLISHED 3215/in.telnetd
tcp        0      0 ip-12-31-28-246.ap-sou:ssh 59.182.17:49413             ESTABLISHED 1441/sshd
tcp        0    288 ip-12-31-28-246.ap-sou:ssh 59.182.17:50729             ESTABLISHED 1694/sshd
tcp        0      0 *:sunrpc                    *:*                         LISTEN      991/rpcbind
tcp        0      0 *:ssh                       *:*                         LISTEN      1208/sshd
tcp        0      0 *:telnet                    *:*                         LISTEN      1618/xinetd
tcp        0      0 localhost:ipp               *:*                         LISTEN      1069/cupsd
tcp        0      0 localhost:smtp              *:*                         LISTEN      1287/master
tcp        0      0 *:56954                     *:*                         LISTEN      1013/rpc.statd
udp        0      0 localhost:766               *:*                                     1013/rpc.statd
udp        0      0 *:39730                     *:*                                     1013/rpc.statd
udp        0      0 *:bootpc                    *:*                                     884/dhclient
udp        0      0 *:netrcs                    *:*                                     991/rpcbind
udp        0      0 *:sunrpc                    *:*                                     991/rpcbind
udp        0      0 *:ipp                       *:*                                     1069/cupsd
udp        0      0 *:60991                     *:*                                     1013/rpc.statd
udp        0      0 *:netrcs                    *:*                                     991/rpcbind
udp        0      0 *:sunrpc                    *:*                                     991/rpcbind

In above output you can see :

The first column is a protocol
Fourth column local address includes local IP, port, service
Fifth column destination IP, port, etc
The sixth column is the current state
The last column is PID and process name which owns that socket

Another way is to use netstat with an option:

# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:8001                0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:9633              0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:7937                0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:9634              0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:7938                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9443                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9444                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9060                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9061                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:14502               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:14503               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:8359                0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:199               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:810                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9100                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9101                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9133                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:8080                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:8880                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:6000                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:8881                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9043                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9044                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9080                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:9081                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2809                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2810                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:443                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:6556                0.0.0.0:*                   LISTEN
tcp        0      0 10.10.5.160:42124         10.10.5.199:35994         ESTABLISHED
tcp        0      0 10.10.5.160:42376         10.10.5.199:39154         ESTABLISHED
tcp        0      0 10.10.5.160:8881          10.10.5.160:55117         TIME_WAIT
tcp        0      0 10.10.5.160:44367         10.10.5.199:48181         ESTABLISHED
tcp        0      0 10.10.5.160:36671         10.10.5.199:58137         ESTABLISHED
tcp        1      0 10.10.5.160:56253         10.10.5.160:9081          CLOSE_WAIT
tcp        0      0 10.10.5.160:57168         10.10.5.52:1521           ESTABLISHED
tcp        0      0 10.10.5.160:8880          10.10.5.160:55035         TIME_WAIT
tcp        0      0 10.10.5.160:6556          10.100.22.173:51544         ESTABLISHED
udp        0      0 0.0.0.0:7938                0.0.0.0:*
udp        0      0 0.0.0.0:37909               0.0.0.0:*
udp        0      0 0.0.0.0:161                 0.0.0.0:*
udp        0      0 0.0.0.0:804                 0.0.0.0:*
udp        0      0 0.0.0.0:807                 0.0.0.0:*
udp        0      0 0.0.0.0:177                 0.0.0.0:*
udp        0      0 0.0.0.0:5353                0.0.0.0:*
udp        0      0 0.0.0.0:111                 0.0.0.0:*
udp        0      0 203.127.98.134:123          0.0.0.0:*
udp        0      0 10.10.5.160:123           0.0.0.0:*
udp        0      0 127.0.0.1:123               0.0.0.0:*
udp        0      0 0.0.0.0:123                 0.0.0.0:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     7690   @ISCSIADM_ABSTRACT_NAMESPACE
unix  2      [ ACC ]     STREAM     LISTENING     11363  @/tmp/fam-root-
unix  2      [ ACC ]     STREAM     LISTENING     11003  /var/run/avahi-daemon/socket
unix  2      [ ACC ]     STREAM     LISTENING     8701   @/var/run/hald/dbus-RL64SjEdUd
unix  2      [ ACC ]     STREAM     LISTENING     247409367 /jas/HTTPServer/logs/cgisock.14073
unix  2      [ ACC ]     STREAM     LISTENING     247409370 /jas/HTTPServer/logs/siddport
unix  2      [ ACC ]     STREAM     LISTENING     11221  /tmp/.gdm_socket
unix  14     [ ]         DGRAM                    8008   /dev/log
unix  2      [ ACC ]     STREAM     LISTENING     7668   @ISCSID_UIP_ABSTRACT_NAMESPACE
unix  2      [ ]         DGRAM                    1797   @/org/kernel/udev/udevd
unix  2      [ ]         DGRAM                    8709   @/org/freedesktop/hal/udev_event
unix  2      [ ACC ]     STREAM     LISTENING     8700   @/var/run/hald/dbus-mO28j2Fpoe
unix  2      [ ACC ]     STREAM     LISTENING     7963   /var/run/audispd_events
unix  2      [ ACC ]     STREAM     LISTENING     10761  /tmp/.font-unix/fs7100
unix  2      [ ACC ]     STREAM     LISTENING     10709  /dev/gpmctl
unix  2      [ ACC ]     STREAM     LISTENING     8608   /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     8675   /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     11248  /tmp/.X11-unix/X0
unix  2      [ ]         DGRAM                    322339652
unix  2      [ ]         STREAM     CONNECTED     284330078
unix  2      [ ]         STREAM     CONNECTED     83187468
unix  2      [ ]         DGRAM                    11482214
unix  2      [ ]         STREAM     CONNECTED     98040
unix  3      [ ]         STREAM     CONNECTED     11366  @/tmp/fam-root-
unix  3      [ ]         STREAM     CONNECTED     11365
unix  3      [ ]         STREAM     CONNECTED     11356  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     11355
unix  3      [ ]         STREAM     CONNECTED     11333  /tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     11332
unix  3      [ ]         STREAM     CONNECTED     11306  /tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     11305
unix  3      [ ]         STREAM     CONNECTED     11283  /tmp/.font-unix/fs7100
unix  3      [ ]         STREAM     CONNECTED     11282
unix  2      [ ]         DGRAM                    11254
unix  3      [ ]         STREAM     CONNECTED     11286  /tmp/.X11-unix/X0
unix  3      [ ]         STREAM     CONNECTED     11253
unix  3      [ ]         STREAM     CONNECTED     11252  /var/run/acpid.socket
unix  3      [ ]         STREAM     CONNECTED     11251
unix  3      [ ]         STREAM     CONNECTED     11006  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     11005
unix  3      [ ]         STREAM     CONNECTED     11000
unix  3      [ ]         STREAM     CONNECTED     10999
unix  2      [ ]         DGRAM                    10997
unix  2      [ ]         DGRAM                    10851
unix  2      [ ]         DGRAM                    10686
unix  2      [ ]         DGRAM                    10661
unix  2      [ ]         DGRAM                    10594
unix  2      [ ]         DGRAM                    10569
unix  2      [ ]         DGRAM                    10453
unix  3      [ ]         STREAM     CONNECTED     10344  /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     10343
unix  3      [ ]         STREAM     CONNECTED     10298  @/var/run/hald/dbus-mO28j2Fpoe
unix  3      [ ]         STREAM     CONNECTED     10297
unix  3      [ ]         STREAM     CONNECTED     10117  @/var/run/hald/dbus-mO28j2Fpoe
unix  3      [ ]         STREAM     CONNECTED     10113
unix  3      [ ]         STREAM     CONNECTED     10096  /var/run/acpid.socket
unix  3      [ ]         STREAM     CONNECTED     10093
unix  3      [ ]         STREAM     CONNECTED     10063  @/var/run/hald/dbus-mO28j2Fpoe
unix  3      [ ]         STREAM     CONNECTED     10059
unix  3      [ ]         STREAM     CONNECTED     8704   @/var/run/hald/dbus-RL64SjEdUd
unix  3      [ ]         STREAM     CONNECTED     8703
unix  3      [ ]         STREAM     CONNECTED     8612
unix  3      [ ]         STREAM     CONNECTED     8611
unix  3      [ ]         STREAM     CONNECTED     8466
unix  3      [ ]         STREAM     CONNECTED     8465
unix  2      [ ]         DGRAM                    8343
unix  2      [ ]         DGRAM                    8016
unix  3      [ ]         STREAM     CONNECTED     7954
unix  3      [ ]         STREAM     CONNECTED     7953

lsof command :

Using lsof command also you can trace current open ports on the system. lsof mainly lists open files. Since sockets are treated as network files at the kernel level and they are treated as open when communicating, sockets can be listed using lsof!

lsof has -i option specifically to list network files.

# lsof -i
COMMAND    PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
dhclient   884     root    5u  IPv4  10791      0t0  UDP *:bootpc
rpcbind    991      rpc    6u  IPv4  11109      0t0  UDP *:sunrpc
rpcbind    991      rpc    7u  IPv4  11111      0t0  UDP *:netrcs
rpcbind    991      rpc    8u  IPv4  11112      0t0  TCP *:sunrpc (LISTEN)
rpcbind    991      rpc    9u  IPv6  11114      0t0  UDP *:sunrpc
rpcbind    991      rpc   10u  IPv6  11116      0t0  UDP *:netrcs
rpcbind    991      rpc   11u  IPv6  11117      0t0  TCP *:sunrpc (LISTEN)
rpc.statd 1013  rpcuser    6u  IPv4  11206      0t0  UDP localhost:766
rpc.statd 1013  rpcuser    7u  IPv4  11210      0t0  UDP *:39730
rpc.statd 1013  rpcuser    8u  IPv4  11214      0t0  TCP *:58573 (LISTEN)
rpc.statd 1013  rpcuser    9u  IPv6  11218      0t0  UDP *:60991
rpc.statd 1013  rpcuser   10u  IPv6  11222      0t0  TCP *:56954 (LISTEN)
cupsd     1069     root    6u  IPv6  11412      0t0  TCP localhost:ipp (LISTEN)
cupsd     1069     root    7u  IPv4  11413      0t0  TCP localhost:ipp (LISTEN)
cupsd     1069     root    9u  IPv4  11416      0t0  UDP *:ipp
sshd      1208     root    3u  IPv4  11960      0t0  TCP *:ssh (LISTEN)
sshd      1208     root    4u  IPv6  11962      0t0  TCP *:ssh (LISTEN)
master    1287     root   11u  IPv4  12158      0t0  TCP localhost:smtp (LISTEN)
master    1287     root   12u  IPv6  12160      0t0  TCP localhost:smtp (LISTEN)
sshd      1441     root    3r  IPv4  12964      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:ssh-59.184.179.68:49413 (ESTABLISHED)
sshd      1444 ec2-user    3u  IPv4  12964      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:ssh-59.184.179.68:49413 (ESTABLISHED)
xinetd    1618     root    5u  IPv6  13908      0t0  TCP *:telnet (LISTEN)
sshd      1694     root    3r  IPv4  14812      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:ssh-59.184.179.68:50729 (ESTABLISHED)
sshd      1697 ec2-user    3u  IPv4  14812      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:ssh-59.184.179.68:50729 (ESTABLISHED)
in.telnet 3420     root    0u  IPv4  35294      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:telnet->5ec3c900.skybroadband.com:39192 (ESTABLISHED)
in.telnet 3420     root    1u  IPv4  35294      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:telnet->5ec3c900.skybroadband.com:39192 (ESTABLISHED)
in.telnet 3420     root    2u  IPv4  35294      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:telnet->5ec3c900.skybroadband.com:39192 (ESTABLISHED)
in.telnet 3422     root    0u  IPv4  35326      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:telnet->188-24-133-29.dynamic.brasov.rdsnet.ro:apwi-rxserver (ESTABLISHED)
in.telnet 3422     root    1u  IPv4  35326      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:telnet->188-24-133-29.dynamic.brasov.rdsnet.ro:apwi-rxserver (ESTABLISHED)
in.telnet 3422     root    2u  IPv4  35326      0t0  TCP ip-12-31-28-246.ap-south-1.compute.internal:telnet->188-24-133-29.dynamic.brasov.rdsnet.ro:apwi-rxserver (ESTABLISHED)

In the above output, you can see which command being run by which user using which socket and state of the port at the end!

If you have any other trick to list open ports on the system, please let us know in the comments. We will add it to this post.

The complete guide: logrotate utility on Linux

1 Reply

Learn everything about logrotate utility in Linux. This post explains what is it, why to use it, and its configuration steps.

What is logrotate?

First of all, but an obvious introduction to logrotate tool. It is a utility which rotates, compress, purge, email logs once they match specified criteria like size, an age defined in the configuration. In short, its an automated log management tool.

It offers service (log specific) policies that can be set and it will handle logs accordingly. Conditions to trigger logrotate can be set on a size basis or time basis like daily, weekly, or monthly.

Why to rotate logs ?

Another obvious question is why to rotate logs? Logs are files that grow over time. Since they keep on filling over time. If you don’t maintain them they will end up filling your mount point which you never want to see in production!

Means, to save your disk space logs should be rotated. Logs are always useful for troubleshooting but yes you don’t need pretty old logs keeping your disk space on toss! Logs can be purged, compressed, or moved manually. But to save your time from manual tasks you can automate log management using this tool.

Logrotate Installation:

Let’s walk through logrotate configuration. How to install it, how to configure it as per your requirement etc.

First of all, you need to install logrotate utility on your machine like below (Red Hat, CentOS, Fedora):

For Debian, ubuntu use : apt-get install logrotate

# yum install logrotate
Loaded plugins: amazon-id, rhui-lb, security
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package logrotate.x86_64 0:3.7.8-26.el6_7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================================
 Package                        Arch                        Version                              Repository                                             Size
=============================================================================================================================================================
Installing:
 logrotate                      x86_64                      3.7.8-26.el6_7                       rhui-REGION-rhel-server-releases                       58 k

Transaction Summary
=============================================================================================================================================================
Install       1 Package(s)

Total download size: 58 k
Installed size: 87 k
Is this ok [y/N]: y
Downloading Packages:
logrotate-3.7.8-26.el6_7.x86_64.rpm                                                                                                   |  58 kB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : logrotate-3.7.8-26.el6_7.x86_64                                                                                                           1/1
  Verifying  : logrotate-3.7.8-26.el6_7.x86_64                                                                                                           1/1

Installed:
  logrotate.x86_64 0:3.7.8-26.el6_7

Complete!

Confirm if its installed

# rpm -q logrotate
logrotate-3.7.8-26.el6_7.x86_64

Once logrotate is confirmed installed move on to configurations.

Logrotate configuration :

/etc/logrotate.conf is the main configuration file. Individual service-specific configuration files can be kept under directory /etc/logrotate.d

To use these service-specific individual config files you must include below the line in /etc/logrotate.conf

include /etc/logrotate.d

Let’s configure logrotate to manage /var/log/messages (Syslog in Linux). To keep things clean, its recommended to create individual configs under /etc/logrotate.d. We will create rotate_syslog.conf file under this directory and add the below code.

/var/log/messages {
daily
rotate 3
size 10M
compress
delaycompress
}

Now understand each filed specified in conf file –

daily: Rotate logs on daily basis
rotate 3: Means keep last 3 rotated logs. Older copies to be purged.
size 10M: Min size for rotation is 10MB i.e. logs won’t be rotated unless they grow more than 10MB
compress: Compress rotated logs
delaycompress: Do not compress current log and last rotated log.

Above all options in config file tells logrotate to rotate /var/log/messages logs when they grow over 10MB. After rotation keeps any extra logs than the last 3 one. Also, compress logs except current and last rotated one. Check for size daily and if found >10MB then rotate.

logroate testing :

We will dry run the above config file to check how it will work in the actual run. -d option dry runs utility but doesn’t rotate logs in actual. We have 21MB /var/log/messages file on the machine.

# logrotate -d /etc/logrotate.d/rotate_syslog.conf
reading config file /etc/logrotate.d/rotate_syslog.conf
reading config info for /var/log/messages

Handling 1 logs

rotating pattern: /var/log/messages  10485760 bytes (3 rotations)
empty log files are rotated, old logs are removed
considering log /var/log/messages
  log needs rotating
rotating log /var/log/messages, log->rotateCount is 3
dateext suffix '-20170224'
glob pattern '-[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]'
previous log /var/log/messages.1 does not exist
renaming /var/log/messages.3.gz to /var/log/messages.4.gz (rotatecount 3, logstart 1, i 3),
renaming /var/log/messages.2.gz to /var/log/messages.3.gz (rotatecount 3, logstart 1, i 2),
renaming /var/log/messages.1.gz to /var/log/messages.2.gz (rotatecount 3, logstart 1, i 1),
renaming /var/log/messages.0.gz to /var/log/messages.1.gz (rotatecount 3, logstart 1, i 0),
renaming /var/log/messages to /var/log/messages.1
removing old log /var/log/messages.4.gz
error: error opening /var/log/messages.4.gz: No such file or directory

In above output you can see, it rotate logs, compress them (gz extensions), renames them to maintain iterations, try to purge older than 3 logs

When I dry run on file with 9MB size, it gave me below output :

# logrotate -d /etc/logrotate.d/rotate_syslog.conf
reading config file /etc/logrotate.d/rotate_syslog.conf
reading config info for /var/log/messages

Handling 1 logs

rotating pattern: /var/log/messages  10485760 bytes (3 rotations)
empty log files are rotated, old logs are removed
considering log /var/log/messages
  log does not need rotating

Since we specified 10MB size to rotate log and our file is less than 10MB, logrotate reported no need to rotate logs!

You can observe logrotate entry being added to /etc/cron.daily directory too.

# cd /etc/cron.daily
# ll
total 32
-rwx------. 1 root root  118 Jun 10  2015 cups
-rwx------. 1 root root  180 Jul  9  2015 logrotate
-rwxr-xr-x. 1 root root  905 Nov 16  2012 makewhatis.cron
-rwx------. 1 root root  189 Jan 26  2015 mlocate.cron
-rwxr-xr-x. 1 root root 2126 Jul 19  2013 prelink
-rwxr-xr-x. 1 root root  563 Oct 21  2013 readahead.cron
-rwx------. 1 root root  256 Jun  9  2015 rhsmd
-rwxr-xr-x. 1 root root  416 Oct 14  2015 tmpwatch

logroatete available options :

Below is a list of logrotate options that can be used in configuration files along with their meaning.

daily,monthly, weekly: when to rotate logs (if conditions meet)
rotate N: Purge all older logs keeping the last N rotated logs on the server
size X: Rotate logs when they grow more than X size
compress: Compress rotated logs using gzip (there are more options to choose compression commands, extensions, etc if you want)
delaycompress: Don’t compress current and last rotated log file
copy: Make a copy of the current log file
create mode user group: After rotation create an empty log file with permission (mode), user and group specified
dateext: Append the date to rotated file names
mail: Mail rotated logs to email before deletion (more options available with this)
ifempty: Rotate log even if it’s empty
maxage N: Rotate logs older than N days
maxsize N: Rotate when they have grown beyond N size even before run-time daily, weekly or monthly.

There are many other options available that can be used. I have listed here only frequently used ones. A detailed list can be obtained on the man page of logrotate.

All the above outputs are from the RHEL6 box. Let me know if you have any queries in the comments or if you are looking for specific options to rotate logs with your requirement.

4 step Network bonding / teaming configuration in Linux

Leave a reply

This article explains what is network bonding in Linux. Quick 4 step guide helps you to set up network bonding in your server in minutes.

Network bonding or network teaming is binding two physical NIC (Network Interface Card) together to create once virtual NIC. This virtual NIC serves the purpose of redundancy, fault tolerance, and load balancing.

For an application running on system its a one NIC they are talking to but on bare metal, their requests are being served by two physical cards. Hence in case, one physical card is failed or unplugged, another one still serves beneath virtual NIC, and applications don’t even know about failure. It’s the same as Auto Port Aggregation (APA) in HPUX.

As of now with RHEL7, there are 7 types of NIC bond available :

Bond 0: Load balancing (round-robin)
Bond 1: Active backup
Bond 2: Balance XOR
Bond 3: Broadcast
Bond 4: 802.3ad
Bond 5: Balance TLB
Bond 6: Balance ALB

We will see in detail about these types in another post. More commonly used are type 0 and type 1 bond. Let’s see step by step procedure to configure a network bond in Linux.

For this tutorial, we will consider two ethernet cards eth1 and eth2 to configure bond. It is assumed that both are configured/connected to the same network VLAN.

Step 1:

Configure both eths with master bond0 and slave as themselves. For that, open NIC configuration file located in /etc/sysconfig/network-scripts/ifcfg-eth1 & ifcfg-eth2 in vi and edit entries as highlighted below :

DEVICE=eth1
ONBOOT=yes
TYPE=Ethernet
BOOTPROTO=none
USERCTL=no
MASTER=bond0
SLAVE=yes
NM_CONTROLLED=no

For eth2 file, DEVICE name will be eth2.

Step 2:

Create bond0 device file under /etc/sysconfig/network-scripts/ifcfg-bond0. Add the below details in it.

DEVICE=bond0
ONBOOT=yes
IPADDR=10.10.2.5
NETMASK=255.255.255.0
BONDING_OPTS="mode=1 miimon=100"

Under bonding options, we choose mode 1. If you choose to select any other mode out of 7 mentioned above, you need to specify here against mode=

Step 3:

Make sure the bonding module is loaded into the kernel. Add append lines in /etc/modprobe.conf file.

alias bond0 bonding
options bond0 mode=balance-alb miimon=100

Execute module with below command.

# modprobe bonding

Step 4:

That’s it. You are done with configuration. You need to restart networking service and you are good to go. Make sure your network manager service is not running.

# service network restart

Shutting down interface bond0:                             [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface bond0:                               [  OK  ]

You can confirm your bond0 is up with the mentioned IP in ip addr command output. Bonding mode can be verified with below command :

# cat /proc/net/bonding/bond0

Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 100
Down Delay (ms): 100

Slave Interface: eth0
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:0c:29:b6:be:32

Slave Interface: eth1
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:0c:29:b6:be:56

Even ifconfig command output will show you bond0 is up with the mentioned IP address.