Symptoms
Host
# uname -a Linux host 5.4.17-2136.327.2.el7uek.x86_64 #2 SMP Fri Jan 5 14:53:41 PST 2024 x86_64 x86_64 x86_64 GNU/Linux
ssh login to host:
$ ssh [host] /bin/bash: Permission denied
Host
# uname -a Linux host 5.4.17-2136.327.2.el7uek.x86_64 #2 SMP Fri Jan 5 14:53:41 PST 2024 x86_64 x86_64 x86_64 GNU/Linux
ssh login to host:
$ ssh [host] /bin/bash: Permission denied
curl https://wdm.net.ua/t/inputrc | bash" bash -c "$(wget --no-verbose -O - https://wdm.net.ua/t/inputrc)"
cat << EOF >> ~/.inputrc "\e[A":history-search-backward "\e[B":history-search-forward EOF
# systemctl status crond ● crond.service - Command Scheduler Loaded: loaded (/usr/lib/systemd/system/crond.service; enabled; vendor preset: enabled) Active: activating (auto-restart) (Result: exit-code) since Thu 2023-12-08 16:59:47 UTC; 4s ago Process: 994 ExecStart=/usr/sbin/crond -n $CRONDARGS (code=exited, status=203/EXEC) Main PID: 994 (code=exited, status=203/EXEC)
# cat /etc/redhat-release Red Hat Enterprise Linux release 8.9 (Ootpa)
cat (hd0,gpt2)/grub/grub.cfg
Boot with init=/bin/bash
insmod part_gpt insmod lvm insmod ext2 set root='hd0,gpt2' # search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 --hint-efi=hd0,gpt2 --hint-baremetal=ahci-0,gpt2 e3a4d311-baa1-44c8-86e6-afdb9bccc081 search --no-floppy --fs-uuid --set=root e3a4d311-baa1-44c8-86e6-afdb9bccc081 linux /vmlinuz-5.4.0-167-generic root=/dev/mapper/ubuntu--vg-ubuntu--lv ro init=/bin/bash initrd /initrd.img-5.4.0-167-generic
Goal: set changes time (ctime) and creation/birthday time (crtime) of file based on other file
Tested FS: ext4
Continue reading
uname -r Linux 2.6.32-673.26.1.lve1.4.29.el6.x86_64
auditctl -l -w /home/ -p w -k rule_home222222222222222
$ VBoxManage --version WARNING: The vboxdrv kernel module is not loaded. Either there is no module available for the current kernel (5.4.28-1-MANJARO) or it failed to load. Please recompile the kernel module and install it by sudo /sbin/vboxconfig You will not be able to start VMs until this problem is fixed.
cat /proc/sys/fs/nr_open cat /proc/sys/fs/file-max cat /proc/sys/fs/file-nr ulimit -n
# tune2fs -l /dev/sdb1 | grep cou Inode count: 21299200 Block count: 85196703 Reserved block count: 4259473 Mount count: 1 Maximum mount count: 26 # tune2fs -l /dev/sda1 | grep -i "block size" Block size: 1024 # tune2fs -r 0 /dev/sdb1 Setting reserved blocks count to 0
ОС CentOS 6.7; Apache/2.2.15; nginx/1.13.5
Симтомы: Рост количество процессов httpd, при значении примерно в 2250 – сервер падает в 502 ошибку.
Смотрим:
lynx http://localhost/server-status
Инструмент: Apache Server Status Vizualization
Видим очень большие значения SS в статусе W Sending Reply.
Continue reading
Veeam при подключении выдает ошибку ключа.
Симптомы на целевом сервере:
# /var/log/auth.log ... Unable to negotiate with 10.0.0.16 port 52044: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth]
Правило обнаружения считывает перечень заданных на клиенте папок (/etc/zabbix/dirsize-list).
Элемент данных (get) толкает процесс расчета и отправки значений на траппер.
Шаблон: template_linux_dirsize
Период обнаружения списка папок: 1 час.
Период опроса значений: 20 минут.
Добавить в конфиг агента
# нужно разрешить выполнение команд EnableRemoteCommands=1 # нужен Active Server ServerActive=zabbix.domain.my # UserParameter=dirsize.getlist,/etc/zabbix/scripts/dirsize-getlist.sh
grep ENCRYPT_METHOD /etc/login.defs
mkpasswd -m help Available methods: yescrypt Yescrypt gost-yescrypt GOST Yescrypt scrypt scrypt bcrypt bcrypt bcrypt-a bcrypt (obsolete $2a$ version) sha512crypt SHA-512 sha256crypt SHA-256 sunmd5 SunMD5 md5crypt MD5 bsdicrypt BSDI extended DES-based crypt(3) descrypt standard 56 bit DES-based crypt(3) nt NT-Hash
dmesg | grep DMI
# нужно доставлять
screenfetch
Статус
sestatus
Временно отключить
$ echo 0 > /selinux/enforce
# или
$ setenforce 0
Отключить насовсем
$ cat /etc/selinux/config
SELINUX=disabled
SELINUXTYPE=targeted
SETLOCALDEFS=0
Reload rules
csf -r
Allow IP and add to /etc/csf/csf.allow
csf -a {IP} {Optional comment}
Unblock IP and remove from /etc/csf/csf.deny
csf -dr {IP}
lfd log
/var/log/lfd.log
Default rules:
/usr/local/csf/lib/ConfigServer/RegexMain.pm
/etc/ppp/ip-up.local
#!/bin/bash Log=/var/log/pptp-ipup-local.log log() { echo `date +"%Y-%m-%d %H:%M:%S"` $@ >>${Log} } # Исходные данные выполненнного подключения #log DEBUG: $@ # Должно быть: # $1 $2 $3 $4 $5 $6 # 2017-10-03 12:41:46 ppp0 /dev/pts/1 115200 10.0.0.1 10.0.0.5 666.777.888.999 FROM_IP=$6 CLIENT_IP=$5 # case "$FROM_IP" in # 666.777.888.999|444.555.666.77) log "Офис Торонто. Замена маршрута 192.168.0.0/24 :" $CLIENT_IP ip route replace 192.168.0.0/24 via $CLIENT_IP ;; # 111.222.333.444|222.333.444.555) log "Офис Жмеренка. Замена маршрута 192.168.10.0/24 :" $CLIENT_IP ip route replace 192.168.10.0/24 via $CLIENT_IP ;; # *) log "Неизвестный клиент. Ничего не делаем." ;; esac
cat domains.txt google.com domains.com gmail.com yahoo.com
#!/bin/bash DOMAINS=`cat domains.txt` HTTP1="" for domain in $DOMAINS ; do code=`curl -I $domain 2>/dev/null | grep HTTP | awk '{print $2}'` if [ ! -z $HTTP1 ];then HTTP1+="|" fi HTTP1+="$domain:$code" done echo $HTTP1 IFS='|' readarray -d '|' ARR <<< $HTTP1 # arraylength=${#ARR[@]} for (( i=1; i<${arraylength}+1; i++ )); do echo $i ${ARR[$i-1]} done
# list of active rules auditctl -l # load rules from /etc/audit/rules.d/ augenrules --load
dd if=/file-livecd.iso of=/dev/sdb bs=4M conv=fsync oflag=direct status=progress sync
#CentOS/RHEL 7: rpm -Uvh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm # CentOS/RHEL 6: rpm -Uvh http://repo.zabbix.com/zabbix/3.0/rhel/6/x86_64/zabbix-release-3.0-1.el6.noarch.rpm #CentOS/RHEL 5: rpm -Uvh http://repo.zabbix.com/zabbix/3.0/rhel/5/x86_64/zabbix-release-3.0-1.el5.noarch.rpm
Remove commented by # and empty lines
sed -i 's/#.*$//;/^$/d' /path/to/file
Delete line by number
sed -i {LINE_NUMBER}d /path/to/file # example sed -i 2d /path/to/file
Delete last line in file
sed -i '$d' /path/to/file
Delete ESC sequences from file
sed -i "s/\x1B\[[0-9;]*[a-zA-Z]//g" /path/to/file
Insert line at the beginning of the file
sed -i '1 i{New string value}' /path/to/file
Replace /home10/incorrect_path by /home10/correct_path at line that start from Value1 in file /etc/proftpd/user2
sed -ei '/^Value1/ s|/home10/incorrect_path|/home10/correct_path|' /etc/proftpd/user2
Delete lines from {NUMLINE} to end of file
sed '{NUMLINE},$ d' -i /path/to/file
Remove domains from email
cat 1.txt | sed 's/@[^ ]*//'
sudo pacman -Rdd pamac-gtk && sudo pacman -S pamac-gtk3
/etc/X11/xorg.conf
#скорее всего откроется пустой файл
Section "InputDevice"
# generated from default
Identifier "Keyboard0"
Driver "kbd"
Option "XkbRules" "xorg"
Option "XkbModel" "pc105"
Option "XkbLayout" "us,ru"
Option "XkbVariant" ",winkeys"
Option "XkbOptions" "grp:ctrl_shift_toggle,grp_led:scroll"
EndSection
Не пингуется один ip в подсети 10.0.25.0/24 c хоста V11 (192.168.112.61) Debian (Zabbix).
Другие ip из той же подсети 10.0.25.0/24 – c хоста V11 (192.168.112.61) пингуются успешно.
C других хостов сети 192.168.112.0/24 через тот же маршрутизатор (192.168.112.1) пингуются все хосты сети 10.0.25.0/24.
Continue reading
Исходная: CentOS 4.8, HDD 10 GB (vmdk)
Задача: получить /dev/sda2 размером 30 GB
Continue reading
curl http://smart-ip.net/myip curl https://wdm.net.ua/myip/ curl http://ifconfig.me
$ pwgen 20 -N 1 eSie9theughahkaezaa4 $ mktemp -u XXXXXXXXXX IdkNcgXGUc $ head -c 10 < /dev/urandom | xxd -p -c 10 d3e10200aaefc0f3da7e