My Little Help for Linux - R@oulou

Sendmail: How to change Host name in the SMTP 220 response

Julien — Wed, 04 Jun 2008 15:00:13 GMT

For Instance:

Find the Host Name:


[root@mail]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       localhost
192.168.1.1   mail.domain.local      mail

From:

[root@mail]# telnet mail.domain.local 25
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
Escape character is '^]'.
220 mail.domain.local ESMTP Sendmail 8.12.11/8.13.1; 
Fri, 30 May 2008 19:51:58 +0100
........

To:

[root@mail]# telnet mail.domain.local 25
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
Escape character is '^]'.
220 test.otherdomain.local ESMTP Sendmail 8.12.11/8.13.1; 
Fri, 30 May 2008 19:51:58 +0100
........

Simply add this line to your /etc/mail/sendmail.cm:

define(`confDOMAIN_NAME', `test.otherdomain.local')dnl

Use the m4 command line to regenrate a sendmail.cf:

#m4 /etc/mail/sendmail.cm > /etc/mail/sendmail.cf

Restart sendmail:

#/etc/init.d/sendmail restart

Sendmail: Unable to connect to remote host: connection refused

Julien — Thu, 24 Apr 2008 10:10:25 GMT

you can do a telnet 127.0.0.1 25 but you get this error : Telnet: Unable to connect to remote host: connection refused message when you are trying to do a telnet from an other box in your network to your sendmail.

You have to make sue you sendmail is not listening only on 127.0.0.1:25 but on 0.0.0.0:25

netstat -an | grep 25:
127.0.0.1:25

If it's the case, here is the manipulation to change the configuration on your sendmail:

IPs open sendmail.mc file (login as the root):
# vi /etc/mail/sendmail.mc
Look for line that read as follows:
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
Comment or remove above line and insert new line that read as follows:
DAEMON_OPTIONS(`Port=smtp,Name=MTA')dnl
Above line will force to accept connection from any host. Save the file. Regenerate sendmail configuration file using m4:
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Restart sendmail service :
# /etc/init.d/sendmail restart

# netstat -an | grep 25:
0.0.0.0:25

Clear the ARP table

Julien — Tue, 05 Feb 2008 10:28:37 GMT

To empty the ARP table you can use this command line:

#ip neigh flush all

How to mount, remout a read-only filesytem in in read write mode

Julien — Tue, 11 Dec 2007 16:03:12 GMT

mount -o remount,rw /dev/sdax

Change speed and duplex settings on your network card

Julien — Tue, 30 Oct 2007 13:46:14 GMT

You can use two tools to do that: mii-tool and ethtool:
Install those two tools (Debian base Linux):

# apt-get install ethtool net-tools

Get speed and information from your network card (eth0):
- ethtool

# ethtool eth0

Result:

Supported ports: [ MII ]
        Supported link modes:   10baseT/Half 10baseT/Full 
                                100baseT/Half 100baseT/Full 
                                1000baseT/Half 1000baseT/Full 
        Supports auto-negotiation: Yes
        Advertised link modes:  10baseT/Half 10baseT/Full 
                                100baseT/Half 100baseT/Full 
                                1000baseT/Half 1000baseT/Full 
        Advertised auto-negotiation: Yes
        Speed: 100Mb/s
        Duplex: Half
        Port: Twisted Pair
        PHYAD: 1
        Transceiver: internal
        Auto-negotiation: on
        Supports Wake-on: g
        Wake-on: d
        Current message level: 0x000000ff (255)
        Link detected: yes

- mii-tool

mii-tool eth0

Result:

eth1: no autonegotiation, 100baseTx-HD, link ok

Change the speed and duplex settings
100 BaseTx full dublex

# mii-tool -F 100baseTx-HD

# ethtool -s eth0 speed 100 duplex full

bcm43xx: Error: Microcode "bcm43xx_microcode5.fw" not available or load failed.

Julien — Sat, 27 Oct 2007 14:10:00 GMT

Install bcm43xx-fwcutter:

#apt-get install bcm43xx-fwcutter

Download wl_apsta.o (firmware from the Windows Driver)

Launch the following command:

#bcm43xx-fwcutter -w /lib/firmware /home/user/wl_apsta.o

Set-up your Wifi connection and check it with:

iwconfig

.
The speed will be limited to 11-Mb/s

File Descriptor limitation

Julien — Wed, 19 Sep 2007 09:19:04 GMT

A file descriptor is a handle created by a process when a file is opened. There is a limit to the amount of file descriptors per process.

Display system file descriptor settings:
ulimit -Hn (hard limit, cannot be exceeded)
ulimit -Sn / ulimit -n (soft limit may be increased to hard limit value)

switch:

-a	Lists all of the current resource limits.
-c	The number of 512-byte blocks on the size of core dumps.
-d	The number of K-bytes on the size of the data area.
-f	The number of 512-byte blocks on files written by child processes (files of any size may be read).
-n	The number of file descriptors plus 1.
-s	The number of K-bytes on the size of the stack area.
-t	The number of seconds (CPU time) to be used by each process.
-v	The number of K-bytes for virtual memory.
	If no option is given, -f is assumed.

Increasing file descriptor settings for child processes (example):

$ ulimit -Hn
1024
$ ulimit -Sn
64
$ ulimit -Sn 1024
$ ulimit -Sn
1024

There are two variables in the kernel that can be modified to set these limits. The limits are called the hard limit or the max allowed and the soft or the current limit. The two variables that can be modified are rlim_fd_max & rlim_fd_cur.

NO to the Microsoft Office format as an ISO standard

Julien — Wed, 29 Aug 2007 13:35:56 GMT

the national members of ISO to vote "NO" in the ballot of ISO DIS 29500 (Office OpenXML or OOXML format) for the following reasons:

1. There is already a standard ISO26300 named Open Document Format (ODF): a dual standard adds costs, uncertainty and confusion to industry, government and citizens;

2. There is no provable implementation of the OOXML specification: Microsoft Office 2007 produces a special version of OOXML, not a file format which complies with the OOXML specification;

3. There is information missing from the specification document, for example how to do a autoSpaceLikeWord95 or useWord97LineBreakRules;

4. More than 10% of the examples mentioned in the proposed standard do not validate as XML;

5. There is no guarantee that anybody can write software that fully or partially implements the OOXML specification without being liable to patent lawsuits or patent license fees by Microsoft;

6. This format conflicts with existing ISO standards, such as ISO 8601 (Representation of dates and times), ISO 639 (Codes for the Representation of Names and Languages) or ISO/IEC 10118-3 (cryptographic hash);

7. There is a bug in the spreadsheet file format which forbids any date before the year 1900: such bugs affect the OOXML specification as well as software applications like Microsoft Excel 2000, XP, 2003 and 2007.

8. This standard proposal was not created by bringing together the experience and expertise of all interested parties (such as the producers, sellers, buyers, users and regulators), but by Microsoft alone.

Say no the Microsoft Office format as an ISO standard

scp command line

Julien — Wed, 22 Aug 2007 09:33:14 GMT

SCP or Secure copy is used to securely transferring computer files between a local and a remote host or between two remote hosts, using SSH protocol. Remote hosts must have SSH server installed

Options:
-p: Preserves the modification and access times, as well as the permissions of the source-file in the destination-file
-q: Do not display the progress bar
-r: Recursive, so it copies the contents of the source-file (directory in this case) recursively
-v: Displays debugging messages

Example:
copy MyFile from local computer to remote server (host)

scp MyFile user@host:/Path/to/folder

copy all content of /Path/to/folder/ from remote server (hostSrc) to remote server (hostDest)

scp -r user@hostSrc:/Path/to/folder/ user@hostDest:/Path/to/folder

How locate big files on your system in command line

Julien — Mon, 20 Aug 2007 15:38:32 GMT

Here is a command line you can use to locate big files on your system:

- Locate all files with a size more than 1G:

du -h | grep -E "^[0-9]*G" > resultG

- Locate all files with a size more than 10M:

du -h | grep -E "^[0-9][0-9]M" > resultSup10M

- Locate all files with a size more than 100M:

du -h | grep -E "^[0-9][0-9][0-9]M" > resultSup100M

vmware cannot start: starting httpd.vmware: -ne failed

Julien — Mon, 20 Aug 2007 15:24:50 GMT

The following message appear when you start vmware after installed vmware-mui

starting httpd.vmware: -ne failed

The correct solution is to modify 
/etc/init.d/httpd.vmware and change !/bin/sh to !/bin/bash

Vmware server installation error: Error with invalid key during the installation

Julien — Mon, 20 Aug 2007 15:19:19 GMT

The key has been gathered on Vmware website.
the vmware-install.pl script stop with the following error:

Error with invalid key during the installation

The issue can be solved with this command line:

$sudo apt-get install ia32-libs

Description:
This package contains runtime libraries for the ia32/i386 architecture, configured for use on an amd64 or ia64 Debian system running a 64-bit kernel.

Vmware server installation: /etc/vmware/ssl/rui.key unable to get the last modification timestamp.....

Julien — Mon, 20 Aug 2007 15:14:03 GMT

the vmware-install.pl script stop with the following error:

Building the VMware VmPerl Scripting API.

Using compiler "/usr/bin/gcc". Use environment variable CC to override.

Installing the VMware VmPerl Scripting API.

The installation of the VMware VmPerl Scripting API succeeded.

Generating SSL Server Certificate

Unable to get the last modification timestamp of the destination file
/etc/vmware/ssl/rui.key.

Execution aborted.

Here the command line to solve the issue:

touch /etc/vmware/ssl/rui.key solved the issue

burn DVD from iso

Julien — Tue, 31 Jul 2007 18:01:02 GMT

growisofs -Z /dev/scd0=/path/file.iso

File Permissions - Special Permission Bits

Julien — Mon, 30 Jul 2007 11:54:56 GMT

A few special permission options are also supported, and they may be indicated by changes to the permission string:

Set user ID (SUID):
The set user ID (SUID) option is used in conjunction with executable files, and it tells Linux to run the program with the permissions of whoever owns the file rather than with the permissions of the user who runs the program. For instance, if a file is owned by root and has its SUID bit set, the program runs with root privileges and can therefore read any file on the computer. Some servers and other system programs run in this way, which is often called SUID root. SUID programs are indicated by an s in the owner's execute bit position of the permission string, as in rwsr-xr-x.

Set group ID (SGID):
The set group ID (SGID) option is similar to the SUID option, but it sets the group of the running program to the group of the file. It's indicated by an s in the group execute bit position of the permission string, as in rwxr-sr-x.

Sticky bit :
The sticky bit has changed meaning during the course of Unix history. In modern Linux implementations (and most modern versions of Unix), it's used to protect files from being deleted by those who don't own the files. When this bit is present on a directory, the directory's files can be deleted only by their owners, the directory's owner, or root. The sticky bit is indicated by a t in the world execute bit position, as in rwxr-xr-t.

Warning
These special permission bits all have security implications. SUID and SGID programs (and particularly SUID root programs) are potential security risks. Although some programs must have their SUID bits set to function properly, most don't, and you shouldn't set these bits unless you're certain that doing so is necessary. The sticky bit isn't dangerous in this way, but as it affects who may delete files in a directory, you should consider its effect�or the effect of not having it�on directories to which many users should have write access, such as /tmp. Typically, such directories have their sticky bits set.

kill

Julien — Wed, 25 Jul 2007 12:24:31 GMT

Description:
In the first form, kill is used with an optional sigspec. This is a signal value, specified as either an integer or the signal name(such as SIGHUP, or simply HUP). The sigspec is case-sensitive but is usually specified with uppercase letters. The sigspec is followed by one or more PIDS to which the is to be sent. In the second form with the -l option, ill lists the valid signal names. If signum (an integer) is present, only the signal name for that number will be displayed.
Reminder: Frequently used interactive signals

Signal name	Number	Meaning and use
HUP	1	Hang up. This signal is sent automatically when you log out or disconnect a modem. It is also used by many daemons to cause the configuration file to be reread
INT	2	Interrupt; stoprunning. This signal is sent when you type Ctrl-C.
KILL	9	kill; stop unconditionally and immediately. Sending this signal is a drastic measure, as it cannot be ignored by the process. This is the "emergency kill" signal.
TERM	15	Terminate, nicely if possible. This is used to ask a process to exit gracefully
TSTP	20	Stop execution ready to continue. This signal is sent when you type Crtl-Z.
CONT	18	Continue execution. This signal i sent to start a process stopped by SIGTSTP or SIGSTOP.(the shell sends this signal when you use the fg or bg commands after stopping a process with Crtl-Z)

Examples:


## All these commands will send SIGKILL to the processes with PIDS
 1000 and 1001
$ kill -9 1000 1001
$ kill -SIGKILL 1000 1001
$ kill -KILL 1000 1001

LinuxPowertop

Julien — Mon, 16 Jul 2007 15:24:01 GMT

Power usage is a hot topic for computer users everywhere. For some, it's a matter of how long a laptop lasts without being plugged in. For others, it's controlling the temperature of hundreds of systems within a datacenter. For all of us, it's about keeping the electricity bill under control and being kind to the environment.

Getting your computer to use the least amount of power can be problematic. This site provides information on reducing power usage, tips, and tricks for Intel-based computers running Linux*.

As a first step, Intel is releasing PowerTOP, a tool that helps you find what software is using the most power. By fixing (or closing) these applications or processes, you can immediately see the power savings in the tool. You'll also see the estimated time left for battery power if you are running a laptop. The Tips&Tricks page has fixes for a lot of the issues that are already found. Join our mailing list to participate in this effort to get Linux to use less power.

LinuxPowertop

trash content one of your partition file-tree

Julien — Fri, 06 Jul 2007 15:24:54 GMT

That can happen if you have a bug in /home/user/.gnome/gnome-vfs/.trash_entry_cache

Example:

.trash_entry_cache "bugged" :
/proc/bus/usb -
/var/lock -
/var/run -
/ -
/vmware //vmware

So all my vmwares were on the Trash folder.

.trash_entry_cache "valid" :

/proc/bus/usb -
/var/lock -
/var/run -
/ -
/vmware -

To resolve your issue remove .trash_entry_cache and restart you gnome

How to create Image (ISO) files from CD/DVD

Julien — Thu, 05 Jul 2007 15:02:34 GMT

e.g. Assumed that /dev/cdrom is the location of CD/DVD-ROM

sudo umount /dev/cdrom
readcd dev=/dev/cdrom f=file.iso

dd if=/dev/cdrom of=file.iso

dig Utility

Julien — Thu, 05 Jul 2007 10:13:28 GMT

dig is the current DNS diagnostic tool of preference, but as noted earlier, it is not always widely available and rarely on Windows systems. dig has both a command line and a batch mode (but no interactive mode like nslookup). In general, the command line of dig is more powerful than nslookup�even allowing multiple queries in a single line�and the batch mode makes running check files a breeze. dig offers a daunting array of options.

dig Syntax

dig [@dns] domain [[-c ]q-type] [[-t ]q-class] [+q-opt] [-d-opt] [%comment]

dig Examples:

The following examples are designed to illustrate techniques and should not be taken literally�rather use them as a starting point for experimentation and exploration on a domain of your choice.
dig Host Query

Here is a simple host lookup that defaults to an A RR:

# dig www.example.com

The preceding command could have been written as follows (uses a positional argument so the order is important):

# dig www.example.com a

Or again, the same command using the identified option format�order is not important:

# dig -t a www.example.com

Contrast the previous output with the short response by using this command:

# dig -t a www.example.com +short

As noted previously, type ANY will always obtain more interesting results by providing all RRs with any given name.

# dig www.example.com any

This command forces use of the name server at 192.168.2.224 for the query:

# dig @192.168.2.224 www.example.com a

To force use of the named server at ns1.example.com for the query, use the following:

# dig @ns1.example.com www.example.com a

The next command is a reverse-map query that returns PTR RR:

# dig -x 192.168.2.224

dig Domain Query

Here is a quick domain lookup that returns all RRs without labels, the domain apex or root, and typically gets SOA, NS, MX, and others. If a nonauthoritative server is used, it returns only the NS RRs:

# dig @ns1.example.com example.com any

The corresponding identified option format�order not important:

# dig @ns1.example.com -t any example.com

The next command forces use of the name server at 192.168.2.224 for the query:

# dig @192.168.2.224 example.com any

This forces use of the name server at ns1.example.net for the query:

dig @ns1.example.net example.com a

dig Multiple Queries

dig will accept multiple queries per command line�as long as each query is clearly identified (or disambiguated). This multiple domain lookup returns nonlabel RRs (at domain apex) for both domains:

# dig example.com any example.net any

The following multiple domain lookup returns A RR for the first domain and domain apex RRs for the second domain:

# dig example.com example.net any

This multiple domain lookup returns apex RRs for the first domain and an A RR for the second:

# dig example.com any example.net

If a command line starts with one format, it must be consistent�this fails on the second query:

# dig example.com -t any example.net any

But this format works for both:

# dig example.com -t any example.net -t any

And this really does work�though how useful it would be is questionable!

# dig example.com any example.net any example.org any

And this works as well:

# dig www.example.com www.example.net fred.example.net

dig Output

The following shows the output from a simple dig command to the sample example.com zone using one of the authoritative name servers for the zone. Chapter 11 shows the output from a dig command issued to a DNSSEC signed zone, and Chapter 15 contains the output from a dig command to the root-servers.

# dig @ns1.example.com www.example.com
; <<>> DiG 9.3.0 <<>> @ns1.example.com www.example.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 826
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.example.com.  IN  A

;; ANSWER SECTION:
www.example.com. 86400 IN A 10.1.2.1
www.example.com. 86400 IN A 192.168.254.3
www.example.com. 86400 IN A 172.16.2.1
www.example.com. 86400 IN A 192.168.2.5

;; AUTHORITY SECTION:
example.com. 86400 IN NS ns1.example.com.
example.com. 86400 IN NS ns2.example.com.

;; ADDITIONAL SECTION:
ns1.example.com. 86400 IN A 192.168.2.6
ns2.example.com. 86400 IN A 192.168.23.23

;; Query time: 31 msec
;; SERVER: 192.168.2.3#53(ns1.example.com)
;; WHEN: Tue May 31 20:16:25 2005
;; MSG SIZE rcvd: 165

The output from a dig command is a formatted version of the binary, or wire format, message response to the query formed from the dig command parameters (unless the +short option is used). The detailed layout of the message is described in Chapter 15. The preceding response reflects a typical positive response to a dig command and includes the following items:

* The >>HEADER<< is an interpreted version of the message header. The flags and values of the status fields are defined in the next section, "dig Response Values."
* The QUESTION SECTION reflects the original query that is being answered, which was in this case a query for the A RR of www.example.com.
* The ANSWER SECTION provides the four A RRs for www.example.com that fully answer the question in this case. If the ANSWER SECTION is present but contains no entries, then the query was not successful, and the status field in the HEADER typically provides the reason unless the response was a referral, in which case the status field will be NOERR (see Chap-ter 15 for a referral dig response).
* The AUTHORITY SECTION provides the NS RRs of the servers that are authoritative for the domain example.com.
* The ADDITIONAL SECTION provides information that may be useful to the server; in this case, it is the A RRs of the name servers.