Blogs

Get a count of top 10 emails that are in mail queue

Below one liner, pipes mailq command to sed, which prints out every 3rd line starting from line 5 capturing only the email addresses and producing report of the top 10 email addresses in sendmail mail queue.

mailq | sed -n '5~3p' | sort  | uniq -c | sort -nr | head

wait_timeout versus interactive_timeout

"wait_timeout" is the amount of seconds during inactivity that MySQL will wait before it will close a connection on a non-interactive connection.

"interactive_timeout" is the same, but for interactive mysql shell sessions.

Setting a value too low may cause connections to drop unexpectedly, specifically if you are using persistent connections. Setting a value too high may cause stale connections to remain open, preventing new access to the database.

For wait_timeout, this value should be set as low as possible without affecting availability and performance.

For interactive_timeout, changing this value won't really increase or decrease performance of your application.

removing rpm imported gpg-key

While install the puppet dashboard, I noticed puppetlabs yum repo changed from using "http://yum.puppetlabs.com/RPM-GPG-KEY-reductive" to "http://yum.puppetlabs.com/RPM-GPG-KEY-puppet" causing yum to fail on the key import. I had run the key import manually couple times before I realized, yum was complaining about a different key.

Below is how I got around to removing all of the imported gpgkeys:

Find GPG keys and owners:

rpm -qa gpg-pubkey\* --qf "%{version}-%{release} %{summary}\n"

Remove corresponding GPG Key.

rpm -e gpg-pubkey-8347a27f-4afe0f12 --allmatches

Replacing sysklogd with rsyslog

If you need to replace old sysklogd with recent rsyslog on centos, `rpm -e --nodeps sysklogd` is rather kludgy as yum will remove initscripts, upon which most of the system is dependent on. However, it is possible to install and remove via the yum shell in one go, which resolves the dependency issues.

# yum shell
> install rsyslog
> remove sysklogd
> run
> quit

Linux cpu processor cores and threads

/proc/cpuinfo has the info you need to identify the number of processors, cores and threads.

To get the total number of processors/cpu cores:

grep -c processor /proc/cpuinfo

Total number of physical cpus:

grep "physical id" /proc/cpuinfo | sort -u | wc -l

Number of cores per cpu:

grep "cores" /proc/cpuinfo | sort -u

To check if hyperthreading is enabled:

grep "cores\|siblings" /proc/cpuinfo | sort -u

If siblings is a multiple of cores then hyperthreading is enabled.

Trac redirect loop upon password reset

Recently, I have come across the mentioned bug during a password reset of Trac:

Reference bug trac-hacks.org/ticket/3233

This looks like an issue when set to "Force users to change passwords after a password reset?". I changed the config to not force the password change.

Also removed the session attribute in reference from the trac database:

sqlite3 yourtrac/db/trac.db \ 'DELETE FROM "session_attribute" WHERE "name" = "force__change_passwd";'

Probing if Varnish is Alive

If you probe on varnish service status to check if it is alive, this can be setup as below. Put it in "vcl_recv" block:

  # Check if Varnish is alive
  if (req.url == "/varnish_status") {
    error 200 "OK";
  }

Then check for http "200 OK" in the response code.

List threads with ps and top

The "H" option in both ps and top lists the threads:

Examples:

ps auxwH

top H

Redirect ports inside OpenVZ containers

For port redirection to work inside OpenVZ containers, ipt_REDIRECT kernel module needs to be loaded in the host. Edit "/etc/sysconfig/vz" and add it to the IPTABLES list.

IPTABLES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_owner ipt_length ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp ipt_recent ipt_REDIRECT"

This should then allow to redirect ports. So if you need to proxy existing apache via nginx or lighttpd and you do not want to switch apaches' default port 80, then the below rules will do the appropriate redirection to port 81 where nginx/lighttpd server is listening, serving static content and proxying to apache for dynamic content:

# Redirect external web traffic to port 81
iptables -t nat -A PREROUTING -s ! 127.0.0.1 -p tcp --dport 80 -j REDIRECT --to-ports 81

# Redirect internal port 80 to 81
iptables -t nat -A OUTPUT -s 0/0 -d 192.168.10.2 -p tcp --dport 80 -j REDIRECT --to-ports 81

Where 192.168.10.2 is the internal IP resolver of domain/host.

clear out nginx cache

If you are switching out static content that have gotten cached in nginx, the head of the cached files usually stores the file path that can be greped for and the file removed. One you hit the url again, it will recreate the new cached file at the same location.

find /var/cache/nginx -type f -exec grep -l /path/to/oldfile.css {} \;

Comment