Serving ftp with vsftpd

Thu, 12/23/2010 - 16:32 — sandip

vsftpd can be installed directly via yum and is a straight forward setup:

yum install vsftpd
chkconfig vsftpd on
service vsftpd start

The default vsftpd.conf should be fine to run with. However, it is best practice to disable anonymous access if not being used:

# cat /etc/vsftpd/vsftpd.conf | grep -v "#\|^$"
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=NO
nopriv_user=nobody
ftpd_banner=OK
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
log_ftp_protocol=YES
chroot_local_user=YES

For an incoming dropbox only option, use:

download_enable=NO
dirlist_enable=NO

disable logging of images in access log

Wed, 12/15/2010 - 17:15 — sandip

Apache:

SetEnvIfNoCase Request_URI "\.(gif|jpe?g|png|htc|css|js|ico)$" skiplog
CustomLog "/var/log/httpd/access.log" combined env=!skiplog

Lighttpd:

$HTTP["url"] =~ "\.(gif|jpe?g|png|htc|css|js|ico)$" {
  accesslog.filename = "/dev/null"
}

Debugging a weird linux server incoming network connection problem

Sun, 12/05/2010 - 03:46 — philiph
(via www.hollenback.net)

I was recently stumped by an odd incoming network connection hang problem on a linux server. This is a writeup of how I troubleshot the issue and eventually fixed it.

listing of directories in tree format

Fri, 12/03/2010 - 11:58 — sandip

Below example shows listing of files and directories in tree format including hidden files and directory display depth of 3:

tree -a -L 3

-a : include hidden files
-L : depth of directory tree to display

man tree for more info...

resolve mysql replication error

Fri, 12/03/2010 - 10:39 — sandip

MySQL replication stops whenever there is an error running a query on the slave. This happens so the problem query can be identified and resolved.

Such errors can be skipped as long as you know why the query failed.

For example, when you run a query in the slave accidentally instead of running it on the master. You can skip just that one query that is hanging the slave using:

mysql> SET GLOBAL SQL_SLAVE_SKIP_COUNTER=1;
mysql> START SLAVE;

Get a count of top 10 emails that are in mail queue

Wed, 12/01/2010 - 16:55 — sandip

Below one liner, pipes mailq command to sed, which prints out every 3rd line starting from line 5 capturing only the email addresses and producing report of the top 10 email addresses in sendmail mail queue.

mailq | sed -n '5~3p' | sort  | uniq -c | sort -nr | head

wait_timeout versus interactive_timeout

Wed, 12/01/2010 - 10:25 — sandip

"wait_timeout" is the amount of seconds during inactivity that MySQL will wait before it will close a connection on a non-interactive connection.

"interactive_timeout" is the same, but for interactive mysql shell sessions.

Setting a value too low may cause connections to drop unexpectedly, specifically if you are using persistent connections. Setting a value too high may cause stale connections to remain open, preventing new access to the database.

For wait_timeout, this value should be set as low as possible without affecting availability and performance.

For interactive_timeout, changing this value won't really increase or decrease performance of your application.

Deleting mail from the mail queue

Tue, 11/30/2010 - 17:38 — sandip
(via www.brandonhutchinson.com)

Sendmail does not provide a command-line argument to remove messages from the mail queue. It may be necessary to manually remove messages from the mail queue rather than allowing Sendmail to attempt redelivery of messages for Timeout.queureturn days (5, by default).

The proper way to remove messages from the mail queue is to use the qtool.pl program included in the contrib subdirectory of the Sendmail source code distribution. qtool.pl uses the same file locking mechanism as Sendmail...

Adjusting sendmail queue time / lifetime

Tue, 11/30/2010 - 17:32 — sandip
(via rackerhacker.com)

Adjusting sendmail queue time / lifetime

By default, sendmail will keep items in the queue for up to 5 days. If you want to make this something shorter, like 3 days, you can adjust the following in /etc/mail/sendmail.mc:

define(`confTO_QUEUERETURN9;, `3d')dnl

...

removing rpm imported gpg-key

Mon, 11/22/2010 - 12:17 — sandip

While install the puppet dashboard, I noticed puppetlabs yum repo changed from using "http://yum.puppetlabs.com/RPM-GPG-KEY-reductive" to "http://yum.puppetlabs.com/RPM-GPG-KEY-puppet" causing yum to fail on the key import. I had run the key import manually couple times before I realized, yum was complaining about a different key.

Below is how I got around to removing all of the imported gpgkeys:

Find GPG keys and owners:

rpm -qa gpg-pubkey\* --qf "%{version}-%{release} %{summary}\n"

Remove corresponding GPG Key.

rpm -e gpg-pubkey-8347a27f-4afe0f12 --allmatches

Comment