clear out nginx cache
Wed, 10/13/2010 - 16:15 — sandipIf you are switching out static content that have gotten cached in nginx, the head of the cached files usually stores the file path that can be greped for and the file removed. One you hit the url again, it will recreate the new cached file at the same location.
find /var/cache/nginx -type f -exec grep -l /path/to/oldfile.css {} \;
Clean up config files
Tue, 10/12/2010 - 21:53 — sandipBelow are one liners to clean out all comment and blank lines with grep and sed, usually in config files.
grep -v "^#\|^$" <conf_file>
or
grep -v "^\#" <conf_file> | sed '/^$/d'
- sandip's blog
- Login or register to post comments
- Read more
Nginx - Fast and Secure Web Server
Tue, 10/12/2010 - 11:28 — sandipNginx is a fast and efficient web server. It can be configured to serve out files or be a reverse proxy depending on your application. What makes this web server different from Apache, Lighttpd or thttpd is the overall efficiency of the daemon, the number of configuration options and how easy it is to setup....
Enabling md5 shadow password with authconfig
Sat, 10/02/2010 - 14:44 — sandipIf you notice that /etc/shadow file password is using DES encryption, MD5 encryption can be enabled via:
authconfig --enablemd5 --enableshadow --update
If authconfig is not present edit, "/etc/pam.d/system-auth" and add "md5 shadow" to line starting with "password sufficient pam_unix.so" so it looks like below:
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
- sandip's blog
- Login or register to post comments
- Read more
Migrating Sendmail Mail Server
Sat, 10/02/2010 - 00:13 — sandipBelow is how I have migrated mail server with minimum downtime and routing mail to the new server via mailertable, if IP is still pointing to the old server and has not resolved for some ISPs.
-
48 hours prior to migration, set the TTL value for the mail server DNS A record to a short time like 15 minutes.
Prepare for the migration, rsycing the mail spool folder and the user home mail folders.
rsync --progress -a -e "ssh -i /root/.ssh/key -p 22" old.mailserver:/var/spool/mail / /var/spool/mail/
rsync --progress -a -e "ssh -i /root/.ssh/key -p 22" old.mailserver:/var/www/web1/m ail/ /var/www/web1/mail/
rsync --progress -a -e "ssh -i /root/.ssh/key -p 22" --exclude='*/bak' --exclude='*/web' old.mailserver:/var/www/web1/u ser/ /var/www/web1/user/
Run rsync the final time.
Setup Sendmail with mailertable to relay mail coming in to the old server over to the new mail server. This is a similar setup for secondary mail servers.
Add "FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl"
Create "/etc/mail/mailertable" file with contents of the routing table:
domain.tld esmtp:[xxx.xxx.xxx.xxx]
The square brackets skips checking MX records, so IP can be used instead. Remove domain name from "/etc/mail/local-host-names" so mails do not get delivered locally.
Edit "/etc/mail/access" to relay mail for the domain.
TO:domain.tld RELAY
cd /etc/mail
makemap hash access.db < access
makemap hash mailertable.db < mailertable
Test by telneting to port 25 on the old servers' IP and sending email. This should get relayed over to the new server.
Use a new subdomain and redirect existing webmail url to the new server.
- sandip's blog
- Login or register to post comments
Synaptic Package Manager Beginners Guide For Ubuntu Users
Wed, 09/29/2010 - 04:23 — david23Synaptic is a graphical user interface (GUI) for managing software packages on Debian-based distributions. If you are using Debian or Ubuntu you will easily find Synaptic in the System Tools menu or in the Administration menu.This tutorial will explain how to install,remove and upgrade packages using Synaptic in ubuntu.
Active Vs Passive FTP
Wed, 09/22/2010 - 14:10 — sandipOne of the most commonly seen questions when dealing with firewalls and other Internet connectivity issues is the difference between active and passive FTP and how best to support either or both of them. Hopefully the following text will help to clear up some of the confusion over how to support FTP in a firewalled environment...
Beautifying SQL PLUS Output
Wed, 09/22/2010 - 09:42 — sandipThe output of SQL Plus can be a annoying a little bit. Here are some techniques that show how to enhance the readability of SQL Plus output...
Auditing system files
Thu, 09/16/2010 - 16:46 — sandipHow do I audit file events such as read / write etc? How can I use audit to see who changed a file in Linux?
The answer is to use 2.6 kernel’s audit system. Modern Linux kernel (2.6.x) comes with auditd daemon. It’s responsible for writing audit records to the disk. During startup, the rules in /etc/audit.rules are read by this daemon. You can open /etc/audit.rules file and make changes such as setup audit file log location and other option. The default file is good enough to get started with auditd.
Check glue record for domain
Tue, 09/14/2010 - 08:56 — sandipIf you've just made any changes to the nameservers, you can verify if this has propagated at the root level.
Check root servers for the corresponding tld first. So for .com domains:
dig ns com
The output is as below:
;; ANSWER SECTION:
com. 172800 IN &nbs p; NS &nbs p; h.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; k.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; e.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; d.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; j.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; i.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; c.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; b.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; m.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; l.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; g.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; f.gtld-servers.net.
com. 172800 IN &nbs p; NS &nbs p; a.gtld-servers.net.
Now query the root servers for the corresponding domain:
dig ns edices.com @g.gtld-servers.net
The additional section from the result with the IP address show the glue records.
;; AUTHORITY SECTION:
edices.com.   ;   ; 172800 IN &nbs p; NS &nbs p; ns1.edices.com.
edices.com.   ;   ; 172800 IN &nbs p; NS &nbs p; ns2.edices.com.
edices.com.   ;   ; 172800 IN &nbs p; NS &nbs p; ns3.edices.com.
;; ADDITIONAL SECTION:
ns1.edices.com. & nbsp; & nbsp; 172800 IN &nbs p; A   ; 207.44.207.121
ns2.edices.com. & nbsp; & nbsp; 172800 IN &nbs p; A   ; 207.44.206.16
ns3.edices.com. & nbsp; & nbsp; 172800 IN &nbs p; A   ; 67.228.161.76
- sandip's blog
- Login or register to post comments
- Read more