I.T. Security and Linux Administration


July 4, 2010  2:17 PM

Restarting services made easy!

Eric Hansen Eric Hansen Profile: Eric Hansen

Figured while I’m posting scripts that make my job easier, I’d share another, since we have servers here that have services that need to be restarted (quite) frequently sometimes.

While this one is hard-coded for Apache/Lightpseed, it will work for any service that creates a PID file.

#!/bin/sh

# stop()
# Stops the web server service
function stop {
# Attempt to stop the service cleanly
service httpd stop

sleep 5

# pid files only exist when either the program is running
# or when it's a zombie process
if [ -f /var/run/httpd.pid ]
then
# If httpd.pid still exists, keep trying to stop the service cleanly
echo "---> httpd.pid still exists...attempting stop again."

# The pause is just used for gracefulness
sleep 5

# Recursiveness is awesome!
stop
else
# pid file doesn't exist, so why worry?
echo "----> httpd.pid no longer exists."
fi
}

# start()
# Starts the web server service
# Everything is basically the same as above, so not commenting this also
function start {
service httpd start

sleep 5

if [ -f /var/run/httpd.pid ]
then
echo "----> httpd.pid exists...server has been restarted."
else
echo "----> httpd.pid doesn't exist...server not restarted, attempting to start again."
sleep 5
start
fi
}

# Call the functions like a boss
stop

sleep 10

start

# Graceful exit...not needed but used in best practice
exit 0

All the sleep commands are in as I’ve found out service restart tends to be quite pushy/rushing with it finishing the restart process. Also, checking to see if the pid file still exists is a pretty good indicator if the service is still running (of course, you could also do an awk from a ps or some other process command).

July 4, 2010  2:09 PM

.bashrc, meet SSH…aka: recovery-godsend

Eric Hansen Eric Hansen Profile: Eric Hansen

I have SSH access for both my home network, and my work.  The idea to implement this came from the fact my work actually does this already.  Instead of typing ssh <commands> you just type na <hostname/ip> and it’ll do the dirty work for you.  At first, I thought the “na” command was either a script or custom program, but it turns out it’s just an alias set in .bashrc.  Below is my version (modified to my own liking):


function ssh_call() {
case "$1" in
home|h)
ssh noone@myhome
;;
work|w)
ssh work@domains
;;
*)
echo "Only home & work are possible arguments. One or the other must be passed."
;;
esac
}

alias sh=’ssh_call home’
alias sw=’ssh_call work’

I’m sure there’s better ways and stuff of doing this, but it works for me, hehe. All in all, bash scripting can be quite useful when used correctly.


June 19, 2010  7:22 PM

Magento and You

Eric Hansen Eric Hansen Profile: Eric Hansen

I’m not sure how many readers that will see this have experience in Magento, but at my job, it’s our biggest support.  I work as a Linux Support Tech now, and there’s one thing that’s gotten to me, and that’s Magento installs.

While for the most part it’s easy, especially when you run command scripts, there is one issue I ran into today that boggled my mind for a good hour.  When I was installing Magento 1.4.1 on a client’s server, I kept getting the error that the path must be writable.  So, I figured alright…chmod 755 all the directories and it’ll be set.  Did that, still no go.  Checked ownerships, they were wrong.  Changed ownership to the user’s ID, still no go again.  I Googled this issue like you wouldn’t believe.  Turns out, what I had to do was su the user ID (we log into servers as root), delete the entire magento directory, and re-do the entire process.  I don’t quite get why this happened, but it worked.  I was able to install Magento and the user was happy.

Another, granted shorter, issue is installing Magento on a LiteSpeed server.  Now, I’ve done this a few times on a LiteSpeed server before, but installing Magento on this one was…to say the least, interesting.  The install process went through fine, database set up and admin account configured.  The problem this time was when I went to the admin panel (or even just the store itself), it bounced back a 503 error.  The only clue as to what was going on is that the error log said it was trying to access .htaccess jsut before it hit the 503 return mark.  So, I did essentially every logical thing you can think of to fix this issue.  Restarted LiteSpeed, removed .htaccess (which made the site work, but redirects would be a problem), ran a diff between their .htaccess and the default one that comes with Magento.  Googling didn’t come up with much.  The error this time, after commenting out every line in .htaccess, then uncommenting one at a time, turns out that setting the memory limit for PHP in the .htaccess file was causing the error.  The only reason behind this I can think of is that LiteSpeed was allocating not enough or so memory to each php child.

In short, Magento is a fantastic e-Commerce set up…if you know how to install it, haha.


May 28, 2010  6:47 PM

Port Checker

Eric Hansen Eric Hansen Profile: Eric Hansen

A while ago, I got bored and decided to venture into the realm of scripting.  Managing server after server, typing “netstat -ntlup | grep…” got annoying after a while, so I decided to write this.

The script requires the runner/user to be root.  Which is flawed, I know, but this works for me…if you want/need it modified, then I’ll do my best to help.

#!/bin/bash

# Script is used to determine if a port is used.
# Usage: portcheck <port number>
# Executes netstat -ntlup | grep <port> to do checking.
# Returned text is stored in a variable.  If variable is empty, 
# port is not in used.  Otherwise, port is being used.

# Get the username of the person running script
USER=`id -un`

# Root is required to run netstat -ntlup
if [ "$USER" != "root" ]; then
	echo "Root privileges required."
else
	NET=`netstat -ntlup | grep $1`

	if [ -z "$NET" ]; then
		echo "Port is free"
	else
		echo $NET
	fi
fi

This can check against either a port or program name (which is why root privileges is demanded).


May 27, 2010  10:34 AM

What is this blog about?

Eric Hansen Eric Hansen Profile: Eric Hansen

First off, I would like to say thank you to the whole ITKE team for this opportunity.

What this blog about is, in short, how to improve management of Windows & Linux servers, desktop, software, hardware, etc…  While this might focus mostly on Linux, Windows will still be focused on.  The idea behind this isn’t to be different, unique, or anything like that…it’s just to offer my own tips, strategies, insights, and tools on how to perform a job or task more effectively.

I might venture off into different areas as well, such as talking about firewalls, proxies, social engineering even, as well as other IT topics.  I just figure why should I hide my own knowledge from those who might benefit from it?  While I have yet to really think of a first real blog (next to the sample one I had to submit to get this position, hehe), I have a couple ideas I might do.  Expect a new entry in the coming days while things settle down for me personally.

If you like what I have to offer, then I’ve done my job.  If you feel like I’m lacking somewhere, feel free to tell me.  I’m not a hard-head or anything of the sort, and I welcome constructive criticism.

Thank you,

Eric


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: