Category Archives: Administration

No space left on device.

Sometimes we can be fooled by error messages. For example one sunny day you see that for some reason your web or mail server doesn’t work. So you go to check the logs and find something similar to this:

2016/12/28 09:02:37 [crit] 24668#24668: *472674 open() "/var/cache/nginx/client_temp/0020878597" failed (28: No space left on device), client: 192.168.1.1, server: www.domain.com, request: "GET /cart/add/uenc/aHR0cDovL3d3dy5hYmNob21lLmNvbS9zaG9wL2xvdi1vcmdhbmljLWxvdi1pcy1iZWF1dGlmdWwtdGVh/product/19471/form_key/N8l3OyVkC1el9T8q/?product=19471&related_product=&send_to_friend=%2F%2Fwww.domain.com%2Fshop%2Fsendfriend%2Fproduct%2Fsend%2Fid%2F19471%2F&form_key=N8l3OyVkC1el9T8q&super_group%5B19425%5D=1&super_group%5B19424%5D= HTTP/1.1", host: "www.domain.com", referrer: "http://www.domain.com/shop/organic-tea"

Then when you check the free space you see that you have more than enough, and all kind of irrational thoughts start flowing into your mind, when it is the simple inodes space.

Usually it is just that there is not enough inodes left free on your files system, simple as that, but is easy to overlook as for some people this doesn’t happen often (and it shouldn’t).

[root@hostname client_temp]# df -i
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/mapper/os-root 1703936 1703103 833 100% /
tmpfs 1524264 4 1524260 1% /dev/shm
/dev/sda1 51000 50 50950 1% /boot
/dev/mapper/os-tmp 131072 2155 128917 2% /tmp
/dev/mapper/data-data
19660800 578302 19082498 3% /data

Nginx basic authentication

Setting up basic authentication in Nginx is pretty easy, you need to first add couple of directives in block config, you can out them directly in the server if you want the whole site not be accessible or just on some parts-

    auth_basic "Restricted Content";
    auth_basic_user_file /etc/nginx/.htpasswd;

Then in the .htpasswd file add the user and use openssl to generate hash for the chosen password –

echo "password" | openssl passwd -apr1 -stdin

Encrypt and decrypt files with openssl

If you need easy way to encrypt and decrypt files on linux systems, one way you can go is to use openssl, usually it is available on most servers,

Encyrpt:

openssl aes-256-cbc -e -in file.zip -out file.enc -k password

Decrypt:


openssl aes-256-cbc -d -in file.enc -out file.zip -k password

 

You should also be able to use it with des3, but I haven’t tested the fallowing:

Encrypt:

openssl des3 -salt -in file-plain.txt -out file-encrypted.txt.des3

Decrypt:

openssl des3 -d -salt -in file-encrypted.txt.des3 -out file-plain.txt

Calculate total size of files listed

Sometimes you need to know the combined size of a given files that are combined with other files in the same dir, either by their extension or by some other property.

This example is based on file extension, but can be adapted to any other results you like find to return:

find . -name "mysql-bin.*.1" -size +1000000c -print0 | du -hc --files0-from=- | awk 'END{print $1}'

Hits per second, hits per minute

In case you need to generate file from a log with the number of hits per second or minute you can use the fallowing commands-

Hits per second –

cat access.log | cut -d[ -f2 | cut -d] -f1 | awk 'BEGIN { FS=":" } ; { print $1":"$2":"$3":"$4 }'| sort | uniq -c >/home/user/hits-per-sec

Hits per minute –

cat access.log | cut -d[ -f2 | cut -d] -f1 | awk 'BEGIN { FS=":" } ; { print $1":"$2":"$3 }' | sort | uniq -c >/home/user/hits-per-min

SFTP upload on one line

This can be used in a script to schedule uploads, however it is not recommended to use it and store passwords in plain text, but sometimes you might not have choice if you don’t control the remote server.

You will also need the sshpass package installed.

sshpass -p "password" sftp user@remote.com:/directory <<< $'put /var/www/www.local.com/httpdocs/var/export/*.Products.csv'

Ubuntu 16.04 – Install Apache2 and php7

I have experimented some time ago, with php7, as described in this post. At that time that wasn’t official realease, however the link seems to pick up on some searches in google, and there was some confusion for people expecting this to be copy/paste guide.

So I would try to fix these and outline the steps to install Apache2 with php7 on the latest server LTS Ubuntu – 16.04.01 – freshly downloaded from the official site, at the time of the writing.

First, the two most repeated commands:


sudo apt-get update

sudo apt-get upgrade

That will update any software installed on the server distro.

Then install apache2 –

sudo apt-get install apache2

Open the IP of the server you have installed it on and you should be presented with the default apache web page, if nothing is showing, you need to check if apache2 is running and if the firewall/ufw is blocking requests.

It comes the turn to install mysql –

sudo apt-get install mysql-server

You will be asked to provide password for the MySQL root user, you should be aware this is not the same user as the Linux root user, it is different one having rights to do everything with every database in MySQL, so it is a good idea to pick a different password then the ones you are using currently in the system.

After installation is finished, we will have to run buil-in script to tighten some of the security for MySQL and clean up some things –

sudo mysql_secure_installation

You will be asked for you the root password (MySQL root user), and then to choose a level for password validation:


There are three levels of password validation policy:

LOW Length >= 8

MEDIUM Length >= 8, numeric, mixed case, and special characters

STRONG Length >= 8, numeric, mixed case, special characters and dictionary file Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1

They are self explainatory, but I don’t really like password validators – I find them stupid security measure, especially on the level of MySQL server/users. So I would set that to 0/low for machines I am using.

You should read the questions and answer then with ‘y’ or ‘no’, in the past it was fine to answer all with ‘y/yes’ however, now I am noticing that the first question is “Change the password for root” – you might not really want to do that, so the best thing is to read what are you actually asked.

 

Ok, so we are getting there, let’s install php7 with the apache mod –

sudo apt-get install php7.0 libapache2-mod-php7.0 php7.0-mcrypt php7.0-mysql

Then you could check the php version in the terminal with –

php -v

And the final step is to be sure apache is interpreting php in the browser.

First, become root with –

sudo -i

Then will add php info page to the server web root directory, so we could open it in our browser after that to verify it is running properly on check all the configuration details for php –

echo '<?php phpinfo(); ?> > /var/www/html/info.php'

After that you should navigate in your browser to the IP your server is listening to, and add /info.php after it, so it would look something like this –

http://192.168.122.113/info.php

That’s pretty much for it, but this where the complicated things starts from.

Dump and compress all MySQL databases

This is a little variation of a script I used in the past, what will do is find all databases, and export them compressed, with piping to gzip.

#!/bin/bash
MYSQLDUMP="$(which mysqldump)"
DIR="/root/db_dumps"
DBS=`mysql --defaults-extra-file=.my.cnf -e"show databases"`

#Remove	old dumps
rm -f $DIR/*.sql*

for DATABASE in $DBS
do
if [ $DATABASE != "Database" ]; then
FILENAME=$DATABASE
$MYSQLDUMP --defaults-extra-file=.my.cnf $DATABASE --single-transaction | gzip > $DIR/$FILENAME.sql.gz
fi
done

rm -f $DIR/information_schema.sql*
rm -f $DIR/performance_schema.sql*

.my.cnf file contents:

[client]
user=root
password=your_password

.my.cnf file should be in the user directory owned by him with permissions 600 or even 400