Tuesday, November 27, 2007

The Great Wall Visit and UNIX wall

I'm using the wall command for this post but only to stay within the format of this blog (Use of command and then show its output). And it is also being used as a pun to boot.

# wall
I just returned to South Korea from Beijing, China. It was a relaxing 5 days but also a bit cold and foggy for my liking.

The group tour package venues exceeded my expectations. We visited the Temple of Heaven, Lama Temple, Tiananmen Square, The Forbidden City, Summer Palace, Silk Factory, Hutong, Hard Rock Cafe, Jade Factory, and Pearl Factory, a couple markets (not my idea :)) and the Great Wall. The Great Wall is an amazing feature and was by far the best venue. I traversed its highest tower carrying a 20+lb backpack. Unfortunately, my quads and hams were really sore for a couple days afterwards.

The 2008 Olympics will be held in Beijing and everything seemed to be under construction. It’s amazing how much time, money, and effort goes into preparing for these games. The Chinese are hoping for post Olympic results similar to what South Korea experienced in 1988 – a vast infusion of foreign investment.

One last thing, I could not access my blog, "My SysAd Blog," via my hotel's Internet connection (business center). Instead, I was redirected to China's leading search engine, Baidu. It returned an outdated index of "My SysAd Blog." I think most blogs are blocked. Yahoo mail and Gmail were accessible but Hotmail was not.

I would recommend a visit if you get the time.

ctrl ^d

Wednesday, November 21, 2007

Determine the Number of Login/Logout Sessions - UNIX

Here is an easy way to determine how many login/logout sessions were recorded for a particular workstation. I will employ a few common UNIX system administration commands to fetch, filter, and then count the information derived from the wtmpx file. And by the way, my wtmpx file has not been cleared out in awhile.

# csh
# last | grep esoft | wc -l
24

In some organizations, logging in as the root user via the console is restricted. Check to see if anyone has logged in as root via the console.
# last | grep console | grep root | wc -l
20

Recorded Reboots
# last | awk '{print $1}’ | grep reboot | wc -l
36

Number of logins for each users/pseudo users (/bin/ later added per ux-admin's suggestion)
# foreach i (`last | awk '{print $1}' | sort | uniq | grep -v wtmp`)
? /bin/echo $i `last | grep $i | wc -l`
? end
ftp 16
reboot 36
restrict 1
root 167
esoft 24

Total logins for users/pseudo users
# last | awk '{print $1}' | grep '.' | grep -v wtmp | wc -l
244

Friday, November 16, 2007

List, Remove or Rename Multi-spaced Filenames - UNIX

I know this is a common HOWTO for UNIX system administrators, but I do get this question on occasion. The question is the following: "how do you delete a file with spaces in its name?" Use quotes, "".

From experience, I have seen numerous people type in file name at the CLI, and then they are prompted with the predictable “No such file or directory” error message. Here are some ubiquitous examples for dealing with spaces in filenames.

Using no quotes, 3 separate files are created
# csh
# touch test file 1
# ls -l
total 0
-rw-r--r-- 1 root other 0 Nov 16 23:17 1
-rw-r--r-- 1 root other 0 Nov 16 23:17 file
-rw-r--r-- 1 root other 0 Nov 16 23:17 test

Using quotes, 5 files are created with spaces as part of their unique filenames
# touch "test file 1"
# touch "test file 2"
# touch "test file 3"
# touch "test file 4"
# touch "test file 5"
# ls
test file 1 test file 2 test file 3 test file 4 test file 5

Attempt to list a specific multi-spaced filename without quotes
# ls test file 1
test: No such file or directory
file: No such file or directory
1: No such file or directory

Use quotes to list the file named test file 1
# ls "test file 1"
test file 1

Attempt to remove a specific multi-spaced filename without quotes
# rm test file 1
test: No such file or directory
file: No such file or directory
1: No such file or directory

Use quotes to remove the file named test file 1
# rm "test file 1"
# ls
test file 2 test file 3 test file 4 test file 5

Use quotes to rename the file named test file 2
# mv "test file 2" "test file 2a"
# ls
test file 2a test file 3 test file 4 test file 5

Use a “for loop” to rename these multi-spaced filenames. This example deletes the spaces and makes the filename contiguous.

# foreach i (*)
? mv "$i" `echo $i | tr -d 'space here '`
? end
# ls
testfile2a testfile3 testfile4 testfile5

Thursday, November 15, 2007

Log Repeated Login Failures

You can log repeated login failures with the /var/adm/loginlog file. This file is not created by default, so you will have to create it. Most systems will allow 5 login retries before logging the event to this file. By the way, you can modify the max retries variable in the /etc/default/login file.

# cd /var/adm
# touch loginlog; chmod 700 loginlog; chown root:sys loginlog
# ls -l loginlog
-rwx------ 1 root sys 0 Nov 16 02:33 loginlog

Attempt to login

login: user1
Password:
Login incorrect
login: user1
Password:
Login incorrect
login: user1
Password:
Login incorrect
login: user1
Password:
Login incorrect
login: user1
Password:
Login incorrect

Connection to host lost.
###################

Now view the contents of the /var/adm/loginlog file.
# cd /var/adm
# more loginlog
user1:/dev/pts/2:Fri Nov 16 02:37:01 2007
user1:/dev/pts/2:Fri Nov 16 02:37:09 2007
user1:/dev/pts/2:Fri Nov 16 02:37:16 2007
user1:/dev/pts/2:Fri Nov 16 02:37:23 2007
user1:/dev/pts/2:Fri Nov 16 02:37:31 2007

Wednesday, November 14, 2007

Sort a File by a Defined Delimiter

I was sorting out a few colon delimited files tonight. I though the task might be post worthy. The two examples below are colon, ":", delimited and pipe, "|", delimited. Obviously, you can define other types of delimiters such as "," , ";" , "#", and etc.

# vi sortme
phoenix:az:mountain
los angeles:ca:pacific
augusta:me:eastern
houston:tx:central
dallas:tx:central
berkeley:ca:pacific
seattle:wa:pacific
denver:co:mountain
santa fe:nm:mountain
:wq!

Sort by TZ
# sort -t: +2 sortme
dallas:tx:central
houston:tx:central
augusta:me:eastern
denver:co:mountain
phoenix:az:mountain
santa fe:nm:mountain
berkeley:ca:pacific
los angeles:ca:pacific
seattle:wa:pacific

Sort by state
# sort -t":" +1 sortme
phoenix:az:mountain
berkeley:ca:pacific
los angeles:ca:pacific
denver:co:mountain
augusta:me:eastern
santa fe:nm:mountain
dallas:tx:central
houston:tx:central
seattle:wa:pacific

Sort by city
# sort -t":" sortme
augusta:me:eastern
berkeley:ca:pacific
dallas:tx:central
denver:co:mountain
houston:tx:central
los angeles:ca:pacific
phoenix:az:mountain
santa fe:nm:mountain
seattle:wa:pacific

# sort -t":" +1 +2 sortme
phoenix:az:mountain
berkeley:ca:pacific
los angeles:ca:pacific
denver:co:mountain
augusta:me:eastern
santa fe:nm:mountain
dallas:tx:central
houston:tx:central
seattle:wa:pacific

Delimited by a pipe, "|", symbol
# vi sortme
phoenix|az|mountain
los angeles|ca|pacific
augusta|me|eastern
houston|tx|central
dallas|tx|central
berkeley|ca|pacific
seattle|wa|pacific
denver|co|mountain
santa fe|nm|mountain

# sort -t"|" +1 sortme
phoenix|az|mountain
berkeley|ca|pacific
los angeles|ca|pacific
denver|co|mountain
augusta|me|eastern
santa fe|nm|mountain
dallas|tx|central
houston|tx|central
seattle|wa|pacific

Saturday, November 10, 2007

Strip an Extension From a Filename - UNIX

I received this common question the other day. "How do I strip an extension from filenames using sed?" Frankly speaking, I thought this howto was already posted in this blog, but after further review, it doesn't appear to be. At any rate, here are some examples starting out with sed. I'm sure others have better ways of performing this task.

Using the sed command to strip an extension
# csh
# ls
t1.dat t2.dat t3.dat t4.dat t5.dat
# foreach filename (*.dat)
? mv $filename `echo $filename | sed 's/.dat//g'`
? end
# ls
t1 t2 t3 t4 t5

Using the basename command to strip an extension
# ls
t1.dat t2.dat t3.dat t4.dat t5.dat
# foreach filename (*.dat)
? mv $filename `basename $filename .dat`
? end
# ls
t1 t2 t3 t4 t5

Using the echo command to strip an extension
# ls
t1.dat t2.dat t3.dat t4.dat t5.dat t6.d1t
# foreach filename (*.dat)
? mv $filename `echo $filename:r`
? end
# ls
t1 t2 t3 t4 t5 t6.d1t

Using a zsh for loop to strip an extension
# ls
t1.dat t2.dat t3.dat t4.dat t5.dat t6.d1t
# zsh
# for filename (*.dat) mv $filename $filename:r
# ls
t1 t2 t3 t4 t5 t6.d1t

Another example using the echo command to strip an extension
# ls
t1.dt3 t2.d67 t3.d79 t4.e67 t5.007 t6.d17
# foreach filename (*.??7)
? mv $filename `echo $filename:r`
? end
# ls
t1.dt3 t2 t3.d79 t4 t5 t6

More examples using the echo command to strip an extension
# ls
t1.110207_org t2.110307_tmp t3.100307 t4.053106 t5.090606 t6.032307 t7.112307_log
# foreach filename (*.11*)
? mv $filename `echo $filename:r`
? end
# ls
t1 t2 t3.100307 t4.053106 t5.090606 t6.032307 t7

# ls
t1.0a t10.aj t2.1b t3.2c t4.3d t5.4e t6.5f t7.6g t8.7h t9.8i
# foreach filename (*.[0-9]?)
? mv $filename `echo $filename:r`
? end
# ls
t1 t10.aj t2 t3 t4 t5 t6 t7 t8 t9

Wednesday, November 07, 2007

Remove First 10 or 100 or 1000 Lines in a Log File - UNIX

After reviewing my Google Webmaster tools, I've observed several search iterations for "remove first 100 or 1000 lines in a log file." Here's an example to demonstrate removing the first 10 lines, 100 lines or 1000 lines in an .htaccess file.

Remove first 10 lines
# nl -ba .htaccess | more
1
2 order allow,deny
3 allow from all
4

5
6 deny from 213.xxx.xxx.xx
7 deny from 124.xxx.xxx.xx
8 deny from 81.xxx.xxx.xx
9 deny from 88.xxx.xxx.xx
10 deny from 88.xxx.xxx.11
11 deny from 84.xxx.xxx.56
12 deny from 88.xxx.xxx.xx
13 deny from 82.xxx.xxx.xx
14 deny from 69.xxx.xxx.xx
15 deny from 24.xxx.xxx.xx
...

# tail +11 .htaccess | more
deny from 84.xxx.xxx.56
deny from 88.xxx.xxx.xx
deny from 82.xxx.xxx.xx
deny from 69.xxx.xxx.xx
deny from 24.xxx.xxx.xx
...

Above is for illustration purposes but this syntax is all you need.
# tail +11 .htaccess > remove_10Lines.txt

Remove first 100 lines
# nl -ba .htaccess | more
...
96 deny from 85.xxx.xxx.xx
97 deny from 85.xxx.xxx.xx
98 deny from 85.xxx.xxx.xx
99 deny from 83.xxx.xxx.xx
100 deny from 81.xxx.xxx.70
101 deny from 81.xxx.xxx.29
102 deny from 81.xxx.xxx.xx
103 deny from 77.xxx.xxx.xx
...

# tail +101 .htaccess | more
deny from 81.xxx.xxx.29
deny from 81.xxx.xxx.xx
deny from 77.xxx.xxx.xx
...

Above is for illustration purposes but this syntax is all you need.
# tail +101 .htaccess > remove_100Lines.txt

Remove first 1000 lines
# nl -ba .htaccess | grep 1000 | more
1000 deny from 88.xxx.xxx.114

# nl -ba .htaccess | more
...
996 deny from 88.xxx.xxx.xxx
997 deny from 88.xxx.xxx.xxx
998 deny from 88.xxx.xxx.xxx
999 deny from 88.xxx.xxx.xxx
1000 deny from 88.xxx.xxx.114
1001 deny from 88.xxx.xxx.59
1002 deny from 88.xxx.xxx.xxx
1003 deny from 88.xxx.xxx.xxx
...

# tail +1001 .htaccess | more
deny from 88.xxx.xxx.59
deny from 88.xxx.xxx.xxx
deny from 88.xxx.xxx.xxx
...

Above is for illustration purposes but this syntax is all you need.
# tail +1001 .htaccess > remove_1000Lines.txt

Tuesday, November 06, 2007

Add User Information with .project and .plan files

The .plan file was intended to advise users, who can use the finger command, where someone was located or planning to do in the near-term. It's a user created free form file, so you can pretty much add what you want -- maybe signature type (phone number, address, website, blog, interests, etc) information. In this example, I'm listing phone numbers for after hours support followed by a quote.

Note: The fingerd daemon may be disabled at your site per security policies.

The finger command will read the first line of the .project file.
# vi .project
AFTER HOURS SUPPORT
:wq!

Just add your free form information in the .plan file
# vi .plan
For after hours support, call xxx-xxxx.
-----
"If you get the dirty end of the stick, sharpen it and turn it into a useful tool" -- Colin Powell

(¯`•.¸¸.»»» My SysAd Blog «««.¸¸.•´¯)
:wq!

# finger -l esoft
Login name: esoft
Directory: /export/home/esoft Shell: /bin/csh
Last login Wed Oct 31 23:57 on pts/3 from wkstn2
No unread mail
Project: AFTER HOURS SUPPORT
Plan:
For after hours support, call xxx-xxxx or cell 010-xxx-xxxx
-----
"If you get the dirty end of the stick, sharpen it and turn it into a useful tool" -- Colin Powell

(¯`•.¸¸.»»» My SysAd Blog «««.¸¸.•´¯)

Thursday, November 01, 2007

Are Blogspot blogs being blocked in South Korea?

A number of folks living in South Korea are complaining their *.blogspot blogs are inaccessible. I'm one of them.

I can access the blogger.com homepage and obviously my control panel, but I can't view the blog unless I go proxy.

I did a trace route a few times and it does appear to be stopping in Asia.

C:\Documents and Settings\esoft>tracert esofthub.blogspot.com

Tracing route to blogspot.l.google.com
over a maximum of 30 hops:
It was dying after 7 hops...

TraceRoute to 59.18.xx.xx

Blogger Help Group

Update @1903 KST Nov 2: After several hours of dialog with Korean Telecoms customer service and their technicians, I'm finally able to access *.blogspot URLs.
I spoked to one of their English speaking representatives and he said the issue was being worked.