Random things I've discovered recently (Don't laugh)
Programs
firehol - front end to iptables for those of us who don't know iptables by heart. It uses a simple configuration file to setup servers and clients. There is some debate as to whether you need a firewall on a linode, but the safer bet is to have something. If you aren't an iptables master this might be a good solution. I tired shorewall briefly but ended up liking firehol more.
monit - as the name suggests this monitors various services on your system and can restart, stop, alert and other stuff. I found this very useful on my Linode64 to restart mysql or apache if load average was above a set level.
munin - munin creates graphs of system activity, services, io_status, and much more. It was apt-gettable, simple to setup and quite pretty. It may also be more secure than cacti (recently exploited)
screen - this little beauty is a must for console access. If your connection is broken then you can just detach the screen when you log back in and then attach right where you left off.
irssi - text irc may seem dated to some but using screen and irssi you can remain connected and track back through the history despite moving around irl.
elinks - enhanced links makes lynx look ancient. In an xterm-color it is very impressive and even has CSS support.
logcheck - looks through your logs and emails you anything dodgy. Currently sending me too much info about
Websites
tldp.net - an old one but always useful. They have palmdoc versions of HOWTOs, for when you are really bored, but no man pages for palm as far as I could find.
dnsreport.com - this was invaluable for me to get my bind9 configuration right.
Gotchas
/lib/tls - any weirdness - check for this and move out of the way if you find it.
lock out - lish is invaluable if you get blocked out for any reason. This is all explained in the member section but don't forget about it.
boot failure - if you are in deep trouble and your machine won't boot, install debian on your swap partition, boot from that and fix0r.
slowness - this is often caused by thrashing and lack of tokens. If, like me you didn't read about tokens in the wiki, then do so. Short version is that /proc/iostatus shows you how you are doing. If you are low on iotokens you are in trouble. If you have token_refill of 100 you may be a thrasher and you need to put in a ticket.
ssh-bruteforce - even if you have a firewall kiddiez will try and break in by bruteforce attack on ssh. Use mikegrb's script in these forums to lock them out with iptables. Make sure you edit the whitelist! You'll need ulogd installed for logging.
memory
mysql - this beast is a memory hog. Use caker's my.conf and add skip-innodb too to reduce memory. Don't let mysql log too much, if any, info - this can cause massive I/O and token loss.
apache - change the MaxClients, MaxSpareServers, StartServers to lower values, play around a bit. Remove modules you don't need.
remove everything - check every service you are running and see if you need it (this is obvious but do it anyway)
commands
tac - reverses a file (cat<->tac)
uniq - remove duplicate lines from a file
memstat - show breakdown of virtual memory
lsof - shows all open files
sysvconfig - simple way to control what starts on boot
console
The console is much less of a mystery if you actually read man bash
again… you probably know a lot but there are many I didn't know some highlights:
Meta-DEL - delete word
Meta-b / f - back / forward word
Ctrl-u - delete to start of line
Ctrl-a - jump to start of line
!!:gs/foo/bar/ - replace foo with bar in previous command
set -o vi - go into vi key binding mode (I love vim but this is scary)
6 Replies
I also didn't know of the "!:g" notation. Nice.
That's almost the same as
^foo^bar
(except the "g" means do it globally)
In general, history commands can specify a specific line in your history
eg
!50:s/foo/bar/
would replace "foo" with "bar" in line 50 of your history. Or
!-2:s/foo/bar/
would do it for the previous two lines.
FWIW, that style of history substitution comes from csh
tee - let you save in a file what you're watching on console. Very useful to log looooong outputs.
Usage:
command | tee newfile
command | tee -a filetobeappended
command > /somefile.txt
e.g.
ls -l > /somefile.txt
works nicely for me