Random things I've discovered recently (Don't laugh)

I've been using Linux on and off since RedHat 5.0 and along the way I've never really bothered to RTFM that often. This leaves huge gaps in your knowledge but when you find a solution to something it seems like a revelation. Thanks to people on #linode for some of these. Some random finds in no particular order:

Programs

firehol - front end to iptables for those of us who don't know iptables by heart. It uses a simple configuration file to setup servers and clients. There is some debate as to whether you need a firewall on a linode, but the safer bet is to have something. If you aren't an iptables master this might be a good solution. I tired shorewall briefly but ended up liking firehol more.

monit - as the name suggests this monitors various services on your system and can restart, stop, alert and other stuff. I found this very useful on my Linode64 to restart mysql or apache if load average was above a set level.

munin - munin creates graphs of system activity, services, io_status, and much more. It was apt-gettable, simple to setup and quite pretty. It may also be more secure than cacti (recently exploited)

screen - this little beauty is a must for console access. If your connection is broken then you can just detach the screen when you log back in and then attach right where you left off.

irssi - text irc may seem dated to some but using screen and irssi you can remain connected and track back through the history despite moving around irl.

elinks - enhanced links makes lynx look ancient. In an xterm-color it is very impressive and even has CSS support.

logcheck - looks through your logs and emails you anything dodgy. Currently sending me too much info about

Websites

tldp.net - an old one but always useful. They have palmdoc versions of HOWTOs, for when you are really bored, but no man pages for palm as far as I could find.

dnsreport.com - this was invaluable for me to get my bind9 configuration right.

http://workaround.org/articles/ispmail-sarge/ - a good guide to setting up mail on your box

Gotchas

/lib/tls - any weirdness - check for this and move out of the way if you find it.

lock out - lish is invaluable if you get blocked out for any reason. This is all explained in the member section but don't forget about it.

boot failure - if you are in deep trouble and your machine won't boot, install debian on your swap partition, boot from that and fix0r.

slowness - this is often caused by thrashing and lack of tokens. If, like me you didn't read about tokens in the wiki, then do so. Short version is that /proc/iostatus shows you how you are doing. If you are low on iotokens you are in trouble. If you have token_refill of 100 you may be a thrasher and you need to put in a ticket.

ssh-bruteforce - even if you have a firewall kiddiez will try and break in by bruteforce attack on ssh. Use mikegrb's script in these forums to lock them out with iptables. Make sure you edit the whitelist! You'll need ulogd installed for logging.

memory

mysql - this beast is a memory hog. Use caker's my.conf and add skip-innodb too to reduce memory. Don't let mysql log too much, if any, info - this can cause massive I/O and token loss.

apache - change the MaxClients, MaxSpareServers, StartServers to lower values, play around a bit. Remove modules you don't need.

remove everything - check every service you are running and see if you need it (this is obvious but do it anyway)

commands

tac - reverses a file (cat<->tac)

uniq - remove duplicate lines from a file

memstat - show breakdown of virtual memory

lsof - shows all open files

sysvconfig - simple way to control what starts on boot

console

The console is much less of a mystery if you actually read man bash again… you probably know a lot but there are many I didn't know some highlights:

Meta-DEL - delete word

Meta-b / f - back / forward word

Ctrl-u - delete to start of line

Ctrl-a - jump to start of line

!!:gs/foo/bar/ - replace foo with bar in previous command

set -o vi - go into vi key binding mode (I love vim but this is scary)