en basit isler icin kafa kalmiyor
nedir nasil diye
iyiki shukko.com var
utanmadan bunu bile yaziyorum.
——–
olay: debian 5 yedek sistemine ntfs formatli 1 TB usb diskimi takmam lazim

cozum:
1- diski taktiktan sonra dmesg diyip yeni disin nerede oldugunu bul


[ 1504.632862] usb 2-3: new high speed USB device using ehci_hcd and address 2
[ 1504.765986] usb 2-3: configuration #1 chosen from 1 choice
[ 1504.766700] usb 2-3: New USB device found, idVendor=1058, idProduct=1003
[ 1504.766703] usb 2-3: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1504.766706] usb 2-3: Product: External HDD
[ 1504.766708] usb 2-3: Manufacturer: Western Digital
[ 1504.766710] usb 2-3: SerialNumber: 57442D574341553434313536343634
[ 1504.884993] Initializing USB Mass Storage driver...
[ 1504.886073] scsi4 : SCSI emulation for USB Mass Storage devices
[ 1504.886170] usbcore: registered new interface driver usb-storage
[ 1504.886174] USB Mass Storage support registered.
[ 1504.888348] usb-storage: device found at 2
[ 1504.888352] usb-storage: waiting for device to settle before scanning
[ 1509.888205] usb-storage: device scan complete
[ 1509.890431] scsi 4:0:0:0: Direct-Access WD 10EAVS External 1.75 PQ: 0 ANSI: 4
[ 1509.894437] sd 4:0:0:0: [sde] 1953525168 512-byte hardware sectors (1000205 MB)
[ 1509.897298] sd 4:0:0:0: [sde] Write Protect is off
[ 1509.897301] sd 4:0:0:0: [sde] Mode Sense: 23 00 00 00
[ 1509.897304] sd 4:0:0:0: [sde] Assuming drive cache: write through
[ 1509.901424] sd 4:0:0:0: [sde] 1953525168 512-byte hardware sectors (1000205 MB)
[ 1509.904304] sd 4:0:0:0: [sde] Write Protect is off
[ 1509.904308] sd 4:0:0:0: [sde] Mode Sense: 23 00 00 00
[ 1509.904311] sd 4:0:0:0: [sde] Assuming drive cache: write through
[ 1509.904354] sde: sde1
[ 1509.914939] sd 4:0:0:0: [sde] Attached SCSI disk
[ 1863.015542] FAT: bogus number of reserved sectors
[ 1863.015563] VFS: Can't find a valid FAT filesystem on dev sde1.
[ 1869.948234] FAT: invalid media value (0xb9)
[ 1869.948234] VFS: Can't find a valid FAT filesystem on dev sde.
[ 1960.708501] fuse init (API version 7.9)


Disk /dev/sde: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0xe8900690

Device Boot Start End Blocks Id System
/dev/sde1 1 121601 976760001 7 HPFS/NTFS


2- diskin sde oldugunu ogrendik debian icin ntfs okuyup yazmak icin paketlerimizi kuralim

apt-get install libfuse2
apt-get install ntfs-3g

3- diskimizi mount edelim

mkdir /usbdisk
mount –t ntfs-3g /dev/sde1 /usbdisk

oldu bitti masallah

When dealing with mem-leaks in my mod_perl-apps I ran into a curious apache-problem. After a while apache could not be started but failed with strange errors like: [emerg] (28)No space left on device: Couldn’t create accept lock or [crit] (28)No space left on device: mod_rewrite: could not create rewrite_log_lock Configuration Failed or [Wed Dec 07 00:00:09 2005] [error] (28)No space left on device: Cannot create SSLMutex There was definitely enough space on the device where the locks are stored (default /usr/local/apache2/logs/). I tried to explicetely different Lockfiles using the LockFile-directive but this did not help. I also tried a non-default AcceptMutex (flock) which then solved the acceptlock-issue and ended in the rewrite_log_lock-issue. Only reboot of the system helped out of my crisis.

Solution: There were myriads of semaphore-arrays left, owned by my apache-user.

## ipcs -s | grep apache

Removing this semaphores immediately solved the problem.


ipcs -s | grep apache | perl -e 'while () { @a=split(/\s+/); print `ipcrm sem $a[1]`}'

directadmin kurulu sunucuda. daha once default spamassassin kurulumu yapilmis. yukselticez.. su sekilde:

perl -MCPAN -e 'install Archive::Tar'
perl -MCPAN -e 'install IO::Zlib'
perl -MCPAN -e 'install Digest::SHA'
perl -MCPAN -e 'install Mail::SPF'
perl -MCPAN -e 'install Mail::DKIM'
cd /usr/local/directadmin/scripts
wget -O /usr/local/directadmin/scripts/packages/Mail-SpamAssassin-3.3.0.tar.gz http://www.ecoficial.com/apachemirror/spamassassin/source/Mail-SpamAssassin-3.3.0.tar.gz
perl -pi -e 's/3.2.5/3.3.0/' spam.sh
perl -pi -e 's/getFile $FILE;/#getFile $FILE;/' spam.sh
./spam.sh

not: toptan kopy paste yapma. satirlari tek tek yapistir. aksi takdirde sicma egilimi gosteriyor 😀

ISLEM BITINCE

sa-update komutunu calistir !!! calistirmazsan baslamiyor yeni spamassassin

NOT: centos 5.4 64 bit de sa-update can’t find LWP vs hata verirse:

yum install perl-libwww-perl

sonra sa-update

ty ty..

Abstract

The following is a Quick n’ Dirty method at implementing a very simple firewall. This HOWTO is a general compilation of suggested tips for a firewall.

Let’s Get Dirty

Locate IPTables

Depending on your VPS, first locate iptables:

[root@vps /]# which iptables

Create IP Based Accept/Deny

Create a whitelist (IP passes through firewall) or blacklist (packets from IP always dropped) if you wish:

[root@vps /]# vi /usr/local/etc/whitelist.txt

And/Or…

[root@vps /]# vi /usr/local/etc/blacklist.txt

In each file, add each IP per line, for instance:

4.2.2.2
66.35.15.20

firewall.sh Script

Then put the following in /etc/init.d/firewall.sh, and edit to fit your needs:

#!/bin/sh
#
## Quick n Dirty Firewall
#
## List Locations
#

WHITELIST=/usr/local/etc/whitelist.txt
BLACKLIST=/usr/local/etc/blacklist.txt

#
## Specify ports you wish to use.
#

ALLOWED="22 25 53 80 443 465 587 993"

#
## Specify where IP Tables is located
#

IPTABLES=/sbin/iptables

#
## Clear current rules
#

$IPTABLES -F
echo 'Clearing Tables F'
$IPTABLES -X
echo 'Clearing Tables X'
$IPTABLES -Z
echo 'Clearing Tables Z'

echo 'Allowing Localhost'
#Allow localhost.
$IPTABLES -A INPUT -t filter -s 127.0.0.1 -j ACCEPT

#
## Whitelist
#

for x in `grep -v ^# $WHITELIST | awk '{print $1}'`; do
        echo "Permitting $x..."
        $IPTABLES -A INPUT -t filter -s $x -j ACCEPT
done

#
## Blacklist
#

for x in `grep -v ^# $BLACKLIST | awk '{print $1}'`; do
        echo "Denying $x..."
        $IPTABLES -A INPUT -t filter -s $x -j DROP
done

#
## Permitted Ports
#

for port in $ALLOWED; do
        echo "Accepting port TCP $port..."
        $IPTABLES -A INPUT -t filter -p tcp --dport $port -j ACCEPT
done

for port in $ALLOWED; do
        echo "Accepting port UDP $port..."
        $IPTABLES -A INPUT -t filter -p udp --dport $port -j ACCEPT
done

$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
$IPTABLES -A INPUT -p udp -j DROP
$IPTABLES -A INPUT -p tcp --syn -j DROP

Start Firewall

[root@vps /]# chmod 700 /etc/init.d/firewall.sh
[root@vps /]# /etc/init.d/firewall.sh

olay: acil olarak server , lokasyon ve ip degistirmek gerekti.

durum: eski serverda calisan pek cok domain, web , mail var – aktarim kolay – ancak kisa surede yeni serverda yeni ipde devam etmek istiyoruz

normal prosedur : eski serverdaki servisleri durdur. Yedek al – Yedekleri yeni servera aktar – yukle – calistigindan emin olunca nameserver iplerini degistir yeni server ipleri ile – bekle – 24 saat icinde hersey yoluna girer

sorun: vakit dar – tum islemin 2 3 saat icinde olmasi gerek – ancak yedekleme tek basina 10 saat suruyor –

10 saat yedekle – yedekleri aktar – 50GB 🙂 – yukle – calistir et – 12 saat oldu . bizim 2 – 3 saatimiz var

dnsler degisti ancak guncellenene kadar hersey eski iplerde resolve ediyor. basa bela durumu…

cozum: rinetd !

rinetd redirects TCP connections from one IP address and port to another, with basic IP-based access control.rinetd is a single-process server which handles any number of connections to the address/port pairs specified in the file /etc/rinetd.conf. Since rinetd runs as a single process using nonblocking I/O, it is able to redirect a large number of connections without a severe impact on the machine. This makes it practical to run services on machines inside an IP masquerading firewall.

install rinetd in ubuntu

apt-get install rinetd

install rinetd in centos

http://www.boutell.com/rinetd/

wget http://www.boutell.com/rinetd/http/rinetd.tar.gz

tar zxvf rinetd.tar.gz , cd rinetd  , make install

config dosyasi yapisi cok kolay

nano /etc/rinetd.conf


#
# forwarding rules come here
#
# you may specify allow and deny rules after a specific forwarding rule
# to apply to only that forwarding rule
#
# bindadress bindport connectaddress connectport

# logging information
logfile /var/log/rinetd.log

# uncomment the following line if you want web-server style logfile format
# logcommon

rinetd example
Assume that you have a machine with the IP address 192.168.2.1 which has been running Apache, and that you’d like to move that to the IP address 192.168.2.3

You’ve already updated DNS to point visitors to the new IP address, but you want to ensure that people connecting to the old IP still continue to receive service.

To handle this example you should update the /etc/rinetd.conf file to read:

# bindadress bindport connectaddress connectport
192.168.2.1 80 192.168.2.3 80
192.168.2.1 443 192.168.2.3 443

Once you restart rinetd all incoming connections on port 80 and 443 will be seamlessly redirected from the old IP to the new one – although you will need to restart rinetd after making the change to your configuration file.

sonre restart et inetd yi oldu bitti..

sitesi burada

http://www.boutell.com/rinetd/

yeni bir seedbox kurmam gerekiyordu. Dokumanlari okudum vs vs hic birisi isime gelmedi. Bende kendi yolum ile kurdum seedboxumu.

Ubuntu 9.10 server karmic +Xfce4 + vnc + utorrent.

Basitce soyle yaptim:

1- Box config:

e7500 core2duo cpu + 2gb ram + 2x500gb sata II HDD

Ubuntu karmic server kurulur. /boot icin 200 mb ayrilir, swap icin 4Gb ayrilir kalan disk alani / altina software raid1 yapilir. 864Gb NET kullanilabilir hizli disk alanina kavusulur.

2- ubuntu da gerekenler kurulur.

apt-get install tightvncserver wine xterm fluxbox vsftpd firefox vnstat xfce4-goodies xfce4 htop mc flashplugin-nonfree

baska bisi kaldiysa sonra kurarim lazim diil 🙂 – vnstat – munin vs vs ..

3- bi tane user acalim

useradd -m shukko

4- user olarak login edelim ( su – shukko ) vncserver icin islemleri yapalim

$ mkdir .vnc

$ nano .vnc/xstartup

icine sunu yaz : startxfce4             – kaydet cik

5- vncserveri baslat

$vncserver :1

6- uzaktan baglan vncclient ile oldu bitti masallah 🙂

ahada screenshot 🙂

Not: utorrent icin guzel ayarlar var

onlarida yazim sirayla buraya

– Use Speed Guide and set your connection to “xx/100Mbps” or “xx/10Mbps” depending on what you have
– Choose any port above 45,000
– Enable Encryption
– Disable DHT, Local Peer Discovery, Peer Exchange
– No randomize ports, disable UPnP port mapping & NAT-PMP port mapping
– Enable WebUI Interface, insert WebUI’s un & pw
– In Advanced Options, set gui.delete_to_trash to FALSE
– Un-check Minimize to tray & Close to tray

160gb onemli kullanici datasi iceren bir /home dizinini yeni bir diske kopyalamam gerekti.

ilk komut su idi:

$cp -Rp /home/* /home2/

yani

cp -R – dizinleri recursive olarak kopyala-  p – same as –preserve=mode,ownership,timestamps

———-

/home altina o an icin okuma yazma islemleri devam ettiginden ve disklerde oldukca yavas oldugundan 7 8 saat sonra islem tamamlaninca 7 8 saat icinde /home altina yazilan yeni verileri cabucacik yeni yerine kopyalamaliydim.

bunun icin su komutu kullandim

$cp -Rpuv  — yani

R= recursive , p=preserve u=update v=verbose

iste tam bu noktada bir sorun cikti 🙂

sorun su ki bu komut ile update edilmesi gereken her dosya icin benden onay bekliyordu. yani sanki ben girmedigim halde cp komutu -i –interactive switchini almis gibi davraniyordu.

ufak bir arastirma redhat tabanli sistemlerde konsoldan direk yazilan cp nin aslinda cp olmadigini ve cp -i nin aliasi oldugu meydana cikardi.

bu sorunu 2 sekilde cozebilirdim – ya unalias cp -i gibi birsey yazacaktim yada cp yi direk /bin/cp diye calistiracaktim.

sonuc olarak bu komut isimi gordu…

$/bin/cp -Rpuv /home/* /home2/

2 adet link verelim:

1- http://howtoforge.com/how-to-convert-physical-systems-and-xen-vms-into-openvz-containers-debian-etch

2- http://www.montanalinux.org/physical-to-virtual.html

2nin iceriginide basalim..

OpenVZ and KVM are Linux based virtualization programs, both are part of the Proxmox VE distribution. The goal of this article is to provide some knowledge on moving physical machines to virtual containers (OpenVZ) or fully virtualized machines (KVM). This article is not specific to Proxmox VE and the principles outlined and scripts provided should work on “stock” KVM or OpenVZ machines with a few minor changes to path settings.

Physical Microsoft Windows Machine to KVM

First we will look at the process of moving a physical box to a KVM virtual machine. I am going to focus on moving a Windows 2003 Server machine. The reason for focusing on Windows is because it does not make much sense to run a Linux server in KVM given the advantages that OpenVZ provides.

The first thing that needs to happen is you need to prepare the physical machine that you are moving. This involves making notes of what hardware is currently being used paying special attention to the hard drive driver. If you are using a SCSI driver or SATA driver your virtual machine may not boot as KVM uses an IDE virtual disk. There is a fix for this outlined in a Microsoft knowledge base article Q314082 (Link).

Next you will need to have access to a couple of tools which are free but not open source. The first tool you need is VMware Converter. Download VMware Convert to the physical box that you are converting and run it. It will guide you step by step on creating an image. The only thing that is required for this tool is a place to put the resulting image. You can use network storage or a USB flash drive, anything but the disk of the machine being converted.

Once the image is made you need to convert the image to a single growable file. To do this I used the vwmare-vdiskmanager.exe program that comes as part of the free VMware Server program. The syntax for this program is easy:

vmware-vdiskmanager -r win2003.vmdk -t 0 win2003-pve.vmdk

I then used WinSCP to copy the resulting file to my Proxmox VE machine. To use it in Proxmox VE you need to copy it to /var/lib/vz/images. You then need to preform one more conversion of the image to make it usable on Proxmox VE. You need to convert the file to qcow2 format:

qemu-img convert -f vmdk win2003-pve.vmdk -O qcow2 win2003-pve.qcow2

I then used Proxmox VE to create a blank KVM virtual machine as a template. Edit the configuration file and replace the line that starts with hda: to point to the new qcow2 file that you created. For example:

hda: /var/lib/vz/images/win2003-pve.qcow2

You are now able to start the KVM virtual machine. You may want to install paravirtualized Network Drivers for increased performance of the network. This same basic procedure will work with Windows XP and Windows Server 2008.

Physical Linux Machine to OpenVZ Container

The scripts that are shown are very much a work-in-progress and if you have suggestions on improving them please leave a comment with improvements. This is not quite as straight forward as the KVM machine migration, I will do my best to guide you.

First the script:

#!/bin/sh
#
# Bash Script used to move a physical host to a virtual on
# This script must be run as root from host node that the container
# will be on.
#
# Version 2.0
# 6/10/2008 Andrew Niemantsverdriet
#

echo -n "Enter the host to move: "
read host

echo -n "Enter the OpenVZ container ID: "
read ctid
echo

echo "Rsyncing $host to CTID: $ctid"

rsync -arvpz --numeric-ids --exclude-from '/root/.excludes' $host:/ /var/lib/vz/private/$ctid/

#Clean Ups
echo "Cleaning Up..."
sed -i -e '/getty/d' /var/lib/vz/private/$ctid/etc/inittab

rm -f /var/lib/vz/private/$ctid/etc/mtab
ln -s /proc/mounts /var/lib/vz/private/$ctid/etc/mtab

cp /var/lib/vz/private/$ctid/etc/fstab /var/lib/vz/private/$ctid/etc/fstab.old
grep devpts /var/lib/vz/private/$ctid/etc/fstab.old > /var/lib/vz/private/$ctid/etc/fstab

echo -n "Do you want to start CTID: $ctid now? (y/n): "
read ok

if [ "$ok" = "n" ]; then
  echo
  echo "Process Complete"
  exit 1
else
  vzctl start $ctid
  echo "You can now enter container and disable un-needed services"
fi

And the .exclude file place in /root/.excludes:

.bash_history
/boot
/dev/*
/mnt/*
/tmp/*
/proc/*
/sys/*
/usr/src/*
/etc/sysconfig/network-scripts/ifcfg-eth*

Running the script is pretty straight forward. First it asks for the host name to migrate and next it asks for the container to put it in. This should be an already created container, and it should not be running. Next the script uses rsync to grab the data from the physical box. It ignores files listed in the .exclude file. The script then goes and does some basic cleanups to enable the container to boot and to remove parts that OpenVZ does not use. Lastly the script asks if you want to start the container.

Once you get the container running there are few manual cleanups left to do. The biggest is to disable udev, which is very distribution specific. In CentOS 5 you edit the /etc/rc.sysinit file and comment out the line that looks like this: /sbin/start_udev

Lastly you need to turn off un-needed services in CentOS 5. These are things like acpid, kudzu, lm-sensors, microcode_ctl and netpluged.

In Closing

Hopefully I have provided enough information for you to successfully migrate a physical box to a virtual one. If you have questions please leave them in the comment section and I will do my best to help you out.

Need to monitor Linux server performance? Try these built-in command and a few add-on tools. Most Linux distributions are equipped with tons of monitoring. These tools provide metrics which can be used to get information about system activities. You can use these tools to find the possible causes of a performance problem. The commands discussed below are some of the most basic commands when it comes to system analysis and debugging server issues such as:

  1. Finding out bottlenecks.
  2. Disk (storage) bottlenecks.
  3. CPU and memory bottlenecks.
  4. Network bottlenecks.

#1: top – Process Activity Command

The top program provides a dynamic real-time view of a running system i.e. actual process activity. By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds.

Fig.01: Linux top commandFig.01: Linux top command

Commonly Used Hot Keys

The top command provides several useful hot keys:

Hot Key Usage
t Displays summary information off and on.
m Displays memory information off and on.
A Sorts the display by top consumers of various system resources. Useful for quick identification of performance-hungry tasks on a system.
f Enters an interactive configuration screen for top. Helpful for setting up top for a specific task.
o Enables you to interactively select the ordering within top.
r Issues renice command.
k Issues kill command.
z Turn on or off color/mono

=> Related: How do I Find Out Linux CPU Utilization?

#2: vmstat – System Activity, Hardware and System Information

The command vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.
# vmstat 3
Sample Outputs:

procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
 0  0      0 2540988 522188 5130400    0    0     2    32    4    2  4  1 96  0  0
 1  0      0 2540988 522188 5130400    0    0     0   720 1199  665  1  0 99  0  0
 0  0      0 2540956 522188 5130400    0    0     0     0 1151 1569  4  1 95  0  0
 0  0      0 2540956 522188 5130500    0    0     0     6 1117  439  1  0 99  0  0
 0  0      0 2540940 522188 5130512    0    0     0   536 1189  932  1  0 98  0  0
 0  0      0 2538444 522188 5130588    0    0     0     0 1187 1417  4  1 96  0  0
 0  0      0 2490060 522188 5130640    0    0     0    18 1253 1123  5  1 94  0  0

Display Memory Utilization Slabinfo

# vmstat -m

Get Information About Active / Inactive Memory Pages

# vmstat -a
=> Related: How do I find out Linux Resource utilization to detect system bottlenecks?

#3: w – Find Out Who Is Logged on And What They Are Doing

w command displays information about the users currently on the machine, and their processes.
# w username
# w vivek

Sample Outputs:

 17:58:47 up 5 days, 20:28,  2 users,  load average: 0.36, 0.26, 0.24
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    10.1.3.145       14:55    5.00s  0.04s  0.02s vim /etc/resolv.conf
root     pts/1    10.1.3.145       17:43    0.00s  0.03s  0.00s w

#4: uptime – Tell How Long The System Has Been Running

The uptime command can be used to see how long the server has been running. The current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.
# uptime
Output:

 18:02:41 up 41 days, 23:42,  1 user,  load average: 0.00, 0.00, 0.00

1 can be considered as optimal load value. The load can change from system to system. For a single CPU system 1 – 3 and SMP systems 6-10 load value might be acceptable.

#5: ps – Displays The Processes

ps command will report a snapshot of the current processes. To select all processes use the -A or -e option:
# ps -A
Sample Outputs:

  PID TTY          TIME CMD
    1 ?        00:00:02 init
    2 ?        00:00:02 migration/0
    3 ?        00:00:01 ksoftirqd/0
    4 ?        00:00:00 watchdog/0
    5 ?        00:00:00 migration/1
    6 ?        00:00:15 ksoftirqd/1
....
.....
 4881 ?        00:53:28 java
 4885 tty1     00:00:00 mingetty
 4886 tty2     00:00:00 mingetty
 4887 tty3     00:00:00 mingetty
 4888 tty4     00:00:00 mingetty
 4891 tty5     00:00:00 mingetty
 4892 tty6     00:00:00 mingetty
 4893 ttyS1    00:00:00 agetty
12853 ?        00:00:00 cifsoplockd
12854 ?        00:00:00 cifsdnotifyd
14231 ?        00:10:34 lighttpd
14232 ?        00:00:00 php-cgi
54981 pts/0    00:00:00 vim
55465 ?        00:00:00 php-cgi
55546 ?        00:00:00 bind9-snmp-stat
55704 pts/1    00:00:00 ps

ps is just like top but provides more information.

Show Long Format Output

# ps -Al
To turn on extra full mode (it will show command line arguments passed to process):
# ps -AlF

To See Threads ( LWP and NLWP)

# ps -AlFH

To See Threads After Processes

# ps -AlLm

Print All Process On The Server

# ps ax
# ps axu

Print A Process Tree

# ps -ejH
# ps axjf
# pstree

Print Security Information

# ps -eo euser,ruser,suser,fuser,f,comm,label
# ps axZ
# ps -eM

See Every Process Running As User Vivek

# ps -U vivek -u vivek u

Set Output In a User-Defined Format

# ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
# ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
# ps -eopid,tt,user,fname,tmout,f,wchan

Display Only The Process IDs of Lighttpd

# ps -C lighttpd -o pid=
OR
# pgrep lighttpd
OR
# pgrep -u vivek php-cgi

Display The Name of PID 55977

# ps -p 55977 -o comm=

Find Out The Top 10 Memory Consuming Process

# ps -auxf | sort -nr -k 4 | head -10

Find Out top 10 CPU Consuming Process

# ps -auxf | sort -nr -k 3 | head -10

#6: free – Memory Usage

The command free displays the total amount of free and used physical and swap memory in the system, as well as the buffers used by the kernel.
# free
Sample Output:

            total       used       free     shared    buffers     cached
Mem:      12302896    9739664    2563232          0     523124    5154740
-/+ buffers/cache:    4061800    8241096
Swap:      1052248          0    1052248

=> Related: :

  1. Linux Find Out Virtual Memory PAGESIZE
  2. Linux Limit CPU Usage Per Process
  3. How much RAM does my Ubuntu / Fedora Linux desktop PC have?

#7: iostat – Average CPU Load, Disk Activity

The command iostat report Central Processing Unit (CPU) statistics and input/output statistics for devices, partitions and network filesystems (NFS).
# iostat
Sample Outputs:

Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 	06/26/2009

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           3.50    0.09    0.51    0.03    0.00   95.86

Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn
sda              22.04        31.88       512.03   16193351  260102868
sda1              0.00         0.00         0.00       2166        180
sda2             22.04        31.87       512.03   16189010  260102688
sda3              0.00         0.00         0.00       1615          0

=> Related: : Linux Track NFS Directory / Disk I/O Stats

#8: sar – Collect and Report System Activity

The sar command is used to collect, report, and save system activity information. To see network counter, enter:
# sar -n DEV | more
To display the network counters from the 24th:
# sar -n DEV -f /var/log/sa/sa24 | more
You can also display real time usage using sar:
# sar 4 5
Sample Outputs:

Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in) 		06/26/2009

06:45:12 PM       CPU     %user     %nice   %system   %iowait    %steal     %idle
06:45:16 PM       all      2.00      0.00      0.22      0.00      0.00     97.78
06:45:20 PM       all      2.07      0.00      0.38      0.03      0.00     97.52
06:45:24 PM       all      0.94      0.00      0.28      0.00      0.00     98.78
06:45:28 PM       all      1.56      0.00      0.22      0.00      0.00     98.22
06:45:32 PM       all      3.53      0.00      0.25      0.03      0.00     96.19
Average:          all      2.02      0.00      0.27      0.01      0.00     97.70

=> Related: : How to collect Linux system utilization data into a file

#9: mpstat – Multiprocessor Usage

The mpstat command displays activities for each available processor, processor 0 being the first one. mpstat -P ALL to display average CPU utilization per processor:
# mpstat -P ALL
Sample Output:

Linux 2.6.18-128.1.14.el5 (www03.nixcraft.in)	 	06/26/2009

06:48:11 PM  CPU   %user   %nice    %sys %iowait    %irq   %soft  %steal   %idle    intr/s
06:48:11 PM  all    3.50    0.09    0.34    0.03    0.01    0.17    0.00   95.86   1218.04
06:48:11 PM    0    3.44    0.08    0.31    0.02    0.00    0.12    0.00   96.04   1000.31
06:48:11 PM    1    3.10    0.08    0.32    0.09    0.02    0.11    0.00   96.28     34.93
06:48:11 PM    2    4.16    0.11    0.36    0.02    0.00    0.11    0.00   95.25      0.00
06:48:11 PM    3    3.77    0.11    0.38    0.03    0.01    0.24    0.00   95.46     44.80
06:48:11 PM    4    2.96    0.07    0.29    0.04    0.02    0.10    0.00   96.52     25.91
06:48:11 PM    5    3.26    0.08    0.28    0.03    0.01    0.10    0.00   96.23     14.98
06:48:11 PM    6    4.00    0.10    0.34    0.01    0.00    0.13    0.00   95.42      3.75
06:48:11 PM    7    3.30    0.11    0.39    0.03    0.01    0.46    0.00   95.69     76.89

=> Related: : Linux display each multiple SMP CPU processors utilization individually.

#10: pmap – Process Memory Usage

The command pmap report memory map of a process. Use this command to find out causes of memory bottlenecks.
# pmap -d PID
To display process memory information for pid # 47394, enter:
# pmap -d 47394
Sample Outputs:

47394:   /usr/bin/php-cgi
Address           Kbytes Mode  Offset           Device    Mapping
0000000000400000    2584 r-x-- 0000000000000000 008:00002 php-cgi
0000000000886000     140 rw--- 0000000000286000 008:00002 php-cgi
00000000008a9000      52 rw--- 00000000008a9000 000:00000   [ anon ]
0000000000aa8000      76 rw--- 00000000002a8000 008:00002 php-cgi
000000000f678000    1980 rw--- 000000000f678000 000:00000   [ anon ]
000000314a600000     112 r-x-- 0000000000000000 008:00002 ld-2.5.so
000000314a81b000       4 r---- 000000000001b000 008:00002 ld-2.5.so
000000314a81c000       4 rw--- 000000000001c000 008:00002 ld-2.5.so
000000314aa00000    1328 r-x-- 0000000000000000 008:00002 libc-2.5.so
000000314ab4c000    2048 ----- 000000000014c000 008:00002 libc-2.5.so
.....
......
..
00002af8d48fd000       4 rw--- 0000000000006000 008:00002 xsl.so
00002af8d490c000      40 r-x-- 0000000000000000 008:00002 libnss_files-2.5.so
00002af8d4916000    2044 ----- 000000000000a000 008:00002 libnss_files-2.5.so
00002af8d4b15000       4 r---- 0000000000009000 008:00002 libnss_files-2.5.so
00002af8d4b16000       4 rw--- 000000000000a000 008:00002 libnss_files-2.5.so
00002af8d4b17000  768000 rw-s- 0000000000000000 000:00009 zero (deleted)
00007fffc95fe000      84 rw--- 00007ffffffea000 000:00000   [ stack ]
ffffffffff600000    8192 ----- 0000000000000000 000:00000   [ anon ]
mapped: 933712K    writeable/private: 4304K    shared: 768000K

The last line is very important:

  • mapped: 933712K total amount of memory mapped to files
  • writeable/private: 4304K the amount of private address space
  • shared: 768000K the amount of address space this process is sharing with others

=> Related: : Linux find the memory used by a program / process using pmap command

#11 and #12: netstat and ss – Network Statistics

The command netstat displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. ss command is used to dump socket statistics. It allows showing information similar to netstat. See the following resources about ss and netstat commands:

#13: iptraf – Real-time Network Statistics

The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:

  • Network traffic statistics by TCP connection
  • IP traffic statistics by network interface
  • Network traffic statistics by protocol
  • Network traffic statistics by TCP/UDP port and by packet size
  • Network traffic statistics by Layer2 address
Fig.02: General interface statistics: IP traffic statistics by network interface Fig.02: General interface statistics: IP traffic statistics by network interface

Fig.03 Network traffic statistics by TCP connectionFig.03 Network traffic statistics by TCP connection

#14: tcpdump – Detailed Network Traffic Analysis

The tcpdump is simple command that dump traffic on a network. However, you need good understanding of TCP/IP protocol to utilize this tool. For.e.g to display traffic info about DNS, enter:
# tcpdump -i eth1 'udp port 53'
To display all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example, SYN and FIN packets and ACK-only packets, enter:
# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
To display all FTP session to 202.54.1.5, enter:
# tcpdump -i eth1 'dst 202.54.1.5 and (port 21 or 20'
To display all HTTP session to 192.168.1.5:
# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'
Use wireshark to view detailed information about files, enter:
# tcpdump -n -i eth1 -s 0 -w output.txt src or dst port 80

#15: strace – System Calls

Trace system calls and signals. This is useful for debugging webserver and other server problems. See how to use to trace the process and see What it is doing.

#16: /Proc file system – Various Kernel Statistics

/proc file system provides detailed information about various hardware devices and other Linux kernel information. See Linux kernel /proc documentations for further details. Common /proc examples:
# cat /proc/cpuinfo
# cat /proc/meminfo
# cat /proc/zoneinfo
# cat /proc/mounts

17#: Nagios – Server And Network Monitoring

Nagios is a popular open source computer system and network monitoring application software. You can easily monitor all your hosts, network equipment and services. It can send alert when things go wrong and again when they get better. FAN is “Fully Automated Nagios”. FAN goals are to provide a Nagios installation including most tools provided by the Nagios Community. FAN provides a CDRom image in the standard ISO format, making it easy to easilly install a Nagios server. Added to this, a wide bunch of tools are including to the distribution, in order to improve the user experience around Nagios.

18#: Cacti – Web-based Monitoring Tool

Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. It can provide data about network, CPU, memory, logged in users, Apache, DNS servers and much more. See how to install and configure Cacti network graphing tool under CentOS / RHEL.

#19: KDE System Guard – Real-time Systems Reporting and Graphing

KSysguard is a network enabled task and system monitor application for KDE desktop. This tool can be run over ssh session. It provides lots of features such as a client/server architecture that enables monitoring of local and remote hosts. The graphical front end uses so-called sensors to retrieve the information it displays. A sensor can return simple values or more complex information like tables. For each type of information, one or more displays are provided. Displays are organized in worksheets that can be saved and loaded independently from each other. So, KSysguard is not only a simple task manager but also a very powerful tool to control large server farms.

Fig.05 KDE System GuardFig.05 KDE System Guard {Image credit: Wikipedia}

See the KSysguard handbook for detailed usage.

#20: Gnome System Monitor – Real-time Systems Reporting and Graphing

The System Monitor application enables you to display basic system information and monitor system processes, usage of system resources, and file systems. You can also use System Monitor to modify the behavior of your system. Although not as powerful as the KDE System Guard, it provides the basic information which may be useful for new users:

  • Displays various basic information about the computer’s hardware and software.
  • Linux Kernel version
  • GNOME version
  • Hardware
  • Installed memory
  • Processors and speeds
  • System Status
  • Currently available disk space
  • Processes
  • Memory and swap space
  • Network usage
  • File Systems
  • Lists all mounted filesystems along with basic information about each.
Fig.06 The Gnome System Monitor applicationFig.06 The Gnome System Monitor application

Bounce: Additional Tools

A few more tools:

  • nmap – scan your server for open ports.
  • lsof – list open files, network connections and much more.
  • ntop web based tool – ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
  • Conky – Another good monitoring tool for the X Window System. It is highly configurable and is able to monitor many system variables including the status of the CPU, memory, swap space, disk storage, temperatures, processes, network interfaces, battery power, system messages, e-mail inboxes etc.
  • GKrellM – It can be used to monitor the status of CPUs, main memory, hard disks, network interfaces, local and remote mailboxes, and many other things.
  • vnstat – vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s).
  • htop – htop is an enhanced version of top, the interactive process viewer, which can display the list of processes in a tree form.
  • mtr – mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.

Did I miss something? Please add your favorite system motoring tool in the comments.

Q. I don’t remember where I saved pdf and text files under Linux. I have downloaded files from internet a few months ago. How do I find my pdf files?

A. You need to use find command. Each file has three time stamps, which record the last time that certain operations were performed on the file:
[a] access (read the file’s contents) – atime

[b] change the status (modify the file or its attributes) – ctime

[c] modify (change the file’s contents) – mtime

You can search for files whose time stamps are within a certain age range, or compare them to other time stamps.

You can use -mtime option. It returns list of file if the file was last accessed N*24 hours ago. For example to find file in last 2 months (60 days) you need to use -mtime +60 option.

  • -mtime +60 means you are looking for a file modified 60 days ago.
  • -mtime -60 means less than 60 days.
  • -mtime 60 If you skip + or – it means exactly 60 days.

So to find text files that were last modified 60 days ago, use
$ find /home/you -iname "*.txt" -mtime -60 -print

Display content of file on screen that were last modified 60 days ago, use
$ find /home/you -iname "*.txt" -mtime -60 -exec cat {} \;

Count total number of files using wc command
$ find /home/you -iname "*.txt" -mtime -60 | wc -l

You can also use access time to find out pdf files. Following command will print the list of all pdf file that were accessed in last 60 days:
$ find /home/you -iname "*.pdf" -atime -60 -type -f

List all mp3s that were accessed exactly 10 days ago:
$ find /home/you -iname "*.mp3" -atime 10 -type -f

There is also an option called -daystart. It measure times from the beginning of today rather than from 24 hours ago. So, to list the all mp3s in your home directory that were accessed yesterday, type the command
$ find /home/you -iname "*.mp3" -daystart -type f -mtime 1

Where,

  • -type f – Only search for files and not directories

Read man page of find command for more information.