How To Create A Daemon In Linux?

0 comments

Recently we struck up with a problem. The problem is to run a script continuously in background and continuously check for a folder content changes. If any modifications are done in that folder, the script once again should start one more script. We thought of doing this by using crontab. But the problem with crontab is we have to wait at least one minute to run our script. One minute is too long for my requirement. We require a solution which runs continuously in background at every micro second, it should be similar to a normal Linux daemon such as httpd, ssh, ftp etc. I have searched in Google for creating daemons in Linux. But most of the people suggested to write a daemon in C language, which is alien to me(I have learnt C language some 9 years back but now totally forgot it :( ). Here is one such link which will describe you how to create a daemon in Linux using C programming.

http://www.netzmafia.de/skripten/unix/linux-daemon-howto.html. 

I went through many documentations and other stuff but come to a conclusion to go with Shell script. Which will work same as daemon. Here is the code for the daemon which we accomplish using while loop

while true;
do
if [ -f /testing/*.txt ]
then
echo "file created"
mv /testing/*.txt /tst/
fi
done

This while loop continuously runs because we give condition as true for this while loop and then written a if statement what to do. Once you create above script there are other points to mention, such as below once to make above script as a daemon..



So how to run the above script?
Ans : Use nohup when running the script. For those people who don't know nohup command here is the explnation. 
nohup is a command to run a program thought you logout from the machine. For example here is my script with nohup. 

nohup sh daemon.sh 

But some times this will not work. At that time run this script from crontab once and then remove the entry from crontab. 


So how to make this permanent?
Ans : Its simple. keep your script in /etc/init.d with execute permissions

cp /path/to/script/daemon.sh /etc/init.d/
chmod +x /etc/init.d/daemon.sh

Then create a link file to this script to the corresponding run-level. This is required at the time of booting.


ln -s /etc/init.d/daemon.sh /etc/rc.d/rc3.d/S43daemon.sh
ln -s /etc/init.d/daemon.sh /etc/rc.d/rc3.d/K43daemon.sh



What are those above two command will do?
Ans : The S43 will tell the system to start the script as 43 script when it boots up. 
The K43 will tell the system to shutdown cleanly when you do a shut down. 


Please share your thoughts if you have better idea to do it:-)

  • Like the post? Please Subscribe to free RSS feed to get updates
  • How to: Linux Group Disk Quota Implementation

    0 comments

    Click here If you are looking for implementing user disk quota implementation in linux. Here in this post we are now going to discus how to implement Linux Group quota for a project?
    Many people will ask why we require group quota if we have user quota?

    I will explain this with an example. In companies people will be working on projects/groups where they want to share their data on a common location and accessed by any user for that group. Its some thing like group store where they will be dumping data on a single location. So its very much easy to restrict per group basis on this group store, so we can set some limit on all the users in that group on how much they can upload to that folder. We will take one example to accomplish this group quota.

    group name : project1.
    group members : user1, user2, user3.
    group dump folder/common folder to the above mention users : /home/project1 (/dev/hda2).
    group disk quota limit : 100MB soft/110MB hard limit

    Now we have all the ingredients to prepare spicy food :)

    Implementing Group disk quota on Linux

    Step1 :
    Create a group
    #groupadd project1

    Step2 : Create all the require users with their home directory /home/project1 and group as
    project1
    #useradd -c "Testing group quota implementation" -m -d /home/project1 -g project1 user1
    #useradd -c "Testing group quota implementation" -m -d /home/project1 -g project1 user2
    #useradd -c "Testing group quota implementation" -m -d /home/project1 -g project1 user3

    Step3 : Select/prepare the partition for quota here my partition is /dev/hda2 so edit /etc/fstab file for with the required entries.

    vi /etc/fstab /dev/hda2 /home ext3 defaults,usrquota,grpquota 0 0
    save and exit the file

    Step4 : Now remount the partition with rw permissions
    #mount -o remount,rw /home

    Step5 :
    Now create group quota database
    #quotacheck -cug /home
    check for user/group database is created or not when you give ls /home you can see

    aquota. user, aquota.group files in /home directory,which contains user and group databases.

    Step6 : Once the above command executed successfully, check quota is implemented or not.
    #repquota -a

    Step7 :
    Now set quota for the group project1, this can be done using edquota or setquota. Most of the people know edquota command usage when executed it will open a temporary quota file where we have to mention your desired values. But in this I am going to show you another way to set group quota.
    #setquota -g project1 100 110 0 0 /dev/sda2

    Explanation of above command.
    -g specifies we are going to edit group quota.
    The group name is project1
    We are setting setting soft(100kb) and hard limit(110kb) on blocks
    We disabled setting soft(0) and hard(0) limit on inodes
    Last we specified on what partition we are going to set this quota(/dev/sda2)

    Step8 : Don't think its completed. This is the most and main important point you have remember when implementing group quota. We have to set permission to /home/project1 with SGID so that all the members in the group can able to upload data to /home/project1 with out any issue.
    #chmod 2770 /home/project1

    Now all the group members of project1 can upload total of 100kb not more than that. For example user1 uploaded 75kb so members of project1 can only upload 25kb more.

  • Like the post? Please Subscribe to free RSS feed to get updates
  • How To : Auto Logout

    0 comments

    What is this auto logout?
    Ans : Auto logout is a concept to force user to logout from the remote server. If the open session to remote server is idle for a given time.


    So why actually we require auto logout?
    Ans : As a security measure, This is good practice to set this, because its not a good idea/practice to keep open terminal idle.


    How to accomplish this?
    Ans : This can be achieved by two ways.

    1. Open /etc/profile and append TMOUT variable. See my below example

    Export TMOUT=600 # 10 minutes in seconds
    typeset -r TMOUT
    This will set time-out to 600 sec(ie 10mins) and I have given typeset -r which read-only and will not allow users to change this. Save the file and exit.



    2. By creating /etc/profile.d/sessiontimout.sh file then keeping above mention entries in it.
    Export TMOUT=600 # 10 minutes in seconds
    typeset -r TMOUT
    Now save and exit the file

    As this is a script we have to change the permissions too.
    #chmod +x /etc/profile.d/sessiontimout.sh

    Please share your thoughts on this.

  • Like the post? Please Subscribe to free RSS feed to get updates
  • Hardening SSH Server In The DMZ(De Militarised Zone)

    0 comments

    Its good to harden your box which is in DMZ.
    What is DMZ?
    Ans : DMZ is a De Militarised Zone where we will be keeping our servers, so that they can be access by out side people. Let me explain more about this DMZ. Who are not familiarise(And this activity is most of the time a Network admin work).
    1. DMZ is a place where we will be isolate machines from companies local LAN.
    2. These DMZ machines will have different IP address range and subnet.
    3. The communication between two machines in DMZ is blocked for security reasons.
    4. We cannot login to Local LAN machine from a DMZ machine, but we can login to DMZ machine from local LAN(only one way communication from LAN).
    5. Ping to these machines will be disabled(most of the companies will do this for security reasons).
    6. The way these machines communicate totally depends on network team what type of rule they set on their routers.
    7. The security of DMZ machines are more when compared to local LAN machines(in other ways every thing is restricted to DMZ machines).
    8. Only required ports are opened on DMZ machines and remaining ports are in closed or reject state(This should be done on system by Linux admin and on network level done by companies network engineer).

    Once you keep your Linux machine in DMZ first and far-most thing to do is to secure SSH logins to the server.

    In this post we will see some security measures for SSH to be taken when system is kept in DMZ. Most of the SSH settings are located in /etc/ssh/sshd_config (Red hat/Debian based systems).

    1. Set Maximum failed login attempts, so after that many login attempts connection to the server is reseted and once again we have to connect to server.
    MaxAuthTries 3
    Here I have set failed login attempts to 3.

    2. Disable root to login through SSH. This is a good option to force the user not to use root user to login to the server
    PermitRootLogin no
    Here we set it to no which indicates root can not login.

    3. We should disable logging of users who donot have passwords.
    PermitEmptyPasswords no

    4. Allow only users who have passwords.
    PasswordAuthentication yes

    5. Specify who should access this server. I can say this one is more secure because SSH will allow only the users who are specified here.
    AllowUsers test1 test2
    Here I have allowed only two users i.e. test1 and test2.

    6. Set-up a login banner to give warnings to the users how are logging in to that server
    Banner /etc/ssh-banner
    Please specify the warning message in /etc/ssh-banner.

    Once done the above changes in /etc/ssh/sshd_config file just reload the ssh server.

    Note : Don't restart SSH service on production servers. Its not advisable to do it. so in-order to update your changes always use reload option. Most of the services will support reload option with service command.
    #service sshd reload

    Please share your experience which you feel not mentioned in this post.

  • Like the post? Please Subscribe to free RSS feed to get updates
  • How To Install Oracle On RHEL5?

    0 comments

    The most popular database(DB) software known to man is Oracle. There are some other commercial and open source Databases such as
    1. MS-Sql(from Microsoft)
    2. DB2(from IBM)
    3. PostgreSQL(its a open source SW)
    4. Mysql(my favorate one and good for small/medium organisations)
    5. Sybase
    Etc..

    Do you want to know more about other DB names? Have look at below link, i create a squered link for you.
    Ans :
    http://www.google.com/squared/search?q=mssql&items=mysql&items=oracle&items=PostgreSQL&items=db2&items=njsql
    In this post we will come to know that how to install Oracle on RHEL5?

    Step1 : Before installing Oracle it require following packages to be installed on the machine.
    1. compat-gcc
    2. compat-libstdc++
    3. compat-db
    4. make-3.79
    5. binutils-2.11.90.0.8-12
    6. gcc-3.2
    7. openmotif-2.2
    8. setarch-1.3

    All these packages are there in RHEL5 DVD so you just implement YUM server for easy installation of the above packages, other wise you have to install one by one with rpm command which will create a lot of dependencies.

    Step2 : Set kernel parameters by editing /etc/sysctl.conf or using sysctl -w command. As follows.

    Note : When ever you edit any files take backup of that files before editing those files.
    kernel.shmall = 268435456
    kernel.sem = 250 32000 100 128
    kernel.shmmax = 2147483647

    kernel.shmmni = 4096
    kernel.shmall = 2097152
    fs.file-max = 65536

    net.ipv4.ip_local_port_range = 1024 65000
    kernel.sem=250 32000 100 128
    net.core.rmem_default = 4194304

    net.core.rmem_max= 4194304
    net.core.wmem_default = 262144
    net.core.wmem_max = 262144

    #cp /etc/sysctl.conf /etc/sysctl.conf.org
    #vi /etc/sysctl.conf

    After entering the above values save and exit the file
    or use sysctl -w to edit kernel paramaters.
    Here I will just give one example how to edit sysctl.conf using sysctl -w command.

    Suppose I want to edit kernel.sem value just execute below command.
    #/sbin/sysctl -w kernel.sem=”250 32000 100 128”

    Step3 :
    After editing the file check if any issue is there or not by printing the sysctl content.
    #sysctl -p

    Note1 : Most part of the installation is done by oracle user. Untill and unless specified. Only at the end of installation we require to run two scripts which will
    set path variables.

    Note2 : If you are installing Oracle on remote machine we have to export the display to local machine or we have to take vnc to the remote machine.

    Step4 : Create Group name
    #groupadd dba

    Step5 : Creat oracle user with group equal to dba and home directory equal to
    /oracle
    #useradd -d /oracle -g dba oracle

    Installation :
    Step1 :
    Copy Oracle software to some folder. Change the directory to bin directory as showen below.
    cd /test/database

    Here you will find run Installer script which you should execute in oracle user and this should be done in GUI it self(so in order to execute this command you have to export display or take vnc to remote machine). Here in this document I have taken vnc connection to remote machine where I am installing OS. For those who don't have vnc export display as follows.

    Step2 : Exporting display, you have to execute this command as oracle user on remote machine where you are going to install oracle. And one more thing. Display should be exported to local machine where you are going to preform your installation.
    DISPLAY = system name/ip: 0.0
    Export DISPLAY

    Note : System name/ip in the above display command is the ip/system name of your local machine.
    Image.
































































































































    The above screen shot shows that you have to run the script. And this should be run only by root.

    Step3 : Script to be run by root user.
    [root@test oracle]# /oracle/oracle/product/10.2.0/db_1/root.sh
    Running Oracle10 root.sh script...

    The following environment variables are set as :

    ORACLE_OWNER= oracle

    ORACLE_HOME= /oracle/oracle/product/10.2.0/db_1

    Enter the full pathname of the local bin directory : [/usr/local/bin]:

    Copying dbhome to /usr/local/bin ...

    Copying oraenv to /usr/local/bin ...

    Copying coraenv to /usr/local/bin ...

    Entries will be added to the /etc/oratab file as needed by


    Database Configuration Assistant when a database is created

    Finished running generic part of root.sh script.

    Now product-specific root actions will be performed.

    Once run this as root go to oracle user gui login and say ok.. to exit..




























    Step4 : Now we have to check whether oracle is installed perfectly or not. We have to set ORACLE_HOME variable for oracle user .bash_profile file to export oracle bin directory as follows. So that we can start/stop oracle service with lsnrctl edit .bashrc file for the oracle user.
    $vi ~/.bash_profile

    PATH=$PATH:$HOME/bin

    export PATH
    ORACLE_HOME=/oracle/oracle/product/10.2.0/db_1

    PATH=$PATH:$ORACLE_HOME/bin

    ORACLE_SID=orcl

    export PATH ORACLE_HOME ORACLE_SID
    Save and exit the file. Once done we have to source the .bash_profile file. Then start the oracle service by using below command.
    [oracle@v-itig42 ~]$ lsnrctl start

    LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 05-MAR-2010 07:12:13

    Copyright (c) 1991, 2005, Oracle. All rights reserved.

    TNS-01106: Listener using listener name LISTENER has already been started
    For checking status.
    [oracle@v-itig42 ~]$ lsnrctl status

    LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 05-MAR-2010 07:12:01

    Copyright (c) 1991, 2005, Oracle. All rights reserved.

    Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC3)))

    STATUS of the LISTENER

    ------------------------

    Alias LISTENER

    Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production

    Start Date 05-MAR-2010 06:10:20

    Uptime 0 days 1 hr. 1 min. 41 sec

    Trace Level off

    Security ON: Local OS Authentication

    SNMP OFF

    Listener Parameter File /oracle/oracle/product/10.2.0/db_1/network/admin/listener.ora

    Listener Log
    File /oracle/oracle/product/10.2.0/db_1/network/log/listener.log

    Listening Endpoints Summary...

    (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC3)))

    (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=v-itig42.persistent.co.in)(PORT=1523)))

    Services Summary :

    Service "PLSExtProc" has 1 instance(s).

    Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
    Service "orcl" has 1 instance(s).

    Instance "orcl", status READY, has 1 handler(s) for this service...

    Service "orclXDB" has 1 instance(s).

    Instance "orcl", status READY, has 1 handler(s) for this service...

    Service "orcl_XPT" has 1 instance(s).

    Instance "orcl", status READY, has 1 handler(s) for this service...

    The command completed successfully

    Step5 : Connect to Oracle sql database(and this should be done only as oracle user).

    [oracle@v-itig42 ~]$ sqlplus /nolog
    SQL*Plus: Release 10.2.0.1.0 - Production on Fri Mar 5 07:22:56 2010

    Copyright (c) 1982, 2005, Oracle. All rights reserved.

    SQL>

    This sql> prompt indicates you have sucessfully connected..

    SQL> conn sys@iasdb as sysdba
    Enter password :
    Connected to an idle instance.
    SQL>
    If the database is not started it will show the messages as connected to idle instance.

    4. To start the database execute
    SQL> startup
    ORACLE instance started.
    Total System Global Area 289406976 bytes
    Fixed Size 1301536 bytes
    Variable Size 262677472 bytes
    Database Buffers 25165824 bytes
    Redo Buffers 262144 bytes
    Database mounted.
    Database opened.
    SQL>

    5. To check the name of the database
    SQL> select name from v_$database;

    NAME
    ---------
    IASDB

  • Like the post? Please Subscribe to free RSS feed to get updates
  • How To Reduce Delay Getting SSH Login Prompt

    0 comments

    Recently we have installed a new RHEL5.4 machine. Its located just few kilometres from our office. But when I have observed at the time of logging in the shell prompt is taking considerable time to appear(though connection is taking a fraction of second, after entering the password its taking more time). So we did some tweeking and found out this is related to DNS. We have to change dns related entries in ssh config file to reduce this delay.


    Note : Be careful when doing this on production servers. This activity may disconnect all the users from the system who are logged in to that machine using SSH

    By default UseDNS option in this file is disable. We have to uncommet this option and then edit this entry to no. As below.. 
    Just search for UseDNS..

    [root@tst ~]#vi /etc/ssh/sshd_config 

    before config
    #UseDNS yes

    After config 
    UseDNS no 

    save and exit the file and then just reload ssh service to take effect what ever changes we did.. 

    #service sshd reload.
     
    Now try to login and observe, delay will be reduced.
    Please share your thoughts on this..

  • Like the post? Please Subscribe to free RSS feed to get updates
  • Best Interview I Have Ever Attended

    11 comments

    Its been long time that I blogged here. The reason for this post is to share my experience of an interview. If you people think this is irrelevant, please feel free to comment at comment section, depending on your comments i will keep or remove this post. Because its just a general post not related to admin work much. OK lets come to actual point.

    A couple of weeks back i got a call from a company, they asked me to come down to the interview with all the media required. The media which i have taken includes.
    1.RHEL5.4 which is 64bit version
    2.Oracle 10g
    3.JBOSS(For those who don't know about Jboss. Its a application server like TOMCAT, Web-sphear etc. used to serve the content through web).

    In the same call they informed its totally a practical interview. I have to configure and show all the configuration on a given Blade Centre which contain six blade servers in it.
    Some background about that Blade-centre.
    1. It costs nearly 46Lacks. Yes you red properly it costs 46 lacks INR(Rs4600000)
    2. Its having 6 blades(nothing but 6 blade servers)
    3. SAN box attached to it(total capacity of 4.5TB)
    4. A seven layer switch(I don't know much about this. I have to explore on this)
    5. A backup tape-drive for this SAN backups.
    6. A common DVD ROM, Keyboard, Mouse, Monitor for all the six blade servers
    7. Four to six usb devices(i did not observed properly)
    8. Eight LAN ports


    So all these are included/integrated in to a box which be like big TV box(search for blade-centre in Google for exact look).

    Why we require this blade server why cant we use separate six high end servers?
    Ans :
    Let me put it in this way. In most of the DC(Data Centre) space, power, cooling are always concerns. So IBM came with a solution to resolve all these problems by implementing Blade canter/server.

    Each blade server looks like a closed laptop when we take it out from Blade center box(its very much easy to insert/remove blade-server from blade centre)

    What this each blade server contains?
    Ans :
    1. HDD with hardware RAID1 on implemented with 132GB(so total space with out RAID will be 132*2=264GB).

    2. RAM of 16B(There are four slots, each contains 4gb. These RAMS are placed on the mother board in such a way that it will consume less space and good for cooling).

    3. A fiber converter is there which have high capacity data transfers.

    4. Two NIC/LAN cards(These are integrated on to board it self).

    5.A switch/button for getting display.(Here we have to remember one thing. As there is only single display, mouse, keyboard which are to be shared). So if you press this switch on blade server one all these devices are now part of blade server one.

    6. A switch/button for getting DVD rom for this blade server.

    7. A power switch to switch of this single blade server
    That's it.

    Ok I think this introduction is enough for those people who don't know what is a blade center or server. Please feel free to ask any queries on this. If you still not clear.

    The test/Interview goal is to :
    1.
    Install OS(RHEL5.4 64 bit).
    2. Yum Server(on one of the blade server so that remaining servers will take yum repo from that server).
    3. Network configuration(like IP addressing and host-name).
    4. Jboss to be installed/configure on all the servers.
    5. FATware to be install/configure on all the servers.
    6. Oracle on two blade servers.
    7. High availability cluster for this Oracle.
    That's the end of the Interview.

    They have assigned an Experienced Network/Hardware engineer to me who really assisted me in all hardware related stuff.
    He is really having good knowledge on all the server hardware and he is a nice guy.. :)

    His work is to initialize all the blade servers, configuration of hardware RAID1 and other network related stuff.

    We started with Redhat installation on one machine. We did successfully. I thought we no need to install OS on remaining blade servers because I thought of replacting this HDD on remaining HDD(Because all the servers are HDD are hardware RAID1) but bad luck that IBM blade-centre model will not support this. So we installed OS on each server one by one. I thought/show him how to create partitions and install OS after second server installation. He only taken care of installing OS on remaining blade servers. Mean that time I have started configuring Yum on blade server1, Configured network related stuff, installed some software required by oracle, Jboss etc. By using Yum server. Once these things are done I did the same thing for reaming servers. All these tasks taken most of my time :(

    Then we installed Oracle on server one and two, after that Jboss on all the 6 blade server. Once all the main configurations are done at last we tried to implement cluster for the oracle(we implemented Heartbeat cluster for this one..)

    This total process taken nearly 12 hours from 9Am to 9Pm.

    I want to include more info but i felt its too big.
    Please comment on this:-)

  • Like the post? Please Subscribe to free RSS feed to get updates
  • Archive

    Translate this page

     

    The Linux Juggernaut | Copyright 2006-2009 Surendra Kumar Anne | Surendra's Home Page | Give us feedback how we are doing, Click here