UnixSupport.com

Sometimes you gotta grant Mysql permissions for usernames… so here’s how I do it.

$ mysql -u root -p

Enter password: [password] [ENTER]
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 14806 to server version: 4.1.11

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> insert into db values (’IP or Hostname‘, ‘DB Name‘, ‘Username‘, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘Y’, ‘N’, ‘Y’, ‘Y’, ‘Y’);

mysql> insert into user values (’IP or hostname‘, ‘Username‘, ‘xxx’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’, ‘N’);

the XXX is where the password will exist.

mysql> update user set Password=password(’Password‘) where user=’Username‘;

SSH Keys are an awsome tool.. and they’ll save your fingers from typing your password 10,000 times a day. They’re also really easy to setup:

login to your main server, or home machine as the user you normally are logged in as.

username@yourserver.com [16:00:51]
[~/.ssh]: /usr/bin/ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_dsa): [ENTER]
Enter passphrase (empty for no passphrase): [ENTER]
Enter same passphrase again: [ENTER]
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:1e:00:fb:d5:57:45:20:c3 username@yourserver.com

username@yourserver.com [16:00:59]
[~/.ssh]: cat id_dsa.pub

ssh-dss [EDITED OUT HUGE TEXT HASH ] username@yourserver.com

Copy the entire output from your server to your clipboard.

Now login to the remote server you want to be able to access without a password and:

$ vi ~/.ssh/authorized_hosts

go to the bottom of the file and insert and paste the line, then [ESC] [ESC] :wq!

and give it a test

$ ssh username@remoteserver.com

when dealing with logs, getting to the end of a huge file is a huge pain. Thats why tail was created.

tail is on most machines and can be used as such

---

tail filename[ENTER]

by default that shows the last 5 lines of the file.

---

tail -n 1000 filename

will show the last -n # of lines.

---

tail also has another useful feature, which is show the log file as it’s written to:

so

tail -f filename

will stay active showing you the log file as it’s written to on the screen. You can press Control and C at the same time to break out.

Give it a try on a web log file and hit a site, you’ll see your visit!

OK… so basically every unix box has VI on it… however so many people are confused about it. Here are some basics:

vi filename
loads you into a weird and wonderful world of editor, but you can’t type anything. You can scroll up and down using the arrow keys generally, or J to go down and K to go up. You can move the cursor using the right and left arrow keys, or l to move left, and h to move right.

When you want to INSERT text at the point of the cursor, hit i

when your done, hit [ESC]

if you want to Append to the end of the line hit A and [ESC] to exit

to find a specific match you can do [ESC] [ESC] to make sure your out of edit mode and then

/searchstring

after you’ve found one match you can hit /[ENTER] and it will find the next match

to Quit, hit [ESC] [ESC] to make sure your out of edit mode, and then
:q[ENTER]

if you want to write the file, hit [ESC] [ESC] :w[ENTER]

You can stack commands, so [ESC] [ESC] :wq[ENTER] will write and quit vi.

There are tons of VI commands, but I’ll add more later on

While most admins know about crontab, some new folks don’t, so here is a basic primer:

crond runs on most unix machines by default and controls automated tasks for the system based on time. Most boxes have cleanup scripts that run at 4am when processor is low, and thats a good thing.

Cron has two major files, one /etc/crontab which contains system level cron entries, cleanup scripts, and things that are for the system to run, not an individual user. These are runnable as whatever user you want, however generally are root crontabs.

Cron has a funny way of dealing with time…. and thats where most people get screwed up:

---

the format is as such:
minute hour mday month wday who command

minute is obvious, 5 is :05 or 45 is :45 on the hour.
hour is the same.
mday is the day of the month, for example 1 is the first, 20 is the 20th.. be careful that you don’t schedule things after the 28th, not all months have it.
wday is day of the week, you can schedule 0 as sunday, 1 as monday, and so on, until you hit 6 which is saturday
who is what user it’s run under, this is NOT part of user crons (only system crons in /etc/crontab) it can be any username on the system
command is the command you want cron to run, I suggest using full paths

---

There is two other bits of cron trickery stil…

A blank is indicated by a *, not a space. This is a wildcard statement in unix, so it always matches.

The other thing to learn is scheduling multiple times. You can define multiple times either using a comma (,) such as
25,45 * * * * root /usr/libexec/atrun

To run /usr/libexec/atrun at :25 and :45 of the hour, or you can divide time, so every five minutes

*/5 * * * * root /usr/libexec/atrun

---

When editing crontabs you want to (as root)vi /etc/crontab and change the file, using [ESC] :wq![ENTER] to write the file and then use a HUP command to signal cron to reread it’s configuration (killall -HUP crond works, it’s a bit generic)

---

Users can have personal crons as well, they can be edited by doing the command
crontab -e [enter] and using [ESC]:wq![ENTER] to quit

and then using the format WITHOUT a “who” username.
an example:
*/5 * * * * /usr/libexec/atrun

To run /usr/libexec/atrun every 5 minutes.

I’ve been caught too many times without good backups, so I’ve started to be a bit smarter about things… I try and automate and cron all the backups early on in a servers existance and just have one big backup drive on a server somewhere that keeps everything.

Here’s an example of this is a simple site backup script that I run.

/root/scripts/syncserver

---

/usr/local/bin/rsync -av –exclude “*_log” -e “ssh” / username@backup.server.com:/path-to-backups/`/bin/hostname`/

---

This runs rsync updating any new files on the filesystem to our backup server. Now I just create an ssh key for root to the other machine’s username and copy the entire box over… this isn’t a PRETTY restore if I had to use it, but at least all data, config files, new files, users, etc are saved on the other machine.

Modify paths as necessary.