Monday, June 1, 2020

How to deny execution permission on your shell script for non-root users and sudo privileged users on Linux server.


When you do not want other users to run the script but only root user to run it, you can secure the script the in the below way.

This method will also deny the run permission for users with full sudo access as well.

ddd

 [root@kubernetesmaster]# cat only_root.sh
 #!/bin/bash

 if (( $(id -u) != 0 ))
 then
   echo "$0: This script must be run as root"
   exit 1
 fi

 if [ "$0" = "${SUDO_COMMAND%% *}" ]
 then
   echo "$0: This script should not be executed with sudo privileges"
   exit 1
 fi

 echo "Running the script as ROOT user."


 Running the script as root user will give you the results
 [root@kubernetesmaster]#./only_root.sh
 Running the script as ROOT user.

 To show the permission restriction for sudo privileged users, a testuser account is created with full sudo access.
 [root@kubernetesmaster]# grep -i testuser /etc/sudoers
 testuser ALL=(ALL) NOPASSWD:ALL

 When a testuser run the script it will show an error message.
 [testuser@kubernetesmaster]# ./tmp/only_root.sh
./tmp/only_root.sh: This script must be run as root

 Testuser tried to run the script with his sudo privileges but he is still not able to run the script.   Only root user can run the script and others are not allowed.
 [testuser@kubernetesmaster]#sudo /tmp/only_root.sh
 /tmp/only_root.sh: This script should not be executed with sudo privileges


Wednesday, June 27, 2018

Creating a file with server name and timestamp in python and shell script on Linux server.


Every time when we write a script to automate some task we create the log file to store the required output from the script.

Here I am showing you all how to create a log file with timestamp and server name with python and shell script on Linux servers.  So that you don't need to check in all the logs files when you look for a log of particular server.

Python Script:

root@linuxserver:/root> cat logfile_timestamp.py
#!/usr/bin/python

import os, time
logfile = "logfile_" + os.uname()[1] + "_" + str(time.strftime("%Y%m%d_%H%M%S")) + ".log"
f = open(logfile,'w')
f.close()

Run the script:
root@linuxserver:/root> python logfile_timestamp.py

Check if the log file created with server name and timestamp.
root@linuxserver:/root> ls -ltr logfile*
-rw-r--r-- 1 root root   0 Jun 27 02:45 logfile_linuxserver_20180627_024509.log


Shell Script:
root@linuxserver:/root>  cat create_logfile.sh
#/bin/bash

logfile=logfile_`uname -n`_`date +%Y%m%d_%H%M%S`.log
touch $logfile

Run the script:
root@linuxserver:/root> ./create_logfile.sh


Check if the log file created with server name and timestamp.
root@linuxserver:/root> ls -ltr logfile*
-rw-r--r-- 1 root root   0 Jun 27 02:41 logfile_linuxserver_20180627_024142.log

Thursday, April 26, 2018

List all the Filesystems which are more than 80% used in linux with awk command


Monitoring file system utilization on linux production server is a very important thing.  We can automate the file system utilization monitoring and schedule it in crontab.  So that script will run at the scheduled time and send out the alert messages.

It's always a good idea to have multiple threshold set for file system and we can make sure it won't reach 100% and the file system crashes on the server.

Below are the few examples of monitoring the file system threshold with powerful awk command.

[santhosh@localhost ~]# df -hP | tr -d "%" | sed 1d | awk '$5 >80'
/dev/mapper/vg00-mysql   30G   25G  3.7G  87 /u01
/dev/mapper/vg00-yumrepo  30G   24G  5.8G  81 /yumrepsitory


[santhosh@localhost ~]# df -hP | tr -d "%" | sed 1d | awk '{if($5>80) print}'
/dev/mapper/vg00-mysql   30G   25G  3.7G  87 /u01
/dev/mapper/vg00-yumrepo  30G   24G  5.8G  81 /yumrepsitory


[santhosh@localhost ~]# df -hP | tr -d "%" | sed 1d | awk 'int($5) > 80 { print $0 }'
/dev/mapper/vg00-mysql   30G   25G  3.7G  87 /u01
/dev/mapper/vg00-yumrepo  30G   24G  5.8G  81 /yumrepsitory

Monday, April 16, 2018

How to convert string to Uppercase and Lower case in Linux using awk and tr commands.



Lowercase to Uppercase:

Using awk command.
root@linuxserver:/root> echo santhosh | awk '{ print toupper($0)}'
SANTHOSH

Using tr command.
root@linuxserver:/root> echo santhosh | tr '[a-z]' '[A-Z]'
SANTHOSH


Uppercase to Lowercase:

Using awk command.
root@linuxserver:/root> echo SANTHOSH | awk '{ print tolower($0)}'
santhosh

Using tr command.
root@linuxserver:/root> echo SANTHOSH | tr '[A-Z]' '[a-z]'
santhosh

Monday, January 8, 2018

Bash shell script to list Ethernet interfaces names and IPaddress on linux server.


If there are multiple IP addresses public, private, backup, etc are in use on linux server it takes a bit more of time to scroll down through the output of 'ifconfig' command and find the IP address assigned to it.

I have created a shell script nic.sh which list all the Ethernet interfaces and IP address assigned to them on Linux server.

#!/bin/bash

nic=$(ifconfig | cut -d" " -f1 | sed '/^$/d' | awk -vORS=',' '{ print $1}' | sed -e s/,$//g)

OFS=IFS
IFS=','
read -ra i <<< "$nic"
for i in "${i[@]}"; do
echo "$i ---> $(ifconfig | grep -A 1 -i $i | sed -n '2p' | awk -F" " '{ print $2 }' | cut -d":" -f2)"
done


root@localhost:/root>./nic.sh
eth0 ---> 192.168.1.19
lo ---> 127.0.0.1

Saturday, January 6, 2018

How to set a default tray for a printer in Linux?


When there are multiple trays available in the printer and we want the printer to pick papers from a specific tray we can use the below command.

Syntax:
# lpoptions -p <printer name> -o InputSlot=<TrayN>

Example:
# lpoptions -p billing -o InputSlot=Tray2

Here the printer billing will use Tray2 as the default tray.

You can check it to make sure if the printer billing is using the Tray2.
# lpoptions -p billing -l | grep  InputSlot
  InputSlot/Media Source: Auto Tray1 *Tray2 Tray3 Tray4

Note that the asterisk (*) in front of the Tray2.

Tuesday, July 5, 2011

How to check server configuration details in Linux

Here i am showing some basic commands using them you can gather the system/server information.

To check what version of Operating System is installed on the server you can use the following commands:-
 =================================================================
1.cat /etc/issue
[root@localhost ~]# cat /etc/issue
Red Hat Enterprise Linux Server release 5.5 (Tikanga)
Kernel \r on an \m

2.cat /etc/redhat-release
[root@localhost ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5.5 (Tikanga)


3.lsb_release -a
[root@localhost ~]# lsb_release -a
LSB Version:    :core-3.1-ia32:core-3.1-noarch:graphics-3.1-ia32:graphics-3.1-noarch
Distributor ID: RedHatEnterpriseServer
Description:    Red Hat Enterprise Linux Server release 5.5 (Tikanga)
Release:        5.5
Codename:       Tikanga



To check whether the operating system is 32 or 64bit:-
================================
# uname -i
[root@localhost ~]# uname -i
i386
(i386 represents that server is having 32bit operating system)

[root@localhost ~]# uname -i
x86_64
(x86_64 represents that server is having 64bit operating system)

To see the processor/CPU information:-
=============================
# cat /proc/cpuinfo
[root@localhost ~] cat /proc/cpuinfo
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 15
model name      : Intel(R) Xeon(R) CPU            5130  @ 2.00GHz
stepping        : 6
cpu MHz         : 1995.087
cache size      : 4096 KB
physical id     : 0
siblings        : 2
core id         : 0
cpu cores       : 2
apicid          : 0
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 10
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc pni monitor ds_cpl vmx tm2 ssse3 cx16 xtpr lahf_lm
bogomips        : 3990.17
(Here processor number 0 indicates that the system is having one process(processor number starts with zero))




To check memory information:-
===========================
# free -m
[root@localhost ~]# free -m
             total       used       free     shared    buffers     cached
Mem:          5066       3513       1552          0        612       2319
-/+ buffers/cache:        582       4484
Swap:         1983          0       1983



# cat /proc/meminfo
[root@localhost ~]# cat /proc/meminfo
MemTotal:      5187752 kB
MemFree:       1639300 kB
Buffers:        627024 kB
Cached:        2374944 kB
SwapCached:          0 kB
Active:        2458788 kB
Inactive:       920964 kB
HighTotal:     4325164 kB
HighFree:      1561936 kB
LowTotal:       862588 kB
LowFree:         77364 kB
SwapTotal:     2031608 kB
SwapFree:      2031608 kB
Dirty:             704 kB
Writeback:           0 kB
AnonPages:      377892 kB
Mapped:          35328 kB
Slab:           153036 kB
PageTables:       6316 kB
NFS_Unstable:        0 kB
Bounce:              0 kB
CommitLimit:   4625484 kB
Committed_AS:   977132 kB
VmallocTotal:   116728 kB
VmallocUsed:      4492 kB
VmallocChunk:   112124 kB
HugePages_Total:     0
HugePages_Free:      0
HugePages_Rsvd:      0
Hugepagesize:     2048 kB


To check the model and serial name of the server:-
=======================================
[root@localhost ~]#  dmidecode | egrep -i "product name|Serial number"
Product Name: PowerEdge R710
Serial Number: AB8CDE1
       

To check the host name:-
=====================
[root@localhost ~]# uname -n
localhost

[root@localhost ~]# hostname
localhost

To check the kernel version:-
========================
[root@localhost ~]# uname -r
2.6.18-238.9.1.el5PAE