Wednesday 27 August 2014

ssh login to another server with no login using rsa keys

After you created rsa key, it is time to exchange them with server that you want to connect with no password.

Use this command

root@ubuntus1:~/.ssh# ssh-copy-id -i id_rsa.pub root@192.168.1.2
The authenticity of host '192.168.1.2 (192.168.1.2)' can't be established.
ECDSA key fingerprint is 48:ea:a4:f7:12:15:ca:f0:53:c6:66:44:e8:6b:30:8f.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter                                                                                         out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompt                                                                                        ed now it is to install the new keys
root@192.168.1.2's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.1.2'"
and check to make sure that only the key(s) you wanted were added
.


Try to connect!

root@ubuntus1:~/.ssh# ssh 192.168.1.2
Welcome to Ubuntu 12.04.4 LTS (GNU/Linux 3.5.0-23-generic i686)

 * Documentation:  https://help.ubuntu.com/

  System information as of Wed Aug 27 08:46:14 CEST 2014

  System load:  0.13              Processes:           80
  Usage of /:   65.3% of 2.71GB   Users logged in:     1
  Memory usage: 47%               IP address for eth1: 192.168.1.2
  Swap usage:   1%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

58 packages can be updated.
44 updates are security updates.

New release '14.04.1 LTS' available.
Run 'do-release-upgrade' to upgrade to it.

For more information, please see:
http://wiki.ubuntu.com/1204_HWE_EOL

To upgrade to a supported (or longer supported) configuration:

* Upgrade from Ubuntu 12.04 LTS to Ubuntu 14.04 LTS by running:
sudo do-release-upgrade

OR

* Install a newer HWE version by running:
sudo apt-get install linux-generic-lts-trusty linux-image-generic-lts-trusty

and reboot your system.

Last login: Tue Aug 26 14:50:48 2014 from 192.168.1.5
root@ubuntu:~# exit
logout
Connection to 192.168.1.2 closed.
root@ubuntus1:~/.ssh#


As you can see, this is very simple and easy.

ssh keygen create rsa key

In case that you want to create rsa ssh keys use following command

root@ubuntus1:~/.ssh# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
96:03:9f:05:26:c5:e6:72:30:fc:85:61:41:8a:c8:34 root@ubuntus1
The key's randomart image is:
+--[ RSA 2048]----+
|  E  ..+O+       |
| o o .+=+..      |
|  o . o* ..      |
|      .o++       |
|       oS        |
|       . .       |
|                 |
|                 |
|                 |
+-----------------+

root@ubuntus1:~/.ssh# ls
id_rsa  id_rsa.pub
 

Key has two parts: public(id_rsa.pub) and private (private). You create rsa ssh keys in case that you want to exchange keys with other servers so that you can login with no password. You only exchange public part of key.

Thursday 14 August 2014

change alf_data location Alfresco - SOLVED

By default alf_data location is in alfresco_home folder. In case that you want to change ald_data location to have to find it first.
For this to change there are few thing that you need to know. In alfresco there are few location that you can change things and in some cases official documentation is just not good enough.
So, how to change alf_data location? Directive that you need to find is called dir.root. 
This is located in alfresco_home/tomcat/shared/classes/alfresco-global.properties.
By default dir.root is


dir.root=/opt/Alfresco/alf_data 

To change location simply do this
#dir.root=/opt/Alfresco/alf_data
dir.root=new_location/alf_data

For this to work alf_data folder has to be owned by alfresco user and alfresco group.

server#cd new_location
server#chown -R alfresco:alfresco alf_data

Restart application after you are finished. In case that you did something wrong, alfresco application will not start. In this case, check alfresco.log located in alfresco_home.


Alfresco memory settings

Depending of Alfresco version java memory settings for Alfresco are located in different files and locations.

For older versions Alfresco version these settings are located in Alfresco home folder in file alfresco_home/alfresco.sh. Line look something like this

export JAVA_OPTS='-Xms256m -Xmx1024m -XX:MaxPermSize=512m -server'

So every time you start alfresco, these java memory settings will be applied!

In newer versions of Alfresco java memory setting are in alfresco_home//tomcat/scripts/ctl.sh
 in line

 export JAVA_OPTS="-XX:MaxPermSize=512m -Xms256m -Xmx1024m ..

Each memory change demands restart of alfresco application.
In case that you can't find memory settings, easiest way to find it is

server#cd alfresco_home
server#grep -r PermSize *
# grep -r 'PermSize' *
alfresco.sh:export JAVA_OPTS='Xms256m -Xmx1024m -XX:MaxPermSize=512m -server'



Oracle Glasshfish memory setings

In case that you want to change default Oracle glassfish java memory settings, you should do following thing. Find domain.xml file in you glassfish domain folder. Location of domain.xml is something like this glassfish_home/glassfish/domains/domain1/config/ . In case that you can't find domain.xml file use find command to use it.

server#cd glassfish_home
server#find . -name domain.xml
./glassfish/domains/domain1/config/domain.xml

In this file find this section:

<jvm-options>-XX:PermSize=256m</jvm-options>
        <jvm-options>-Xmx1024m</jvm-options>
        <jvm-options>-Dgosh.args=--nointeractive</jvm-options>
        <jvm-options>-Djavax.management.builder.initial=com.sun.enterprise.v3.admin.AppServerMBeanServerBuilder</jvm-options>
        <jvm-options>-Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as</jvm-options>
        <jvm-options>-XX:MaxPermSize=512m</jvm-options>

Memory settings are changed in these lines:

<jvm-options>-XX:PermSize=256m</jvm-options>
<jvm-options>-Xmx1024m</jvm-options>
<jvm-options>-XX:MaxPermSize=512m</jvm-options>
   

We won't be talking about what there parameters means.
After you change these settings you have to restart your oracle glassfish domain
 server#./asadmin stop-domain domain1
 server#./asadmin start-domain domain1



Tuesday 12 August 2014

How to monitor Glassfish memory usage on zabbix - SOLVED!

In case that you need monitoring of your glassfish application server java memory consumption you can use asadmin get directive. With this you can get all necessary information about glassfish resources. How to get only java memory information?

server#./asadmin get -m server.jvm.memory.*heap*
server.jvm.memory.committedheapsize-count-count = 2428174336
server.jvm.memory.committedheapsize-count-description = Amount of memory in bytes that is committed for the Java virtual machine to use
server.jvm.memory.committedheapsize-count-lastsampletime = 1407835165699
.

.
.

This will give you all memory information that you need but this is maybe to much. Usually all you want is committed heap size, used heap size and max heap size.

server#./asadmin get -m server.jvm.memory.*heap* |grep count-count
server.jvm.memory.committedheapsize-count-count = 2428174336
server.jvm.memory.committednonheapsize-count-count = 550043648
server.jvm.memory.initheapsize-count-count = 62795648
server.jvm.memory.initnonheapsize-count-count = 539426816
server.jvm.memory.maxheapsize-count-count = 2863333376
server.jvm.memory.maxnonheapsize-count-count = 1124073472
server.jvm.memory.usedheapsize-count-count = 200077448
server.jvm.memory.usednonheapsize-count-count = 121870448


From here you can see all information that you need!
From here you can grep information that you need and add them in zabbix agent and zabbix server.

Bash History: Display Date And Time For Each Command - Solved

Multiple users are using same OS account and you want to know who done this and who done that? Or you know that you done something on that day but you can remember what? Or you just want to know what you did on some specific day? Linux command that shows OS users previous typed command is history. But depending on Linux distro Linux command history can be useful to you or not for  this time execution command investigation.

In most Linux distros date and time are not showned in history. From my experience only SUSE SLES 11 has enabled this by default.

So lets see what is "problem"!

server#history
.
.
596  ls -la
597  cd ..
598  ls
599  yum info openssh
600  ifconfig
601  history
602  cat /etc/issue
603  history

So how to add time and date in history?
Because most users use bash shell you shoud add following line

export HISTTIMEFORMAT="%d.%m.%y. %T " 

in /etc/bashrc for  Red Hat, Fedora and CentOS distros or /etc/bash.bashrc for SUSE and Ubuntu distros. This will add in enviroment variables variable HISSTIMEFORMAT and this as result will add date and time for every typed command in bash shell. In case that user use some other shell like zsh or ksh add same line in zshrc and kshrc. Considering date and time format you should use format that you think that is best for you. Find right time format by using date command. For example time format that I use is

server# date "+%d.%m.%y. %T"
11.08.14. 21:25:08

I hope you get the point.

There is no need for restart of any service or something like that. Next time when you log in history will recorded with date and time and will look something like this:

server#history
 1018  11.08.14. 18:18:34 ls
 1019  11.08.14. 18:18:37 du . -h
 1020  11.08.14. 18:18:40 ls -lh
 1021  11.08.14. 18:18:52 history

Sunday 10 August 2014

memory leak Java java.lang.OutOfMemoryError: Java heap space alarm on zabbix

What to do when your java virtual machine is out if memory, when you java virtual machine has a memory leak? How to get alarm that java virtual machine has this issue? When user  calls you up that java application do not work, you will easily find java heap: out of memory message in java log. But how to get alarm when memory leak starts and out of memory java message starts to show in you log? I you use zabbix as you monitoring system then this is easy.Write a simples script that will loo for "out of memory" pattern in last 10 or t 20 lines of java virtual machine log file. When this pattern starts to show in last 10 or 20 lines,this will trigger alarm on zabbix server and that will send mail or sms to you!

Ok, script should look like this.
server#cat java_out.sh
#!/bin/bash
LOG='java_log_file'
OUT='/tmp/java_out_of_memory.txt'
a=`tail -10 $LOG|grep 'java.lang.OutOfMemoryError: Java heap space'|wc -l`
if [ a = = 0 ]
then
echo 0>$OUT
else
echo 1>$OUT
fi

In line where LOG is defined put location of your java application log.
Put this script in cron so that it triggers every minute.


* * * * * java_out.sh


In you zabbix_agent.conf insert line where you will define this new data that will be send to zabbix server. It should look something like this

UserParameter java_out_of_memory, cat /tmp/java_out_of_memory.txt|awk '{print $1}'

Restart zabbix agent.
server#/etc/init.d/zabbix_agent stop
server#/etc/init.d/zabbix_agent start

How to check if zabbix server gets java out of memory item that you created? On zabbix server execute this

zabbix_server#zabbix_get -s IP_of_server -k java_out_of_memory

If exit is 0, there is no problem with java memory leak. If exit is 1, you have memory leak because somewhere in last 10 lines of java log files you have java heap: out of memory  message.

Now through web interface insert in zabbix server java_out_of_memory item! With this you will have time diagram of how often memory leak has happen.


Friday 8 August 2014

bash script syntax error near unexpected token `else'

In case that you have this error during execution of your bash script, there is issue in your if statement.
Lets see how this works on example. We have simple bash script called 123.sh.

server~# cat 123.sh
#!/bin/bash

a=`ls|wc -l`
if [ $a == 0 ] then
echo 0
else
echo 1
fi


server:~# ./123.sh
./123.sh: line 5: syntax error near unexpected token `else'
./123.sh: line 5: `else'




As you can see, bash is telling as that we have syntax error in line 5. But if you look in line 5 there are just else command and there is no way this is wrongly written. So problem has to be somewhere above.
For this particular error problem is in location of then. In line where is if statement we have then statement  and this is reason why this don't work. Syntax should be like this

if [  conditions ]
then
.
.
else
.
.
fi

So if we change that like, script will work!
 server:~# cat 123.sh
#!/bin/bash
a=`ls|wc -l`
if [ $a == 0 ]
then
echo 0
else
echo 1
fi

server:~# ./123.sh
1