martedì, dicembre 22, 2015

Grep Quick Reference

Basic grep usage

Get lines which does not begin with "#" or ";"?
# grep "^[^#;]" /path/to/my/file 
Search recursively through single file extension
# grep -r --include=<pattern> <string> <directory>
Print two line after and before the match.
# grep -A 2 -B 2 "pattern" /path/to/my/file"

Download Oracle JDK with single command

Today I want to show you how to download JDK with one single command. Yes, because if you want to get java from oracle web site you have to accept license before start the download.

If you want to don't want to use browser and you have to get it from command line you can use

# curl -LO ${URL} -H "Cookie: oraclelicense=accept-securebackup-cookie" 

where {URL} can be:

  • for JDK 8
  • for JDK 7

mercoledì, dicembre 09, 2015

How to securely connect to IMAP using OpenSSL

I never knew how to connect to an IMAP server when SSL/TLS were forced. With unencrypted connections, you can just Telnet in, but this exposes your login credentials and data, so many servers will not allow that. The secure equivalent to Telnet, I found, is OpenSSL's s_client tool. The documentation clearly labels it as a debug tool.

You'd resort to either connection method for verification or troubleshooting purposes; I can't imagine anyone wanting to do employ Telnet or s_client regularly — rather than use some mail client.

As an example, here's how you could log into an Exchange account, select the Inbox folder, and log out:

# openssl s_client -connect server:port -crlf
? LOGIN username password
? SELECT Inbox

giovedì, novembre 12, 2015

How to generate and send an time stamp request ?


today the problem is how to generate and send a time stamp request to a Time Stamp Authority (TSA).

For this quick guide I use free time stamp service (limited to 5 timestamps per day and IP) available on

Alright, cut the chatter, men. Enjoy!

First we have to create the file you will want to timestamp:

# echo "This is the content of test file." > inputfile.txt

Then generate a timestamp request that we want to sign:

# openssl ts -query -data inputfile.txt -cert -sha256 -no_nonce -out request.tsq

Then send the request to timestamp server

# curl -k  -H "Content-Type: application/timestamp-query" --data-binary @request.tsq "" > inputfile.txt.tsr

If all it's fine the content of inputfile.txt.tsr is the response of your request.

If you want to verify the content you can do:

# curl -k  -H "Content-Type: application/timestamp-query" --data-binary @request.tsq "" > inputfile.txt.tsr

mercoledì, novembre 11, 2015

How to change editor for for crontab file

If you want to specify an editor, when opening crontab file. And not just use the default for your system. You need to use VISUAL environment variable.

Export the value of VISUAL and then run crontab -e command.

# export VISUAL=nano; crontab -e

Of course you need to have vim or nano installed in your system if you want to use them.

mercoledì, ottobre 14, 2015

How to analyze long output of a MySQL query?

Using MySQL in command line mode can be a problem when you have to analyze query result that have long lines.

If you use Linux for you can set the pager option of mysqlclient

mysql> pager less -n -i -S

If you want to make it permanently you can setup your my.cnf with this:

pager = less -n -i -S


mercoledì, settembre 30, 2015

Ceph Quick Reference

In this post you can found a lot of helpful commands that you can use with Ceph.


sudo rbd map disk_name --pool pool_name
Map the image to a block device.
sudo rbd unmap /dev/rbd/pool_name/disk_name
Unmap the image to a block device.

giovedì, settembre 24, 2015

How to get the size of databases in MySQL

Sometimes a DB in MySQL grows without alerting the sysadmin and in this case it is helpful to have a query to identify the real dimension.

A query to get the size and free space of MySQL DB is:

SELECT table_schema "Data Base Name", 
sum( data_length + index_length ) / 1024 / 
1024 "Data Base Size in MB", 
sum( data_free )/ 1024 / 1024 "Free Space in MB" 
FROM information_schema.TABLES 
GROUP BY table_schema ;

giovedì, giugno 18, 2015

MCA100 Certification got it!

Yesterday I tried to do the exam for certification and I passed. Yeah!

For me, the difficult level is medium-hard because online I have not found all material for the preparation. Questions are mixed for all components of OpenStack platform.
If you think to be an expert of OpenStack and you want to confirm your knowledge I recommend this exam.

martedì, maggio 19, 2015

Firewall Quick Reference

Basic usage

List rules (with rule number)
iptables -L --line-number 
Append a output log rule for only 1 minute
iptables -A OUTPUT -m limit --limit 1/minute -j LOG --log-level 4 --log-prefix 'OutAllow1/m' 
Delete a rule by number
iptables -D INPUT 4 
Remove all iptables rules
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT

venerdì, aprile 24, 2015

Install samba server on Ubuntu and share home directories

If you want to share files between your Ubuntu and Windows computers, your best option is to use Samba file sharing.
In this post I wiil describe the steps to install and configure samba file sharing.

Install Samba

To install, do the following command:
# sudo apt-get install samba smbfs
We’ve got samba installed, but now we’ll need to configure it to make it accessible. Run the following command to open the configuration file, substituting your editor of choice:
# sudo nano /etc/samba/smb.conf
Find this section in the file:
####### Authentication #######

# “security = user” is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/Samba-HOWTO-Collection/ServerType.html
# in the samba-doc package for details.
;  security = user
Uncomment the security line, and add another line to make it look like this:
security = user
username map = /etc/samba/smbusers
This will set Samba to use the smbusers file for looking up the user list.

Create a Samba User

There are two steps to creating a user. First we'll run the smbpasswd utility to create a samba password for the user.
# sudo smbpasswd -a <username>
Next, we'll add that username to the smbusers file.

# sudo nano /etc/samba/smbusers

Add in the following line, substituting the username with the one you want to give access to. The format is .
You can use a different samba user name to map to an ubuntu account, but that’s not really necessary right now.

<username> = “<username>”

Now you can create samba shares and give access to the users that you listed here.

Share Home Directories

To share the home directories, open up smb.conf with the following command:
#======================= Share Definitions =======================

# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares. This will share each
# user’s home directory as \\server\username
comment = Home Directories
browseable = yes

# By default, \\server\username shares can be connected to by anyone
# with access to the samba server. Un-comment the following parameter
# to make sure that only “username” can connect to \\server\username
valid users = %S

# By default, the home directories are exported read-only. Change next
# parameter to ‘yes’ if you want to be able to write to them.
writable = yes
Now you should be able to map a drive on windows using the following share format:


Find Quick Reference

Basic find usage

Find files with name (case insensitive)
# find . -iname 'myfile' 
Find files with name (case sensitive)
# find . -name 'MyFiLe' 
Find empty files
# find . -empty
Find top 10 big files
# find . -type f -exec ls -s {} \; | sort -n  -r | head -10
Find top 10 small files
# find . -type f -exec ls -s {} \; | sort -n | head -10
Find files bigger than size
# find . -size +100M

Advanced find usage

Delete files older than 30 days.
!!!Attention!!! -delete options delete all files and directory recursively where the command will be executed!
# find /db_backups/ -mtime +30 -delete
Create a tar archive from find output
# find . -type f -print0 | tar -czvf backup.tar.gz --null -T -

mercoledì, marzo 25, 2015

Linux Cluster - Debugging Resource Failures

If you have a resource that fails to start, and there's nothing obvious in the logs (look for "lrmd", "LRM operation", etc.), you can try starting it manually to diagnose the problem further. Likewise for failed stop and monitor ops.

First, you have to unmanage the resource, so Pacemaker won't try to do anything with it, with:

# crm resource unmanage  <resource>
Configure environment:
# export OCF_ROOT=/usr/lib/ocf
# export OCF_RESKEY_<param>=<value>
# ... (likewise for all other resource parameters, run        
       "crm configure show <resource>" to verify what
       params you need to set here)
Run the op:
# /usr/lib/ocf/resource.d/heartbeat/<ra> start ; echo $? 
Look for helpful error messages, and check the return code.
If that doesn't help, try using sh -x or bash -x to see exactly what the RA is doing. Do a stop first just in case, then try the start again:
# /usr/lib/ocf/resource.d/heartbeat/<ra> stop
# sh -x /usr/lib/ocf/resource.d/heartbeat/<ra> start ; echo $?
Once you've figured out what the problem is and solved it, give the resource back to Pacemaker:
# crm resource manage <resource>


martedì, marzo 24, 2015

Cluster Resource Manager Quick Reference

This post is dedicated to CRM (Cluster Resource Manager) for sysadmin that have to manage cluster on linux system.

Basic usage

# sudo crm status
Get the status of cluster.


# sudo crm configure edit `resource_name`
Edit configuration of single resource resource_name.

Resource agent

# crm ra classes
List resource agent classes

# crm ra list ocf
List OCF resource agent available.

giovedì, marzo 05, 2015

APT Quick Reference

Basic "apt-get" usage

sudo apt-get install package
Downloads package and all of its dependencies, and installs or upgrades them.
sudo apt-get -u -V upgrade
List packages to be upgraded with their versions.
sudo apt-get remove [--purge] package
Removes package and any packages that depend on it
sudo apt-get purge -y $(dpkg --list |grep '^rc' |awk '{print $2}')
Purge packages removed, but not purged (rc)

Basic "apt-cache" usage

apt-cache search pattern
Searches packages and descriptions for pattern.
apt-cache show package
Shows the full description of package
apt-cache showpkg package
Shows a lot more detail about and its relationships to other packages.

Basic "dpkg" usage

dpkg-deb -e package_file.deb
Extract content of .deb file in current directory.
dpkg --list |grep "^rc" | cut -d " " -f 3 | xargs sudo dpkg --purge
Remove all rc packages.
dpkg -S /etc/bash.bashrc
How to find which package contains/supplies a certain file.
dpkg -l | awk '{ print $2 }' | tail -n+5 |tr '\n' ' '
List all packages installed in one line
dpkg -I package.deb
Get info about a package

Basic "aptitude" usage

aptitude download package_name
Download the dpkg file of package_name


  1. - APT and Dpkg Quick Reference Sheet

mercoledì, marzo 04, 2015

How to disable gateway and dns entries from dhcp in Ubuntu


If you have a server with two network cards and on all card are configured with dhcp protcol there is a possibility that only one default gateway will be setup on one of these cards.

On Ubuntu, for resolve this problem you can install ifmetric packages

#sudo apt-get install ifmetric

then setup the metric for you network card in your /etc/network/interfaces file (or similary in interfaces.d)...

# The primary network interface
allow-hotplug eth0
auto eth0
iface eth0 inet dhcp
   metric 200
allow-hotplug eth1
# The secondary network interface
auto eth1
iface eth1 inet dhcp


giovedì, gennaio 22, 2015

Rename network cards in Ubuntu

there is a moment in a life of a sysadmin when he/she want to rename the name of each network card in a server to understand in which cable this network card is connected or simply because they've had enough to see eth0, eth1,ethX.

In these cases it's possible to rename the name of network card. How ?
First you have to get the MAC address to the card you want to rename, i.e. 00:11:22:33:44:55

Now, create a file in /etc/udev/rules.d with the name 70-persistent-net.rules and write the follow line

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:11:22:33:44:55", KERNEL=="eth*", NAME="hte1"

Where hte1 it's the new name you want to call the network card.

It's time to restart the server to apply the modify ...or... just run the follow command

# /etc/init.d/networking stop && modprobe -r driver_name && udevadm control --reload-rules && udevadm trigger && modprobe driver_name && /etc/init.d/networking start
See you next.