Wednesday, October 3, 2018

What Is /dev/shm in linux?

What Is /dev/shm



Shared (Virtual) Memory (SHM)


Shared memory is a way to shared state between process.

Shared memory, as its name implies, is a method to “share” data between processes.
Both processes define the same memory area as “shared”, and they can then exchange
information simply by writing into it. This (used to be, and still is somewhat) faster than
the alternative of sending network or pipe-based messages between processes.

If you see the memory as a mean of storing data, a file on a file system can be seen as
shared memory (ie shared file).

It is difficult to account for shared memory. Does it belong to one process? Both? Neither?
If we naively sum the memory belonging to multiple processes, we grossly “over-count”.

As the name implies, the Shared (Virtual) Memory refers to virtual memory that are shared
by more than one process and then can be used by multiple programs simultaneously.

Although virtual memory allows processes to have separate (virtual) address spaces, there
are times when you need processes to share memory.

Shared memory (SHM) is another method of interprocess communication (IPC)
whereby several processes share a single chunk of memory to communicate.

Shared memory provides the fastest way for processes to pass large amounts of data
to one another.


/dev/shm is nothing but implementation of traditional shared memory concept. It is an
efficient means of passing data between programs. One program will create a memory
portion, which other processes (if permitted) can access. This will result into speeding up
things on Linux.


shm / shmfs is also known as tmpfs, which is a common name for a temporary file storage
facility on many Unix-like operating systems. It is intended to appear as a mounted
file system, but one which uses virtual memory instead of a persistent storage device.
If you type mount command you will see /dev/shm as a tempfs file system. Therefore,
it is a file system, which keeps all files in virtual memory. Everything in tmpfs is temporary
in the sense that no files will be created on your hard drive. If you unmount a tmpfs instance, everything stored therein is lost. By default almost all Linux distros configured to use /dev/shm.

Difference between tmpfs and swap

  • tmpfs uses memory while as swap uses persistent storage devices.
  • tmpfs can be viewed as file system in df output whereas swap dont
  • swap has general size recommendations, tmpsfs not. tmpfs size varies on system purpose.
  • tmpfs makes applications fasters on loaded systems. swap helps system breath in memory full situations.
  • swap full indicates system heavily loaded, degraded performance and may crash.
  •  tmpfs being full not necessarily means heavy load or prone to crash.
  • tmpfs is enhancement where as swap is must have feature!



what is the difference between kill -15 vs kill -9 in linux?


kill -15 vs kill -9
List of kill signals.

kill -l

1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP 6) SIGABRT 7) SIGBUS 8) SIGFPE 9) SIGKILL 10) SIGUSR1 11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM 15) SIGTERM 16) SIGSTKFLT 17) SIGCHLD 18) SIGCONT 19) SIGSTOP 20) SIGTSTP 21) SIGTTIN 22) SIGTTOU 23) SIGURG 24) SIGXCPU 25) SIGXFSZ 26) SIGVTALRM 27) SIGPROF 28) SIGWINCH 29) SIGIO 30) SIGPWR 31) SIGSYS 34) SIGRTMIN 35) SIGRTMIN+1 36) SIGRTMIN+2 37) SIGRTMIN+3 38) SIGRTMIN+4 39) SIGRTMIN+5 40) SIGRTMIN+6 41) SIGRTMIN+7 42) SIGRTMIN+8 43) SIGRTMIN+9 44) SIGRTMIN+10 45) SIGRTMIN+11 46) SIGRTMIN+12 47) SIGRTMIN+13 48) SIGRTMIN+14 49) SIGRTMIN+15 50) SIGRTMAX-14 51) SIGRTMAX-13 52) SIGRTMAX-12 53) SIGRTMAX-11 54) SIGRTMAX-10 55) SIGRTMAX-9 56) SIGRTMAX-8 57) SIGRTMAX-7 58) SIGRTMAX-6 59) SIGRTMAX-5 60) SIGRTMAX-4 61) SIGRTMAX-3 62) SIGRTMAX-2 63) SIGRTMAX-1 64) SIGRTMAX


SIGKILL (9) – Kill signal. Use SIGKILL as a last resort to kill process. This will not save data or cleaning kill the process.

SIGTERM (15) – Termination signal. This is the default and safest way to kill process.

The difference between 9 and 15 is, the default action for both of them is to terminate
the process, but 9 can't be caught or ignored. So if signal 9 gets sent, the process is
guaranteed to die, immediately. If a sig 15 is sent, the process can catch it and perform cleanups.


Signal name
Signal value
Effect
SIGHUP
1
Hangup
SIGINT
2
Interrupt from keyboard
SIGKILL
9
Kill signal
SIGTERM
15
Termination signal
SIGSTOP
17,19,23
Stop the process

Saturday, June 9, 2018

How do I login over ssh without using password less RSA / DSApublic keys?


Linux system Admins  normally login to the linux  servers either supplying a password,
or using keybased authentication. sshpass is a tool which allows us to automatically
supply password to the command prompt so that automated scripts can be run as desired
by users. sshpass supplies password to ssh prompt using dedicated tty , fooling ssh to
believe that a interactive user is supplying password.

Install sshpass under Debian / Ubuntu Linux

Type the following command:
$ sudo apt-get install sshpass

Install sshpass under RHEL/CentOS Linux

$ sudo yum install sshpass

If you are using Fedora Linux, type:
$ sudo dnf install sshpass

Install sshpass under Arch Linux

$ sudo pacman -S sshpass

Install sshpass under OpenSUSE Linux

$ sudo zypper install sshpass

Install sshpass under FreeBSD Unix

To install the port, enter:
# cd /usr/ports/security/sshpass/ && make install clean
To add the package, run:
# pkg install sshpass

Getting Help :
# sshpass -h
Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters
  • -f filename   Take password to use from file
  • -d number Use number as file descriptor for getting password
  • -p password   Provide password as argument (security unwise)
  • -e         Password is passed as env-var "SSHPASS" With no parameters – password will be taken from stdin
  • -h         Show help (this screen)
  • -V         Print version information
At most one of -f, -d, -p or -e should be used


How do I use sshpass in Linux or Unix?

Login to ssh server called example.com with password called redhat@1234
$ sshpass -p 'redhat@1234' ssh username@example.com

For shell script you may need to disable host key checking:
$ sshpass -p 'redhat@1234' ssh -o StrictHostKeyChecking=no username@example.com

TO RUN SOME COMMAND ON THE REMOTE SERVER TO CHECKING UPTIME

$sshpass -p 'redhat@1234' ssh username@example.com  "uptime"

Sample output
01:04:35 up 126 days,  3:34, 2 users, load average: 0.50, 0.54, 0.55

Reading password from file

Another option is to read password from file using the -f option.
The syntax is:
sshpass -f fileNameHere ssh user@server





How to Disable Root SSH Login on Linux ?


One of the biggest security holes you could open on your server is to allow directly
logging in as root through ssh, because any cracker can attempt to brute force
your root password and potentially get access to your system if they can figure out your password.

It’s much better to have a separate account that you regularly use and simply
sudo to root when necessary. Before we begin, you should make sure that
you have a regular user account and that you can su or sudo to root from it.

To fix this problem, we’ll need to edit the sshd_config file, which is the main configuration
file for the sshd service. The location will sometimes be different, but it’s usually in /etc/ssh/.
Open the file up while logged on as root.

$ vi /etc/ssh/sshd_config

Find this section in the file, containing the line with “PermitRootLogin” in it.

#LoginGraceTime 5m
#PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6

Make the line look like this to disable logging in through ssh as root. Uncomment that line

PermitRootLogin no

Now you’ll need to restart the sshd service:

/etc/init.d/sshd restart

Now nobody can brute force your root login, at least.

Friday, May 25, 2018

how to force user to change their password on next login in linux ?


Method 1:
To force a user to change his/her password, first of all the password must have expired and to cause a user’s password to expire, you can use the passwd command, which is used to change a user’s password by specifying the -e or --expire switch along with username as shown.
#passwd --expire ravi
#chage -l ravi
Last password change                                                           : password must be changed
Password expires                                                                    : password must be changed
Password inactive                                                                   : password must be changed
Account expires                                                                       : never
Minimum number of days between password change    : 0
Maximum number of days between password change    : 99999
Number of days of warning before password expires       : 7
After running the passwd command above, you can see from the output of thechage command that the user’s password must be changed. Once the userravi tries to login next time, he will be prompted to change his password before he can access a shell .
Method 2:
Using chage command:
chage command – Change user password expiry information
Use the following syntax to force a user to change their password at next logon on a Linux:
# chage -d 0 user-name
In this example, force ravi to change his password at next logon, enter:
# chage -d 0 ravi
  • -d 0 : Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD. By setting it to zero, you are going to force user to change password upon first login.


Friday, March 16, 2018

how to check physical network cable connection status on linux ?

Method 1

Using dmesg

Using dmesg is one of the 1st things to do for inquiring current state of system:

Example:

dmesg | sed '/eth.*Link is/h;${x;p};d'
[1667676.292871] e1000e: eth0 NIC Link is Up 100 Mbps Full Duplex, Flow Control: Rx/Tx

Method 2

/sys/class/net/

cat /sys/class/net/eth0/carrier
1

The number 1 in the above output means that the network cable is connection physically
to your's network card slot.

Or

cat /sys/class/net/eth0/operstate
up


Method 3

Using ethtool command

Syantax : ethtool interface_name | grep Link\ d

Example:

ethtool eth0 | grep Link\ d

Link detected: yes

we can use bash for loop again to check all network interfaces it once:

for i in $( ls /sys/class/net ); do echo -n $i; ethtool $i | grep Link\ d; done

Sample output:

eth0 Link detected: yes
eth1 Link detected: no
lo Link detected: yes
wlan0 Link detected: no

NOTE:

The only problem with the above ethtool output is that it will not detect connected
cable if your network interface is down. Consider a following example:
# ethtool eth0 | grep Link\ d
       Link detected: yes
# ifconfig eth0 down
# ethtool eth0 | grep Link\ d
       Link detected: no
# ifconfig eth0 up
# ethtool eth0 | grep Link\ d
       Link detected: yes