Technical Diary » *nix

Clean up the shared memory in Solaris

admin — Wed, 10 Mar 2010 15:44:59 +0000

Here is short trick how to clean the shared memory up in Solaris OS.

Here is short info about the host(solaris 5.9, arch sparc):

uname -a
SunOS hostname1 5.9 Generic_118558-25 sun4u sparc SUNW,Sun-Fire-V890 Solaris

To see all shared memory segment, use ipcs

user1@~>ipcs -m -a
IPC status from  as of Wed Mar 10 16:26:20 CET 2010
T         ID      KEY        MODE        OWNER    GROUP  CREATOR   CGROUP NATTCH      SEGSZ  CPID  LPID   ATIME    DTIME    CTIME
Shared Memory:
m       4608   0x5efaa728 --rw-r-----   oracle oinstall   oracle oinstall     23 3992993792  5720 18925 16:24:47 16:24:47 11:59:42
m    5246977   0x517b6233 --rw-r--r-- user1   os_int user1   os_int     32    7352048 10685 16417 16:21:26 16:21:26 16:13:35
m    1969154   0x22b80b3e --rw-r--r-- user1   os_int user1   os_int      3   72552448 10689 11443 16:14:19 16:13:51 16:13:37
m    1967619   0x1b68b6e6 --rw-r--r-- user1   os_int user1   os_int      8  438326272 10689 16417 16:21:26 16:21:26 16:13:38
m    1966084   0x5724f977 --rw-r--r-- user1   os_int user1   os_int     14  212926464 10689 11379 16:14:27 16:13:50 16:13:40
m    1966085   0x534aab2a --rw-r--r-- user1   os_int user1   os_int     10  216572928 10689 11442 16:14:38 16:13:51 16:13:42
m   11391045   0x7bfc552e --rw-r--r-- user2   os_int user2   os_int      0    7352048  8047  9445 14:43:22 14:43:40 13:41:22
m   10461766   0x63fcba9b --rw-r--r-- user2   os_int user2   os_int      0   72552448  8114  9457 14:43:22 14:43:38 13:41:25
m    9721415   0x5cad6643 --rw-r--r-- user2   os_int user2   os_int      0  583097344  8114  9459 14:43:22 14:43:38 13:41:27
m    9655368   0x1869a8d4 --rw-r--r-- user2   os_int user2   os_int      0  212926464  8114  9466 14:43:22 14:43:38 13:41:29
m    9753673   0x148f5a87 --rw-r--r-- user2   os_int user2   os_int      0  216572928  8114  9473 14:43:22 14:43:38 13:41:31

To delete/destroy/remove any segment of the shared memory, use ipcrm. You can specify segment by shmkey(3-rd field in ipcs output) or by shmid(2-nd field) use -M and -m accordingly . Like :

ipcrm -m 4608

ipcrm -M 0x5efaa728

To remove all segment in shared memory where owner is user1, run

ipcs -m -a | awk '{if($5 ~ /user1/ && $1 ~ /m/) print "ipcrm -m "$2;}' | bash

END.

Testing IMAP and POP3 servers over the telnet

admin — Fri, 25 Sep 2009 12:49:53 +0000

Command list of IMAP and POP3 protocols. They can be used to test your server remotely over telnet connection.

Assume you set up pop3 and imap and want to check it out.

POP3
POP3 is quite simple protocol. I think you will make out how it’s work without any problem.

First, let’s go to check the POP3 server. Make sure that it bound at port 110:

# netstat -lnp | grep 110
tcp        0      0 0.0.0.0:110                 0.0.0.0:*                   LISTEN      2779/dovecot

As you can see I use dovecot as server application and it’s works on all interfaces.
Next, make connection attempt:

# telnet 127.0.0.1 110
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
+OK Dovecot ready.

Now, we got server answer. Do authorization with command user and pass

USER user1
+OK
PASS qwe
+OK Logged in.

and LIST to see headers of all inbox mails:

LIST
+OK 1 messages:
1 306
.

We have only one mail. First field of answer means

mail_id

.
To see whole mail use RETR mail_id:

RETR 1
+OK 306 octets
Return-Path: 
Received: from d (node1 [10.0.30.1])
        by mail.test.com (8.13.8/8.13.8) with SMTP id n8ONtVLG011279
        for user1@test.com; Fri, 25 Sep 2009 03:04:08 +0300
Date: Fri, 25 Sep 2009 03:04:08 +0300
From: fd@test.com
Message-Id: <200909250004.n8ONtVLG011279@mail.test.com>
test

To delete it:

DELE 1
+OK Marked to be deleted.

This message marked as deleted and will be removed when you send command QUIT to server. To unmark messages use command RSET without any arguments:

RSET
+OK

Use command QUIT to leave the server.

QUIT
+OK Logging out.

Refer to RFC 1939 for more details.

IMAP
By default IMAP listen port 143. Therefore let’s check it first:

# netstat -lnp | grep 143
tcp        0      0 0.0.0.0:143                 0.0.0.0:*                   LISTEN      2779/dovecot

Try to connect:

# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
* OK Dovecot ready.

Okay, we have got good answer. Now, we should authorize on server. Syntax is:
? LOGIN USER/ALIAS PASSWORD

For example:

? login user1 qwe
? OK Logged in.

To get folders list make:

? LIST "" "*"
* LIST (\NoInferiors \UnMarked) "/" "INBOX"
? OK List completed.

In folder INBOX contain all incoming messages. To select it:

? SELECT INBOX
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
* 1 EXISTS
* 0 RECENT
* OK [UNSEEN 1] First unseen.
* OK [UIDVALIDITY 1253837819] UIDs valid
* OK [UIDNEXT 2] Predicted next UID
? OK [READ-WRITE] Select completed.

1 EXISTS – means 1 incoming message. You can choose between see full message or only message body instead:
? FETCH message_number All
OR
? FETCH message_number Body

Let’s see whole message:

? FETCH 1 all
* 1 FETCH (FLAGS () INTERNALDATE "25-Sep-2009 03:04:12 +0300" RFC822.SIZE 306 ENVELOPE ("Fri, 25 Sep 2009 03:04:08 +0300" NIL ((NIL NIL "fd" "test.com")) ((NIL NIL "fd" "test.com")) ((NIL NIL "fd" "test.com")) NIL NIL NIL NIL "<200909250004.n8ONtVLG011279@mail.test.com>"))
? OK Fetch completed.

Exit user command is ? LOGOUT.

To learn more about IMAP refer to RFC 3501.

Bash hotkeys

admin — Wed, 22 Jul 2009 08:39:03 +0000

Here is the table of bash hotkeys.

Hotkey	Function
ctrl-l	clear screen
ctrl-f	forward character
ctrl-b	back character
esc-b	move cursor back by one word
esc-f	move cursor forward by one word
ctrl-r	search backward starting at the current line and moving `up’ through the history as necessary.
ctrl-s	search forward starting at the current line and moving `down’ through the history as necessary.
ctrl-p	fetch the previous command from the history list, moving back in the list.
ctrl-n	fetch the next command from the history list, moving forward in the list.
esc-<	move to the first line in the history.
esc->	Move to the end line in the history.
ctrl-u	clear all text from cursor to start of line
ctrl-a	move to the start of command
ctrl-e	move to the end of command
ctrl-w	clear one word back
esc-\	delete all spaces and tabs around point.
ctrl-y	yank last cleared word
esc-y	yank first cleared word
esc-?	list of possible completions of the text before point. (like double TAB)
esc-*	insert all possible completions into the line
ctrl-c	send signal SIGINT to the current process which is interrupt the command
ctrl-d	kills the shell
ctrl-h	delete one letter back
ctrl-z	put process into the background
esc-p	like ctrl-r lets you search through the previously given commands.
esc-.	gives the last command you typed.

How to get fully internet functionality from restricted environment over ssh

admin — Tue, 07 Jul 2009 22:44:12 +0000

If you working place don’t provide internet or provide very restricted access to web pages. But you want to feel free in the internet browsing.

For this you need:
1. At least one open port for output connection OR access to proxy.
2. Server in the internet with root OR user rights.

You can easily get it in several simple steps. Just imagine that you located at office1 and open port for ongoing connection = 443. Also you have access to server1 which located at internet. Now go to server1 and edit ssh configuration file. Add new port directive into this file(in case if you have open port, in other case skip this step). Like this:

server1# grep -i port /etc/ssh/sshd_config
Port 22
Port 443

As you can see now server1 use 2 ports(22 and 443) for ssh daemon. Let’s check it:

server1# netstat -lnp | grep ssh
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3946/sshd
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      3946/sshd

It’s ok. The next step #2 install proxy server. You can choose anyone you like. I chose tinyproxy, because of it’s very small and simple in configuration.

server1# apt-get install tinyproxy

It’s valid command for debian. For your distro use distro specific package manager as well.

Go to /etc/tinyproxy/tinyproxy.conf and check port and listen directives for determinate on which port and address your proxy listen. In my case it’s port 8888 on localhost:

server1#grep -E "^(Port|Listen)"  /etc/tinyproxy/tinyproxy.conf
Port 8888
Listen 127.0.0.1

Start daemon and check that it run:

server1# /etc/init.d/tinyproxy start
server1# netstat -lnp | grep tinyproxy
tcp        0      127.0.0.1:8888              0.0.0.0:*               LISTEN      3923/tinyproxy

Looks fine. Now make ssh tunnel to your server. If you have direct connection to server. Use this :

server1#ssh -p 443 user@server#1 -L8888:127.0.0.01:8888

If not then do as described here.

And last one step is setting up proxy 127.0.0.1:8888 on your browser and enjoy.

SSH connection via http-proxy

admin — Thu, 02 Jul 2009 07:59:27 +0000

How to get access to external server in the event of you can reach internet only over the http proxy server.

Sometimes I work in environment where I have no direct access to the internet. But I need to have connection to my remote server. For this purpose I use corkscrew software. In this post I’ll try describe how it’s work. It’s very easy get in several step.

First of all we need to get corkscrew.

You cat get it in next way for debian:

# apt-get install corkscrew

or download sources from official site and compile it for your distro:

#tar -xzvf corkscrew-2.0.tar.gz
# [..]
#cd corkscrew
#./configure
#make install

It’s doesn’t matter which way you have chosen.

Add new string to your ssh_config to use this to all users at the system or in $HOME/.ssh/config. As I have proxy on host proxy_host which listened at port 8080 and want to use this rule only for me. That’s why I put next:

$ cat ~/.ssh/config
ProxyCommand corkscrew proxy_host 8080 %h %p

Also if you should be authenticated at proxy side. You can simply add this feature. Just modify string in your config.

From:

ProxyCommand corkscrew proxy_host 8080 %h %p

To:

ProxyCommand corkscrew proxy_host 8080 %h %p /path/to/auth_file

And create /path/to/auth_file with next format :

username:password

Now I’ll try to check it:

$ ssh -p 443 my_user@host.in.inet
my_user@host.in.inet's password:

Ok I’ve got access to it :). Therefore I suspect everything work in proper way.