≡ Menu

Tip of the day

setsid: Keep Linux / UNIX program running while you logs out

I already wrote about nohup command, which allows you to ignore HUP (hangup) signal and keep running the command after user logged out. You can accomplish the same behavior using screen or disown command.

setsid is another program that runs a program in a new session. For example run a script called ~/scripts/mirror.site:
ssh you@remote-box.com
setsid ~/scripts/mirror.site

You can also pass argument to command or script:
setsid /usr/bin/beep-media-player '/nas/mp3/xyz.mp3'

Please note that setsid included in miscellaneous system utilities package called util-linux under Debian / Ubuntu Linux.

Quick Shell Tip: Remove grep command while grepping something using ps command

Generally you use ps command to find out all running process. You may also pipe out ps command output via grep command to pickup desired output.

Basically you don’t want display grep command as the process.

Let us run combination of ps and grep command to find out all perl processes:
$ ps aux | grep perl

vivek      4611  0.0  0.7  10044  6068 ?        Ss   02:40   0:00 /usr/bin/perl apps/monitor/gwl.pl 
root      4853  0.0  0.7  10044  6068 ?        Ss   02:40   0:00 /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
vivek      5166  0.0  0.0   2884   748 pts/0    R+   03:06   0:00 grep perl

In above example you are getting the grep process itself. To ignore grep process from output, type any one of the following:
$ ps aux | grep perl | grep -v grep
$ ps aux | grep '[p]erl'

Find out DNS Server Version With DNS Server Fingeprinting tool

By hiding out DNS server version number you can improve server security. fpdns is a program that remotely determines DNS server versions. It does this by sending a series of borderline DNS queries which are compared against a table of responses and server versions. (just like nmap command’s remote OS detection facility).

A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behavior of different DNS implementations is expected to be the same.

Install fpdns

Debian / Ubuntu user, enter the following command:
$ sudo apt-get install fpdns
FreeBSD user, either use ports or binary package:
$ pkg_add -v -r fpdns
Alternatively grab source code from official web site.

Howto remotely determine DNS server version

To determine DNS server version for domain nixcraft.com, enter:
$ fpdns -D nixcraft.com

fingerprint (nixcraft.com, bboy MyDNS   
fingerprint (nixcraft.com, bboy MyDNS 

You can easily find out if recursion enabled or not:
$ fpdns ns1.vnsl.com.

fingerprint (ns1.vnsl.com., ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]  

To read list of servers from key board, enter:
$ fpdns -

fingerprint (ns2.vnsl.com, ISC BIND 9.2.3rc1 -- 9.4.0a0 [recursion enabled]  
fingerprint (ns1.softlayer.com, ISC BIND 9.2.3rc1 -- 9.4.0a0  
fingerprint (ns.yahoo.com, ISC BIND 8.3.0-RC1 -- 8.4.4  
fingerprint (ns1.google.com, ISC BIND 8.3.0-RC1 -- 8.4.4 

Further readings

=> Read fpdns man page.

zcommands: Read gzip Compressed Text Files On a Fly

Linux and Unix like operating systems comes with z* commands. These commands allow you to read gzip compressed text files using zless, zcat, zmore and friends commands. The gzip command reduces the size of the files using Lempel-Ziv coding (LZ77). Whenever possible, each file is replaced by one with the extension .gz, while keeping the same ownership modes, access and modification times. z* commands has some cool usage too; such as display the current time in different zonename.
[click to continue…]

Domain Expiration Check Shell Script

I’ve already written about a shell script to check / monitor domain renew / expiration date here. Now I’ve modified matt’s domain-check script to support additional C/TLDs .in, .biz, .org and .info domains. I’ve also added 5 seconds delay to avoid whois server rejecting query. This script checks to see if a domain has expired. It can be run in interactive and batch mode, and provides facilities to alarm if a domain is about to expire in advance.

Sample usage

Display expiration date and registrar for theos.in domain:
domain-check-2 -d {domain-name}

$ domain-check-2 -d theos.in

Domain                              Registrar         Status   Expires     Days Left
----------------------------------- ----------------- -------- ----------- ---------
theos.in                            et4India (R7-AFIN Valid    28-Oct-2009   799  

You can also get an email if theos.in going to expire in 30 days
$ domain-check-2 -a -d theos.in -q -x 30 -e vivek@nixcraft.com

However most killer feature is you can read list of domain names from a file such as mydomains.txt (list each domain on a new line):
$ domain-check-2 -a -f mydomains.txt -q -x 30 -e vivek@nixcraft.com
$ domain-check-2 -f mydomains.txt


Domain                              Registrar         Status   Expires     Days Left
----------------------------------- ----------------- -------- ----------- ---------
theos.in                            et4India (R7-AFIN Valid    28-Oct-2009   799  
nixcraft.org                        oDaddy.com, Inc.  Valid    13-Aug-2009   723  
vivekgite.com                       MONIKER ONLINE SE Valid    18-aug-2010   1093 
cyberciti.biz                                         Valid    30-Jun-2009   679  
nixcraft.info                       oDaddy.com Inc. ( Valid    26-Jun-2009   675  
nixcraft.net                        GODADDY.COM, INC. Valid    11-dec-2009   843  


=> Download modified domain-check-2 script here.

Quick installation

Use wget command to download and install domain-check script:
$ wget http://www.cyberciti.biz/files/scripts/domain-check-2.txt
$ mv domain-check-2.txt domain-check
$ chmod +x domain-check
$ ./domain-check -d vivekgite.com

Make sure your run domain-check script using a cron job.

Ubuntu Linux install development / system library functions man pages (manual)

I am little surprised to find that Ubuntu Linux skips development man pages by default on cloud-based images. A quick search using apt-cache pointed out that I need to install the manpages-dev package on a Ubuntu Linux. It includes manual pages about using GNU/Linux for development. The manpages-posix-dev package includes manual pages about using a POSIX system for development. The man-db package is the on-line manual page i.e. actual man command to view man pages on a Ubuntu or Debian Linux.

Install development man pages on Ubuntu/Debian Linux

Type the following apt-get command to install various packages to view man pages for C standard library functions in Ubuntu or Debian system:
$ sudo apt-get install manpages-dev man-db manpages-posix-dev
Sample outputs:

Fig.01: Installing man pages on a Ubuntu or Debian Linux system

Fig.01: Installing man pages on a Ubuntu or Debian Linux system

How do I view man pages?

To view library calls (functions within program libraries), enter:
$ man 3 function-name
$ man 3 putc
$ man 3 strlen
$ man 3 printf
$ man 3 scanf
$ man 2 execve
$ man 2 fork

The number 3 or 2 indicates the section numbers of the manual as follows:

  • 2 : System calls (functions provided by the kernel)
  • 3 : Library calls (functions within program libraries)

See man page sections for more info:
$ man man

See also

Howto: Verify Downloaded Linux / BSD DVD or CD ISO images for integrity

You need to verify that that downloaded Linux DVD or ISO images are intact before you burn and use them. This is security feature. But how do you verify ISO images?

Answer is quite simple use md5sum command to compute and check MD5 message digest.

Why verify ISO images?

a) To protect yourself
b) Verify that a file has not changed as a result of file transfer, disk error, cracker attacks, etc.

How does it work?

When you run md5sum command on ISO file, you get checksum (or hash) on screen. You need to compare this checksum with original. It works as a compact digital fingerprint of a file. You can then compare the MD5 hash of your download ISO file, to the known good hash of the file you are checking. If the two values match, you are safe and use the ISO image.


Let us download FreeBSD ISO image:
$ cd /tmp
$ wget ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/6.2/6.2-RELEASE-i386-bootonly.iso

Next download MD5 checksum:
$ wget ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/6.2/CHECKSUM.MD5

Generate MD5 hash for ISO image

$ md5sum 6.2-RELEASE-i386-bootonly.iso

4e8701ac951bc4537f8420fdac7efbb5  6.2-RELEASE-i386-bootonly.iso

Verify ISO image

See the known good hash of the file (6.2-RELEASE-i386-bootonly.iso):
$ md5sum -c CHECKSUM.MD5

6.2-RELEASE-i386-bootonly.iso: OK

You can also use following command for the same purpose:

A note for Windows XP / Vista users