Linux: Find max uidNumber on LDAP

Whenever you want to add a new user you must make sure that the uidNumber is set to a unique number, if you have many users it could sometimes take a while to find which is the last uidNumber set to a user, to find the last uidNumber run this.

ldapsearch -H ldaps://your-ldap-domain -D "cn=Manager,dc=domain,dc=com" -W | awk '/uidNumber: / {print $2}' | sort | tail -n 1

Read More

Linux: Allow git repo push over ssh without allowing shell access

If you have a git repo on a server and allow users to push over ssh using their public keys, then you might want to add this to every entry on the authorized_keys file on .ssh

For each ssh pub key on authorized_keys pre-append this

command="./.gitserve",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty

Where .gitserve is a script allowing only git commands to be executed

#!/bin/bash

exec git-shell -c "$SSH_ORIGINAL_COMMAND"

Read More

Linux: Remove Byte-Order-Mark (BOM) from files

Oh no there are BOMs in your files! No not BOMBS, BOMs. These sometimes are accidentally added by some IDEs depending on how the settings are configured. One easy way of removing them is this.

First lets find all these BOMs. This will recursively find any files(excluding binary) and list only those having a BOM

grep -rlI $'\xEF\xBB\xBF' . 

If you find any files you might want to de-BOM then pip the output through xargs and vim to remove it

grep -rlI $'\xEF\xBB\xBF' . | xargs vim -c "set nobomb" -c wq!

And just like that all BOMs are gone.

Read More

Linux: Release server cached memory

So your hacking away on your linux box when suddenly you notice that you only have 200MB out of 32GB available RAM, you freak out and pull out your hair as you don’t know what could possibly be using so much RAM. Don’t panic, this is normal your box just has most of the memory cached. It doesn’t pose any danger as your system will free it up automatically as you need it. In case you need it here is how to free up all of the cached memory.

free && sync && echo 3 > /proc/sys/vm/drop_caches && free

Read More

Linux: Forward remote port to localhost port over ssh

There are times when you need to access a service on a remote server that does not have a firewall rule in place to allow direct connection from your end. If you have ssh access you can do the following.

In this examples we want to forward remote mysql server port 3306 to our machine(host) 3310

On host:

ssh -f -L3310:localhost:3306 sshUser@remoteserver -N

Test, backup remote DB through forwarded port:

mysqldump -P 3310 -h 127.0.0.1 -u mysql_user -p database_name > backup.sql

Read More

Linux: Remove files cached on disk

 

Sometimes you have to delete files on disk to free up space, you proceed to remove it only to find that it didn’t actually free up any space. This usually means that files are being held against their will by some process, to view these files being held run

lsof -n | grep -i deleted

Sample output

mysqld 13493 mysql 4u REG 202,1 0 271066 /tmp/ibicpkpG (deleted)
mysqld 13493 mysql 5u REG 202,1 0 271289 /tmp/ibEqTjw4 (deleted)
mysqld 13493 mysql 6u REG 202,1 0 271290 /tmp/ibsiLjDs (deleted)

From here just restart the process and it should free up those files

Read More

Google email relay – Multiple destination domains per transaction is unsupported

Those experiencing this problem when trying to send batches of emails through the google’s multiple MX records (aspmx.l.google.com , alt1.aspmx.l.google.com , …) , here are some workarounds.

In this case scenario we will assume we are using CentOS and sendmail as our method.

  1. Segregate different domain emails to be sent through a separateĀ  sendmail session (this is usually done in your code)
  2. Relay everything through the smtp.gmail.com
  3. Configure sendmail to delivery to each email on one connection.

On you sendmail.mc add these following line

define(`SMTP_MAILER_MAXRCPTS', `1')dnl
define(`RELAY_MAILER_MAXRCPTS', `1')dnl

The above lines MUST be added before

MAILER(`local')dnl
MAILER(`smtp')dnl

After that save your .mc and m4 it to your .cf

m4 sendmail.mc > sendmail.cf

Restart sendmail and test

service sendmail restart

If, however, you are those that directly edit the .cf instead of the .mc then you’ll have to do the following

In you .cf find the following text (“Msmtp,” , “Mesmtp,” , “Mdsmtp, “, “Mrelay,”)
After that find the following line(s)

T=DNS/RFC822/SMTP,

And change it to look like this

r=1, T=DNS/RFC822/SMTP,

Explanation:

This problem isn’t really an error as it requques your emails when this happens.
Though the third solution will work is not ideal to use as it requires sendmail to open/close connections for each email.
One last thing to look for is the cached-connections for sendmail

ConnectionCacheSize
ConnectionCacheTimeout

Read More