Keep walking

Whatever you need to grow, just do it faster…

Posts Tagged ‘Tips’

20 Linux Server Hardening Security Tips (P1)

Posted by ZyK on 11/23/2011

Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system.

#1: Encrypt Data Communication

All data transmitted over a network is open to monitoring. Encrypt transmitted data whenever possible with password or using keys / certificates.

  1. Use scp, ssh, rsync, or sftp for file transfer. You can also mount remote server file system or your own home directory using special sshfs and fuse tools.
  2. GnuPG allows to encrypt and sign your data and communication, features a versatile key managment system as well as access modules for all kind of public key directories.
  3. Fugu is a graphical frontend to the commandline Secure File Transfer application (SFTP). SFTP is similar to FTP, but unlike FTP, the entire session is encrypted, meaning no passwords are sent in cleartext form, and is thus much less vulnerable to third-party interception. Another option is FileZilla – a cross-platform client that supports FTP, FTP over SSL/TLS (FTPS), and SSH File Transfer Protocol (SFTP).
  4. OpenVPN is a cost-effective, lightweight SSL VPN.
  5. Lighttpd SSL (Secure Server Layer) Https Configuration And Installation
  6. Apache SSL (Secure Server Layer) Https (mod_ssl) Configuration And Installation

#1.1: Avoid Using FTP, Telnet, And Rlogin / Rsh

Under most network configurations, user names, passwords, FTP / telnet / rsh commands and transferred files can be captured by anyone on the same network using a packet sniffer. The common solution to this problem is to use either OpenSSH , SFTP, or FTPS (FTP over SSL), which adds SSL or TLS encryption to FTP. Type the following command to delete NIS, rsh and other outdated service:
# yum erase inetd xinetd ypserv tftp-server telnet-server rsh-serve

#2: Minimize Software to Minimize Vulnerability

Do you really need all sort of web services installed? Avoid installing unnecessary software to avoid vulnerabilities in software. Use the RPM package manager such as yum or apt-get and/or dpkg to review all installed set of software packages on a system. Delete all unwanted packages.
# yum list installed
# yum list packageName
# yum remove packageName
OR
# dpkg --list
# dpkg --info packageName
# apt-get remove packageName

#3: One Network Service Per System or VM Instance

Run different network services on separate servers or VM instance. This limits the number of other services that can be compromised. For example, if an attacker able to successfully exploit a software such as Apache flow, he / she will get an access to entire server including other services such as MySQL, e-mail server and so on. See how to install Virtualization software:

#4: Keep Linux Kernel and Software Up to Date

Applying security patches is an important part of maintaining Linux server. Linux provides all necessary tools to keep your system updated, and also allows for easy upgrades between versions. All security update should be reviewed and applied as soon as possible. Again, use the RPM package manager such as yum and/or apt-get and/or dpkg to apply all security updates.
# yum update
OR
# apt-get update && apt-get upgrade
You can configure Red hat / CentOS / Fedora Linux to send yum package update notification via email. Another option is to apply all security updates via a cron job. Under Debian / Ubuntu Linux you can use apticron to send security notifications.

#5: Use Linux Security Extensions

Linux comes with various security patches which can be used to guard against misconfigured or compromised programs. If possible use SELinux and other Linux security extensions to enforce limitations on network and other programs. For example, SELinux provides a variety of security policies for Linux kernel.

#5.1: SELinux

I strongly recommend using SELinux which provides a flexible Mandatory Access Control (MAC). Under standard Linux Discretionary Access Control (DAC), an application or process running as a user (UID or SUID) has the user’s permissions to objects such as files, sockets, and other processes. Running a MAC kernel protects the system from malicious or flawed applications that can damage or destroy the system. See the official Redhat documentation which explains SELinux configuration.

#6: User Accounts and Strong Password Policy

Use the useradd / usermod commands to create and maintain user accounts. Make sure you have a good and strong password policy. For example, a good password includes at least 8 characters long and mixture of alphabets, number, special character, upper & lower alphabets etc. Most important pick a password you can remember. Use tools such as “John the ripper” to find out weak users passwords on your server. Configure pam_cracklib.so to enforce the password policy.

#6.1: Password Aging

The chage command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password. The /etc/login.defs file defines the site-specific configuration for the shadow password suite including password aging configuration. To disable password aging, enter:
chage -M 99999 userName
To get password expiration information, enter:
chage -l userName
Finally, you can also edit the /etc/shadow file in the following fields:

{userName}:{password}:{lastpasswdchanged}:{Minimum_days}:{Maximum_days}:{Warn}:{Inactive}:{Expire}:

Where,

  1. Minimum_days: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password.
  2. Maximum_days: The maximum number of days the password is valid (after that user is forced to change his/her password).
  3. Warn : The number of days before password is to expire that user is warned that his/her password must be changed.
  4. Expire : Days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used.

I recommend chage command instead of editing the /etc/shadow by hand:
# chage -M 60 -m 7 -W 7 userName
Recommend readings:

#6.2: Restricting Use of Previous Passwords

You can prevent all users from using or reuse same old passwords under Linux. The pam_unix module parameter remember can be used to configure the number of previous passwords that cannot be reused.

#6.3: Locking User Accounts After Login Failures

Under Linux you can use the faillog command to display faillog records or to set login failure limits. faillog formats the contents of the failure log from /var/log/faillog database / log file. It also can be used for maintains failure counters and limits.To see failed login attempts, enter:
faillog
To unlock an account after login failures, run:
faillog -r -u userName
Note you can use passwd command to lock and unlock accounts:
# lock account
passwd -l userName
# unlocak account
passwd -u userName

#6.4: How Do I Verify No Accounts Have Empty Passwords?

Type the following command
# awk -F: '($2 == "") {print}' /etc/shadow
Lock all empty password accounts:
# passwd -l accountName

#6.5: Make Sure No Non-Root Accounts Have UID Set To 0

Only root account have UID 0 with full permissions to access the system. Type the following command to display all accounts with UID set to 0:
# awk -F: '($3 == "0") {print}' /etc/passwd
You should only see one line as follows:

root:x:0:0:root:/root:/bin/bash

If you see other lines, delete them or make sure other accounts are authorized by you to use UID 0.

#7: Disable root Login

Never ever login as root user. You should use sudo to execute root level commands as and when required. sudo does greatly enhances the security of the system without sharing root password with other users and admins. sudo provides simple auditing and tracking features too.

#8: Physical Server Security

You must protect Linux servers physical console access. Configure the BIOS and disable the booting from external devices such as DVDs / CDs / USB pen. Set BIOS and grub boot loader password to protect these settings. All production boxes must be locked in IDCs (Internet Data Center) and all persons must pass some sort of security checks before accessing your server. See also:

#9: Disable Unwanted Services

Disable all unnecessary services and daemons (services that runs in the background). You need to remove all unwanted services from the system start-up. Type the following command to list all services which are started at boot time in run level # 3:
# chkconfig --list | grep '3:on'
To disable service, enter:
# service serviceName stop
# chkconfig serviceName off

#9.1: Find Listening Network Ports

Use the following command to list all open ports and associated programs:
netstat -tulpn
OR
nmap -sT -O localhost
nmap -sT -O server.example.com
Use iptables to close open ports or stop all unwanted network services using above service and chkconfig commands.

#9.2: See Also

#10: Delete X Windows

X Windows on server is not required. There is no reason to run X Windows on your dedicated mail and Apache web server. You can disable and remove X Windows to improve server security and performance. Edit /etc/inittab and set run level to 3. Finally, remove X Windows system, enter:
# yum groupremove "X Window System"

(cyberciti.biz)

Posted in UNIX-LINUX | Tagged: , | 1 Comment »

AWR / Statspack

Posted by ZyK on 11/22/2011

People frequently ask questions about interpreting statspack (and AWR) outputs. So I’ve started to collect references to examples of statspack (and AWR) outputs that have been published on the Internet with intelligent comments about interpretation. A few of the items are about related topics, rather than output and interpretation.

There are bound to be more items out there than I currently know of, so if you know of any good examples, add it to the comments list and if I like it I’ll add it to the main list.

Getting Started: if you don’t know how to install or use statspack, then the best place to start is on your server by reading the documentation at $ORACLE_HOME/rdbms/admin/spdoc.txt, which describes how to install it, how to take snapshots, and how to use the reporting facilities.

Footnote: Any advice about reading statspack reports is almost always relevant when reading AWR reports.

(from Oracle Scratchpad)

Posted in Tuning | Tagged: , , | Leave a Comment »

The Linux Cookbook: Tips and Techniques for Everyday Use

Posted by ZyK on 11/22/2011

  • Preface
    • Format of Recipes
    • Assumptions, Scope, and Exclusions
    • Typographical Conventions
    • Versions, Latest Edition, and Errata
    • Acknowledgments
  • PART ONE: Working with Linux
  • Introduction
    • Background and History
      • What’s Unix?
      • What’s Free Software?
      • What’s Open Source?
      • What’s Linux?
      • What’s Debian?
      • Unix and the Tools Philosophy
    • What to Try First
    • If You Need More Help
  • What Every Linux User Knows
    • Controlling Power to the System
      • Powering Up the System
      • Turning Off the System
    • Accounts and Privileges
      • Logging In to the System
      • Logging Out of the System
    • Console Basics
      • Switching between Consoles
      • Scrolling the Console Text
      • Keys for Console Manipulation
    • Running a Command
    • Changing Your Password
    • Listing User Activity
      • Listing Your Username
      • Listing Who Is on the System
      • Listing Who Is on and What They’re Doing
      • Listing the Last Times a User Logged In
    • Listing System Activity
      • Listing Your Current Processes
      • Listing All of a User’s Processes
      • Listing All Processes on the System
      • Listing Processes by Name or Number
    • Help Facilities
      • Finding the Right Tool for the Job
      • Listing a Description of a Program
      • Listing the Usage of a Tool
      • Reading a Page from the System Manual
      • Using the GNU Info System
      • Reading System Documentation and Help Files
  • The Shell
    • Keys for Command Line Editing
      • Passing Special Characters to Commands
      • Letting the Shell Complete What You Type
      • Repeating the Last Command You Typed
      • Running a List of Commands
    • Redirecting Input and Output
      • Redirecting Input to a File
      • Redirecting Output to a File
      • Redirecting Error Messages to a File
      • Redirecting Output to Another Command’s Input
    • Managing Jobs
      • Suspending a Job
      • Putting a Job in the Background
      • Putting a Job in the Foreground
      • Listing Your Jobs
      • Stopping a Job
    • Command History
      • Viewing Your Command History
      • Specifying a Command from Your History
    • Recording a Shell Session
    • Customizing Your Shell
      • Changing the Shell Prompt
      • Making a Command Alias
      • Adding to Your Path
      • Customizing Future Shells
  • The X Window System
    • Running X
      • Starting X
      • Stopping X
    • Running a Program in X
      • Specifying Window Size and Location
      • Specifying Window Colors
      • Specifying Window Font
      • Specifying Additional Window Attributes
    • Manipulating X Client Windows
      • Moving a Window
      • Resizing a Window
      • Destroying a Window
      • Minimizing a Window
      • Maximizing a Window
    • Moving around the Desktop
    • Running a Shell in X
    • Configuring X
      • Switching between Video Modes
      • Running X Clients Automatically
      • Changing the Root Window Parameters
      • Choosing a Window Manager
  • PART TWO: Files
  • Files and Directories
    • Naming Files and Directories
      • Making an Empty File
      • Making a Directory
      • Making a Directory Tree
    • Changing Directories
      • Changing to Your Home Directory
      • Changing to the Last Directory You Visited
      • Getting the Name of the Current Directory
    • Listing Directories
      • Listing File Attributes
      • Listing Directories Recursively
      • Listing Newest Files First
      • Listing Hidden Files
      • Listing Directories in Color
      • Listing Directory Tree Graphs
      • Additional Directory Listing Options
    • Copying Files and Directories
    • Moving Files and Directories
      • Changing File Names to Lowercase
      • Renaming Multiple Files with the Same Extension
    • Removing Files and Directories
      • Removing a File with a Strange Name
      • A Safe Way to Remove a File
    • Giving a File More than One Name
    • Specifying File Names with Patterns
    • Browsing Files
  • Sharing Files
    • Groups and How to Work in Them
      • Listing the Groups a User Belongs To
      • Listing the Members of a Group
    • File Ownership
      • Determining the Ownership of a File
      • Changing the Ownership of a File
    • Controlling Access to Files
      • Listing the Permissions of a File
      • Changing the Permissions of a File
      • Write-Protecting a File
      • Making a File Private
      • Making a File Public
      • Making a File Executable
  • Finding Files
    • Finding All Files That Match a Pattern
    • Finding Files in a Directory Tree
      • Finding Files in a Directory Tree by Name
      • Finding Files in a Directory Tree by Size
      • Finding Files in a Directory Tree by Modification Time
      • Finding Files in a Directory Tree by Owner
      • Running Commands on the Files You Find
      • Finding Files by Multiple Criteria
    • Finding Files in Directory Listings
      • Finding the Largest Files in a Directory
      • Finding the Smallest Files in a Directory
      • Finding the Smallest Directories
      • Finding the Largest Directories
      • Finding the Number of Files in a Listing
    • Finding Where a Command Is Located
  • Managing Files
    • Determining File Type and Format
    • Changing File Modification Time
    • Splitting a File into Smaller Ones
    • Comparing Files
      • Determining Whether Two Files Differ
      • Finding the Differences between Files
      • Patching a File with a Difference Report
    • Compressed Files
      • Compressing a File
      • Decompressing a File
    • File Archives
      • Creating a File Archive
      • Listing the Contents of an Archive
      • Extracting Files from an Archive
    • Tracking Revisions to a File
      • Checking In a File Revision
      • Checking Out a File Revision
      • Viewing a File’s Revision Log
  • PART THREE: Text
  • Viewing Text
    • Perusing Text
      • Perusing a Text File
      • Perusing Multiple Text Files
      • Commands Available While Perusing Text
    • Outputting Text
      • Showing Non-printing Characters
      • Outputting a Beginning Part of a Text
      • Outputting an Ending Part of a Text
      • Outputting a Middle Part of a Text
      • Outputting the Text between Strings
      • Outputting Text in a Dialect
    • Streaming Text
    • Viewing a Character Chart
  • Text Editing
    • Choosing the Perfect Text Editor
    • Emacs
      • Getting Acquainted with Emacs
      • Basic Emacs Editing Keys
      • Making Abbreviations in Emacs
      • Recording and Running Macros in Emacs
      • Inserting Special Characters in Emacs
    • Running a Vi Tutorial
    • Selecting Text
      • Cutting Text
      • Pasting Text
    • Editing Streams of Text
    • Concatenating Text
      • Writing Text to Files
      • Appending Text to a File
      • Inserting Text at the Beginning of a File
    • Including Text Files
  • Grammar and Reference
    • Spelling
      • Finding the Correct Spelling of a Word
      • Listing the Misspellings in a Text
      • Keeping a Spelling Word List
      • Interactive Spell Checking
      • Spell Checking in Emacs
    • Dictionaries
      • Listing Words that Match a Pattern
      • Listing the Definitions of a Word
      • Listing the Synonyms of a Word
      • Listing the Antonyms of a Word
      • Listing the Hypernyms of a Word
      • Online Dictionaries
    • Checking Grammar
      • Checking Text for Misused Phrases
      • Checking Text for Doubled Words
      • Checking Text for Readability
      • Checking Text for Difficult Sentences
      • Checking Text for Long Sentences
    • Word Lists and Reference Files
  • Analyzing Text
    • Counting Text
      • Counting the Characters in a Text
      • Counting the Words in a Text
      • Counting the Lines in a Text
      • Counting the Occurrences of Something
      • Counting Lines per Page in Emacs
    • Making a Concordance of a Text
    • Text Relevance
      • Sorting Text in Order of Relevance
      • Listing Relevant Files in Emacs
    • Finding Anagrams in Text
    • Finding Palindromes in Text
    • Text Cut-Ups
      • Making Simple Text Cut-Ups
      • Making Random Word Cut-Ups
      • Making Cut-Ups in Emacs
  • Formatting Text
    • Spacing Text
      • Eliminating Extra Spaces in Text
      • Single-Spacing Text
      • Double-Spacing Text
      • Triple-Spacing Text
      • Adding Line Breaks to Text
      • Adding Margins to Text
      • Swapping Tab and Space Characters
    • Paginating Text
      • Placing Headers on Each Page
      • Placing Text in Columns
      • Options Available When Paginating Text
    • Underlining Text
    • Sorting Text
    • Numbering Lines of Text
    • Reversing Text
  • Searching Text
    • Searching for a Word or Phrase
    • Regular Expressions — Matching Text Patterns
      • Matching Lines Beginning with Certain Text
      • Matching Lines Ending with Certain Text
      • Matching Lines of a Certain Length
      • Matching Lines That Contain Any of Some Regexps
      • Matching Lines That Contain All of Some Regexps
      • Matching Lines That Don’t Contain a Regexp
      • Matching Lines That Only Contain Certain Characters
      • Finding Phrases Regardless of Spacing
      • Finding Patterns in Certain Contexts
      • Using a List of Regexps to Match From
      • Regexps for Common Situations
    • Searching More than Plain Text Files
      • Matching Lines in Compressed Files
      • Matching Lines in Web Pages
    • Outputting the Context of a Search
    • Searching and Replacing Text
    • Searching Text in Emacs
      • Searching Incrementally in Emacs
      • Searching for a Phrase in Emacs
      • Searching for a Regexp in Emacs
      • Searching and Replacing in Emacs
    • Searching Text in Less
  • Typesetting and Word Processing
    • Choosing the Right Typesetting System for the Job
    • Converting Plain Text for Output
      • Outputting Text in a Font
      • Outputting Text as a Poster or Sign
      • Outputting Text with Language Highlighting
      • Outputting Text with Fancy Headers
      • Outputting Text in Landscape Orientation
      • Outputting Multiple Copies of Text
      • Selecting the Pages of Text to Output
      • Additional PostScript Output Options
    • LyX Document Processing
      • Features of LyX
      • Writing Documents with LyX
      • Learning More about LyX
    • Typesetting with TeX and Friends
      • Is It a TeX or LaTeX File?
      • Processing TeX Files
      • Processing LaTeX Files
      • Writing Documents with TeX and LaTeX
      • TeX and LaTeX Document Templates
    • Writing Documents with SGMLtools
      • Elements of an SGML Document
      • Checking SGML Document Syntax
      • Generating Output from SGML
    • Other Word Processors and Typesetting Systems
  • Fonts
    • X Fonts
      • Selecting an X Font Name
      • Listing Available X Fonts
      • Displaying the Characters in an X Font
      • Resizing the Xterm Font
    • Console Fonts
      • Setting the Console Font
      • Displaying the Characters in a Console Font
    • Text Fonts
      • Horizontal Text Fonts
      • Making a Text Banner
    • Other Font Tools
  • PART FOUR: Images
  • Viewing Images
    • Previewing Print Files
      • Previewing a DVI File
      • Previewing a PostScript File
      • Previewing a PDF File
    • Viewing an Image in X
      • Browsing Image Collections in X
      • Putting an Image in the Root Window
    • Browsing Images in a Console
    • Viewing an Image in a Web Browser
    • Browsing PhotoCD Archives
    • Additional Image Viewers
  • Editing Images
    • Transforming Images
      • Changing the Size of an Image
      • Rotating an Image
      • Adjusting the Colors of an Image
      • Annotating an Image
      • Adding Borders to an Image
      • Making an Image Montage
      • Combining Images
      • Morphing Two Images Together
    • Converting Images between Formats
    • Editing Images with the GIMP
    • Interactive Image Editors and Tools
  • Importing Images
    • Taking Screen Shots
      • Taking a Screen Shot in X
      • Taking a Screen Shot in a Console
    • Scanning Images
      • Listing Available Scanner Devices
      • Testing a Scanner
      • Scanning an Image
    • Extracting PhotoCD Images
      • Converting a PhotoCD Image
      • Removing PhotoCD Haze
  • PostScript
    • Manipulating PostScript Pages
      • Extracting DVI Pages to PostScript
      • Extracting Pages from a PostScript File
      • Combining PostScript Pages
      • Arranging PostScript Pages in Signatures
    • Manipulating PostScript Documents
      • Resizing a PostScript Document
      • Combining PostScript Documents
      • Arranging a PostScript Document in a Booklet
    • Converting PostScript
      • Converting PostScript to PDF
      • Converting PostScript to Plain Text
  • PART FIVE: Sound
  • Sound Files
    • Sound File Formats
    • Adjusting the Audio Controls
      • Listing the Current Audio Settings
      • Changing the Volume Level
      • Muting an Audio Device
      • Selecting an Audio Recording Source
    • Playing a Sound File
      • Playing an MP3 File
      • Playing a MIDI File
    • Recording a Sound File
    • Other Sound File Tools
  • Audio Compact Discs
    • Controlling CD Audio
      • Playing an Audio CD
      • Pausing an Audio CD
      • Stopping an Audio CD
      • Shuffling Audio CD Tracks
      • Displaying Information about an Audio CD
      • Ejecting an Audio CD
    • Sampling Sound from a CD
    • Writing an Audio CD-R
    • Other Audio CD Applications
  • Editing Sound Files
    • Working with Selections from Sound Files
      • Cutting Out Part of a Sound File
      • Pasting a Selection of Sound
      • Mixing Sound Files Together
    • Sound Effects
      • Changing the Amplitude of a Sound File
      • Changing the Sampling Rate of a Sound File
      • Adding Reverb to a Sound File
      • Adding Echo to a Sound File
      • Adding Flange to a Sound File
      • Adding Phase to a Sound File
      • Adding Chorus to a Sound File
      • Adding Vibro-Champ Effects to a Sound File
      • Reversing a Sound File
    • Converting Sound Files
      • Making an MP3 File
      • Converting MP3 to Another Format
    • Other Tools for Sound Editing
  • PART SIX: Productivity
  • Disk Storage
    • Listing a Disk’s Free Space
    • Listing a File’s Disk Usage
    • Floppy Disks
      • Formatting a Floppy Disk
      • Mounting a Floppy Disk
      • Unmounting a Floppy Disk
    • CD-ROMs
      • Mounting a CD-ROM
      • Unmounting a CD-ROM
  • Printing
    • Making and Managing Print Jobs
      • Sending a Print Job to the Printer
      • Printing Multiple Copies of a Job
      • Listing Your Print Jobs
      • Cancelling a Print Job
    • More Recipes for Printing
      • Printing in Emacs
      • Printing with Dvips
      • Printing the Contents of an Xterm Window
    • Preparing Files for Printing
      • Preparing a PostScript File for Printing
      • Preparing a DVI File for Printing
      • Preparing a PDF File for Printing
      • Preparing a Man Page for Printing
  • Cross-Platform Conversions
    • Using DOS and Windows Disks
      • Listing the Contents of a DOS Disk
      • Copying Files to and from a DOS Disk
      • Deleting Files on a DOS Disk
      • Formatting a DOS Disk
    • Using Macintosh Disks
      • Specifying the Macintosh Disk to Use
      • Listing the Contents of a Macintosh Disk
      • Copying Files to and from a Macintosh Disk
      • Deleting Files on a Macintosh Disk
      • Formatting a Macintosh Disk
    • Converting Text Files between DOS and Linux
    • Converting Microsoft Word Files
      • Converting Word to LaTeX
      • Converting Word to Plain Text
  • Reminders
    • Displaying the Date and Time
    • Playing an Audible Time Announcement
    • Calendars
      • Displaying a Calendar
      • Displaying a Calendar in Emacs
    • Managing Appointments
      • Making an Appointment File
      • Including Holidays in Your Reminders
      • Automatic Appointment Delivery
    • Contact Managers
      • Keeping a Free-Form Address List
      • Keeping a Contact Manager Database
    • Reminding Yourself of Things
      • Sending Yourself Email Reminders
      • Reminding Yourself When You Have to Leave
      • Running a Command on a Delay
  • Mathematics
    • Calculating Arithmetic
      • Making a Quick Arithmetic Calculation
      • Making Many Arithmetic Calculations
    • Outputting a Random Number
    • Listing a Sequence of Numbers
    • Finding Prime Factors
    • Converting Numbers
      • Converting an Amount between Units of Measurement
      • Converting an Arabic Numeral to English
    • Other Math Tools
  • PART SEVEN: Networking
  • Communications
    • Connecting to the Internet
      • Setting Up PPP
      • Controlling a PPP Connection
    • Faxing
      • Sending a Fax
      • Receiving a Fax
      • Receiving Faxes Automatically
      • Converting to and from Fax Format
    • Calling Out on a Modem
  • Email
    • Sending Mail
      • Mailing a User on the Same System
      • Mailing a File or the Output of a Command
      • Mailing the Contents of a URL
      • Special Mail Composition Keystrokes
    • Receiving Mail
      • Deleting Mail
      • Options Available while Reading Mail
    • Managing Mail
      • Viewing a Mail Folder
      • Setting Notification for New Mail
      • Counting How Many Messages You Have
      • Seeing Who Your Mail Is From
      • Verifying an Email Address
    • Mail Attachments
      • Reading a Mail Attachment
      • Sending a Mail Attachment
    • Making an Email Signature
    • Picking the Right Mail Application
  • The World Wide Web
    • Browsing the Web
      • Maintaining a List of Visited Web Sites
      • Opening a URL from a Script
      • Mozilla Browsing Tips
    • Viewing an Image from the Web
    • Reading Text from the Web
      • Perusing Text from the Web
      • Viewing a Site That Requires Authorization
      • Options Available while Browsing Text
    • Browsing the Web in Emacs
    • Getting Files from the Web
      • Saving a URL to a File
      • Archiving an Entire Web Site
      • Archiving Part of a Web Site
      • Reading the Headers of a Web Page
    • Writing HTML
      • Adding Parameters to Image Tags
      • Converting HTML to Another Format
      • Validating an HTML File
    • More Web Browsers and Tools
  • Other Internet Services
    • Connecting to Another System
      • Suspending a Connection with Another System
      • Connecting to Another System with Encryption
    • Transferring Files with Another System
      • Uploading a File
      • Downloading a File
    • Reading Usenet
      • Choosing a Newsreader
      • Finding Newsgroups for a Topic
    • Listing Online System and User Activity
      • Checking Whether a System Is Online
      • Checking Whether a User Is Online
      • Listing Who Is Logged In to a System
      • Finding the IP Address of a Host Name
      • Finding the Host Name of an IP Address
      • Listing the Owner of a Domain Name
    • Sending a Message to Another User’s Terminal
    • Chatting with Other Users
      • Chatting Directly with a User
      • Chatting with Users on IRC
      • Chatting with Users on ICQ
  • Administrative Issues
    • Linux and Hardware Compatibility
    • Shutting Down the System
      • Shutting Down Immediately
      • Shutting Down at a Certain Time
      • Cancelling a Shutdown
    • Installing Software
      • Getting and Installing Debian
      • Installing a Debian Package
      • Upgrading a Debian Package
      • Installing a Shell Script
    • Administrating Users
      • Making a User Account
      • Letting Users Access Hardware Peripherals
      • Letting Users Mount Drives
    • Displaying Information about the System
      • How Long Has the System Been Up?
      • What Version of Linux Am I Running?
      • What Version of Debian Am I Running?
  • Linux Resources on the Web
  • License
    • Design Science License
    • Applying Copyleft to Your Work
  • Program Index
  • Concept Index

(http://dsl.org/cookbook/cookbook_toc.html)

 

Posted in UNIX-LINUX | Tagged: , | Leave a Comment »

User-Program/CPU used Statistics

Posted by ZyK on 08/16/2011

/*************************************************/
/******* For how long the statements are running *******/
/*************************************************/

select sid,username, decode(status,’ACTIVE’,round(last_call_et/60),0) time,
resource_consumer_group,status,server,lockwait,
osuser,process,program,module,action, machine from V$SESSION
where username is not null
order by 3 desc;

/*************************************************/
/******* CPU used by every session *******************/
/*************************************************/

SELECT sess.username, v.sid, substr(s.name,1,30) “Statistic”, v.value
FROM v$statname s , v$sesstat v , v$session sess
WHERE s.name = ‘CPU used by this session’
and v.statistic#=s.statistic#
and v.value > 0
and sess.sid = v.sid
ORDER BY 4 desc;

/*************************************************/
/******* Memory used ******************************/
/*************************************************/

SELECT NVL(a.username,’{Background Task}’) “Username”,
a.program “Program”,
Trunc(b.value/1024) “Memory (Kb)”
FROM v$session a,
v$sesstat b,
v$statname c
WHERE a.sid = b.sid
AND b.statistic# = c.statistic#
AND c.name = ‘session pga memory’
AND a.program IS NOT NULL
ORDER BY b.value DESC;

/*************************************************/
/******* Datafile I/O *******************************/
/*************************************************/

select name df,
phywrts writes,
phyrds reads
from v$datafile a,
v$filestat b
where a.file# = b.file#
order by 2 desc ,1 desc;

/*************************************************/
/******* DBA users in database **********************/
/*************************************************/

select ‘GRANT ‘ || lower(granted_role) || ‘ TO ‘ || lower(grantee) ||
decode(admin_option,’YES’,’ WITH ADMIN OPTION;’,';’)
from sys.dba_role_privs
where grantee != ‘SYS’
and granted_role = ‘DBA’;

/*************************************************/
/******* What rollback segment is used ****************/
/*************************************************/

select a.username, a.sid, a.taddr, b.XIDUSN as “RSEG_ID”, c.segment_name, d.sql_text
from
v$session a,
v$transaction b,
dba_rollback_segs c,
v$sql d
where
a.taddr = b.addr
and a.sql_address = d.address
and b.xidusn = c.segment_id;

/*************************************************/
/******* Locks ************************************/
/*************************************************/

select * from dba_waiters where holding_session
not in (select waiting_session from dba_waiters);

/*************************************************/
/******* Consumer groups **************************/
/*************************************************/

Select
V.NAME,
V.ACTIVE_SESSIONS, V.REQUESTS, V.CPU_WAIT_TIME, V.CPU_WAITS,
V.CONSUMED_CPU_TIME, V.CURRENT_UNDO_CONSUMPTION
From SYS.V_$RSRC_CONSUMER_GROUP V;

/*************************************************/
/******* Rollback contention *************************/
/*************************************************/

select ‘The average of waits/gets is ‘||
round((sum(waits) / sum(gets)) * 100,2)||’%’
From v$rollstat;

/*************************************************/
/******* Session info *******************************/
/*************************************************/

select n.name,s.value
from v$statname n,V$sesstat s
where n.statistic# = s.statistic#
and value > 0
and s.sid = (select a.sid from v$process p,v$session a
where p.addr =a.paddr
and a.audsid = userenv(‘sessionid’))
order by n.class,n.name;

/*************************************************/
/******* Log switch *********************************/
/*************************************************/

SELECT to_char(first_time, ‘mm/dd’) “Date”,
to_char(first_time, ‘Dy’) “Day”,
count(1) “Total”,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’00′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’00′,1,0)),’999′)) “00″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’01′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’01′,1,0)),’999′)) “01″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’02′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’02′,1,0)),’999′)) “02″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’03′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’03′,1,0)),’999′)) “03″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’04′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’04′,1,0)),’999′)) “04″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’05′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’05′,1,0)),’999′)) “05″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’06′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’06′,1,0)),’999′)) “06″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’07′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’07′,1,0)),’999′)) “07″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’08′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’08′,1,0)),’999′)) “08″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’09′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’09′,1,0)),’999′)) “09″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’10′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’10′,1,0)),’999′)) “10″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’11′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’11′,1,0)),’999′)) “11″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’12′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’12′,1,0)),’999′)) “12″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’13′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’13′,1,0)),’999′)) “13″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’14′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’14′,1,0)),’999′)) “14″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’15′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’15′,1,0)),’999′)) “15″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’16′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’16′,1,0)),’999′)) “16″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’17′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’17′,1,0)),’999′)) “17″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’18′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’18′,1,0)),’999′)) “18″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’19′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’19′,1,0)),’999′)) “19″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’20′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’20′,1,0)),’999′)) “20″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’21′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’21′,1,0)),’999′)) “21″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’22′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’22′,1,0)),’999′)) “22″,
decode(to_char(SUM(decode(to_char(first_time, ‘hh24′),’23′,1,0)),’999′),’ 0′,’ ‘,to_char(SUM(decode(to_char(first_time, ‘hh24′),’23′,1,0)),’999′)) “23″
FROM V$log_history
group by to_char(first_time, ‘mm/dd’), to_char(first_time, ‘Dy’)
order by 1 desc;

Posted in Tuning | Tagged: , | Leave a Comment »

Unix command to find CPU Utilization

Posted by ZyK on 08/08/2011

Under Sun Solaris UNIX (and other UNIX oses like HP-UX and *BSD oses) you can use following commands to gather CPU information:

=> sar : System activity reporter

=> mpstat : Report per-processor or per-processor-set statistics

=> ps / top commands

Note: Linux specific CPU utilization information is here. Following information applies to UNIX only.

UNIX sar command examples

General syntax is as follows:
sar t [n]
In the first instance, sar samples cumulative activity counters in the operating system at n intervals of t seconds, where t should be 5 or greater. If t is specified with more than one option, all headers are printed together and the output may be difficult to read.

Task: Display today’s CPU activity, use

# sar

Task:Watching system activity evolve i.e. reports CPU Utilization

# sar -u 12 5

Where,

  • -u 12 5: Comparison of CPU utilization; 12 seconds apart; 5 times.

Output includes:

  1. %usr: User time (% of CPU)
  2. %sys: System time (% of CPU)
  3. %wio: Percent of CPU running idle with a process waiting for block I/O
  4. %idle: Percent of CPU that is idle

Task: You can watch CPU activity evolve for 10 minutes and save data

# sar -o file-name 60 10

Task: You can just sar and logout and let the report store in files

# nohup sar -A -o output-file 60 10 1>/dev/null 2>&1 &
Note to display data stored in output-file pass -f option to sar command:
# sar -f output-file

UNIX mpstat example

Type the following command to display per-processor statistics; 12 seconds apart; 5 times
# mpstat 12 5

You can also use traditional ps and top command:
# top
# ps -e -o pcpu -o pid -o user -o args

In Unix, you can see CPU usage on a job that is running in a number of ways, as described below:

The time command

If you want to see a grand total of CPU time for a program when it finishes running, you can use the time command. At the Unix prompt, enter:

time myprog

Replace myprog with the name of the program you are running. The following is an output example for users in the csh or tcsh shells:

1.406u 0.042s 0:04.96 29.0% 2+5k 0+1io 0pf+0w

The program myprog used 1.406 seconds of user time, 0.042 seconds of system time, and 4.96 seconds of real time. The sum of the user and system times is the total CPU time of the process. The percentage (29.0%) indicates the percentage of the CPU’s time that the process used while it ran. The output will appear in a slightly different format when using sh, ksh, or bash, since the time command is not built into those shells.

The ps command

You can also use the Unix command ps. At the Unix prompt, enter:

ps -u username

Replace username with your username. You will see something like the following:

PID TTY TIME COMMAND 10005 ? 3:03 a.out 15852 rb 0:01 -tcsh (tcsh) 24980 rb 0:00 sh -c /usr/local/bin/emacs /usr1/mmouse/snd.18106 24981 rb 0:02 /usr/local/bin/emacs /usr1/mmouse/snd.18106 22311 rf 0:22 elm

In this example, the “TIME” column shows that the process running Elm has used 22 CPU seconds.

 

Posted in UNIX-LINUX | Tagged: , | 1 Comment »

 
Follow

Get every new post delivered to your Inbox.