Archive for the 'tips' Category

Quick Tip: Increase port range available for applications

Date: February 15, 2011. Categories: linux, tips and ubuntu. Comments

By default an average Linux distribution allows applications to use the following TCP port range for outgoing connections: 32,786-65,536. That’s why your system can handle up to 28,232 TCP sessions at time. Notice, this is more than enough if your Linux system is installed on the laptop or desktop and you just use it for occasional visits to facebook.com, gmail.com and linuxscrew.com (yeah!). But if you run proxy/webcache like squid or some other services which open a lot of outgoing TCP connections you will likely hit ceiling of 28,232 soon.

First of all, let’s see current port range available for TCP sessions:

cat /proc/sys/net/ipv4/ip_local_port_range

Most likely the output will show something like this one “32786 65536″. In order to expand this range you can either echo modified range into above file in /proc filesystem (temporary solution) or add corresponding line into /etc/sysctl.conf (constant solution).

To temporarily expand port range from 28,232 to 40,000 do the following:

sudo -s
echo "25000 65000" > /proc/sys/net/ipv4/ip_local_port_range

To make sure new port range will be applied after reboot add the following line to /etc/sysctl.conf:

net.ipv4.ip_local_port_range="25000 65000"

or just execute this:

sudo sysctl -n net.ipv4.ip_local_port_range="25000 65000"

Sendmail for virtual users with procmail, spamassassin and dovecot

Date: February 7, 2011. Categories: applications, howtos, linux and tips. Comments

Today I’d like to describe setup of sendmail that allows to establish receiving of e-mails for certain domain and sort incoming messages between virtual users. Those users must be able to fetch received e-mails via POP3 or IMAP protocols with or without TLS encryption. The key aspect of this kind of setup is that we will make sendmail working with virtual users which aren’t present in /etc/passwd so once it’s necessary to create new mailbox it’s not required to add new Unix/Linux account into system. Also, unlike similar configurations based on postfix we will not run mysql or postgres databases to store list of users, their settings, mail routing etc. — everything is stored in text files.

Whole setup relies on the following components: sendmail – receives mails from MTAs around the Web and sorts incoming mails between users of mail system, procmail makes it possible to apply various custom configurations for selected users e.g. set up autoresponder, filter e-mails etc., spamassassin is well known spam filter, dovecot — POP3 and IMAP service daemon.

1. Sendmail installation procedure depends on your Linux distribution but in most cases it is enough to install corresponding binary package e.g. sudo yum install sendmail or sudo apt-get install sendmail. But it is also natural idea to compile sendmail from sources to get the most fresh version — this is perfectly covered at sendmail.org.

2. If you run one of major Linux distributions you should just execute something like below in command line to get all other required components installed:

sudo apt-get install procmail spamassassin dovecot
or
sudo yum install procmail spamassassin dovecot

The possibility to install all the components from sources is still open [for geeks only].

3. Sendmail’s configuration is stored in /etc/mail directory and by default it is configured not to receive mails for any domain. We should change by adding ‘example.com’ domain to /etc/mail/local-host-names file. Please notice that MX DNS entry for your domain e.g. “example.com” should point to server where you’re trying to set up sendmail.

4. There is another key configuration file /etc/mail/virtusertable that holds all mail routing information, e.g. below line tells sendmail that all incoming mails to test@example.com should go to user ‘user1.virtual’:

test@example.com user1.virtual

The following line routes rest incoming mails to user2.virtual:

@example.com user2.virtual

5. As it comes from their names user1.virtual and use2.virtual are virtual so they shouldn’t be present in /etc/passwd. In order to make sendmail to deliver mails to virtual users it is required to specify them in /etc/alias file. E.g. if we plan to route mails destined to test@example.com to user1.virtual we should add the following line to /etc/alias:

user1.virtual: |/etc/smrsh/user1.virtual

This line tells sendmail that it should execute script /etc/smrsh/user1.virtual to deliver mail to user1.virtual. Please notice that if you place the script to ther directory than /etc/smrsh setup wont’ work. Now let’s see the contents of /etc/smrsh/user1.virtual, it contains one line including the path to procmail binary and procmailrc script for user1.virtual user:

[root@server ~]# cat /etc/smrsh/user1.virtual
/usr/bin/procmail /etc/procmail.d/user1.virtual

/etc/procmail.d/user1.virtual file includes all custom settings for user1.virtual virtual user, e.g. below is an example that will receive mails to test@example.com, check them for spam and store into user1.virtual’s inbox:

[root@server ~]# cat /etc/procmail.d/user1.virtual
PATH=/bin:/usr/bin:/usr/contrib/bin:/usr/sbin:/usr/local/bin:/sbin
MONTHYEAR=^Date +%y%m
VHOME=/var/spool/virtual/example.com/mail/user1.virtual
LOGFILE=/var/spool/virtual/example.com/logs/user1.virtual/log
LOGABSTRACT=all
VERBOSE=on

# Spam filter
:0fw
| /usr/bin/spamc

:0:
* ^X-Spam-Status: Yes
$VHOME/spam

:0:
$VHOME/inbox

As you can see spam mails will be stored in inbox while spam e-mails will be forwarded to file named ’spam’. Later on you will be able to access inbox using POP3 and spam using IMAP service. In order to prepare user1.virtual’s inbox you should do the following:

mkdir -p /var/spool/virtual/example.com/mail/user1.virtual
mkdir -p /var/spool/virtual/example.com/logs/user1.virtual
chown mail.mail /var/spool/virtual/example.com/mail/user1.virtual -R
chown mail.mail /var/spool/virtual/example.com/logs/user1.virtual -R

As for spamassassin, it is comes configured by default so in order to start it you should start spamd daemon e.g. by command service spamd start or /etc/init.d/spamd start. You can get more information about how to configure it at SA’s website.

From this point you may try sending mails to test@example.com and see log entries in /var/spool/virtual/example.com/logs/user1.virtual/log and incoming mails in /var/spool/virtual/example.com/mail/user1.virtual/inbox. If something goes wrong it makes sense to look into /var/log/maillog sendmail’s main log file.

5. Default configuration of dovecot is rather useful and makes it possible to establish POP3 and IMAP services for virtual users in seconds. Let’s imagine you’re running dovecot 2.x version, here are some configuration keys you should add into dovecot’s config, e.g. /etc/dovecot/dovecot.conf:

protocols = pop3 imap

service pop3-login {
inet_listener pop3 {
port = 110
}
}

service imap-login {
inet_listener imap {
port = 143
}
}

ssl = yes
ssl_cert = </etc/dovecot/keys/server.crt #server's self signed certificate generated by openssl
ssl_key = </etc/dovecot/keys/server.key # server's private key generated by openssl

default_login_user = mail
default_internal_user = mail

first_valid_uid=8 #this is UID of mail user that you can see in /etc/passwd
auth_mechanisms = plain login cram-md5 digest-md5

mail_location = mbox:/var/spool/virtual/example.com/mail/%u/

userdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/passwd
}
passdb {
driver = passwd-file
args = username_format=%n /etc/dovecot/passwd
}

log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
debug_log_path = /var/log/dovecot-debug.log

Once you make sure your dovecot’s configuration includes mentioned lines you’re welcome to try starting dovecot either by service dovecot start or by just ‘dovecot’. In case of success you will see 110 and 143 ports in output netstat -lnp or errors in dovecot’s log file /var/log/dovecot.log. Let’s imagine it started without problems ;)

Now it’s time to set up the password for user1.virtual user, according to dovecot’s configuration suggested above the passwords are stored in /etc/dovecot/passwd. This is a text file, here is example line from it:

user1.virtual:{PLAIN}pass123:8:12

In this example user1.virtual has password pass123 stored in plain text, 8 is UID of mail user in your /etc/passwd, 12 is GID of mail group (you can also check this in /etc/passwd).

Fin.

youtube-dl: download youtube videos in Ubuntu using command line

Date: May 19, 2010. Categories: applications, shell, tips and ubuntu. 14 Comments

If you use Ubuntu (or other Linux distribution) and you wish to download some video from youtube.com into .flv file you can try using youtube-dl command line utility. It just downloads videos without any online applications, converters or etc. Type the following command in terminal to get it installed:

sudo apt-get install youtube-dl
Let’s imagine you would like to download the following video: http://www.youtube.com/watch?v=2leg8mUE9rs (this is part of Military Parade at Red Square in Russia at 9th of May 2010). Just run youtube-dl download utility as follows:

youtube-dl http://www.youtube.com/watch?v=2leg8mUE9rs

and in a few minutes you will get 2leg8mUE9rs.flv file that could be viewed using almost any video player like my favorite one VLC.

youtube-dl

Fastest way to create ramdisk in Ubuntu/Linux

Date: March 24, 2010. Categories: howtos, linux, tips and ubuntu. Comments

I hope many of you will agree that sometimes it’s really good idea to have some small amount of RAM mounted as a filesystem. It may be necessary when running some bash or perl script that handles, say, thousands of small files so it’s much more effective not to waste computer resources on reading/writing data on hard disk but keep those files directly in memory. This idea is known as Virtual RAM Drive or ramdisk and can be setup in Ubuntu or almost any other Linux distribution using the following commands under root (to become root in Ubuntu use "sudo -s“):

# mkdir /tmp/ramdisk; chmod 777 /tmp/ramdisk
# mount -t tmpfs -o size=256M tmpfs /tmp/ramdisk/

where 256M is amount of RAM you wish to allocate for ramdisk. It’s clear that this value should be less than amount of free memory (use “free -m“). BTW, if you specify too many MBs for ramdisk Linux will try to allocate it from RAM and then from swap so resulting performance would be very poor.

Install Ruby 1.8.7 from sources in Centos 5.5

Date: February 22, 2010. Categories: centos, linux and tips. Comments

Centos 5.5 official repository is rather outdated for today so the latest Ruby available there is 1.8.6. If you need a newer version e.g. 1.8.7 you should install if from sources:

0. Install prerequisites:

sudo yum install gcc zlib zlib-devel

1. Download the latest version of Ruby from project’s FTP:

cd /usr/src/
sudo -s
wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7.tar.gz
tar -xvzf ruby-1.8.7.tar.gz
cd ruby-1.8.7
./configure --enable-pthread
make
make install

2. Check ruby’s version is 1.8.7:

[root@li110-222 ~]# /usr/local/bin/ruby -v
ruby 1.8.7 (2008-05-31 patchlevel 0) [i686-linux]

That’s it!

« Previous Entries
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Next
Friendly Sites:Who is behind Linux Screw?
GeekyBits³ | Bash Cures Cancer | OMG! Ubuntu!
My SysAd Blog | Web Upd8
ZEPY | Linux config Wiki | Planet Sysadmin
a non-geek's linux notes | Linux Today
TuxArena: The arena of Tux | LinuxAlt.Com
 My name is Artem N. (artiomix AT gmail DOT com) and I'm Linux/Unix, Cisco systems engineer. The main idea of Linux Screw is to share relevant knowledge, skills and observations over The Web. Here you can find a lot of information related to different Linux distributions, FreeBSD, IOS as well as a other Open Source around staff. Read more ››