Miscellaneous System Administration Notes

Some miscellaneous notes I may split out into separate posts later… don’t bookmark this one.

View open network connections on OS X

sudo lsof -lnP +M -i4

The options:

-l      don't convert uids to login
-n      dont' convert network numbers to to hostnames
-P      don't convert port numbers to service names
+M      enable portmapping
-i4     look for IPv4 connections

See also nettop. 3rd party apps include Little Snitch and RubberNet.

View open network connections on Linux

From http://askubuntu.com/questions/11709/how-can-i-capture-network-traffic-of-a-single-process

To start and monitor an new process:

strace -f -e trace=network -s 10000 PROCESS ARGUMENTS

To monitor an existing process with a known pid:

strace -p $PID -f -e trace=network -s 10000

init.d script

To install an init.d script so it will run at startup time:

copy script to /etc/rc.d/init.d
run chkconfig (script) on

This will make symlinks in all of the runlevel directories to the init script. The script’s runlevels should also be appropriate to your OS runlevel.

SELinux

To see a linux context:

ls -lZ
ps auxwwZ

To mark a file/directory as “safe”:

restorecon -r dir

I was having trouble ssh’ing to an account: sshd seemed to be looking at /root/.ssh/authorized_keys as it should, but wasn’t finding anything there or telling me (in /var/log/secure that something was wrong with the directory). I guessed that it had something to do with SELinux and lucked out this time.

Other things to try: in grub.conf, add selinux=0. From the command-line setenforce 0 also works. getenforce to show you the current setting.

/var/log/audit.log is typically where all SElinux messages go.

DNS zone transfer

To look at an entire DNS zone, you can do this:

dig (domain) @(ns) axfr

for example:

dig betterservers.com @ns1.betterservers.com axfr

Open file problem

I was having trouble opening files; I suspected I had hit my limit but wasn’t familiar with how OS X handles open files.

To see what the limit is:

# ulimit -n
1024

Find the pid of the process having trouble:

# ps auxww | grep beanstalkd
quapi    12077  0.1  0.0   7232  1704 ?        Ss   Dec04  16:16 /usr/local/bin/beanstalkd -l 127.0.0.1 -p 11300 -u quapi -b beanlog

See how many files this process has open:

# lsof -p 12077 | wc -l
25

See which processes are talking to it:

# netstat -atnlp | grep 11300 | grep -v beanstalkd
tcp        0      0 127.0.0.1:37262             127.0.0.1:11300             ESTABLISHED 12156/perl
tcp        0      0 127.0.0.1:37230             127.0.0.1:11300             ESTABLISHED 12128/perl
tcp        0      0 127.0.0.1:37261             127.0.0.1:11300             ESTABLISHED 12154/perl
tcp        0      0 127.0.0.1:37233             127.0.0.1:11300             ESTABLISHED 12134/perl
tcp        0      0 127.0.0.1:37231             127.0.0.1:11300             ESTABLISHED 12136/perl
tcp        0      0 127.0.0.1:37264             127.0.0.1:11300             ESTABLISHED 12150/perl
tcp        0      0 127.0.0.1:37232             127.0.0.1:11300             ESTABLISHED 12132/perl
tcp        0      0 127.0.0.1:37229             127.0.0.1:11300             ESTABLISHED 12130/perl
tcp        0      0 127.0.0.1:37259             127.0.0.1:11300             ESTABLISHED 12152/perl
tcp        0      0 127.0.0.1:37263             127.0.0.1:11300             ESTABLISHED 12158/perl

It turns out that I wasn’t closing client connections in an event loop and so they just kept accumulating.

Increasing maxfiles on OS X Mavericks

Open or create /etc/launchd.conf; add this line:

limit maxfiles 16384 16384

restart (still looking for a better way that restarting); there was a time when the hard limit could be “unlimited” but that is no longer true.

rpm installation from URL

rpm -iUvh https://...

Last modified on 2012-08-15