Month: June 2009

Categories
cron Linux Ubuntu

Execute Cron Job After System Reboot on Linux

Is there is an easy way to run script or command at boot time after fresh reboot command?

crontab is the program used to install, deinstall or list the tables used to drive the cron daemon in Vixie Cron. Each user can have their own crontab, and though these are files in /var/spool/cron/crontabs, they are not intended to be edited directly. You or user can use crontab program to edit cron jobs.

Running job at statup (boot)

You need to use special string called @reboot. It will run once, at startup after reboot command. 

@reboot  /path/to/job
@reboot  /path/to/shell.script
@reboot  /path/to/command

This is an easy way to give your users the ability to run a shell script or command at boot time without root access. First, run crontab command:
$ crontab -e

OR
# crontab -e -u UserName
# crontab -e -u vivek

Run a script called /home/vivek/bin/installnetkit.sh
@reboot /home/vivek/bin/installnetkit.sh

You also need to enable crond service via sys v / BSD init style system. Under RHEL / CentOS / Fedora, you need to use chkconfig (ntsysv) command to enable crond on boot:
# chekconfg crond on

Under Debian / Ubuntu Linux use update-rc.d as follows to turn on service on boot:
# update-rc.d cron defaults

Save and close the file.

For further information see this tutorial on cron jobs.

Categories
cron Linux

How to add jobs to cron under Linux or UNIX

How do I add cron job under Linux or UNIX like operating system?

Cron job are used to schedule commands to be executed periodically i.e. to setup commands which will repeatedly run at a set time, you can use the cron jobs.

crontab is the command used to install, deinstall or list the tables used to drive the cron daemon in Vixie Cron. Each user can have their own crontab, and though these are files in /var/spool/cron/crontabs, they are not intended to be edited directly. You need to use crontab command for editing or setting up your own cron jobs.

To edit your crontab file, type the following command:
$ crontab -e

Syntax of crontab

Your cron job looks like as follows:
1 2 3 4 5 /path/to/command arg1 arg2
Where,

  • 1: Minute (0-59)
  • 2: Hours (0-23)
  • 3: Day (0-31)
  • 4: Month (0-12 [12 == December])
  • 5: Day of the week(0-7 [7 or 0 == sunday])
  • /path/to/command – Script or command name to schedule

Same above five fields structure can be easily remembered with following diagram: 

* * * * * command to be executed
- - - - -
| | | | |
| | | | ----- Day of week (0 - 7) (Sunday=0 or 7)
| | | ------- Month (1 - 12)
| | --------- Day of month (1 - 31)
| ----------- Hour (0 - 23)
------------- Minute (0 - 59)

Example
If you wished to have a script named /root/backup.sh run every day at 3am, my crontab entry would look like as follows:

Install your cronjob:
# crontab -e


Append following entry:
0 3 * * * /root/backup.sh

Run five minutes after midnight, every day:
5 0 * * * /path/to/command

Run at 2:15pm on the first of every month:
15 14 1 * * /path/to/command

Run at 10 pm on weekdays:
0 22 * * 1-5 /path/to/command 

Run 23 minutes after midnigbt, 2am, 4am ..., every day:
23 0-23/2 * * * /path/to/command

Run at 5 after 4 every sunday:
5 4 * * sun /path/to/command

Use of operators
An operator allows you to specifying multiple values in a field. There are three operators:

  1. The asterisk (*) : This operator specifies all possible values for a field. For example, an asterisk in the hour time field would be equivalent to every hour or an asterisk in the month field would be equivalent to every month.
  2. The comma (,) : This operator specifies a list of values, for example: “1,5,10,15,20, 25”.
  3. The dash (-) : This operator specifies a range of values, for example: “5-15” days , which is equivalent to typing “5,6,7,8,9,….,13,14,15” using the comma operator.

How do I disabling Email output?

By default the output of a command or a script (if any produced), will be email to your local email account. To stop receiving email output from crontab you need to append >/dev/null 2>&1.

For example:
0 3 * * * /root/backup.sh >/dev/null 2>&1

To mail output to particluer email account let us say sysadmin@powercram.com you need to define MAILTO variable to your cron job:
MAILTO="sysadmin@powercram.com"
0 3 * * * /root/backup.sh >/dev/null 2>&1

Task:To list your crontab jobs use the command

Type the following command:
# crontab -l

To remove or erase all crontab jobs use the command:
# crontab -r

Use special string to save time

Instead of the first five fields, you can use any one of eight special strings. It will not just save your time but it will improve readability.

Special string Meaning
@reboot Run once, at startup.
@yearly Run once a year, “0 0 1 1 *”.
@annually (same as @yearly)
@monthly Run once a month, “0 0 1 * *”.
@weekly Run once a week, “0 0 * * 0”.
@daily Run once a day, “0 0 * * *”.
@midnight (same as @daily)
@hourly Run once an hour, “0 * * * *”.

Run ntpdate every hour:
@hourly /path/to/ntpdate

Make a backup everyday:
@daily /path/to/backup/script.sh

Understanding /etc/crontab file and /etc/cron.d/* directories

/etc/crontab is system crontabs file. Usually only used by root user or daemons to configure system wide jobs. All individual user must must use crontab command to install and edit their jobs as described above. /var/spool/cron/ or /var/cron/tabs/ is directory for personal user crontab files. It must be backup with users home directory.

Typical /etc/crontab file entries:

SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly

Additionally, cron reads the files in /etc/cron.d/ directory. Usually system daemon such as sa-update or sysstat places their cronjob here. As a root user or superuser you can use following directories to configure cronjobs. You can directly drop your scripts here. run-parts command run scripts or programs in a directory via /etc/crontab

Directory Description
/etc/cron.d/ Put all scripts here and call them from /etc/crontab file.
/etc/cron.daily/ Run all scripts once a day
/etc/cron.hourly/ Run all scripts once an hour
/etc/cron.monthly/ Run all scripts once a month
/etc/cron.weekly/ Run all scripts once a week

How do I use above directories to put scripts?

Here is a sample shell script (clean.cache) to clean up cached files every 10 days. This script is directly created at /etc/cron.daliy/ directory i.e. create a file called /etc/cron.daily/clean.cache: 

#!/bin/bash
CROOT="/tmp/cachelighttpd/"
DAYS=10
LUSER="lighttpd"
LGROUP="lighttpd"
 
# start cleaning
/usr/bin/find ${CROOT} -type f -mtime +${DAYS} | xargs -r /bin/rm
 
# if directory deleted by some other script just get it back
if [ ! -d $CROOT ]
then
        /bin/mkdir -p $CROOT
        /bin/chown ${LUSER}:${LGROUP} ${CROOT}
fi
Categories
Linux

Flash Tip: Embedding Your SWF in a Web Page

If you’re publishing for the web, you’ll need to be able to insert your SWF file into your website, right? While Flash has the option to publish in HTML format, all that gives you is a blank white web page with your SWF file playing in it. That doesn’t do you much good if you’re using your own layout and you want to insert your Flash movie inside that layout, does it?

If you’re familiar with WYSIWYG (What You See Is What You Get) editors like Macromedia Dreamweaver or Microsoft FrontPage, then it’s easy to just use the Insert menu to insert a Flash object, and then select your SWF file from its location on your hard drive; the HTML editor will write the code for you, and all you need to do is edit the path of the file to reflect the location on your web server.

If, however, you’re working in a text editor and writing your HTML code from scratch, it can be a tiny bit more difficult. Here’s a quick and easy shortcut, though:

  • Edit your Publish settings for Flash SWFs and HTML to reflect how you want your Flash SWF to appear in your web page.
  • Export your Flash movie as HTML.
  • Locate your HTML file on your computer, right-click, and select “Open With”.
  • Choose either NotePad or another text editor.
  • Copy the source code from the HTML file.
  • Paste it into your web page’s source code in the appropriate location where you want your SWF file to display.
  • Edit the file path to reflect the location of the SWF file on your web server, and upload both your HTML and SWF file to the appropriate directories on your server. (Note: this also applies if you’re using PHP, JSP, ASP, CGI, or other web page extensions.)

Your code should look something like this:

<OBJECT classid=”clsid:D27CDB6E-AE6D-11cf-96B8-444553540000″ codebase=”http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0″ WIDTH=”320″ HEIGHT=”240″ id=”Yourfilename” ALIGN=””>
<PARAM NAME=movie VALUE=”Yourfilename.swf”> <PARAM NAME=quality VALUE=high> <PARAM NAME=bgcolor VALUE=#333399> <EMBED src=”Yourfilename.swf” quality=high bgcolor=#333399 WIDTH=”320″ HEIGHT=”240″ NAME=”Yourfilename” ALIGN=”” TYPE=”application/x-shockwave-flash” PLUGINSPAGE=”http://www.macromedia.com/go/getflashplayer”></EMBED> </OBJECT> 

Most of this you don’t need to touch, so don’t worry about making sense of that. The italicized section sets the codebase for the version of Flash used, to check against to see if your user has that version. The rest has taglines to download the Flash player (if the user doesn’t have it) and the parameters that you would need to edit–mainly, the line labeled EMBED src=”Yourfilename.swf”.

By default only the file name would be there, because Flash publishes the SWF and the HTML file in the same folder together with your FLA file. However, you may want to put your SWF files in a separate subfolder on your server, perhaps a folder labeled “flash”–in which instance you would edit the code to read EMBED src=”flash/Yourfilename.swf”.

Categories
Linux Ubuntu

What is Linux?

Short answer – Linux is a kernel.

Strictly speaking, Linux is nothing but the Linux kernel. However, term Linux is used to describe Linux as an an operating system. The term Linux distribution is used to refer to the various operating systems built on top of the Linux Kernel.

  • Linux = a Kernel (no shell, browsers, compiler included or installer to install it on the system)
  • Linux = The term used to describe UNIX like free and open source operating system.
  • Linux Distribution = a Linux kernel + Shell + Browsers + GUI + Media Players + Tons of other apps +Installer etc. In short, various operating systems built on top of the Linux Kernel. Red Hat, Debian or Gentoo all are Linux distribution built on top of the Linux kernel.

Few interesting facts about Linux operating systems

  • UNIX like OS : Linux is UNIX like free and open source operating system. However, Linux do not seek UNIX branding. Most Linux distributions prefers not to brand their distro as UNIX dues the the costs for certification. Also, most business are well aware of the Linux brand.
  • More about the creator : Linus Torvalds is the creator and chief architect of the Linux kernel. He now acts as the project’s coordinator. The name “Linux” comes from the Linux kernel, originally written in 1991 by Linus Torvalds. However, initially Torvalds wanted to call the kernel he developed as Freax. Torvalds owns the Linux trademark, and monitors use of it through the non-profit organization called Linux International.
  • More about Linux kernel code: About 2% of the Linux kernel was written by Torvalds himself. Today the Linux kernel has received contributions from thousands of developers across the globe. Torvalds remains the ultimate authority on what new code is incorporated into the standard Linux kernel hosted at kernel.org. However, Linux distribution modifies the kernel as per their users requirements. For example, Red Hat, often backports patches to stable kernel version and distributes to millions of subscriber using RHN paid service.
  • Linux mascot : Tux has been widely adopted by the Linux community as the mascot of the Linux kernel.
  • More about copyright: The Linux kernel, GNU utilities and software are licensed under the GNU General Public License (GPL). The GPL make sure that anyone who distributes the Linux kernel must make the source code (and any modifications) available to the recipient under the same terms. However, other software included with Linux distribution may be licensed under BSD, MIT, or any other open source License. For example, the X Window System uses the MIT License.
  • Programming language and tools used to write Linux kernel: Linux is written in the C using GNU/GCC compiler set. A small number of sections of code written in the assembly language of the target architecture. Most Linux drivers are written in C itself. However, you can use many other languages such as Perl, Python, and various shell scripting languages to manage Linux systems.
  • Portability : Linux kernel runs on wild verity of hardware including mobile phone, handheld computer, mainframe server, supercomputers, desktop and many small and embedded devices. Linux is now considered as one of the most widely ported operating system kernels.
  • Linux adoption : Linux is growing very fast and adopted by many users around the world. The Linux market is growing rapidly, and the revenue of servers, desktops, and packaged software running Linux is expected to exceed $35.7 billion by 2008. Linux operating system used by students, business, homes, organizations, companies, and governments. Please note that the Linux desktop market share range from less than one percent to almost two percent. In comparison, Microsoft operating systems hold more than 88% market share. However, Linux has larger share in servers, netbooks and embedded devices.
  • Graphical user interface : A number of desktop environments are available, of which GNOME and KDE are the most widely used.
  • Command-line interface : A number of command line interface environments are available, of which BASH is the most widely used. There are a lot of small and specialized utilities (such as awk, sed, cut, paste and so on ) meant to work together and to integrate with other programs. This is called the toolbox principle.
  • Process Scheduling : Linux kernel 2.6 once used a scheduling algorithm favoring interactive processes. However, Linux offers other process scheduling alogs such as Completely Fair Scheduler.
  • Support: Linux is mostly supported by community using online forums or mailing lists. Red Hat, Canonical, Novell and other major distributors have paid phone support available as well. There are also paid local Linux techs available.
  • Documentation and Training: A Wealth of information is available free online in forms of blogs, wikis, tutorials, or in books, as well as on vendors own support page. Detailed documentation for specific commands, programs, functions, libraries, files, and file formats are available through the man pages, which are accessed through the command line, or through graphical viewers. Training available via many computing university courses in programming and computer science. Also, vendor specific certifications are provided by Linux Professional Institute and some distributions, such as Red Hat and Ubuntu.

GNU/Linux vs Linux naming controversy

  • The Free Software Foundation ask that such operating systems be referred to as GNU/Linux as it uses GNU utilities and compiler.
  • The media (like this blog or newspapers or TV station) refers simply as Linux.
  • Most Linux distribution uses term like Red Hat Linux or Debian Linux or sometime simply Linux. Some distributions such as Debian use GNU/Linux term.
  • Linus Torvalds the creator of the Linux kernel, is against the GNU/Linux naming, stating that Linux is not a GNU project.
  • FOSS and GNU enthusiast community member ask and uses GNU/Linux term.

A note about Proprietary Software under Linux

Proprietary software is the legal property of one party and usually it is govern by contracts or licensing agreements. These terms may include various privileges to share, alter, dissemble, and use the software and its code. Well known examples of proprietary software include Microsoft Windows / Office, Adobe Photoshop, Mac OS X, some versions of Unix and drivers.

The Free Software Foundation (and most Linux distributions such as Fedora) follows the rule that by default users cannot install any proprietary program on your computers except temporarily for the specific purpose of writing a free replacement for that very program. However, nobody insist that users of GNU, or contributors to GNU, have to live by this rule. In some case you need to use proprietary software or driver to finish the work or use the hardware device such as Nvidia graphics card.

Categories
Blog Linux Passwords SSH Windows Windows 2003

Cygwin SSHd on a Windows 2003 AMI Within Amazon EC2

Recently, I needed to configure a Windows 2003 AMI in EC2 to run a ssh server. I would have expected this to be a simple job, with a variety of choices for making this work, but in the end it was far more time consuming, complicated, and frustrating than I would have guessed. Here is a quick road map of what I did.

My initial thought was that there must be a free, native port of openssh for Windows that installs as a service and otherwise conforms to the Windows environment…wrong! I can’t tell you why this is the case — maybe ssh is just not a microsofty way of doing remote terminals and file transfers — but I couldn’t find anything resembling a free, functional port of openssh for Windows. I found a few blog posts that mentioned that people had tried this, but ultimately they gave up when faced with the integration between openssh’s user/group namespace functions and Windows’ user/group concepts (to say nothing of the differences between the Windows command prompt and the UNIX shells). And these blog posts ultimately suggested that it was easier to run sshd via cygwin than it would be to port sshd to run natively. So….cygwin time!

UNIX is my OS of choice, and I’ve had cygwin on every Windows box I have ever had, so it was a quick jump to download the cygwin installer and install the packages I needed on a freshly started Windows 2003 instance in EC2 (incidentally, I am running the 64-bit, large EC2 instance AMI of Windows 2003 Server with SQL Server Express and no Authentication Services). The openssh package comes with a simple script — ssh-host-config — to generate the server host keys and create the users needed for privilege separation, so it was a nice, simple, relatively painless install. There are a few things that the config script misses, however, which requires you to run it several times before it ultimately succeeds (although it is nice enough to point out the problem each time and prompt you to fix it). After playing with it, I came up with the following actions to perform before running ssh-host-config in order to make it succeed the first time without errors:

0) Add the following line to /cygwin.bat:
set CYGWIN=binmode tty ntsec


1) Run a new cygwin bash shell (after the edit of cygwin.bat) and enter:
mount -s --change-cygdrive-prefix /
chmod +r /etc/passwd /etc/group
chmod 755 /var



2) Run a new cygwin bash shell (to pick up the cygdrive prefix change) and enter:
ssh-host-config
-- yes for privilege separation
-- "binmode tty ntsec" for CYGWIN environment variable setting for the service
-- enter your password of choice for the cyg_server account



3) Enter the following to start sshd:
net start sshd


4) Open the Windows Firewall editor, and add an exception for TCP traffic on port 22 for sshd.

5) If you haven’t already done so, open up port 22 for your EC2 instance group (assuming you are running your instance in the default group):
ec2-authorize -p 22 default


If everything went well, sshd is running and available on port 22, and you can login normally via ssh from other machines. All that is left to do is bundle up a new AMI to capture the cygwin installation…and that should be a piece of cake, right? The updated EC2 API has a new method — ec2-bundle-instance — that kicks off an AMI bundling job for an EC2 instance running Windows, so it should be as simple as calling this method and then grabbing a beer to wait for it to complete. If only it were that simple…

Unlike the AMI bundling scripts for Linux-based EC2 instances, which are ultimately just packaging up the existing file system, the Windows AMI bundling mechanism needs to perform several Windows-specific functions that are ultimately a real pain in the neck. First and foremost is sysprep. Sysprep is Microsoft’s answer to the problem of Windows virtualization; apparently the simple cloning of a Windows installation is not acceptable, and a new Windows SID should be generated for each new instantiation of a Windows virtual image. Sysprep does some other things, too (search for sysprep on Microsoft’s support web site for a more complete description — I am certainly not an expert on it), but ultimately the SID generation is the one that causes problems for a lot of installed software…like cygwin. After bundling a new AMI and starting a new instance with it, I found that sshd is hosed for no apparent reason. Attempts to start sshd via “net start sshd” produce the following cryptic error message:

The CYGWIN sshd service is starting.
The CYGWIN sshd service could not be started.
The service did not report an error.More help is available by typing NET HELPMSG 3534.



WTF?
After several time-consuming iterations of start new instance -> install cygwin -> bundle new AMI -> start new AMI instance -> wonder why sshd is hosed, I found something in the HKEY_USERS tree of the Windows registry that changes after the bundling step. Prior to bundling, with a functioning cygwin/sshd, I see the following in the registry:

[HKEY_USERSS-1-5-21-2574196159-1727499900-3384088469-1013SoftwareCygnus Solutions]
[HKEY_USERSS-1-5-21-2574196159-1727499900-3384088469-1013SoftwareCygnus SolutionsCygwin]
[HKEY_USERSS-1-5-21-2574196159-1727499900-3384088469-1013SoftwareCygnus SolutionsCygwinmounts v2]
[HKEY_USERSS-1-5-21-2574196159-1727499900-3384088469-1013SoftwareCygnus SolutionsCygwinProgram Options]
[HKEY_USERSS-1-5-21-2574196159-1727499900-3384088469-500SoftwareCygnus Solutions]
[HKEY_USERSS-1-5-21-2574196159-1727499900-3384088469-500SoftwareCygnus SolutionsCygwin]
[HKEY_USERSS-1-5-21-2574196159-1727499900-3384088469-500SoftwareCygnus SolutionsCygwinmounts v2]
[HKEY_USERSS-1-5-21-2574196159-1727499900-3384088469-500SoftwareCygnus SolutionsCygwinProgram Options]

After bundling, in a new instance in which sshd is hosed, I see the following in the registry:

[HKEY_USERSS-1-5-21-4261372910-2505678249-1238160980-500SoftwareCygnus Solutions][HKEY_USERSS-1-5-21-4261372910-2505678249-1238160980-500SoftwareCygnus SolutionsCygwin]
[HKEY_USERSS-1-5-21-4261372910-2505678249-1238160980-500SoftwareCygnus SolutionsCygwinmounts v2]
[HKEY_USERSS-1-5-21-4261372910-2505678249-1238160980-500SoftwareCygnus SolutionsCygwinProgram Options]

All of the other registry entries related to cygwin remain the same before and after the bundling step, so my guess is that the loss of entries in the bundled instance is the source of the trouble. But what exactly are those entries?

Again, I’m no windows expert, but the entries in question appear to have the windows SID followed by a user identifier (e.g. in S-1-5-21-4261372910-2505678249-1238160980-500, S-1-5-21-4261372910-2505678249-1238160980 is the SID, and 500 is the user id). Looking at the /etc/passwd file for cygwin, the user id 500 corresponds to the Administrator account, and user id 1013 corresponds to the cyg_server account, used by sshd as a privileged account for switching effective user ids during login. So, my hypothesis is that the privileges for the cyg_server account are somehow lost by sysprep during the bundling step, and sshd is hosed without them in the new bundled AMI instance.To test my hypothesis, I decided to configure the AMI bundling step to skip sysprep. The base Windows EC2 AMIs come with an application in the start menu called “ec2Service Setting” that has a check box to enable/disable sysprep during AMI bundling, so it is easy enough to test this. However, I have no idea what happens to Windows if I disable sysprep during bundling, and I was not able to find a satisfactory answer via internet searches. The closest I got to an answer was to see several of the Amazon admins on the EC2 forum comment that it was not a good idea to disable sysprep if you were going to instantate multiple instances. I also found several documents online that discussed how sysprep was used to sanitize a Windows installation, generate a new SID, and make it generic for installation on any type of hardware. Since the virtual hardware of EC2 is, roughly speaking, identical (given that it is using Xen underneath the hood), I’m not too worried about the hardware issue. I have no idea about “sanitizing” the Windows instance or SID generation, though, so bundling without sysprep might mortally wound Windows (again…I’m no Windows expert). And I do want to run multiple instances from the bundled AMI, so that might be a non-starter as well. So I guess I will try the ready-shoot-aim approach of seeing what happens when I turn it off…

Compressing time, I started with a fresh Windows instance, installed cygwin and configured sshd like before, turned off sysprep and bundled it, started a new instance from the new bundled AMI, and…sshd still works. The new instance retains the SID that it had prior to bundling, and the registry entries are still there for the cyg_server account. Windows also appears to be working in all respects, but I’m not sure I could detect problems that might result internally from the omission of sysprep in the bundling. I guess I can run one more test, starting a bunch of instances at once, to see if having the same SID causes them to interfere with one another. I started four instances, running concurrently, and they each seem to be working fine. Or at least I can’t detect any problems.

So, in closing, it looks like I may have a solution: turn off sysprep if you want to use cygwin sshd in a bundled Windows AMI. Someone with more Microsoft kung-fu might be able to figure out how to make sysprep retain the registry entries for the cyg_server account, or maybe they would write a script to insert them directly into the registry at restart if they are missing…who knows. But for me, disabling sysprep seems to be the way to go. I found lots of other complaints on the internet about sysprep and what it does to installed software when the SID changes, so I’m guessing that there will be a lot of bundled AMIs in EC2 that are created with sysprep disabled. If there are, in fact, issues with multiple instances using the same SID, then I expect we will be reading about it in the EC2 forums, since everyone who creates a new AMI from the base Windows AMIs without sysprep will have the same base SID in their AMIs, and so on….