Linux/Unix

​Creating a symlink is a common way of ensuring that the directory structure of a deployment will always be the same. For example you might create a symlink so that the release directory of release123/docroot will instead be just current. This is done using the ln command in the following way, the -s flag means that we use the ln (aka link) command to create a symbolic link.

I'm a proponent of automation, so when I find myself running the same commands over and over I always look for a way of wrapping that in an alias or script.

I spend a lot of my day to day job in the command line and I realised today that I must have typed 'git status' for the millionth time and wondered what my most commonly used commands were. So I found a stack overflow post showing my most used commands in a nice little bash one liner.

history | awk '{CMD[$2]++;count++;}END { for (a in CMD)print CMD[a] " " CMD[a]/count*100 "% " a;}' | grep -v "./" | column -c3 -s " " -t | sort -nr | nl |  head -n10

This command extracts information from the bash history and shows me the root command I have run. This showed me the following on my current system.

Grep is a really powerful tool for finding things in files. I often use it to scan for plugins in the Drupal codebase or to scan through a CSV or log file for data.

For example, to scan for user centric ViewsFilter plugins in the Drupal core directory use this command (assuming you are relative to the core directory).

grep "@ViewsFilter(\"user" -r core

The -r flag here recursively scans the 'core' directory. This command returns the following output.

Part of the process of putting a new site live can be moving DNS entries around. Prior to doing this it's a really good idea to sort out the Time To Live (TTL) of the DNS record so that when you do change DNS entries you aren't waiting around for a day for the DNS to sort itself out. Most DNS registrars will allow you to set your TTL down to a minute or so.

It's also very important to check the status of your DNS records to ensure that they have the correct TTL, usually a day before (and day of) the move.

You can check the TTL value of your A record with the host command. Change the value of the -t (type) flag to aaaa or cname to inspect different types of records.

host -a -t a www.hashbangcode.com

This will produce the following output. The TTL of the domain below is '125'.

Whilst it is possible to view the contents of an SSL cert from within most modern browsers I occasionally find the need to use the command line to find out the same information. I find this useful when renewing certificates as browsers can occasionally cache certificates for longer than expected, causing false results.

The following command connects to the server, downloads the SSL certificate from port 443 and then uses the openssl tool to extract the information from the certificate into a readable format.

echo | openssl s_client -showcerts -servername example.com -connect example.com:443 2>/dev/null | openssl x509 -inform pem -noout -text

This produces the following output.

DNS records, as many of you will already know, are commonly used to translate a human readable address into an IP address. This means that instead of visiting a website by typing in it's IP address you can just type in the easy to remember DNS address. I won't talk too much about how DNS records work here, but if you want to know more then you can read the awesome and easy to understand how DNS works commic.

In this post I will be looking at different tools that can be used to find out more about a DNS record, and what kinds of results they return. I won't be looking at the tools in great detail, but enough to get you started when looking up DNS records.

RKHunter (or Root Kit Hunter) is a program that can be used to scan a Linux machine to see if there is anything there that might be a sign of a security breach. It will scan all of the files on the system and look out for any suspicious files or unexpected changes to system files that might indicate a security breach. Just like anti-virus systems it has a database of root kit definitions that it will use to compare files against to see if they are infected but will also just check for changes to core system files.

Curl is an incredibly useful tool and has all sorts of flags and options available for every situation. I tend to use curl quite a lot for all kinds of stuff, and not just downloading large files. So I thought I would post a few of the most common things that I use the tool for. Note that most of the following URLs don't really exist, they are just for demo purposes. I have also left out the output of these commands as they vary from a few lines to many pages of output.

When doing an audit of an existing Linux server a good first step is to find out what distribution is running and if the server is running a 32 or 64 bit architecture.

To find out what architecture a server is running you can run the uname command, which will print out certain system information. This must be supplied with the -a flag in order to print out as much information as possible.

uname -a

This will print out a line similar to the following on an Ubuntu system.

Linux vlad 3.2.0-23-generic #36-Ubuntu SMP Tue Apr 10 20:39:51 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

This can be broken down bit by bit and will contain the following information.