Bash Profile Adjustments – Scrolling History

Your bash profile lets you make edits that let you design how the cli works for you. One of my favorite edits is to let me set the scrolling back through my history be based on what I start typing. So, for example, I can type

[bash]cd[/bash]

and then use the up-arrow key and it scrolls through my cli history based only on those that start with cd

To add this to your .profile file (or put it in your .bash_rc file):

[bash]bind ‘"\e[A"’:history-search-backward
bind ‘"\e[B"’:history-search-forward[/bash]

Related: Customizing the Command Prompt for Terminal in UbuntuTesting if Ubuntu server email is working with cliLinux/Ubuntu File and Directory Permissions

Upgrading VPS Web Server from Ubuntu 10.04 to 12.04

I am not a “real” system administrator but I manager sever VPS servers for my own web sites. This is what I did to update from Ubunutu LTS 10.04 to Ubunutu VPS 12.04.

  1. I already have all the code and databases backed up, off the server, regularly. I backed up various things to another machine: sites-available files, cron directories, .bashrc, .profile, keys.
  2. I tried running the preferred upgrade command

    [bash]do-release-upgrade[/bash]

    But got the message

    -bash: do-release-upgrade: command not found

    Then I ran

    [bash]sudo apt-get install update-manager-core[/bash]

    Then I was able to run [bash]sudo do-release-upgrade[/bash]

  3. Which resulted in this somewhat scary message

    This session appears to be running under ssh. It is not recommended to perform a upgrade over ssh currently because in case of failure it is harder to recover.

    If you continue, an additional ssh daemon will be started at port ‘9004’.
    Do you want to continue?

    I look around on the web for advice. What’s the risk of upgrading over SSH? seems a good recap. I then continued. I then got this message

    To make recovery in case of failure easier, an additional sshd will be started on port ‘1022’. If anything goes wrong with the running ssh you can still connect to the additional one.
    If you run a firewall, you may need to temporarily open this port. As this is potentially dangerous it’s not done automatically. You can open the port with e.g.:
    ‘iptables -I INPUT -p tcp –dport 1022 -j ACCEPT’

  4. 12 minutes after the upgrade started, the download was complete and I got a message to decide if I wanted to manually approve every restart required or just automatically approve them all. I chose the option to have all restart automatically.
  5. Then lots of files were installed and I was asked about various files; where I (or some script) had changed (or deleted) the default file and now the upgrade wanted to replace the existing file. I had to guess what to do in those cases. They let you look at the diff between your existing file and the proposed overwrite. I think I would like it if they default behavior was to create a backup of the file in that same directory (you choosing whether to set your file or the updated file as active).

The entire process took exactly 30 minutes, with the system restarting in Ubuntu 12.04.

Thankfully the upgrade seems to have gone without causing any problems. This is normally the case. But, even with a very small likelihood of encountering issues it is worrisome as those issues might pose some serious problems. Especially for someone with very limited system administration ability.

I am extremely thankful for all the programmers that created the code to make this process so straightforward and reliable.

[bash]lsb_release -a[/bash]

lets you see the current Ubunutu version you are running.

When I updated a server that had Ruby on Rails applications everything almost worked fine. Passenger was unable to load the application talking about

libmysqlclient_r.so.16: cannot open shared object file: No such file or directory – /usr/local/rvm/gems/ruby-1.9.2-p290/gems/mysql2-0.3.11/lib/mysql2/mysql2.so

I was able to find the solution to that issue was to uninstall the mysql2 gem and then run bundle update: which worked great. The uninstall would work for me unless I was actually root (sudo didn’t work), so I used su to login as root and then

[bash]gem uninstall mysql2[/bash]

Then I went back to being my other user ran bundle update

[bash]bundle update rake[/bash]

Then everything was working fine.

Related: Keeping Your Hosted Ubuntu Web Server Software Up to DateAdding a Key to Your Server for SSH LoginChecklist: Setting Up a New Domain on VPS

Customizing the Command Prompt for Terminal in Ubuntu

To customize the look of the command prompt for Terminal in Ubuntu you can insert code into .bashrc (if you are having trouble with updates in .bashrc not working you may want to see if it is set in .profile – thus overriding your .bashrc). Those files are found in your user directory /home/[username]

[bash]echo $PS1[/bash]

will show you the current settings. You can make a change directly from the command line but it will only work for that session. For example:

[bash]PS1="\d\w $ "[/bash]

This is the code I have in my .bashrc related to the terminal prompt

[bash]# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "$debian_chroot" ] && [ -r /etc/debian_chroot ]; then
debian_chroot=$(cat /etc/debian_chroot)
fi

# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
xterm-color) color_prompt=yes;;
esac

if [ -n "$force_color_prompt" ]; then
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
color_prompt=yes
else
color_prompt=
fi
fi

if [ "$color_prompt" = yes ]; then
PS1=’${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ‘
else
PS1=’${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ‘
fi
unset color_prompt force_color_prompt[/bash]

Testing Email Using The Ubuntu CLI

For a Virtual Private Server (VPS) or any other web or other server you should have alerts sent by email for various things. So for example if you automate security updates for an Ubuntu web server you want to be notified if there is some issue with the automatic update.

In order to check and be sure email is setup and working on the sever there is simple command line code to use:

[bash]mail -s Test[/bash]

you then get a prompt to enter

To: [enter the email and press return]

Cc: [press return]

then a blank where you can type in any text you want in the body of the message.

Then you send the message with by pressing CTRL-d

[bash]CTRL-d[/bash]

If you don’t receive the email then you can troubleshoot what is going wrong.

Keeping Your Hosted Ubuntu Web Server Software Up to Date

To setup automatic security updates follow the instructions from Ubuntu.

To run security update manually

[bash]sudo unattended-upgrade[/bash]

A full update of all packages can be done using the follow, remember this may create some issues is one update makes something else you have no longer work properly. You should test to make sure things all work after the updates (for production systems obviously you should test things before [first updating the staging server to make sure the updates don’t cause any problems] and after the updates).

First update the local package index (to find what needs to be upgraded).

[bash]sudo apt-get update[/bash]

Then upgrade the software.

[bash]sudo apt-get upgrade[/bash]

Adding a Key to Your Server for SSH Login

Using Ubuntu

An authentication key allows your server to authenticate the computer you are using has the right key and should be granted access. This lets you use the key instead of a username and password when using ssh.

If you don’t already have a key on your local machine (look for a file named id_rsa.pub in your user home directory under the .ssh folder

[bash]cd /.ssh[/bash]

will get you to the right directory) then you need to generate the key pair. On your desktop machine use:

[bash]ssh-keygen[/bash]

Next you copy the file to your server. scp ~/.ssh/id_dsa.pub [user]@[server]:.ssh/

[bash]scp ~/.ssh/id_dsa.pub username@servername:.ssh/[/bash]

Rename the file on the server to authorized_keys2
[bash]mv id_rsa.pub authorized_keys2[/bash]

The key is for to authenticate your computer. But on the ssh login Ubuntu will look in the user folder. So if you also had user2 access to the server and tried to ssh into the server you would not be authenticated because it would look in user2/.ssh for the authorized key file and not find it. You can put the same key in any user folder on your server to have that user also be automatically authenticated.

Replace Text in Files Recursively (Linux)

To replace text in all the files in a directory, recursively, you can use grep.

sudo grep -rl texttoreplace /somedirectory/ | sudo xargs sed -i ‘s/repacethis/withthis/g’

[bash]sudo grep -rl oldtext /example/directory/ | sudo xargs sed -i ‘s/oldtext/newtext/g'[/bash]

The g on the end, lets it replace all the instances of the text in each file.

More ubuntu and linux tips and code samples

Replacing a Host Key

Host keys are used to security log into remote servers (such as Virtual Private Servers – VPS). With Ubuntu if you are using host keys to sign into servers securely and have asked for strict checking, if you make a change (such as rebuilding your VPS) the host key will change and you cannot login and will get a message like:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is

Please contact your system administrator.

RSA host key for 128.0.0.128 has changed and you have requested strict checking.
Host key verification failed.

if that happens you need to remove your local host key. Then you can sign back in and you will be able to save a new copy of the host key. If you don’t know why the key has changed you should figure that out first as it maybe be an indication of an important security problem. To remove you local key, you can use ssh-keygen -R [ip address of server with the bad key] for example: ssh-keygen -R 128.0.0.128

Then when you try to sign in you will get

The authenticity of host '128.0.0.128 (128.0.0.128)' can't be established.

RSA key fingerprint is ed:...:ea.
Are you sure you want to continue connecting (yes/no)?

And if you know why (such as you made changes to the server) you can say yes and connect and save the new known host key.

Basic MySQL Performance Monitoring

Basic MySQL Performance Monitoring

regular Ubuntu cli tools

  • mysqladmin status – mysqladmin status -uroot -p

MySQL command line interface tools

[bash]mysql -uroot -p[/bash] to open the command line.

[sql]SHOW GLOBAL STATUS;
SHOW ENGINE INNODB STATUS;
SHOW PROCESSLIST;
SHOW GLOBAL STATUS LIKE ‘Qcache_%’;[/sql]

cli tools

  • mytop – top for MySQL. Install using: sudo apt-get install mytop (assuming Ubuntu operating system). There is a very useful setting file that can be used to set parameters instead of having to include them in each command. Save the file as ~/.mytop.
  • MySQLTuner – provides suggestions on performance improvements and my.cnf settings by analyzing data on your mysql database server.

Setting considerations

  • If Open_tables (SHOW GLOBAL STATUS will show this) is equal to your [bash]table_cache size[/bash] (set in /etc/mysql/my.cnf) that means it is being capped by your setting. The more MySQL has to read the table from disk the more IO and slower response, so if you have available RAM increasing the table_cache size may well make a big difference.
  • Key_reads/Key_read_request ratio should normally be < 0.01 (per MySQL manual, this means that nearly all key requests are taken from RAM). You can get both values using SHOW GLOBAL STATUS and then calculate the ratio. If the ratio is too high, consider increasing the key_buffer (in /etc/mysql/my.sql).
  • key_writes/key_writes_request should normally be near 1 (per MySQL manual)

Phusion Passenger Tips and Troubleshooting Ideas

Some tips and troubleshooting ideas for Phusion Passenger

Phusion Passenger manages resources for rails applications – spawning new instances as needed, etc..

  • [bash]passenger-status[/bash] – provide the status of passenger rails processes

Configuring Phusion Passenger

Add lines to /etc/apache2/apache2.conf to change the default settings

  • [bash]PassengerMaxPoolSize 10[/bash] – maximum number of total rails application instances, the default is 6
  • PassengerMaxInstancesPerApp 5 – sets the maximum pool size for any 1 rails application to 10 instances (default is no limit).
  • [bash]PassengerUseGlobalQueue ON[/bash] – sets globaly queing on, it is off by default. You want globaly queuing on if your requests have large differences in response times (slow and fast responses).

Related: Passenger documentation

Troubleshooting

If you try [bash]sudo passenger-status[/bash] and get something like
*** ERROR: Cannot query status for Passenger instance 2280:
Connection refused – /tmp/passenger.2280/info/status.socket
Restarting (not reloading) apache [bash]sudo /etc/init.d/apache2 restart[/bash] may fix the problem.