alexalmazan.com

This table represents the order in which shell attributes are inherited

/etc/skel	default template for a new added users home directory
/etc/profile	sets environmental variables used by all users
/etc/profile.d	contains scripts specific to certain RPMS
/etc/bashrc	contains global aliass and system settings
~/.bash_profile	contains user environement settings and can be set to auto start programs at login
~/.bashrc	contains user aliases and functions

/etc/passwd File contains the configuration info for loacl users in the following format(world readable):

username : x: UID:GID:GECOS:homedir:shell

/etc/shadow File contains the username (which must match /etc/passwd) and the users MD5 encrypted password (only readable by root)

/etc/group file contains the configuration for local groups in the following format

groupname :x: GID : secondary users

/etc/gshadow file contains a list of groups on the server and their MD5 encrypted passwords.

useradd	used to add new users
usermod	used to modify the attributes of the user
groupadd	used to add new group to server
groupmod	used to change group attributes
passwd	used to create or change user passwords
chage	command used to create/edit password aging

Locating files with Special Permissions/attributes

find . / -perm +4000 |less

find root owned

find / -perm +2000  | less

get all GID/SUiD

find / -perm +1000 (sticky bit)

can be (used to find 777)

Setuid Suid Set UserID is used on Unix systems for tasks that require higher privileges. Has greatest impact on executable files.

chmod u+s <file>

setgid

chmod g+s  

or

chmod 2770 /some/directory

assigns group ownership to directories

example

Configure the users mike,chris and jamie

make these users part of the ru group

useradd -s /sbin/nologin ru
useradd chris -G ru -p '    ' 

(grub-md5-crypt can be used to generate system passwords)

configure the directory /home/ru so that each user can read,create, and modify files.

chmod 2770 /home/ru 

or

chmod u+s /home/ru

Here is a query to be run against the psa database for rotating all logs for hosted Apache domains. Ensure that use issue ‘database psa’ prior to running the join

mysql>  select a.*,b.name from log_rotation a join domains b on a.id=b.id where turned_on="true";

Plesk Spamassassin permits the establishment of ‘personal settings’ for individual configured mail users. Problems arise as the default configure ‘required_score’ value for calssifying spam defaults to ‘7’. This is a quick means of changing the score for all hosted mail users from 7.00 to 4.00:

Get to the SQL CLI as the Plesk admin user and inspect the current established settings

[root@server1 log]# mysql -uadmin -p`cat /etc/psa/.psa.shadow` psa

Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7578332 to server version: 4.0.18-Max

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> select * from spamfilter_preferences where preference='required_score';

This should display all user settings. You may have to issue something similar to the following query to get those with a score of 4.00 or higher

mysql> select * from spamfilter_preferences where preference='required_score'&& value != '4.00';

Use an update statement to change the values in the database table

mysql>  update spamfilter_preferences set value='4.00' where value='7.00';

It is also adviseable to set spamassassin to reject messages tagged as spam. To do so, issue the following via the SQL cli.

mysql>update spamfilter set reject_spam='true' where reject_spam='false';

Once this is all in place, you must use ‘mchk’ to re-issue the .qmail files

[root@server1 log]#/usr/local/psa/admin/bin/mchk --with-spam

Once this is finished, issue

[root@server1 log]#service qmail restart && service psa-spamassassin restart && service xinetd restart && service courier-imap restart 

The scores should now be at the value selected.

Cron

Five values are available for scheduling automated processes

minute  hour   day of month  month  day of week                       
0-58    0-23      1-31       1-12     0-7  (0 or 7 is Sun,3 ltr abrvs)

examples

1.) create a cronjob for the user root that checks the amount of availabe space on the system every friday at 12:34 pm

34     12     *     *     5     /bin/df -h >>root.out --to create a file
34     12     *     *     5     df -h 

will mail to crontab user (MAILTO=user to customize)

2.) Create a cronjob as a regular user that lists the contents of /tmp at 4:56 am on Monday,February 3

56 04 3 2 1 /bin/ls -alh /tmp >> /root/tmpspace.out

(this one will run on every monday and on the third. Day of week or day of month get applied when the condition is met) You will have to write the logic in the script or * for every monday or * from just the third