Cache Manager Configurations for squid

The cache manager (cachemgr.cgi) is a CGI utility comes with squid for displaying statistics about the squid process as it runs. The cache manager is a convenient way to manage the cache and view statistics without logging into the server

To make this configuration you need a webserver (Apache) running and configured.

1) Try to locate your cachemgr.cgi file which comes with the squid package, this can be done using rpm -ql command (different distro stores this file at different location), here you can also use locate/find command.

# rpm -ql squid | grep cachemgr.cgi
/usr/share/doc/packages/squid/scripts/cachemgr.cgi
/usr/share/man/man8/cachemgr.cgi.8.gz

In this case my cachemgr.cgi is in /usr/share/doc/packages/squid/scripts/ directory

2) Copy cachemgr.cgi file to your configure script alias (/var/www/cgi-bin) directory of you Apache

3) Open squid.conf file and insert following two parameters at the end of the file

cache_mgr test@test.com
cachemgr_passwd your_Password all

4) Restart your squid and open your browser and type
http://localhost/cgi-bin/cachemgr.cgi
you should see something like … , provide a configure e-mail and password (mentioned above).

Send email to undisclosed receipients


It's easy. In Window Mail, we uses Bcc: recipients and cleverly puts as the main recipient to send her emails to "undisclosed recipients" — a bumpy title for sure, but it works well.

Create an Address Book Entry for "Undisclosed recipients"

First, we'll create a convenient address book entry that makes sending emails to undisclosed recipients a lot easier:

Windows Mail:

Select Tools | Windows Contacts... from the menu in Windows Mail.
Click New Contact.
Type "Undisclosed" in the First: field.
Type "recipients" under Last:.
Enter your email address under E-mail:.
Click OK.
Outlook Express:

›› Step by Step Screenshot Walkthrough
Select Tools | Address Book... from the menu.
Click the New button in the toolbar and select New Contact....
Type "Undisclosed" in the First: field.
Type "recipients" under Last:.
Type your email address under E-Mail Addresses:.
Click Add.
Now click OK.
Send an Email to Undisclosed Recipients in Windows Mail or Outlook Express

To compose and deliver an email message to a group of undisclosed recipients in Windows Mail or Outlook Express:

›› Step by Step Screenshot Walkthrough (Outlook Express)
Start with a new message.
Click on the To: button with the address book icon.
Highlight your "Undisclosed recipients" entry.
Click To: ->.
Highlight all other desired recipients.
Click Bcc: ->.
Click OK.
Now you can add any additional recipients in the Bcc: field.
Make sure you separate recipients by semicolons.
If you do not see the Bcc: field, select View | All Headers from the menu.
Compose and eventually send your message.

BCC options in Outllok Express 6


How to Add Bcc Recipients in Windows Mail or Outlook Express

Bcc recipients are special: they get a copy of a message, just like Cc recipients do. But the addresses of the Bcc recipients do not show up in the mail, the Bcc recipients stay anonymous.
By default, Windows Mail and Outlook Express does only show the To and Cc fields. That can be changed, though!

Add Bcc Recipients in Windows Mail or Outlook Express

To add a Bcc recipient to a new message in Windows Mail or Outlook Express:

›› Step by Step Screenshot Walkthrough
Select View from the message's menu.
Make sure All Headers is checked.
A Bcc: field appears right below the Cc: field and can be used to add Bcc recipients to the message in Windows Mail or Outlook Express. You can also use it to send an email to undisclosed recipients.

Find Out Who You Bcc:ed Later

After you have sent the message, the copy in your Sent Items folder will not overtly display the Bcc: recipients. But you can still find out who you bcc:ed on a message in Windows Mail or Outlook Express.

user management in FreeBSD

Managing users and groups on FreeBSD

SYNOPSIS
This document describes how to use FreeBSD's most commonly used tools for managing users, and explains some of the principles behind these tools.

The reader should be familiar with basic FreeBSD commands enough to be able to log into a FreeBSD server and get a shell prompt (either via telnet or ssh), change directories, list files, view files, and edit files.

Unless otherwise specified, all commands listed must be run as user root. If you do not have root access to your server, your options are limited to modifying your own account in certain, restricted ways (described in the appropriate sections below).

DESCRIPTION
This document will cover some of the basic commands that all FreeBSD system administrators should know about to manage users and groups.

Conventions
We use 'joe' as our example account on our system. We practice adding, modifying, and removing the 'joe' account in various ways.

Most of the time, the root user is executing commands to modify the 'joe' account. At these times, commands issued by root will appear with a hash (or pound sign: #) at the beginning of a line followed by a command:

    # rmuser joe
This means that this command was issued by the root (super-user) user. This is a common convention in Unix documentation.

Likewise, a percent sign ('%') followed by a command is meant to indicate that the command was issued by a normal (unprivileged) user:

    % passwd
This means that our example user 'joe' issued this command at his shell prompt.

Another convention we use in this document is manpage references. pw(8) means "the manpage named pw in section 8 of the manual". To read this manpage at your shell prompt, type:

    # man 8 pw
Organization
This document is divided into the following sections:

Creating new users
Modifying existing users
Disabling existing users
Removing existing users
Managing users en-masse
Quotas
CREATING NEW USERS
The most common aspect of managing users on a FreeBSD system is adding new users to your system (sometimes called "provisioning"). The following programs are but a few of the ways to do this:

Adduser(8)
The simplest way to add a user to your system is with the adduser command (from the adduser(8) manpage):

    Adduser is a simple program for adding new users.
    Adduser checks the passwd, group and shell databases.
    It creates passwd/group entries, HOME directory,
    dotfiles and sends the new user a welcome message.
adduser works as a "wizard" (simple, step-by-step questions you answer). You can provide options to adduser to simplify the wizard interface even further. adduser is probably the most common way to add new users because of its simplicity. The -s and -q options removes some potentially confusing questions when adduser starts up:

    # adduser -s -q
    Use option ``-verbose'' if you want to see more warnings and questions
    or try to repair bugs.

    Enter username [^[a-z0-9_][a-z0-9_-]*$]: joe
    Enter full name []: Joe Schmoe, Jr.
    Enter shell bash csh date ksh ksh93 no sh tcsh zsh [sh]: bash
    Enter home directory (full path) [/home/joe]:
    Uid [1000]:
    Enter login class: default []:
    Login group joe [joe]:
    Login group is ``joe''. Invite joe into other groups: guest no
    [no]:
    Enter password []:
    Enter password again []:

    Name:     joe
    Password: ****
    Fullname: Joe Schmoe, Jr.
    Uid:      1000
    Gid:      1000 (joe)
    Class:  
    Groups:   joe
    HOME:     /home/joe
    Shell:    /usr/local/bin/bash
    OK? (y/n) [y]:
    Added user ``joe''
    Add another user? (y/n) [y]: n
In this example, we enter a username 'joe', a full name 'Joe Schmoe, Jr.' and 'bash' for the shell. In all the rest of the questions, we simply hit Enter on our keyboard to specify that we want to accept the default value (found in square braces, e.g., [/home/joe]).

After entering the password (twice), adduser shows us a summary of what we are about to do and asks us to confirm this:

    OK? (y/n) [y]:
at which prompt we hit Enter to confirm. We then see:

    Add another user? (y/n) [y]:
at which prompt we reply n.

adduser has other configuration defaults you can specify in the /etc/adduser.conf file (adduser will even write this config file for you if you do not use the -q option). See the adduser(8) manpage for more details.

Pw(8)
Not far behind adduser in terms of ease-of-use is pw. While the pw(8) manpage is a bit daunting, once you become familiar with its consistent and powerful interface (and learn what options to ignore in the manpages due to differences in your own setup) you will probably prefer pw over adduser.

As an example of what options to ignore, unless you're running YP/NIS (a system comprised of network equivalents of passwd, group, hosts, and other common services), you can completely ignore the -Y and -y command-line options. Further, until you begin customizing policy information and default startup files for new users (advanced techniques not covered in this tutorial), you can ignore the -C, -D, -k, and -L options.

And unless you plan on setting account expiration policies (i.e., an account will expire, or a user's password will expire, forcing them to reset it), you can ignore the -e, and -p options.

This leaves us with a much simplified usage for pw(8):

    pw useradd [name|uid] [-q] [-n name] [-u uid] [-c comment] [-N]
       [-w method] [-g group] [-G grouplist] [-m] [-s shell] [-h fd] [-P]
These command-line options are likely the only ones you will use (unless you have more complex needs, of course, in which case the pw(8) manpage will be more useful to you).

Now we can look at a few examples of adding new accounts using pw.

A simple account for new user joe:
    # pw user add -n joe -c "Joseph Schmoe, Jr." -m -h 0
Once entered, you will be prompted for the password, but only once (so type it carefully!), with something like this:

    Password for user joe:
This will create a new user joe on your system with a unique UID (user id) and GID (group id). The -m option tells pw to create the home directory (which is what you usually want for new users). Some basic shell "skeleton" files will be copied into the user's home directory for him to customize at his leisure.

Notice that we can type user add as two words, or useradd as one word. The author prefers the former syntax because it helps him remember that user is interchangable with group, and add is interchangable with del, mod, and show.

Another simple account with a different shell and more secure password entry:
    # pw user add -n joe -c "Joseph Schmoe, Jr." -m -s /usr/local/bin/bash
This will create a new user joe and give him bash as his default shell (good choice!). It will not prompt you for a password (notice the -h option is absent); as such, it creates an account that cannot be logged into. The next step you need to take to complete this account creation is to give joe a password. Do this using the passwd command:

    # passwd joe
You will be prompted with the following (when you type passwords, they will not echo to the screen so that potential snoopers will not see it when you enter it, nor will they be able to scroll your terminal back to see it):

    Changing local password for joe.
    New password: (your password here)
    Retype new password: (your password here)
    passwd: updating the database...
    passwd: done
Now Mr. Schmoe, Jr. can log into his account.

In our final example for adding accounts with pw, we introduce the -w command-line option. This is useful for creating random passwords at account creation time (often users choose bad passwords; pw can generate a random password that will be stronger than most others):
    # pw user add -n joe -c "Joseph Schmoe, Jr." -m -s /bin/tcsh -w random
    Password for 'joe' is: b7xUhHYq
This will create a user account for joe; a random password b7xUhHYq was generated and displayed on the screen. This could be sent via postal mail, telephone, encrypted email, or HTTPS to Joe Schmoe. Mr. Schmoe would memorize this password and use it to log into his account.

Vadduser(1) (For VPS V2 Products)
For VPS v2 products (a "virtually" dedicated FreeBSD server), the vadduser(1) command is available. This command is simpler to use than either adduser or pw. A manpage is available, which lists all available options and gives many examples of simple usage.

Generally, the more you supply on the command-line, the less the vadduser program has to prompt you for information. You can create a complete account without any interaction with the program beyond the command-line arguments:

    vadduser --login=joe --fullname="Joe Schmoe" --password=joeiscool \
    --services="ftp,mail,shell" --shell=tcsh --quota=50 --home=/home/joe
Of course, you can always use the "wizard" interface, which will prompt you with questions and describe what answers you should supply.

    vadduser
This will prompt you step by step like adduser does; vadduser, however, asks fewer questions and adds more description of what's happening, as well as allows you to set service options (email, ftp, etc.) and quotas for new accounts.

MODIFYING EXISTING USERS
Once a user account has been added to your system, you can use several programs to modify that user's settings. In fact, some of these programs are also available for users to run themselves (from a shell prompt), further reducing the need for your direct intervention as system administrator.

Chpass(1)
chpass is a command useful for changing certain information in password files. If you run chpass as root, (e.g., chpass joe), an editor will open (e.g., pico, vi, emacs, ee, etc.) with the following information:

    #Changing user database information for joe.
    Login: joe
    Password: $1$uAGNRKJP$4.JUH2Q.wftt9GiwBSsNL.
    Uid [#]: 1002
    Gid [# or name]: 1002
    Change [month day year]:
    Expire [month day year]:
    Class:
    Home directory: /home/joe
    Shell: /usr/local/bin/bash
    Full Name: Joseph Schmoe, Jr.
    Office Location:
    Office Phone:
    Home Phone:
    Other information:
The root user may change any of this information. If, on the other hand, you run chpass as the user (e.g., joe), you may only change a limited amount of information:

    #Changing user database information for joe.
    Shell: /usr/local/bin/bash
    Full Name: Joseph Schmoe, Jr.
    Office Location:
    Office Phone:
    Home Phone:
    Other information:
That is, your shell and your "gecos" (full name, plus other info if desired) are the only things you may change when running chpass as the user.

chpass, despite its name, is usually not the program you want to run to change someone's password. For changing passwords, you should use passwd(1) instead.

Passwd(1)
passwd is the program to use to change a user's password. If you run passwd as root, (e.g., passwd joe), you will be prompted twice for the new password for user joe:

    # passwd joe
    Changing local password for joe.
    New password:
    Retype new password:
    passwd: updating the database...
    passwd: done
If passwd is run as the user (e.g., joe), you will be prompted for your old password first, then your new password. This is a security feature to prevent unauthorized users from changing user passwords from an unattended terminal:

    % passwd
    Changing local password for joe.
    Old password:
    New password:
    Retype new password:
    passwd: updating the database...
    passwd: done
Once run, the password for joe will be the new password. Email, FTP, and shell access will all be gained with this new password for the joe account.

Pw(8)
Changing user account information interactively is best accomplished with either the chpass, or passwd commands. However, when you want a quick one-liner to fix an account, or if you need to automate account modification, pw is your program.

Note some of the interesting uses for pw:

Changing user's name:
    # pw user mod joe -c "Joseph Carmichael Schmoe"
Changing user's password (be careful--it doesn't ask twice!):
    # pw user mod joe -h 0
    New password for user joe:
Changing user's login shell:
    # pw user mod joe -s /usr/local/bin/tcsh
Adding a user to another group:
    # pw user mod joe -G web
Removing a user from a group (in this case, the 'web' group):
    # pw user mod joe -G joe
The -G option removes the user from all groups except the ones listed after -G (each group should be separated by commas).

Vedituser (For VPS V2 Products)
For VPS v2 products (a "virtually" dedicated FreeBSD server), the vedituser(1) command ins available. This command is simpler to use than pw, and safer to use than chpass. A manpage is available, which lists all available options and gives many examples of simple usage.

Like vadduser, the more you supply on the command-line, the less the vedituser program has to prompt you for information. By way of example:

    vedituser --login=joe --services="ftp,mail"
will remove joe's shell access. You will be prompted for missing options, but the current account settings will be used as default values, so you can simply hit <Enter> to accept them.

DISABLING EXISTING USERS (BUT NOT REMOVING THEIR ACCOUNTS)
Disabling means many things to many people. Some people (including the author) would classify "disabling" as not only the inability to log in and do things, but also to shut off other existing services (such as cron, web, and other services that do not require the user to log in).

However, for the sake of space and time, we will define 'disabling' simply as the act of making a shell, ftp, and email (POP) account unavailable to the user. Disabling cron, web, and other services are beyond the scope of this tutorial, but are important considerations.

Pw(8)
The simplest way to disable an account is via the pw command:

    # pw lock joe
The joe account has now been disabled. To re-enable, simply:

    # pw unlock joe
Now the joe account is available for login again.

Chpass
Another effective, though slightly more error-prone method of disabling an account, is to insert an asterisk at the beginning of the user's password field. This is one of the few times you will use chpass as root to modify a password directly:

    # chpass joe
    #Changing user database information for joe.
    Login: joe
    Password: *$1$tmTYmsuQ$IHSy7urpdZwXEzA3iYsnF/
Note the asterisk ('*') at the beginning of the password hash. This guarantees that no password will match because the asterisk is outside the range of characters used by the password hashing algorithm.

When the time comes to re-enable the account, remove the asterisk using chpass.

Editing /Etc/Master.Passwd Directly
You may also disable the account by editing /etc/master.passwd directly. Like the chpass example above, insert an asterisk at the beginning of the password field. Be sure to run:

    pwd_mkdb -p /etc/master.passwd
when you're done so your changes propagate to the other password databases.

Re-enabling the account is accomplished in an analogous way (and be sure to run pwd_mkdb again).

REMOVING EXISTING USERS
Removing users from your system is probably the simplest operation you will do. The command to run is called rmuser and it works like this:

    # rmuser joe
This will prompt you with:

    Matching password entry:

    joe:$1$RzJXr6ka$xdE88TjW4vpwthy/.Vtho/:1004:1004::0:0:Joseph \
    Carmichael Schmoe:/home/joe:/usr/local/bin/tcsh

    Is this the entry you wish to remove?
at which you simply type a 'y' and enter. You will also be prompted to remove their home directory:

    Remove user's home directory (/home/joe)?
If you reply affirmatively, the home directory will be completely removed. Otherwise, the directory will continue to exist, and you may do with it as you please (e.g., tar it up as an archive and then remove it, etc.).

If you know you want to remove everything, you can use the -y option for rmuser, which will answer 'y' automatically at all questions:

    # rmuser -y joe
    Updating password file, updating databases, done.
    Updating group file: (removing group joe -- personal group is empty) done.
    Removing user's home directory (/home/joe): done.
    Removing user's incoming mail file /var/mail/joe: done.
    Removing files belonging to joe from /tmp: done.
    Removing files belonging to joe from /var/tmp: done.
    Removing files belonging to joe from /var/tmp/vi.recover: done.
Removing existing users by hand will not be covered in this tutorial, except to say that the password file entry, group entries, home directory, mail spools, cron jobs, and other miscellaneous files need to be considered when removing users. rmuser does all of this for you (and does it well).

Using Pw
Of course, pw can also be used to remove user accounts:

    # pw user del joe -r
The -r option is the inverse of -m. While -m instructs pw to create the home directory, -r tells pw to remove the home directory and its contents without prompting (much like rmuser with the -y option). pw is somewhat safer than rmuser; the pw(8) manpage tells us this about the -r option:

    This tells pw to remove the user's home directory and all
    of its contents.  Pw errs on the side of caution when
    removing files from the system.  Firstly, it will not do so
    if the uid of the account being removed is also used by
    another account on the system, and the 'home' directory in
    the password file is a valid path that commences with the
    character `/'.  Secondly, it will only remove files and
    directories that are actually owned by the user, or sym-
    bolic links owned by anyone under the user's home direc-
    tory.  Finally, after deleting all contents owned by the
    user only empty directories will be removed.  If any addi-
    tional cleanup work is required, this is left to the admin-
    istrator.
If you notice that a home directory was not removed, it was for one of the reaons stated above. You should check it out to see why before completely removing the home directory.

MANAGING USERS EN-MASSE
Large-scale management of users requires you to write a little code to get things done. Which programming language or environment you use is usually not important. However, some programming languages have been tailored for system administration and make automating common tasks simple. Among these are Perl and the Bourne-shell languages, which we will use here for our examples (many shells are Bourne-compatible to some degree, among them: ash, bash, sh, (the original Bourne shell), and zsh in Bourne-compatibility mode).

In this section, our sample task will be to add several hundred users to our system (with an intentional mistake affecting all accounts). Once the accounts have been provisioned, we will fix our mistakes so that all of our account owners are happy.

Creating Many Accounts
We want to create 300 accounts at once. Our saving grace is that the usernames do not have to be very creative (in fact, they can be downright ugly). We can do this using Perl:

    #!/usr/local/bin/perl -w
    use strict;

    ## create accounts for user_1 .. user_300
    for my $n ( 1..300 ) {
        system('pw', 'user', 'add', '-n', "user_$n");
    }
We save this program in a file called create_users and type:

    # perl create_users
After a few moments all of the accounts have been created. The account names are user_1, user_2, and so on. However, we just realized that we forgot to create the home directories for all these users! (We omitted the -m option after the username). Perl to the rescue again:

    #!/usr/local/bin/perl -w
    use strict;

    ## create home directories for user_1 .. user_300
    for my $n ( 1..300 ) {
        system('pw', 'user', 'mod', '-n', "user_$n", '-m');
    }
We save this program in a file called modify_users and type:

    # perl modify_users
After a few moments we check and, thankfully, all the home directories have now been created. You can see that our arguments to the pw program have changed in two places: we use mod instead of add, and we append the -m option after the username to create the home directory. We could change the shell in the same way, for example, by changing:

    system('pw', 'user', 'mod', '-n', "user_$n", '-m');
to:

    system('pw', 'user', 'mod', '-n', "user_$n", '-s', '/usr/local/bin/tcsh' );
Time passes. The need for these user accounts has disappeared. Is there a clean and sure-fire way to remove these accounts? Perl is our friend once again:

    #!/usr/local/bin/perl -w
    use strict;

    ## remove user_1 .. user_300 from our system
    for my $n ( 1..300 ) {
        system('pw', 'user', 'del', '-n', "user_$n", '-r');
    }
We save this program in a file called remove_users and type:

    # perl remove_users
After a few moments we notice that the accounts (password entries, group entries, home directories--everything) are gone. Nice!

The Bourne shell can also be used to accomplish these feats. In order for these one-liners to work, you need to be running a Bourne-compatible shell. The author recommends bash because of its completeness, but many people prefer the original /bin/sh for shell programming, which is always in good taste because of portability reasons (one Bourne-shell script is much more likely to run with no or few modifications than a csh or "C-shell" script).

You can run a Bourne shell by typing:

    # exec /bin/sh
Creating 300 users
This one-liner will add 300 users and create their home directories:
    # i=300; while [ $i -gt 0 ]; do pw user add -n "user_$i" -m; \
    i=`expr $i - 1`; done
Modifying 300 users
This one-liner will modify all 300 accounts, changing their shells to the Bourne shell:
    # i=300; while [ $i -gt 0 ]; do pw user mod -n "user_$i" \
    -s /bin/sh; i=`expr $i - 1`; done
Deleting 300 users
This one-liner uses rmuser to remove the users from the system:
    # i=300; while [ $i -gt 0 ]; do rmuser -y "user_$i"; \
    i=`expr $i - 1`; done
You will see a lot of output from rmuser, however. To silence it (including errors), do this:
    # i=300; while [ $i -gt 0 ]; do rmuser -y "user_$i" \
    > /dev/null 2>&1; i=`expr $i - 1`; done
or use the pw command instead.
QUOTAS
Quotas enable you, the system administrator, to control how much disk space users consume. This helps prevent abuse to your system (in general, bad things happen when a disk is full) as well as enable you, if you are using your system for profit, to allot resources as needed.

Enabling Quotas
To enable quotas, open /etc/fstab in your favorite editor and make sure the mountpoint you want to enable quotas for has the userquota option set. For example, if your primary mountpoint (where your users' home directories reside) is /, you'll see:

    # Device        Mountpoint      FStype  Options
    /dev/da0e       /               ufs     rw
which becomes:

    # Device        Mountpoint      FStype  Options
    /dev/da0e       /               ufs     rw,userquota
Many systems use /usr or /home as mountpoints instead of /. In this case, you might see something like this:

    # Device        Mountpoint      FStype  Options         Dump    Pass#
    /dev/ad0s1f     /usr            ufs     rw              2       2
which becomes:

    # Device        Mountpoint      FStype  Options         Dump    Pass#
    /dev/ad0s1f     /usr            ufs     rw,userquota    2       2
Once you have added the userquota option (or if it is already present), save your file and return to your shell prompt.

Now you can type the following to enable quotas:

    # quotaon -a
If you see a message like the following:

    quotaon: using /usr/quota.user on
    quotaon: /usr: Operation not supported
it means that your kernel has not been compiled to support quota operations. Compiling a new kernel is beyond the scope of this tutorial, but useful references may be found in the FreeBSD Handbook:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/quotas.html
Once quotas have been enabled, you're read to "prime" your quota database:

    # quotacheck -a
This will crawl the filesystem once to initialize the quota database. Once completed, this operation should not need to be repeated unless you disable quotas (e.g., with quotaoff -a), when it will need to be run again once quotas are re-enabled.

NOTE: If you are using a VPS v2 product (a "virtually" dedicated FreeBSD server), you may simply run vadduser, vedituser, or vquota to enable quotas on your system. All of these steps will be done for you.

Setting Per-User Quotas
Now that your system is configured to allow quotas, we want to impose quota limits on users. This is accomplished in two ways:

via the edquota command:
As root, type edquota joe to edit the quota information for joe. An editor will open with the following information:

    Quotas for user joe:
    /: kbytes in use: 6, limits (soft = 0, hard = 0)
            inodes in use: 10, limits (soft = 0, hard = 0)
Change soft = 0 and hard = 0 to the quota limit (in kilobytes) for the user. For example, if you want to impose a 10 megabyte limit on the joe account, change the limits to:

    Quotas for user joe:
    /: kbytes in use: 6, limits (soft = 10240, hard = 10240)
            inodes in use: 10, limits (soft = 0, hard = 0)
See the edquota(8) manpage for more details and options with edquota.

via a programming interface (e.g., Perl):
Some systems come with Perl's Quota module already installed. To determine if you have it installed, type the following at your shell prompt:

    # perl -MQuota
If you see no errors, and the cursor is now waiting for you to type more information, type a Ctrl-D to terminate perl.

However, if you see something like this:

    Can't locate Quota.pm in @INC (@INC contains:
    /usr/local/lib/perl5/5.6.1/i386-freebsd /usr/local/lib/perl5/5.6.1
    /usr/local/lib/perl5/site_perl/5.6.1/i386-freebsd
    /usr/local/lib/perl5/site_perl/5.6.1 /usr/local/lib/perl5/site_perl
    /usr/local/lib/perl5/5.00503 /usr/local/lib/site_perl .).
it means you do not have the Quota module installed. To install it, try the following:

    # perl -MCPAN -e 'install Quota'
Follow the CPAN instructions as they appear in your shell. Further assistance may be found in the CPAN(3) manpage, the Comprehensive Perl Archive Network interface.

Now that Perl's Quota module is installed, you can write a simple program to change a user's quota:

    #!/usr/local/bin/perl -w
    use strict;
    use Quota;

    ## get the username from the command-line
    my $user  = shift or die "usage: set_quota <username> <kbytes>\n";

    ## find the uid for this user
    my $uid   = getpwnam($user);

    ## get the quota from the command-line
    my $quota = shift;

    ## make sure a valid quota was entered
    unless( defined $quota && $quota =~ /^\d+$/ ) {
        die "usage: set_quota <username> <kbytes>\n";
    }

    print "Setting quota for $user...";
    Quota::setqlim(Quota::getqcarg('/home'), $uid, $quota, $quota, 0, 0);
    print "done\n";

    exit;
We save this in a file called set_quota. If we want to use this often, we make the file executable:

    # chmod 755 set_quota
Now we can run it anytime we want on any user. Let's give the joe account a 10 megabyte limit:

    # ./set_quota joe 10240
    Setting quota for joe...done
Let's login as joe and see if it worked:

    # su - joe
    % quota
    Disk quotas for user joe (uid 1000):
         Filesystem   usage   quota   limit   grace   files   quota   limit   grace
                  /       6   10240   10240              10       0       0      
    % exit
Excellent! Now let's remove the quotas we gave joe:

    # ./set_quota joe 0
    Setting quota for joe...done
The joe account no longer has any filesystem quotas (you may login and verify this). Besides setting a limit on disk space usage, we can also limit the number of files a user can create. This involves setting the inodes in use paramter in edquota or setting the next two parameters in Quota's setqlim function (all left as an exercise for the reader).

using vquota (for VPS v2 products)
Simply type 'vquota' at your shell prompt to get a brief usage statement for vquota. To change joe's quota to 50 megabytes, we could type:

    vquota joe 50
SUMMARY
FreeBSD supplies many useful commands to help system administrators manage user accounts. Chief among them are pw, adduser, passwd, and chpass. Knowing a shell or other programming language will also go a long way in automating routine and bulk tasks (including quota management).

The authoritative manual for FreeBSD system administration is The FreeBSD Handbook, found at:

    http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/
SEE ALSO
The FreeBSD Handbook:

    http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/
Managing users (from The FreeBSD Handbook):

    http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/users-modifying.html
Managing groups (from The FreeBSD Handbook):

    http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/users-groups.html
AUTHOR
Scott Wiersdorf, <scott@perlcode.org>

VERSION
$SMEId: docs/sysadmin/managing_users.pod,v 1.4 2003/07/18 22:21:21 scottw Exp $

password Expiry in FreeBSD


FreeBSD: Password expiry / aging policy

For security reason you must enable Password expiry policy on FreeBSD box. Linux comes with chage command, which changes the number of days between password changes and the date of the last password change.

FreeBSD pw command

Use pw command to setup password expiry date for existing user account. Syntax is as follows:
pw user mod USERNAME -p DD-MMM-YY

Where,

-p DD-MMM-YY: Set the account's password expiration date.
For example, expire user rocky’s password on 31-Mar-2006:
# pw user mod USERNAME -p 31-mar-06

Use pw command to setup password expiry while creating new user account.
pw user add USERNAME -p DATE -e DAYS:
Where,

-p DAYS: Set default account expiration period in days
-e DAYS: Set the account's expiration date.
For example create a user called didi and Set the default password expiration to 30 days.
# pw user add didi -p 30 -d /home/didi -m
# passwd didi

This is good if you have small number of users. For large installation base (such as University computers) you need to define user login class. With login class you can control the following :

Resource limits
Accounting limits
Authentication limits
Default user environment settings.

Installing configuring Gnokii on Linux



Gnokii provides tools and a user space driver for use with mobile phones under various operating systems (most testing is done under Linux but also Solaris, *BSD family and MS Windows families are known to work. Using Gnokii one can send/receive SMS, phonebook, call management and others.

Installation from rpm manager (yum)

Gnokii package is available via most of Linux distro repository, on Fedora 10 the below will install the gnokii package if not then do the installation from source.

yum install gnokii

Installing from Source:

1. Download the gnokii source download.
2. Untar the source and change (cd) to gnokii source directory

Run...

./configure (to configure)
make (to compile)
make install (to install the binaries)

Copy the example config file for gnokii from the Docs/sample/ directory to your home directory:

$ cp Docs/sample/gnokiirc ~/.gnokiirc

If you copied the .gnokiirc file to your home directory (not root) then do not forget to add your shell user account to uucp otherwise you wouldn't able to use gnokii due to permission problem on serial device you setup in .gnokiirc file.

$ groups
askar wheel uucp

I have tested Gnokii with my Motorola L6/L7 cell phones check gnokii.org whether your phone is supported or not. (Tip.

Configuration.

Gnokii uses gnokiirc file for all this configuration, if gnokii has been installed via package manager then most probably it may have installed a /etc/gnokiirc file, the settings in this file will be used in the absence of a .gnokiirc file in your home directory.

Below is the minimum setting we need.

Note: usually you only need to edit the port and model part only

[global]
port = /dev/ttyACM0 # Set to port on which your phone is connect Tip: check /var/log/messages ]
model = AT
initlength = default
connection = serial
use_locking = no
serial_baudrate = 19200
smsc_timeout = 10
[xgnokii]
allow_breakage = 0
[gnokiid]
bindir = /usr/sbin/
#[connect_script]
#TELEPHONE = 12345678
[disconnect_script]
[logging]
debug = off # Turn it on for debugging
rlpdebug = off
xdebug = off

While phone is connected and /etc/gnokiirc or .gnokiirc has been setup properly.

2. Check if you phone has been recognize by gnokii.

gnokii --identify

GNOKII Version 0.6.27
IMEI : IMEI359411000810925
Manufacturer : Motorola CE, Copyright 2000
Model : GSM900","GSM1800","GSM1900","GS
Product name : GSM900","GSM1800","GSM1900","GS
Revision : R4513_G_08.B7.DCR_R

This is what I get for my Motorola L7 connected with via USB cable with my laptop running Fedora 10.

Note: you should see gnokii identified your cellphone/gsm modem, if you don't see it, update your ~/.gnokiirc or /etc/gnokiirc to suit your need

Note: During testing use 'root' account or you will need read/write permissions on whatever serial port you specify in /etc/gnokiirc or .gnokiirc file.


Using Gnokii

All the below information and more can be found here.

Backup & Restoration of phonebook on phone SM card using gnokii

Backup

gnokii --getphonebook SM 1 end --vcard > myphonebook.vcf

Restore

gnokii --writephonebook --vcard \< myphonebook.vcf

Handling calls

To dial a voice call:

gnokii --dialvoice 12345678


SMS Sending and Receiving

Use smsd if you need both to send and to receive SMS. You can use it with a file or a database backend.

If you only need to send, you can also use gnokii --sendsms, which reads message body from stdin.

Example:

echo "This is a test message" | gnokii --sendsms +12345678

Or

gnokii --sendsms +12345678
type your text and press

Ctrl+d to exit.

SIMPLE INCREMENTAL BACKUP USING rsync COMMAND


Backups  can be classified to two types.They are

1)Full backup
The entire data will be backup will be taken every time

2)Incremental backup

Incremental backup take the full backup at the first time ,from the second time it will compare the files in first backup and the files in the directory which backup to be taken and only copy the modified files .

rsync

The rsync utility allows you to copyfrom local sysstem to a remote system or copy between two local directories .If the files exist in the destination directory ,rsync only copy the differences in the file,this property of rsync make it ideal for incremental backup

here is the syntax for rsync

rsync [options] [source folder] [Destination]

Example

rsync -azv /etc/sysconfig /backup/

In the above example the entire sysconfig directory will be copied to /backup folder when firsttime we run this command ,from second time onwards rsync checks the files in folder /backup with /etc/sysconfig and only copy the differnce in sysconfig file to /backup folder...

How to Setup Rsyslog Remote Logging on Linux (Central Log Server)


How to Setup Rsyslog Remote Logging on Linux (Central Log Server)


Every Linux distribution have some kind of logging mechanism that records all the system activities. A while back we provided a list of 20 log files that are stored under /var/log that you might be helpful during troubleshooting. These logs are very critical for sysadmin for troubleshooting purpose.

The following are the three common methods to log a message:

Logging on the same server: Messages get written into the local hard drive/local database
Logging on a remote server: Many systems forward their logs over the network to a central log server. On the central log server, the messages from various systems are written to the local hard drive/database.
Relay logging: Branch ‘A’ and Branch ‘B’ logs the messages on 2 different servers. These server in-turn logs the message to the ‘Head Office’.

Rsyslog is the default logging program on several Linux distributions including Debian and Red Hat based systems. Apart from implementing the syslog protocol, rsyslog adds additional features such as content-based filtering. This also uses TCP for transporting, and provides lot of configuration options.

This article explains how to implement the method 2 mentioned above. i.e This explains how to setup a central logging server, and send logs from individual servers to the central logging server.

This setup will help you to analyze the log files of all the servers in your infrastructure from a central log server.

Installation

Rsyslog comes as the default logging program in Debian Distribution and Red Hat based systems. If you system doesn’t have rsyslog, install it as shown below depending on your distro.

apt-get install rsyslog rsyslog-doc
(or)
yum install rsyslog rsyslog-doc
Rsyslog configurations are stored in /etc/ryslog.conf file and the files under /etc/rsyslog.d/ directory.



Configuration Structure

Before understanding how to setup the central logging sever, it is good to understand the configuration structure of rsyslog.

Rsyslog configuration files are structed in the following manner

Modules
Configuration Directives
Rule line
Modules
Rsyslog has a modular architecture. It enables functionalities to be added dynamically through these modules. The modules are categorized as:

Input Modules – Used to gather messages from various sources
Output Modules – Used to write the messages to various places ( file, socket etc.. )
Parser Modules – Used to parse the message content
Please note that there are also other categories of modules available. This is to give an overview of what modules can do.

Configuration Directives
All configuration directives must be specified one per line and must start with dollar sign ($). It affects the rules.

Rule line
Every rule line consists of two fields, a ‘selector field’ and an ‘action field’. The selector field is divided into two, ‘facilities & priorities’. Action specifies what action must be taken for the matched rule.

A Sample Configuration
######################
MODULES
######################

$ModLoad imuxsock
$ModLoad imklog

######################
Directives
######################
# Set the default permissions for all log files.

$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755

######################
RULES
######################
mail.info /var/log/mail.info
mail.warn /var/log/mail.warn
mail.err /var/log/mail.err
daemon.* /var/log/daemon.log
Note: 10 Examples for Viewing Huge Log Files in Linux might be helpful when you are manipulating log files.

Templates

Templates are a very important features provided by rsyslog. It allows the user to log the messages in their desirable format. It can also be used to create dynamic file names to log the messages. In case of database logging, the templates are used to convert the message into a proper SQL statement.

A sample template will look like:

$template mytemplate “Text-Before %msg% Text-After\n”
The above template will log the message “This is hello from rsyslog” as:

Text-Before This is hello from rsyslog Text-After
We will see how to use the template for generate the log files dynamically.

Central Logging Server

The above sections should have given an overview about rsyslog and how to configure it. Now we will move on to setup a central logging system.

For our discussion we will have server IP as “192.168.1.1” for the central log server, where all the log messages from client should be forwarded.

Add the following lines to the rsyslog.conf of the central log server servers (In this example, the following line was added on the log server with ip-address 192.168.1.1):

# provides support for local system logging
$ModLoad imuxsock

# provides kernel logging support (previously done by rklogd)
$ModLoad imklog

# provides UDP syslog reception. For TCP, load imtcp.
$ModLoad imudp

# For TCP, InputServerRun 514
$UDPServerRun 514

# This one is the template to generate the log filename dynamically, depending on the client's IP address.
$template FILENAME,"/var/log/%fromhost-ip%/syslog.log"

# Log all messages to the dynamically formed file. Now each clients log (192.168.1.2, 192.168.1.3,etc...), will be under a separate directory which is formed by the template FILENAME.
*.* ?FILENAME
After adding the above lines to the rsyslog.conf, restart the rsyslog process. Now the rsyslog server will be ready to accept messages.

# service rsyslog restart
Shutting down system logger:                               [  OK  ]
Starting system logger:                                    [  OK  ]
Add the following lines to the rsyslog.conf on the individual client machines that should send their log messages to the central server.

$ModLoad imuxsock

$ModLoad imklog

# Provides UDP forwarding. The IP is the server's IP address
*.* @192.168.1.1:514

# Provides TCP forwarding. But the current server runs on UDP
# *.* @@192.168.1.1:514
Restart the rsyslog process on the clients. Now the rsyslog central server (In this example, 192.168.1.1) will receive all the log messages from the configured clients and each client’s log will be placed under a separate directory.