How to Debug shell Script in Linux?


While executing a shell script use sh command with below options to debug a shell script in effective way. 


Options: -x , -v , -e , -u


-x if you set this option, it will show you each line before it executes it. Comments will not be reported.

#sh –x scriptname

-v Echo’s each line as it is read. It’s a kind of verbose and even echo back commented lines too.

#sh –v scriptname

Note: A small difference between –x and –v is that –v echo’s the line as it is read (So it will even display comments too.), whereas –x flag causes each command to be echoed as it is executed.

#sh –xv scriptname

-u –At times you use a variable without setting some value to it. If you use this flag it will give you the error saying so and so variable is not set before executing the script.

-e –Exit the shell script if any error occurs. This option will stop the script to run further once the script encounters an error. Use full for debugging the first error itself when running big scripts…

#sh –e scriptname


Example:

#sh -xv bkp_script.sh

#sh -e bkp_script.sh

How to check NTP service in Linux

How to check and start NTP service in Linux:



1.Check the NTPD service is running or not

#pgrep ntpd

or

#ps -eaf |grep -i ntpd




2.If there is no NTP service is running then start the service


Start NTP Server and check /var/log/messages


#/sbin/chkconfig --list ntpd

#/sbin/chkconfig ntpd on


#systemctl start ntpd.service

or

#/etc/init.d/ntp start

or

#/etc/init.d/xntpd start

#ntpdate -u "NTP server IP address"




3.Check the NTP is synced or not

#ntpq -p

#ntpstat

//show the network time synchronization status




4.Check the NTP config file is the server IP entered correctly.

#more /etc/ntp.conf


How to block particular IP attack in linux server ?




2.How to block particular IP attack in linux server ?



Check your server utilization using TOP command. And use following command to list all the IP addresses connected to my server.

#netstat -tn 2>/dev/null | grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr | head


[user@serverA]$ netstat -tn 2>/dev/null | grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr | head
      25 165.89.185.201
      2 140.176.118.7
[user@serverA]$

From IP - 165.89.185.201 there are 25 connections opened. If you felt this is abnormal connection and if you want to block this IP then you can use below steps.


1.NULL ROUTE:

 Let null route the IP, so that all incoming connections from the IP will be dropped or ignored.

 You can also use following command to null route the IP (both command will do same action)

 # route add -host 165.89.185.201 reject

  or

 #route add 165.89.185.201 gw 127.0.0.1 lo


2.netstat -nr to display all the routes, to make sure it is added into the route table.

  
  #netstat -nr

 Kernel IP routing table
 Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
 165.89.185.201  127.0.0.1       255.255.255.255 UGH       0 0          0 lo


3.Check all connected IP again, those attacker’s IPs are gone:

  #netstat -tn 2>/dev/null | grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr | head


  >Now you cant find that IP connections to server.


4. If you want you can delete the null route.

 To delete existing null route IPs, uses route delete.

 #route delete 165.89.185.201  




How to find who rebooted the Linux server ??


How to find who rebooted the Linux server ??


The below steps will help to find out who or when the server had rebooted last time. Once the server had panic reboot or some one rebooted system admin need to find out why/ who and when the server had rebooted.
Hope the below will help to find out the things.


1. last command

#last reboot

or 

#last |grep -i reboot

2. who –b

This command displays the time of last system boot and who logged on.


3.See these users shell history files in ~username/.bash_history for su or sudo commands.

4.boot.log

# cat /var/log/boot.log

5.messages

#more /var/log/messages 

  - and check the syslog started" time stamp

6. grep reboot /home/*/.bash_history

  >> Now you can get which user rebooted the server.





Blogger Tips and TricksLatest Tips And TricksBlogger Tricks