Archive

Archives pour la catégorie ‘Système’

HOWTO : Linux FTP Server Setup

03/02/2023 Comments off

Source: linuxhomenetworking.com

Introduction

The File Transfer Protocol (FTP) is used as one of the most common means of copying files between servers over the Internet. Most web based download sites use the built in FTP capabilities of web browsers and therefore most server oriented operating systems usually include an FTP server application as part of the software suite. Linux is no exception.

This chapter will show you how to convert your Linux box into an FTP server using the default Very Secure FTP Daemon (VSFTPD) package included in Fedora.

FTP Overview

FTP relies on a pair of TCP ports to get the job done. It operates in two connection channels as I’ll explain:

FTP Control Channel, TCP Port 21: All commands you send and the ftp server’s responses to those commands will go over the control connection, but any data sent back (such as “ls” directory lists or actual file data in either direction) will go over the data connection.

FTP Data Channel, TCP Port 20: This port is used for all subsequent data transfers between the client and server.

In addition to these channels, there are several varieties of FTP.

Types of FTP

From a networking perspective, the two main types of FTP are active and passive. In active FTP, the FTP server initiates a data transfer connection back to the client. For passive FTP, the connection is initiated from the FTP client. These are illustrated in Figure 15-1.

Figure 15-1 Active And Passive FTP Illustrated

Ftp

From a user management perspective there are also two types of FTP: regular FTP in which files are transferred using the username and password of a regular user FTP server, and anonymous FTP in which general access is provided to the FTP server using a well known universal login method.

Take a closer look at each type.

Active FTP

The sequence of events for active FTP is:

  1. Your client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as ‘ls’ and ‘get’ are sent over this connection.
  2. Whenever the client requests data over the control connection, the server initiates data transfer connections back to the client. The source port of these data transfer connections is always port 20 on the server, and the destination port is a high port (greater than 1024) on the client.
  3. Thus the ls listing that you asked for comes back over the port 20 to high port connection, not the port 21 control connection.

FTP active mode therefore transfers data in a counter intuitive way to the TCP standard, as it selects port 20 as it’s source port (not a random high port that’s greater than 1024) and connects back to the client on a random high port that has been pre-negotiated on the port 21 control connection.

Active FTP may fail in cases where the client is protected from the Internet via many to one NAT (masquerading). This is because the firewall will not know which of the many servers behind it should receive the return connection.

Passive FTP

Passive FTP works differently:

  1. Your client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as ls and get are sent over that connection.
  2. Whenever the client requests data over the control connection, the client initiates the data transfer connections to the server. The source port of these data transfer connections is always a high port on the client with a destination port of a high port on the server.

Passive FTP should be viewed as the server never making an active attempt to connect to the client for FTP data transfers. Because client always initiates the required connections, passive FTP works better for clients protected by a firewall.

As Windows defaults to active FTP, and Linux defaults to passive, you’ll probably have to accommodate both forms when deciding upon a security policy for your FTP server.

Regular FTP

By default, the VSFTPD package allows regular Linux users to copy files to and from their home directories with an FTP client using their Linux usernames and passwords as their login credentials.

VSFTPD also has the option of allowing this type of access to only a group of Linux users, enabling you to restrict the addition of new files to your system to authorized personnel.

The disadvantage of regular FTP is that it isn’t suitable for general download distribution of software as everyone either has to get a unique Linux user account or has to use a shared username and password. Anonymous FTP allows you to avoid this difficulty.

Anonymous FTP

Anonymous FTP is the choice of Web sites that need to exchange files with numerous unknown remote users. Common uses include downloading software updates and MP3s and uploading diagnostic information for a technical support engineers’ attention. Unlike regular FTP where you login with a preconfigured Linux username and password, anonymous FTP requires only a username of anonymous and your email address for the password. Once logged in to a VSFTPD server, you automatically have access to only the default anonymous FTP directory (/var/ftp in the case of VSFTPD) and all its subdirectories.

As seen in Chapter 6, “Installing Linux Software“, using anonymous FTP as a remote user is fairly straight forward. VSFTPD can be configured to support user-based and or anonymous FTP in its configuration file which you’ll see later.

Lire la suite…

Categories: Logiciel, Système Tags:

nohup: How to launch standalone and independant job

02/02/2023 Comments off

Source: Wikipedia

nohup is a POSIX command to ignore the HUP (hangup) signal. The HUP signal is, by convention, the way a terminal warns dependent processes of logout.

Output that would normally go to the terminal goes to a file called nohup.out if it has not already been redirected.

Use

The first of the commands below starts the program abcd in the background in such a way that the subsequent logout does not stop it.

$ nohup abcd &
$ exit

Note that these methods prevent the process from being sent a ‘stop’ signal on logout, but if input/output is being received for these standard I/O files (stdin, stdout, or stderr), they will still hang the terminal.[1] See Overcoming hanging, below.

nohup is often used in combination with the nice command to run processes on a lower priority.

$ nohup nice abcd &

Existing jobs, processes

Some shells (e.g. bash) provide a shell builtin that may be used to prevent SIGHUP being sent or propagated to existing jobs, even if they were not started with nohup. In bash, this can be obtained by using disown -h job; using the same builtin without arguments removes the job from the job table, which also implies that the job will not receive the signal. Before using disown on an active job, it should be stopped by Ctrl-Z, and continued in the background by the bg command.[2] Another relevant bash option is shopt huponexit, which automatically sends the HUP signal to jobs when the shell is exiting normally.[3]

The AIX and Solaris versions of nohup have a -p option that modifies a running process to ignore future SIGHUP signals. Unlike the above-described disown builtin of bash, nohup -p accepts process IDs.[4]

Overcoming hanging

Note that nohupping backgrounded jobs is typically used to avoid terminating them when logging off from a remote SSH session. A different issue that often arises in this situation is that ssh is refusing to log off (“hangs”), since it refuses to lose any data from/to the background job(s).[5][6] This problem can also be overcome by redirecting all three I/O streams:

$ nohup ./myprogram > foo.out 2> foo.err < /dev/null &

Also note that a closing SSH session does not always send a HUP signal to depending processes. Among others, this depends on whether a pseudo-terminal was allocated or not.[7]

Alternatives

  • The screen or tmux command can also detach a process from the current shell. It allows one to reattach to the process later on.
e.g. the following call will run somescript.sh detached from SIGHUP and in the background:
 $ screen -A -m -d -S somename ./somescript.sh &
  • The disown command is used to remove jobs from the job table, or to mark jobs so that a SIGHUP signal is not sent.

References

“Bug 396 – sshd orphans processes when no pty allocated”. Bugzilla.mindrot.org. Retrieved 2009-06-10.

 

Categories: Système Tags:

How to Run Cron Every 5 Minutes, Seconds, Hours, Days, Months

02/02/2023 Comments off

Source: thegeekstuff.com

Question: How do I execute certain shell script at a specific intervals in Linux using cron job? Provide examples using different time periods.

Answer: Crontab can be used to schedule a job that runs on certain internal. The example here show how to execute a backup.sh shell script using different intervals.

Also, don’t forget to read our previous crontab article that contains 15 practical examples, and also explains about @monthly, @daily, .. tags that you can use in your crontab.

1. Execute a cron job every 5 Minutes

The first field is for Minutes. If you specify * in this field, it runs every minutes. If you specify */5 in the 1st field, it runs every 5 minutes as shown below.

*/5 * * * * /home/ramesh/backup.sh

Note: In the same way, use */10 for every 10 minutes, */15 for every 15 minutes, */30 for every 30 minutes, etc.

2. Execute a cron job every 5 Hours

The second field is for hours. If you specify * in this field, it runs every hour. If you specify */5 in the 2nd field, it runs every 5 hours as shown below.

0 */5 * * * /home/ramesh/backup.sh

Note: In the same way, use */2 for every 2 hours, */3 for every 3 hours, */4 for every 4 hours, etc.

3. Execute a job every 5 Seconds

Cron job cannot be used to schedule a job in seconds interval. i.e You cannot schedule a cron job to run every 5 seconds. The alternative is to write a shell script that uses ‘sleep 5′ command in it.

Lire la suite…

Categories: Système Tags: , , ,

Simple Tor Setup on Mac OS X

01/02/2023 Comments off

Source: kremalicious.com – 

There’re many reasons you might want to browse anonymously which can be accomplished by using Tor. The setup instructions on Tor’s website are quite scattered and outdated so here’re some steps to setup Tor on OS X with a simple automated script at the end.

I’m using OS X Yosemite (10.10) for the following instructions but it should work on almost any OS X version.

Tor Browser

The most simple way to surf anonymously with Tor is to just grab the Tor Browser bundle.

But it’s based on a super old version of Firefox. And there might be more you want to do anonymously on your machine than just browsing the web, like accessing resources via the Terminal or any other app. Or just use the browser you’re used to.

For this you need to have Tor installed on your system and additionally set specific Proxy values in your network preferences after you’ve started Tor.

Install Tor

Contrary to the weirdly outdated install instructions on Tor’s website (hey, remember Macports?), installing Tor on Mac OS X is super simple with Homebrew.

In your Terminal execute:

brew install tor

Then you can start it up by running:

tor

Congratulations, you now have Tor running on your system. But none of your network traffic is routed through it yet.

In order for all your system traffic being routed through Tor you need to adjust your system’s network proxy settings whih you can either do visually in the System Preferences or programmatically via OS X’s builtin networksetup.

Set network proxy settings via System Preferences

You can do this under System Preferences > Network and creating a specific Tor network location for it:

  1. From Location dropdown at the top, select Edit Locations…
  2. Create a new location by hitting the plus button and name it Tor. Hitting Done will select the new location which is now ready to be configured
  3. Go to Advanced > Proxies and activate SOCKS Proxy and add those values:
  • SOCKS proxy server: localhost
  • Port: 9050

tor-osx-proxy

After hitting OK & Apply at the initial network screen, you can easily switch to this newly created location from your menu bar under  > Location whenever you start up Tor.

Switching to the Tor location routes all network traffic on your system through Tor. Note that you have to repeat those steps for every other network interface if you use, say, Wi-Fi and Ethernet interchangeably.

Lire la suite…

Categories: Réseau, Système Tags: , , ,

HowTo: Make Ubuntu a Perfect Mac File Server and Time Machine Volume

31/01/2023 Comments off

ubuntu time machineFor quite some time I use my Ubuntu machine as a file and backup server for all Macs in my network which is perfectly accessible from the Finder in Mac OS X. There are some instructions available in the web for this task but all failed in my case so I wrote my own tutorial with all the steps needed for it to work properly.

So here’s my little Tutorial for connecting Mac OS X Leopard with Ubuntu and using your Ubuntu machine as a backup volume for Time Machine but all steps can be reproduced on every Linux box and they work with Mac OS X 10.4 Tiger too. At the end of this tutorial you will have a server which shows up in the Finder sidebar and behaves just like a Mac server when accessing it from your Macs. To be perfectly integrated with Mac OS X we’re going to use Apple’s Filing Protocol (AFP) for network and file sharing.

Although this Tutorial involves using the Terminal in Ubuntu and looks a bit geeky it’s very easy even for beginners. I have tried to explain all steps and Terminal commands so you may learn a bit about the Terminal too. At the end of the article you can download my Server Displays icon pack quickly made by me with custom icons for a Mac, Ubuntu and Windows server.

Personally I use a fresh installation of Ubuntu 8.04 Hardy Heron Desktop version (32bit on one machine, 64bit on the other) and Mac OS X Leopard (10.5.3 and later) to connect to them. On my Ubuntu boxes there’s no other file sharing protocol like samba (Windows sharing) or NFS activated.

Rumors are Apple will add some undocumented AFP commands with the Mac OS X 10.5.6 update which therefor won’t be supported by the current Netatalk package (and maybe never will). So be sure to check the latest comments on this article when the 10.5.6 update is out to see if this rumor is true and if there are problems caused by that.

Here are the steps involved in setting up your Ubuntu box as a Mac file server:

  1. Modify and install Netatalk (Open Source AFP implementation)
  2. Configure Netatalk
  3. Configure shared volumes (and Time Machine volume)
  4. Install Avahi (Open Source Bonjour implementation)
  5. Configure Avahi and advertise services
  6. Configure TimeMachine
  7. Conclusion, Problems and more informations
  8. Downloading and using the Server Display Icons
  9. Translations Of This Article

Lire la suite…

Categories: Système Tags: , , ,