Example of running a PHP script in CLI with custom memory limit:
php -d memory_limit=64M my_script.php
Source: http://cristian-radulescu.ro/article/php-cli-increase-memory-limit.html
Example of running a PHP script in CLI with custom memory limit:
php -d memory_limit=64M my_script.php
Source: http://cristian-radulescu.ro/article/php-cli-increase-memory-limit.html
atop -a | Display only active processes atop -g | Display general process info atop -m | Display memory usage info atop -n | Display network usage info atop -d | Display Dick usage info Alternatively you can just use atop and then key in the letters above to switch between. atop -r | read raw data. Use this to basically start looking at the processes from the start of the day 00:00 atop -r -b 09:00 | read raw data from 09:00 today atop -r y | read raw data from yesterday atop -r yy | read raw data from the day before yesterday atop -r y -b 09:00 | read raw data from 09:00 yesterday atop -r yy -b 09:00 | read raw data from 09:00 the day before yesterday atop -r <log> | read data from a log stored in /var/log/atop
# VSFTPD chroot configuration >> Create a no-shell user useradd -d $HOME_PATH -s /sbin/nologin $FTPUSER && passwd $FTPUSER !!!MAKE SURE TO CHMOD 755 the parent directory!!! yum -y install vsftpd chkconfig vsftpd on sed -i -e 's/IPTABLES_MODULES=""/IPTABLES_MODULES="ip_conntrack_ftp"/g' /etc/sysconfig/iptables-config modprobe ip_conntrack_ftp echo "rack" >> /etc/vsftpd/vsftpd.chroot_list mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.ORIG cat >/etc/vsftpd/vsftpd.conf <<EOF # vsftpd.conf - PASSIVE anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES listen_port=21 connect_from_port_20=YES xferlog_std_format=YES listen=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES pasv_min_port=60000 pasv_max_port=65000 # Add in /etc/vsftpd/vsftpd.chroot_list who you do *NOT* want to be chrooted chroot_local_user=YES chroot_list_enable=YES chroot_list_file=/etc/vsftpd/vsftpd.chroot_list # RackConnect # pasv_enable=YES # pasv_min_port=60000 # pasv_max_port=60100 # pasv_address=<publicRCip> (might not be required) # Logging xferlog_enable=YES log_ftp_protocol=NO syslog_enable=NO vsftpd_log_file=/var/log/vsftpd.log EOF >> Make sure to comment out "auth required pam_shells.so" in /etc/pam.d/vsftpd (errors in authenticate users with /bin/false shell): sed -i 's/^\(auth.*required.*pam_shells\.so.*$\)/#\1/' /etc/pam.d/vsftpd >> Enable firewall ports (in Rackconnect, open the same on the physical firewall): iptables -I INPUT -p tcp --dport 21 -m comment --comment "FTP" -j ACCEPT iptables -I INPUT -p tcp -m multiport --dports 60000:65000 -m comment --comment "FTP passive mode ports" -j ACCEPT /etc/init.d/iptables save >> Restart the service service vsfptd restart If -> vsftpd: refusing to run with writable root inside chroot () => allow_writable_chroot=YES ======================================================= SFTP Jailed: !!!! remember that the users home directory must be owned by root groupadd sftponly >> 1 domain managed by 1 or more users: useradd -d /var/www/vhosts -s /bin/false -G sftponly bob >> 1 user managing multiple domains: useradd -d /var/www/vhosts -s /bin/false -G sftponly bob SFTPUSER=bob SFTPUSERPASS=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w12 | head -n1) echo "$SFTPUSERPASS" | passwd --stdin $SFTPUSER && echo -e "\nsfptuser: $SFTPUSER\npassword: $SFTPUSERPASS" >> /etc/ssh/sshd_config #Subsystem sftp /usr/libexec/openssh/sftp-server Subsystem sftp internal-sftp >> 1 domain managed by 1 or more users: Match Group sftponly ChrootDirectory %h X11Forwarding no AllowTCPForwarding no ForceCommand internal-sftp >> 1 user managing multiple domains: Match Group sftponly ChrootDirectory /var/www/vhosts/%u X11Forwarding no AllowTCPForwarding no ForceCommand internal-sftp sshd -t service sshd restart >> Set correct permissions!!! chmod 755 /var/www/ chown root:root /var/www chown -R root:sftponly /var/www/* find /var/www/ -type d | xargs chmod 2775 find /var/www/ -type f | xargs chmod 644
Manually create list.txt with user:doc_root
e.g.:
mydomain.com:/var/www/vhost/mydomain.com example.com:/var/www/vhost/example.com
Get commands to create FTP users
cat list.txt | awk -F: '{print "useradd -d ",$2, "-s /bin/false -c TICKET_NUMBER ",$1 }'
Get commands to set FTP permissions (if doc_root exists already)
cat list.txt | awk -F: '{print "chown -R",$1, $2 }'
Generate and Assign random passwords to the users.
# for USER in $(awk -F: '{print $1}' list.txt) ; do PASS=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w12 | head -n1) ; echo $PASS | passwd --stdin $USER ; echo -e "username: $USER\npassword: $PASS\n" | tee -a pass.txt ; done ; echo -e "\n========================\nHere the credentials:" ; cat pass.txt
Create a list of vhosts’ paths: vhosts.txt
Example with only .com domains:
/var/www/domain1.com
/var/www/domain2.com
/var/www/domain3.com
Use a regex for sed to extract the vhost name, removing dots (example based on the example above)
This will return a list of PATH and VHOSTNAME. We will use VHOSTNAME as USER for that path
for i in `cat vhosts.txt` ; do echo "$i" | tr '\n' ' ' ; echo "$i" | sed 's/^.*www\/\(.*\)com.*$/\1/' | sed 's/\.//g' ; done >> list.txt
Print out the commands to run to add FTP users (no SSH)
Once checked the output, run these lines
cat list.txt | awk '{print "useradd -d ",$1, "-s /bin/false -c COMMENT_HERE ",$2 }'
(for sftp only):
cat list.txt | awk '{print "useradd -d ",$1, "-s /bin/false -G sftponly -cCOMMENT_HERE ",$2 }'
This will print out commands to run to assign user:apache_group to the vhosts’ paths
cat list.txt | awk '{print "chown -R ",$2 ":www-data ",$1 }'
(for sftp only):
cat list.txt | awk '{print "chown root:root",$1 }' cat list.txt | awk '{print "chown -R ",$2":"$2 ,$1"/*"}'
Set g+s on vhosts to preserve directory owner
[TO CHECK]
for i in `cat list.txt` ; do echo "chmod g+s $i" ; done
[THIS EXECUTE]
for i in `cat list.txt` ; do chmod g+s "$i" ; done
Create list of random passwords using pwgen
for i in `cat list.txt` ; do p=$(pwgen -s -B 16 1) ; echo "$i:$p" ; done > list_u_p.txt
Create list of random passwords using openssl
for i in `cat list.txt` ; do p=$(openssl rand -base64 12) ; echo "$i:$p" ; done > list_u_p.txt
Apply these passwords automatically
for i in `cat list_u_p.txt` ; do USER=`echo "$i" | awk -F":" '{print $1}'` ; PASS=`echo "$i" | awk -F":" '{print $2}'` ; echo -e "$PASS\n$PASS" | passwd "$USER" ; done
Print output for reference
hostname ; cat list_u_p.txt | awk -F":" '{print "\nusername:", $1, "\npassword:", $2}'
Create file without replacing variables:
cat <<'EOF' > /path/file ============================ My name is ${0} I was input via user data ============================ EOF
If you check /path/file you will see exactly the content above.
Create file REPLACING the variables while creating:
cat <<EOF > /path/file ============================ My name is ${0} I was input via user data ============================ EOF
In this example, the variable ${0} will be replaced during the creation of the file, hence the content will display your username.
# openssl rsa -modulus -noout -in private_key.key | openssl md5 (stdin)= b650539so2020gwoge778b6981a38c # openssl x509 -modulus -noout -in mysite_certificate.crt | openssl md5 (stdin)= b650539so2020gwoge778b6981a38c
the outputs must match 🙂
You can do that using mpack
mpack -s "This is the subject" -d body.txt attachment.zip [email protected]
Check branch
git branch <name new branch>
Show changes after your last commit
git diff
rollback to previous change (specific file) to the latest commit
git checkout -- testfile
Delete branch
git branch -D <branch name>
Push new branch to the origin (my ‘git space’)
git push -u origin <branch name>
Restore file from upstream
git checkout upstream/master -- <filename>
Commit changes in one single line
git commit -a -m "comment"
If you want to merge the recent changes committed on the master branch into your dev branch
git checkout dev # gets you "on branch dev" git fetch origin # gets you up to date with origin git merge origin/master
If you want to reset ALL from the version ‘on the web’
git fetch origin git reset --hard origin/<branch>
Check containers
# docker ps -a
Connect to a container
# docker start <ID> # docker attach <ID>
Exit from a container
-> type 'exit'
Remove all of Docker containers:
docker stop $(docker ps -a -q) docker rm $(docker ps -a -q)
# openssl rsa -modulus -noout -in private_key.key | openssl md5 (stdin)= jhg557dd83jdlki93de778b69ojg536 # openssl x509 -modulus -noout -in certificate.crt | openssl md5 (stdin)= jhg557dd83jdlki93de778b69ojg536