Archive for September, 2014

mail command – modify the From address

Here is how you can send an email message from linux command line and use a different from address. This is useful in scripts that run as a user that would not necessarily manage the process or even look at or care about the email.

$ mail -s “Test Subject” — -f -F ‘”Do Not Reply” ‘ < someinputfile

VMware ESXi – Common Information Model

Version: VMware ESXi 5.1 and 5.5.

To determine the hardware in your VMware ESXi host, you can access the Common Information Model (CIM) data using a VMware provided shell script when you install ESXi.

Note: You have to have ssh enabled.

I found it easiest to just run the script and search the output from the less command.

Once logged via ssh as root:

~ # /bin/ > tmp.fil

~ # less tmp.fil

In my case, I was looking for specific physical memory information, so I searched for PhysicalMemory.

I found the following useful to determine the categories in the output:

~ # egrep “^Dumping” tmp.fil
Dumping instances of CIM_Namespace
Dumping instances of CIM_RegisteredProfile
Dumping instances of CIM_Sensor
Dumping instances of OMC_RawIpmiSensor
Dumping instances of OMC_RawIpmiEntity
Dumping instances of CIM_ComputerSystem
Dumping instances of CIM_Chassis
Dumping instances of CIM_SoftwareIdentity
Dumping instances of CIM_Memory
Dumping instances of CIM_PhysicalMemory
Dumping instances of CIM_Processor
Dumping instances of CIM_LogRecord
Dumping instances of CIM_RecordLog
Dumping instances of CIM_EthernetPort
Dumping instances of CIM_PowerSupply
Dumping instances of CIM_PCIDevice
Dumping instances of VMware_StorageExtent
Dumping instances of VMware_Controller
Dumping instances of VMware_StorageVolume
Dumping instances of VMware_Battery
Dumping instances of VMware_SASSATAPort

Chroot vsftpd – if you must.

Tested on Ubuntu 12.04 LTS.

This should be used only for an account for ftp only, because filesystem write access will be removed.

Install vsftp:

$ sudo apt-get install vsftpd

Edit /etc/vsftpd.conf:

$ sudo cp -p /etc/vsftpd.conf /etc/vsftpd.conf.orig
$ sudo vi /etc/vsftpd.conf

# JGZ 9/3/2014 – disable anonymous

# JGZ 9/3/2014 – use local accounts

# JGZ 9/3/2014 – allow writing

# JGZ 9/3/2014 – jail local user accounts in their home directory

# JGZ 9/3/2014 – don’t allow list

# JGZ 9/3/2014 – list permission if in the file

Edit/create chroot list file:

$ sudo vi /etc/vsftpd.chroot_list


Remove write access from the localusername directory:

$ sudo chmod a-w /home/localusername

Note: If you use the command above, you will need to create a subdirectory in the home that the localusername can write in. If you want to restrict the ftp user to their home directory, omit the chroot_list_enable and chroot_list_file options specified in the config.

The following will change the log location from /var/log/xferlog to /var/log/vsftpd.log, however it will give you much more useful information. To enable verbose logging add the following:

# JGZ 3/2/2015 – verbose logging

# JGZ 3/2/2015 – enable verbose logging

This will not allow the ftp user to delete files for directories. To restrict the ftp user command set:

# JGZ 3/2/2015 – deny delete and rm

To restrict FTP access to a set of I.P. Addresses (CentOS 7):
Use TCP wrappers:

# vi /etc/vsftpd/vsftpd.conf


Restart vsftpd:

# systemctl restart vsftpd

Deny all access:

# vi /etc/hosts.deny

vsftpd: ALL

Create exceptions:

# vi /etc/hosts.allow


Return top