Linux group and permission and owner

Linux group and permission and owner:
View all group:
    getent group
    getent group | grep apache (apache is a group name and searching)
    getent group 92 (get group details by group id 92)
    groupadd -g200 deploy ( add a group id=200 and name=deploy)
View all user details:
    useradd pritom ( add a user, name=pritom)
    passwd pritom (set user password)
    getent passwd
    getent passwd | grep root (root is a user name and searching)
    getent passwd 91 (get user details by user id 91)
    usermod -G deploy apache ( add existing user to existing group, group=deploy, user=apache)
    useradd -G deploy pritom3 ( add user=pritom3 to group deploy on creating)


Change file owner:
chown -Rv root:deploy  /skel
chown -Rv root  /skel

root=user
deploy=group
skel=folder
-R=recursive
-v option, chown will list what it did (or didn't do) to the file.

chgrp - change the group ownership of a file
chgrp usergroup somefile
chgrp -Rv usergroup somedir

chmod - modify file access rights
su - temporarily become the superuser
chown - change file ownership
chgrp - change a file's group ownership

chmod 600 some_file
777 (rwxrwxrwx) No restrictions on permissions. Anybody may do anything. Generally not a desirable setting.

755 (rwxr-xr-x) The file's owner may read, write, and execute the file.
All others may read and execute the file. This setting is common for programs that are used by all users.

700 (rwx------) The file's owner may read, write, and execute the file.
Nobody else has any rights. This setting is useful for programs that only the owner may use
and must be kept private from others.

666 (rw-rw-rw-) All users may read and write the file.

644 (rw-r--r--) The owner may read and write a file, while all others may only read the file.
A common setting for data files that everybody may read, but only the owner may change.

600 (rw-------) The owner may read and write a file. All others have no rights.
A common setting for data files that the owner wants to keep private.


Directory permissions:
777 (rwxrwxrwx) No restrictions on permissions. Anybody may list files,
create new files in the directory and delete files in the directory. Generally not a good setting.


755 (rwxr-xr-x) The directory owner has full access. All others may list the directory,
but cannot create files nor delete them. This setting is common for directories that
you wish to share with other users.

700 (rwx------) The directory owner has full access. Nobody else has any rights.
This setting is useful for directories that only the owner may use and must
be kept private from others.


Becoming the superuser for a short while
[me@linuxbox me]$ su
Password:
[root@linuxbox me]#


Changing file ownership:
[me@linuxbox me]$ su
Password:
[root@linuxbox me]# chown you some_file
[root@linuxbox me]# exit
[me@linuxbox me]$

Changing group ownership:
[me@linuxbox me]$ chgrp new_group some_file

Edit /etc/sudoers by command
    visudo
    or
    vim /etc/sudoers
Allow apache to run various commands:
apache ALL=/usr/bin/wat_deploy, /usr/bin/wat_destroy

Allow user apache to run commands without any password i.e. as root without authenticating himself:
apache ALL= NOPASSWD: /usr/bin/wat_deploy, /usr/bin/wat_destroy

Run the command:
$ sudo /usr/bin/wat_deploy

Execute shell commands in PHP

/**
Method to execute a command in the terminal
Uses :

1. system
2. passthru
3. exec
4. shell_exec

 */
function terminal($command)
{
    //system
    if (function_exists('system')) {
        ob_start();
        system($command, $return_var);
        $output = ob_get_contents();
        ob_end_clean();
    } //passthru
    else if (function_exists('passthru')) {
        ob_start();
        passthru($command, $return_var);
        $output = ob_get_contents();
        ob_end_clean();
    } //exec
    else if (function_exists('exec')) {
        exec($command, $output, $return_var);
        $output = implode("\n", $output);
    } //shell_exec
    else if (function_exists('shell_exec')) {
        $output = shell_exec($command);
    } else {
        $output = 'Command execution not possible on this system';
        $return_var = 1;
    }

    return array('output' => $output, 'status' => $return_var);
}

Use as this way:
$o = terminal('ls');
print_r($o);

http://www.binarytides.com/execute-shell-commands-php/

Replace a string in file using shell script

Suppose my file a.conf is as following

Include /1
Include /2
Include /3

I want to replace "Include /2" with a new line, I write the code in .sh file : 

line="Include \\/2"
rep=""

sed "s/${line}/${rep}/g" /root/new_scripts/a.conf > /tmp/a.conf-new

mv /tmp/a.conf-new /root/new_scripts/a.conf 

Encrypt a file using bash shell script

openssl des3 -salt -in /pritom/input.sql -out /pritom/output.pk -pass pass:pritom

where:

 /pritom/input.sql is the input file

 /pritom/output.pk is encrypted output file

 -pass pass: pritom (pritom is used as password) 

Install Qmail and Vpopmail in Linux Server

1. For Linux Server

2. Required packages

There are four packages needed for this qmail install.

2.1 netqmail-1.06.tar.gz
qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts. As of October 2001, qmail is the second most common SMTP server on the Internet, and has by far the fastest growth of any SMTP server.

2.2 ucspi-tcp-0.88.tar.gz
It is a tool similar to inetd. ucspi-tcp listens in 25 port and spawns qmail-smtpd when required. ucspi-tcp stands for Unix Client Server Program Interface for TCP.

2.3 daemontools-0.76.tar.gz
daemontools is actually a tool to manage & monitor daemons linux. It is used in qmail as well to manage qmail daemons.

2.4 checkpassword-0.90.tar.gz
checkpassword provides a simple, uniform password-checking interface to all root applications. It is suitable for use by applications such as login, ftpd, and pop3d.

3. Qmail Install

3.1 Get the files

Download files and place them into the /usr/local/src directory. This document refers to that directory for install procedures.

========================================================
cd /usr/local/src
wget http://www.qmail.org/netqmail-1.06.tar.gz
wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
wget http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gz
=========================================================

Now create /package directory and move daemontools-0.76.tar.gz to /package.

=========================================================
mkdir /package
mv -iv /usr/local/src/daemontools-0.76.tar.gz /package
=========================================================

3.2 Create users and groups

Run following commands one by one, to create required users & groups

==============================================
groupadd nofiles
useradd -g nofiles -d /var/qmail qmaild
useradd -g nofiles -d /var/qmail qmaill
useradd -g nofiles -d /var/qmail qmailp
useradd -g nofiles -d /var/qmail/alias alias
groupadd qmail
useradd -g qmail -d /var/qmail qmailq
useradd -g qmail -d /var/qmail qmailr
useradd -g qmail -d /var/qmail qmails
==============================================

3.3 Compile & Install

Untar the Qmail source

============================
cd /usr/local/src
tar -xzvf netqmail-1.06.tar.gz
===========================

Compile the source

===================================
cd /usr/local/src/netqmail-1.06
make setup check
===================================

4. Configure Qmail

4.1 Post Installation setup

Post installation configuration can be done by running following script.

=============
./config;
==============

4.2 Configure Qmail aliases.

Create a user named "adminmails" to receive all administrator emails.

================================================
useradd adminmails;
cd ~alias;
echo "adminmails" > .qmail-postmaster;
echo "adminmails" > .qmail-mailer-daemon;
echo "adminmails" > .qmail-root;
echo "adminmails" > .qmail-postmaster;
echo "adminmails" > .qmail-abuse;
chmod 644 ~alias/.qmail* ;
==============================================

Create Maildir for "adminmails" user

========================================
su - adminmails
/var/qmail/bin/maildirmake ~/Maildir
========================================


4.3 Configure Qmail to use Maildir

Now we need to configure qmail to use the Maildir Format.

Create "/var/qmail/rc" with following contents.

====================================================================================

#!/bin/sh

# Using stdout for logging
# Using control/defaultdelivery from qmail-local to deliver messages by default

exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start "`cat /var/qmail/control/defaultdelivery`"

=====================================================================================

Make "/var/qmail/rc" executable

============================

chmod 755 /var/qmail/rc

============================

Create "/var/qmail/control/defaultdelivery" file.

=====================================================

echo ./Maildir/ >/var/qmail/control/defaultdelivery

=====================================================

4.4 Replace Sendmail binaries

======================================================
chmod 0 /usr/lib/sendmail ;
chmod 0 /usr/sbin/sendmail ;
mv /usr/lib/sendmail /usr/lib/sendmail.bak ;
mv /usr/sbin/sendmail /usr/sbin/sendmail.bak ;
ln -s /var/qmail/bin/sendmail /usr/lib/sendmail ;
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
=======================================================

5. Install ucspi-tcp

Untar the ucspi-tcp source.

=============================================================
cd /usr/local/src/
tar -xzvf ucspi-tcp-0.88.tar.gz
==============================================================

Patch ucspi-tcp with "ucspi-tcp-0.88.errno.patch" provided with net qmail.

==============================================================================
cd ucspi-tcp-0.88
patch < /usr/local/src/netqmail-1.06/other-patches/ucspi-tcp-0.88.errno.patch
===============================================================================

Install ucspi-tcp.

========================
make
make setup check
=========================

6. Install checkpassword

Untar checkpassword source.

=========================================
cd /usr/local/src
tar -xzvf checkpassword-0.90.tar.gz
=========================================

Patch checkpassword with "checkpassword-0.90.errno.patch" provided with net qmail.

================================================================
cd checkpassword-0.90
patch < /usr/local/src/netqmail-1.06/other-patches/checkpassword-0.90.errno.patch
================================================================

Install checkpassword.

==================================
make ;
make setup check
==================================

7. Install daemontools

Untar the daemontools source

=========================================
cd /package
tar -xzvf daemontools-0.76.tar.gz
=========================================

Patch daemontools with "daemontools-0.76.errno.patch" provided with net qmail.

=========================================================================
cd /package/admin/daemontools-0.76/src
patch < /usr/local/src/netqmail-1.06/other-patches/daemontools-0.76.errno.patch
=========================================================================

Install daemontools

====================
cd ..
package/install
====================

8. Qmail Startup script

The "qmailctl" script is used as startup script for qmail.

8.1 Download qmailctl

===========================================================
cd /var/qmail/bin/
wget http://lifewithqmail.org/qmailctl-script-dt70
===========================================================

8.2 Setup qmailctl

========================================
mv -iv qmailctl-script-dt70 qmailctl
chmod 755 /var/qmail/bin/qmailctl
ln -s /var/qmail/bin/qmailctl /usr/bin
========================================

8.3 Modify qmailctl for qmail-pop3d

Add following lines to qmailctl's "start" section.

========================================================================
if svok /service/qmail-pop3d ; then
svc -u /service/qmail-pop3d /service/qmail-pop3d/log
else
echo qmail-pop3d supervise not running
fi
========================================================================

Add following lines to qmailctl's "stop" section.

======================================================================
echo " qmail-pop3d"
svc -d /service/qmail-pop3d /service/qmail-pop3d/log
======================================================================

Add following lines to qmailctl's "stat" section.

=======================================
svstat /service/qmail-pop3d
svstat /service/qmail-pop3d/log
=======================================

Add the following lines to qmailctl's "pause" section.

=======================================
echo "Pausing qmail-pop3d"
svc -p /service/qmail-pop3d
=======================================

Add following lines to qmailctl's "cont" section.

=======================================
echo "Continuing qmail-pop3d"
svc -c /service/qmail-pop3d
=======================================

Add following lines to qmailctl's "restart" section.

=========================================================
echo "* Restarting qmail-pop3d."
svc -t /service/qmail-pop3d /service/qmail-pop3d/log
=========================================================


9. Setup qmail-send & qmail-smtpd

9.1 Create supervise script directories for qmail daemons

Create supervise directories for qmail-send, qmail-smtpd & qmail-pop3d.

======================================================
mkdir -p /var/qmail/supervise/qmail-send/log
mkdir -p /var/qmail/supervise/qmail-smtpd/log
mkdir -p /var/qmail/supervise/qmail-pop3d/log
======================================================

9.2 Create supervise script for qmail-send

Create supervise script for qmail-send with name "/var/qmail/supervise/qmail-send/run".

The file should have following contents.

====================
#!/bin/sh
exec /var/qmail/rc
====================

9.3 qmail-send log daemon supervise script

Create qmail-send log daemon supervise script with name "/var/qmail/supervise/qmail-send/log/run".

The script should have following contents

===========================================================

 #!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail
======================================================================================

9.4 qmail-smtpd daemon supervise script

Create qmail-smtpd daemon supervise script with name "/var/qmail/supervise/qmail-smtpd/run".

The script should have following contents

=========================================================================================
#!/bin/sh

QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`head -1 /var/qmail/control/me`

if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z "$LOCAL" ]; then
echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is unset in
echo /var/qmail/supervise/qmail-smtpd/run
exit 1
fi

if [ ! -f /var/qmail/control/rcpthosts ]; then
echo "No /var/qmail/control/rcpthosts!"
echo "Refusing to start SMTP listener because it'll create an open relay"
exit 1
fi

exec /usr/local/bin/softlimit -m 9000000 \
/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd 2>&1
==========================================================================================

Create the concurrencyincoming control file.

======================================================
echo 20 > /var/qmail/control/concurrencyincoming
chmod 644 /var/qmail/control/concurrencyincoming
======================================================

9.5 qmail-smtpd log daemon supervise script

Create qmail-smtpd log daemon supervise script with name "/var/qmail/supervise/qmail-smtpd/log/run".

The script should have following contents

========================================================================================
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/smtpd
========================================================================================

9.6 qmail-pop3d daemon supervise script

Create qmail-pop3d daemon supervise script with name "/var/qmail/supervise/qmail-pop3d/run" .

The script should have contents.

=================================================================================
#!/bin/sh
exec /usr/local/bin/softlimit -m 9000000 \
/usr/local/bin/tcpserver -v -R -H -l 0 0 110 /var/qmail/bin/qmail-popup \
FQDN /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir 2>&1
=================================================================================

Please replace FQDN with fully qualified domain name of the POP server
E.g: pop.example.com

9.7 qmail-pop3d log daemon supervise script

Create qmail-pop3d log daemon supervise script with name "/var/qmail/supervise/qmail-pop3d/log/run".

The script should have following contents

====================================================================
#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \
/var/log/qmail/pop3d
====================================================================

9.8 Create the log directories and add execute permissions on the run scripts.

=====================================================
mkdir -p /var/log/qmail/smtpd
mkdir /var/log/qmail/pop3d

chown qmaill /var/log/qmail
chown qmaill /var/log/qmail/smtpd
chown qmaill /var/log/qmail/pop3d

chmod 755 /var/qmail/supervise/qmail-send/run
chmod 755 /var/qmail/supervise/qmail-send/log/run

chmod 755 /var/qmail/supervise/qmail-smtpd/run
chmod 755 /var/qmail/supervise/qmail-smtpd/log/run

chmod 755 /var/qmail/supervise/qmail-pop3d/run
chmod 755 /var/qmail/supervise/qmail-pop3d/log/run
======================================================

10. Create soft link for the daemons in /service folder

10.1 Add qmail-send to /service folder

=================================================================
ln -s /var/qmail/supervise/qmail-send /service/qmail-send
=================================================================

10.2 Add qmail-smtpd to /service folder

===================================================================
ln -s /var/qmail/supervise/qmail-smtpd /service/qmail-smtpd
===================================================================

10.3 Add qmail-pop3d in /service folder.

=====================================================================
ln -s /var/qmail/supervise/qmail-pop3d /service/qmail-pop3d
=====================================================================

Note 1: The /service directory is created when daemontools is installed.

Note 2: The qmail system will start automatically shortly after these links are created.

If you don't want it running now, do: qmailctl stop



Reference
1. http://tac-au.com/howto/qmail-mini-HOWTO.txt

2. http://www.lifewithqmail.org/lwq.html

3. http://www.blogger.com/

4. http://kmaiti.blogspot.com/2010/05/how-to-install-qmail.html