Wednesday, December 21, 2011

How to reset the permissions of installed RPM packages ?

One of our Developer has changed the permission of all the files under /etc to 777 by inadvertently executing the chmod command with 777 permission. Due to this, the system went into non-usable state.

The Linux 'rpm' command  comes with an interesting switch known as '--setperms' using which we can restore the file-permissions of either one or more packages. 

# rpm --setperms [package name]

To reset one specific RPM package:  
# for pkg in $(rpm -qa | grep -w pkgname); do rpm --setperms $pkg; done
To reset the 'zip' package.
# rpm -qa | grep zip                           <-- Check to see if the package exists
# for pkg in $(rpm -qa | grep -w zip); do rpm --setperms $pkg; done

To reset the entire packages installed ( applicable in the situation I mentioned above):
# for allpkg in $(rpm -qa); do rpm --setperms $allpkg; done

Note:  To restore the Group permission, we need to use the switch "--setugids".

Thursday, September 8, 2011

Linux system info script - latest version

Whenever I work on Performance issue of a Linux server or when I do any Server Audit, I used to wonder how great it would be if I have a script that will give me all the vital information about the system including the Health status and Security settings. I put my thought into action and this Perl script is a result of it.

Upon execution with the syntax "perl", it will display all the vital System parameter details, Health Status and the Security Information on ONE screen.

Supported Platform :  Any Physical or VMware Server running on Linux OS with Perl installed.
Packages required : The Linux machine should contain 'sysstat' and 'dmidecode-2.xx' package,

URL to download the script:
Once you download, please run the following command to convert the script into Unix format: # dos2unix


Note: I shall keep adding new features to this script. Hence please use the given download link to get the latest version.

PS: The Logics used in this script are chosen based on appropriate theory on Linux to ensure the accuracy of output.
Any feedback or suggestions are most welcome!! 

Wednesday, August 24, 2011

Automatically logout inactive SSH sessions

Typically in an Enterprise setup, we would see Users login from various terminals via SSH but never bother to disconnect the established session. This might cause a slight overload on the Network, since these Established sessions have to maintain their connections by sending Alive packets. So I guess it would be appropriate if we make these Users automatically Logout after a certain period of Inactivity (say 1 hour).

Solution 1:
Create a file called "" under /etc/profile.d with execute permission.
# touch /etc/profile.d/
# chmod 711 /etc/profile.d/
Add the following entries to it (Assuming we have to automatically Logout the users after 1 hour, which is 3600 seconds).

readonly TMOUT
export TMOUT

Solution 2:
Enable the following directives in SSH config file (/etc/ssh/sshd_config) and reload the 'sshd' service.

ClientAliveInterval 3600
ClientAliveCountMax 0

# service sshd reload  (or)  # service sshd restart

Wednesday, August 17, 2011

Few useful Bash Shell shortcuts

Ctrl + l       # Clear the screen
Ctrl + u      # Delete backward from the cursor position
Ctrl + k      # Delete till End of Line
Ctrl + r      # Search the History from backwards
Ctrl + e     # Move the cursor to end of line

Alt + Back-space      # Delete backwards word by word
Alt + t                      # Shuffle words
Alt + b                     # Move backwards
Alt + f                      # Move forwards

Press 2 times Tab key       # Lists all available commands on the server
$ with 2 times Tab key       # Display all system variables
Some string followed by 2 times Tab key     # All available commands starting with that string  


Sunday, August 14, 2011

Analyzing past System performance of a Linux server

Today's date is 13th Aug, 2011.  You are asked to check the System performance of a Linux server on 7th Aug,2011 between 3 AM to 5 AM.

Run the 'sar' command on the respective 'sa' (System Activity) file created for the date "7th Aug,2011" with specifying the Starting and End time.

Go to /var/log/sa
[root@hostxyz sa]# ls -ltr sa??

-rw-r--r-- 1 root root 481776 Aug 5 23:50 sa05
-rw-r--r-- 1 root root 481776 Aug 6 23:50 sa06
-rw-r--r-- 1 root root 481776 Aug 7 23:50 sa07       # File that belongs to 7th Aug,2011
-rw-r--r-- 1 root root 481776 Aug 8 23:50 sa08
-rw-r--r-- 1 root root 481776 Aug 9 23:50 sa09
-rw-r--r-- 1 root root 481776 Aug 10 23:50 sa10
-rw-r--r-- 1 root root 481776 Aug 11 23:50 sa11
-rw-r--r-- 1 root root 481776 Aug 12 23:50 sa12
-rw-r--r-- 1 root root 287824 Aug 13 14:10 sa13
[root@hostxyz sa]#
[root@hostxyz sa]# sar -u -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01   # To check CPU utilization
Linux 2.6.18-92.el5 (hostxyz) 08/07/2011
03:00:01 AM CPU %user %nice %system %iowait %steal %idle
03:10:01 AM all 24.57 0.00 5.16 6.04 0.00 64.23
03:20:01 AM all 24.57 0.10 5.06 6.28 0.00 63.98
03:30:01 AM all 24.33 0.00 4.88 5.64 0.00 65.14
03:40:01 AM all 15.75 0.00 3.93 10.52 0.00 69.80
03:50:01 AM all 12.70 0.00 3.09 19.04 0.00 65.17
04:00:01 AM all 16.80 0.00 3.90 9.40 0.00 69.90
04:10:01 AM all 9.18 0.02 2.26 14.43 0.00 74.11
04:20:01 AM all 8.84 0.10 2.20 9.65 0.00 79.22
04:30:01 AM all 11.42 0.00 3.24 10.50 0.00 74.84
04:40:01 AM all 11.84 0.00 2.43 20.64 0.00 65.09
04:50:01 AM all 17.80 0.00 3.78 17.00 0.00 61.42
05:00:01 AM all 6.46 0.00 1.53 21.80 0.00 70.22
Average: all 15.35 0.02 3.46 12.58 0.00 68.59
[root@hostxyz sa]#
[root@hostxyz sa]#  sar -r -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01    # To check Memory status

[Output no shown]
[root@hostxyz sa]#  sar -q -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01    # To check Load average

[Output not shown]
[root@hostxyz sa]#  sar -b -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01     # To check I/O status
[Output not shown]

[root@hostxyz sa]#  sar -n DEV -f /var/log/sa/sa07 -s 03:00:01 -e 05:00:01    # To check Network status

[Output not shown]
[root@hostxyz sa]# 

Notes: In Linux, System activity report is collected for every 10 minutes by a cron job "sysstat" located under /etc/cron.d and at end of the day, a summary report is generated and saved in /var/log/sa/saXX file, which we can use for later analysis. 

[root@hostxyz cron.d]# cat sysstat

# run system activity accounting tool every 10 minutes
*/10 * * * * root /usr/lib64/sa/sa1 1 1
# generate a daily summary of process accounting at 23:53
53 23 * * * root /usr/lib64/sa/sa2 -A
root@hostxyz cron.d]#

Monday, August 1, 2011

Sending mail using 'mutt' from shell

In my opinion, 'mutt' is the best text-based Email client for sending mails with Attachment from Linux shell. The best part with it is, it supports wide variety of MIME ("Multipurpose Internet Mail Extensions") types, which ensures the integrity of various types of attachments such as Binary, jpeg, mp3 files.

Below shown are few command sets for sending mails using Mutt with following specifications.
Subject: Test mail
Attachment filename:  song.mp3
Message body:  "This mail has a mp3 attachment"

With attachment:
# echo "This mail has a mp3 attachment" | mutt -s "Test mail" -a song.mp3

# mutt -s "Test mail" -a study.dat < messagefile 
Note: "messagefile" is the filename that contains the message body "This mail has a mp3 attachment"

Without attachment:
# echo "Mail without attachment" | mutt -s "Test mail"

Without Message body:
# mutt -s "Test mail" -a study.txt < /dev/null

Sunday, July 31, 2011

Converting a file from uppercase to lowercase and vice-versa

Syntax to convert Upper to lowercase:
# dd if=[file with uppercase] of=[output filename] conv=lcase
# cat [file with uppercase] | tr '[:upper:]' '[:lower:]'  > output_file

Syntax to convert Lower to uppercase:
# dd if=[file with lowercase] of=[output filename] conv=ucase
# cat [file with lowercase] | tr '[:lower:]' '[:upper:]'  > output_file

Friday, July 29, 2011

How to check sudo access available for a Normal user ?

Lets say you logged into a Linux server as a Normal user and you want to know what sudo-access privileges your user-account has.

Run the command “sudo -l” to get the details about sudo-access (like shown below):

[ashok@hostxyz~]$ sudo -l
User ashok may run the following commands on this host:
(ALL) NOPASSWD: /bin/su - jboss
(ALL) NOPASSWD: /bin/su - nagios
(ALL) NOPASSWD: /bin/su – mysql
(ALL) /etc/init.d/postfix restart
(ALL) /etc/init.d/postfix start
(ALL) /etc/init.d/postfix stop
(ALL) /etc/init.d/httpd start
(ALL) /etc/init.d/httpd stop

Examining an unknown binary file in Linux

Lets say you have come across an unknown Binary file in a Linux server and you want to know more details about it. 

Steps to follow:
i)    First run 'file' command to get its file-type and other details.
ii)   Check if the file is installed from any RPM by executing "rpm -qf  [filename]"
iii)  Check if the binary file uses any shared Library modules by running "ldd".
iv)  Check when was the file last modified and accessed, by using "stat" command.
v)   Finally check the printable characters in that file by using "strings" command and see if you could figure out anything from the output. "strings" output usually show the System calls made by that file and it will give you a clue about it. If you are familiar with "C" functions such as fopen, stdin, malloc etc, it would be relatively easier for you to figure out.  


[root@hostxyz tmp]# ls
hsperfdata_root  lost+found  strange_file
[root@hostxyz tmp]# file strange_file
strange_file: ELF 64-bit LSB executable, AMD x86-64, version 1 (SYSV), for GNU/Linux 2.6.9, dynamically linked (uses shared libs), for GNU/Linux 2.6.9, stripped
[root@hostxyz tmp]# rpm -qf strange_file
file /tmp/strange_file is not owned by any package
[root@hostxyz tmp]# ldd strange_file => /lib64/ (0x0000003ea3000000) => /lib64/ (0x0000003ea2c00000)
        /lib64/ (0x0000003ea2800000)
[root@hostxyz tmp]# stat strange_file
  File: `strange_file'
  Size: 7816            Blocks: 16         IO Block: 4096   regular file
Device: 803h/2051d      Inode: 98306       Links: 1
Access: (0755/-rwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2011-07-28 16:52:03.000000000 -0500
Modify:  2011-07-28 15:48:20.000000000 -0500
Change: 2011-07-28 15:49:57.000000000 -0500
[root@hostxyz tmp]# strings strange_file
l$ L
usage: uptime [-V]
    -V    display version
[root@hostxyz tmp]#

Final note: Never open (vi) any binary file as it might corrupt it. Couple of times I had messed up some certification key file, which are in encrypted format.

Monday, July 25, 2011

How to find active TCP in Linux server ?

Situation:  You want to find all the Active TCP connections to a Linux machine for a given Port No. or a Port range. This you might want to do, to find any unauthorized access, to find the server utilization or for trouble-shooting purpose.

Solution:  Use 'lsof' or 'netstat' with appropriate switches. Here I illustrated about using 'lsof' as it will give more legible output when compare to 'netstat' command.

# lsof -i @[Server IP]:[Port no or Port-no range] -R | grep TCP | sort -k7 -u

For demonstration purpose, I logged-in to a Linux FTP server and connected it from 3 remote servers via FTP protocol (port: 21).

Command to find how many FTP connections the server has now:
[root@ftpserver~]# lsof -i @ -R | grep TCP | sort -k7 -u
vsftpd  12355 12353 adevaraju    0u  IPv4 58945888       TCP ftpserver:ftp-> (ESTABLISHED)
vsftpd  12605 12602 adevaraju    0u  IPv4 58946864       TCP ftpserver:ftp-> (ESTABLISHED)
vsftpd  13191 13189 adevaraju    0u  IPv4 58947254       TCP ftpserver:ftp-> (ESTABLISHED)
[root@ftpserver ~]#

Command to find how many connections the server has in port range 20 - 80:
# lsof -i @ -R | grep TCP | sort -k7 -u
[Output not shown]

PS: I have already written a post on using 'lsof' and 'netstat'. Please refer it as well:

Thursday, July 21, 2011

Granting sudo access to reset local user-accounts password

In a RHEL server, I want to grant sudo access for a Group to reset any local User-accounts' password. At the same time, I don't want them to reset the password of ROOT user.

Solution:   Use ! (exclude) option in /etc/sudoers file.

Syntax:  %groupname ALL=(ALL) NOPASSWD: /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root

Sunday, June 26, 2011

Perl script to find Broken Symbolic links

Creating Symbolic links across filesystem are very handy but at the same time, they can be a real pain when they got broken. At my work I often seen Developers wasting their time in fixing application issues, which was fundamentally caused by broken symbolic links. So I came out with this script.

Upon execution of this script, it will prompt you to enter the filesystem paths as parameters. Once done, it will report all the broken symbolic links with count number.

I used the Perl module File::Find (comes default with any Perl package) for traversing through all the filenames in the specified directories and report the broken links. For each file it finds, it calls the &wanted subroutine, which in turn uses the Stat function to match the symbolic link files which are broken. To be honest, I grabbed this logic from an online book on Perl programming.

Supported platforms: Any Unix platform with Perl version 5.x installed.


[root@hostxyz opt]# perl

Enter the filesystem path (like /etc /opt /var) : /var /etc /usr /home
Disconnected Link => /var/lib/jbossas/server/production/lib/jboss-remoting.jar -> /usr/share/java/jboss-remoting.jar
Disconnected Link => /var/lib/jbossas/server/default/lib/jboss-remoting.jar -> /usr/share/java/jboss-remoting.jar
Disconnected Link => /etc/alternatives/jaxws_api -> /usr/share/java/glassfish-jaxws.jar
Disconnected Link => /etc/alternatives/jaxws_2_1_api -> /usr/share/java/glassfish-jaxws.jar
Disconnected Link => /etc/alternatives/jaxb_2_1_api -> /usr/share/java/glassfish-jaxb.jar
Disconnected Link => /etc/alternatives/jaxb_api -> /usr/share/java/glassfish-jaxb.jar
Disconnected Link => /usr/share/java/jaxws_api.jar -> /etc/alternatives/jaxws_api
Disconnected Link => /usr/share/java/jaxb_api.jar -> /etc/alternatives/jaxb_api
Disconnected Link => /usr/share/java/jaxws_2_1_api.jar -> /etc/alternatives/jaxws_2_1_api
Disconnected Link => /usr/share/jbossas/client/jboss-remoting.jar -> /usr/share/java/jboss-remoting.jar

Total number of Disconnected links: 10
[root@hostxyz opt]#


use File::Find ();
use vars qw/*name *dir *prune/;
my ($cnt,$i,$cnt_sub) = (0,0,0);
print "\n";
*name = *File::Find::name;
*dir = *File::Find::dir;
*prune = *File::Find::prune;
print "Enter the filesystem path (like /etc /opt /var) : ";
my $arr = <>;
print "\n";
my @inpts = split(/ /, $arr);


File::Find::find({wanted => \&wanted}, $inpts[$i] ); # Calling wanted subroutine which use stat function to match broken links
$cnt = $cnt_sub + $cnt;
$cnt_sub = 0;
print "Total number of Disconnected links: $cnt \n\n";

sub wanted {
if (-l $_) {
@stat = stat($_);
if ($#stat == -1)
$flname = `ls -l $name`;
($flperm, $numlnk, $flown1, $flown2, $dt, $mnth, $tm1, $tm2, $cfnm, $ar, $dsfl) = split /\s+/, $flname;
print "Disconnected Link => $cfnm $ar $dsfl\n\n";

URL to download the script :

Best way to check Hyper-threading feature in Linux

Run "dmidecode -t processor" and grep for the entry "HTT" from the result.

Sample output:

[root@server10 ~]# dmidecode -t processor | grep HTT
HTT (Hyper-threading technology)
HTT (Hyper-threading technology)
[root@server10 ~]#

So if Hyper-threading is enabled, the count of Logical Processors would be double the number of CPU cores that you got on the server.
To find the number of CPU cores, you either use "dmidecode -t processor" command or check the number of Physical IDs from "/proc/cpuinfo" output.

Please be aware the “ht” entry in /proc/cpuinfo output is a confusing flag. It may be definite for CPU with single core but not for multi-core CPU. Enabling HT should be done at BIOS level.

Sunday, June 19, 2011

VMware ESXi basic command reference

To find ESX software version and build:
# vmware -v
  VMware ESXi 4.1.0 build-348481
# vmware -l
  VMware ESXi 4.1.0 Update 1

To know the Hostname and IP Addess:
# hostname -s
# hostname -i

To find list of VMs running:
# vm-support -x
VMware ESX Support Script 1.33
Available worlds to debug:
wid=6342 hostlx03
wid=608998 cactty01

# vim-cmd vmsvc/getallvms
Vmid Name File Guest OS Version Annotation
144 cactty01 [datastore1] cacllm01-d2_template/cacllm01-d2_template.vmx rhel5_64Guest vmx-07 Linux host with RHEL 5.6 64bit OS with JDK 1.6
48 hostlx03 [datastore1] htblsb03/htblsb03.vmx rhel5Guest vmx-07

To see the running processes
# esxtop

To get the list of services:
# chkconfig --list
TSM on
[ Output truncated]

To check NIC properties:
# esxcfg-nics -l
Name PCI Driver Link Speed Duplex MAC Address MTU Description
vmnic0 0000:10:00.00 bnx2 Up 1000Mbps Full 5c:f3:fc:21:b5:e4 1500 Broadcom Corporation Broadcom NetXtreme II BCM5709 1000Base-SX
vmnic1 0000:10:00.01 bnx2 Up 1000Mbps Full 5c:f3:fc:21:b5:e6 1500 Broadcom Corporation Broadcom NetXtreme II BCM5709 1000Base-SX
vusb0 Pseudo cdc_ether Up 0Mbps Half 5e:f3:fc:23:b5:e7 1500 Unknown Unknown
# esxcfg-vmknic -l
Interface Port Group/DVPort IP Family IP Address Netmask Broadcast MAC Address MTU TSO MSS Enabled Type
vmk0 Management Network IPv4 5c:f3:fc:21:b5:e4 1500 65535 true STATIC

# esxcfg-vswitch -l
Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
vSwitch0 128 5 128 1500 vmnic0
PortGroup Name VLAN ID Used Ports Uplinks
VM Network 4095 2 vmnic0
Management Network 0 1 vmnic0
Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
vSwitch2 128 3 128 1500 vmnic1
PortGroup Name VLAN ID Used Ports Uplinks
VM Network 3 0 1 vmnic1

# vsish -e get net/pNics/vmnic0/properties
properties {
Driver Name:bnx2
Driver Version:2.0.7d-3vmw
Driver Firmware Version:5.2.3 NCSI 2.0.10
System Device Name:vmnic0
Module Interface Used By The Driver:vmklinux26
Device Hardware Cap Supported:: 0x3c032b -> VMNET_CAP_SG Device Software Cap Activated:: 0x800000 -> VMNET_CAP_RDONLY_INETHDRS
Interrupt Vector:0xff
Link Up:1
Speed (Mb/s):1000
Full Duplex:1
Uplink Port ID:0x01000002
[ Output truncated ]
PS: As there are already several well-written article on this subject, I don't wanna put more effort on it. So here am recommending couple of links which am impressed with:

Tuesday, May 31, 2011

Protecting Critical files using File attributes

Situation:  Sometimes it’s very imperative to protect the Logs or some other files in a Linux server from being manipulated. For example, "DHCP log", which is vital for any Internet service provider to trace the leased IP during investigation. The question is, how to protect these logs when no one is 100% trustworthy in an organization including the system admin team who has full root access :)

Linux comes out with a solution called File attributes, by which irrespective of ownership on a file, you can still protect it from manipulation and deletion. All you need is just 2 commands:

lsattr – for listing the file attributes
chattr – for changing the file attributes

It is explained with an example here:

[root@server01 opt]# cat > testfile                           # Creating a file name “testfile”
Some contents
[root@server01 opt]# cat testfile                               # Displaying its contents
Some contents
[root@server01 opt]# lsattr testfile                            # Listing the file attributes (its blank)
------------- testfile

[root@server01 opt]# chattr +a testfile                    # Changing the file attribute to APPEND ONLY mode (using +a option) which takes care of undelete option as well.
[root@server01 opt]# lsattr testfile                            # Shows the file has Append only attribute set.
-----a------- testfile
[root@server01 opt]# echo "Additional text" > testfile           #  Now am trying to overwrite the file contents but it is NOT allowing.
-bash: testfile: Operation not permitted
[root@server01 opt]# echo "Additional text" >> testfile             # But Appending the file content works
[root@server01 opt]# cat testfile
Some contents
Additional text
[root@server01 opt]#

[root@server01 opt]# rm testfile                                                   # Trying to delete the file but it doesn’t allow.
rm: remove regular file `testfile'? y
rm: cannot remove `testfile': Operation not permitted

 [root@server01 opt]# chattr -a testfile                                        # Removing the file attribute value by using –a option.
[root@server01 opt]# lsattr testfile                                                # File attributes gone
------------- testfile
[root@server01 opt]# echo "Additional text" > testfile                     # Now am able to overwrite the file.
[root@server01 opt]# cat testfile
Additional text
[root@server01 opt]# rm testfile                                                    # And am able to delete it as well
rm: remove regular file `testfile'? y
[root@server01 opt]#

Next question is , how to prevent changing the file attribute like I did using “–a” option above. Linux comes with solution for that as well. By using a tool called LCAP, we can remove the capability of root user from changing the file attributes. That capability can be revoked only upon reverting back the kernel changes and reboot the server, which is indeed not an easy task.

Hiding/Clearing history commands

Hiding certain commands from history

At times you might want to Hide some commands executed by you. This is needless to explain, we might have to do this for various reasons. But I suggest not to hide anything intentionally from history @ work :)


Add the below entry in .bash_profile and run “source .bash_profile” or re-login to the server.  After this whatever command you want to hide, just execute it by typing a SPACE infront. The history command will not remember any commands that is preceded by space infront.

export HISTCONTROL=ignorespace

Explained with an example here:

[adevaraju@host02 ~]$ cat .bash_profile
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
        . ~/.bashrc
# User specific environment and startup programs

export PATH
export HISTCONTROL=ignorespace

[adevaraju@host02 ~]$ source .bash_profile
[adevaraju@host02 ~]$ touch file1
[adevaraju@host02 ~]$ echo "Some text" > file1
[adevaraju@host02 ~]$ echo "Some more text" >> file1
[adevaraju@host02 ~]$ ls -l file1
-rw-r--r-- 1 adevaraju domain users 25 Nov 30 08:10 file1
[adevaraju@host02 ~]$ touch -t 1111111111 file1
[adevaraju@host02 ~]$ ls -lt file1
-rw-r--r-- 1 adevaraju domain users 25 Nov 11  2011 file1
[adevaraju@host02 ~]$  rm file1                             ß Executing the ‘rm’ command with space infront
[adevaraju@host02 ~]$ history | tail -10
   27  history
   28  cat .bash_profile
   29  source .bash_profile
   30  touch file1
   31  echo "Some text" > file1
   32  echo "Some more text" >> file1
   33  ls -l file1
   34  touch -t 1111111111 file1
   35  ls -lt file1
   36  history | tail -10
[adevaraju@host02 ~]$

You can note the command ‘rm file1’ is not displayed in ‘history’ output. Since it had space in front, it was ignored by history command.

Clearing the entire history

Sometime you may want to clear all the previous history, but want to keep the history moving forward. Just execute history with –c option. Everything will go off.
[adevaraju@host02 ~]$ history -c
[adevaraju@host02 ~]$ history
    1  history
[adevaraju@host02 ~]$

Splitting a file in Linux

In Linux, you might want to split a file to reduce its File size or want to extract a portion of huge file which runs into 1000+ lines.

Linux provides “split” command to do this and it is explained with an example here, which shows a log file “test.log” which consists of about 1.5 lakhs lines is splitted into 10K lines each.

[root@host01-t1 log]# cat test.log | wc -l
147815                                                                                   # The file "test.log" consists about 150K lines
[root@host01-t1 log]#
[root@host01-t1 log]# cp test.log  test.log_bkp                           # First take a backup of original file

[root@host01-t1 log]# split -l 10000 test.log splitted_file            # Splitting the test.log file into 10000 lines each with prefix “splitted_file”              
[root@host01-t1 log]#
 [root@host01-t1 log]# ls -ltr
-rw-r--r-- 1 root  root   26112117 Oct 26 04:20 test.log
-rw-r--r-- 1 root  root    1384098 Oct 26 04:39 splitted_fileao
-rw-r--r-- 1 root  root    1766812 Oct 26 04:39 splitted_filean
-rw-r--r-- 1 root  root    1768778 Oct 26 04:39 splitted_fileam
-rw-r--r-- 1 root  root    1769234 Oct 26 04:39 splitted_fileal
-rw-r--r-- 1 root  root    1767256 Oct 26 04:39 splitted_fileak
-rw-r--r-- 1 root  root    1764489 Oct 26 04:39 splitted_fileaj
-rw-r--r-- 1 root  root    1766383 Oct 26 04:39 splitted_fileai
-rw-r--r-- 1 root  root    1767934 Oct 26 04:39 splitted_fileah
-rw-r--r-- 1 root  root    1763855 Oct 26 04:39 splitted_fileag
-rw-r--r-- 1 root  root    1765981 Oct 26 04:39 splitted_fileaf
-rw-r--r-- 1 root  root    1767587 Oct 26 04:39 splitted_fileae
-rw-r--r-- 1 root  root    1766195 Oct 26 04:39 splitted_filead
-rw-r--r-- 1 root  root    1763062 Oct 26 04:39 splitted_fileac
-rw-r--r-- 1 root  root    1767100 Oct 26 04:39 splitted_fileab
-rw-r--r-- 1 root  root    1763353 Oct 26 04:39 splitted_fileaa
-rw-r--r-- 1 jboss jboss  27684221 Oct 26 04:39 thirdparty.log
[root@host01-t1 log]#
[root@host01-t1 log]# cat splitted_fileaf | wc -l
[root@host01-t1 log]# cat splitted_fileac | wc –l           # splitted file consists of 10000 lines each.
[root@host01-t1 log]#

Difference between Standard & Xinetd based services

When you run “chkconfig -list”, you would see 2 set of service list.  One portion is termed as “Standard” service and other one as “xinetd” (Extended Inetd) based services. 

Main difference between these 2 set of services:
Standard services
Xinetd based services
Will be started/stopped based on the run level
Doesn’t depend on run levels
Once turned on, it will continue to run till it stopped
The dameon ‘xinetd’ controls starting and stopping the service as and when it requires. The xinetd dameon listens for requests coming for particular port and starts the relevant service pertaining to it. For example, when telnet is turned on, it listens for request on port 23 and start the telnet service when there is a telnet connection request.
Service should be continuously running regardless of its usage. For example, in the below output, cups service is continuously though it isn't required for many servers. This can be turned off.
Xinetd dameon performs the job of continuously monitoring the service request under its control and activate it only when it is required.

[root@host01-tx ~]# chkconfig --list
NetworkManager  0:off   1:off   2:off   3:off   4:off   5:off   6:off
acpid           0:off   1:off   2:on    3:on    4:on    5:on    6:off
anacron         0:off   1:off   2:on    3:on    4:on    5:on    6:off
apmd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
atd             0:off   1:off   2:off   3:on    4:on    5:on    6:off
auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off
autofs          0:off   1:off   2:off   3:on    4:on    5:on    6:off
bluetooth       0:off   1:off   2:on    3:on    4:on    5:on    6:off
capi            0:off   1:off   2:off   3:off   4:off   5:off   6:off
certmaster      0:off   1:off   2:off   3:off   4:off   5:off   6:off
conman          0:off   1:off   2:off   3:off   4:off   5:off   6:off
cpuspeed        0:off   1:on    2:on    3:on    4:on    5:on    6:off
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
cups            0:off   1:off   2:on    3:on    4:on    5:on    6:off
httpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
iptables        0:off   1:off   2:off   3:off   4:off   5:off   6:off
[ Output truncated ]
xinetd based services:
        bpcd:           on
        bpjava-msvc:    on
        chargen-dgram:  off
        chargen-stream: off
        [Output truncated]
[root@host01-tx ~]# ls -l /etc/xinetd.d            #  location of xinetd config files
[output not shown]
[root@host01-tx ~]#
[root@host01-tx ~]# ps -ef | grep cups | grep -v grep    # Cups service is continuously running
root      4483     1  0 Jul25 ?        00:00:24 cupsd
 [root@host01-tx ~]# ps -ef | grep bpcd | grep -v grep   # Bpcd service is not running though it is turned on
[root@host01-tx ~]# ps -ef | grep bpjava-msvc | grep -v grep  # bpjava-msvc isn't running as well
[root@host01-tx ~]#