Test Your Server Configuration Before Restarting Unix and Linux Services

By OK -

A Note About Reloading Servers

The syntax is as follows under Linux:
/sbin/service SERVICE-NAME [reload|restart]
OR
/etc/init.d/SERVICE-NAME [reload|restart]
OR
systemctl reload SERVICE-NAME-HERE
The reload option reloads the config file without interrupting pending operations. For example the following command will reload Apache web server after the config file changes:
# /sbin/service httpd reload
OR
# systemctl reload httpd
However, most Linux and Unix-like daemon programs sometimes use SIGHUP as a signal to restart themselves, the most frequent reason for this being to re-read a configuration file that has been changed. The syntax is as follows:
kill -HUP $(cat /var/run/SERVICE.pid)
OR
kill -HUP `cat /var/run/SERVICE.pid`
Let us see how to test the syntax for various Linux and Unix services.

#1: OpenSSH Server

You can use the following syntax to test OpenSSH config file, type:
# /usr/sbin/sshd -t && echo $?
A sample configuration error session:
# usr/sbin/sshd -t
Sample outputs:
/etc/ssh/sshd_config line 26: Bad yes/without-password/forced-commands-only/no argument: Naa
To print line # 26, enter:
# sed -n '26p' /etc/ssh/sshd_config

OpenSSH Extended Test Mode

Use the -T option to check the validity of the configuration file, output the effective configuration to stdout (screen) and then exit:
# /usr/sbin/sshd -T

#2: Apache Web Server

The syntax is as follows to run syntax tests for configuration files only:
# /usr/sbin/apache2 -t
Sample error reporting:
apache2: Syntax error on line 50 of /etc/apache2/apache2.conf: ServerRoot must be a valid directory
On RHEL and friend, enter:
# /usr/sbin/httpd -t
Sample outputs:
Syntax OK
You can also use the apachectl command (pass the configtest or -t option). It will run a configuration file syntax test. It parses the configuration files and either reports Syntax Ok or detailed information about the particular syntax error:
# apachectl configtest
OR
# apachectl -t

#3: Nginx Web Server

To run syntax tests for nginx configuration files, enter:
# /usr/local/nginx/sbin/nginx -t
# /usr/local/nginx/sbin/nginx -t -c /usr/local/nginx/conf/nginx.conf

#5: BIND (named) DNS Server

Use named-checkconf command to check the syntax, but not the semantics. The file is parsed and checked for syntax errors, along with all files included by it
# named-checkconf /etc/named.conf
You can also check bind zone files, enter:
# named-checkzone cyberciti.biz /var/named/zone.cyberciti.biz

#7: MySQL (mysqld) Database Server

Type the following command:
# mysqld --verbose --help
The above will procduce too much output. I recommend redirecting output to /dev/null and only display error/warning on the screen
# /usr/libexec/mysqld --verbose --help 1>/dev/null
Sample outputs:
120330  7:52:43 [Warning] '--log_slow_queries' is deprecated and will be removed in a future release. Please use ''--slow_query_log'/'--slow_query_log_file'' instead.
You can specify a new configuration file such as /root/test-my.cnf
# mysqld --defaults-file=/root/test-my.cnf --verbose --help 1>/dev/null

#8: Postfix Mail Server (MTA)

Use the following syntax. To warn about bad directory/file ownership or permissions, and create missing directories, enter:
# postfix check
OR
# postfix -vvv

#9: Samba (SMB/CIFS) File Server

Type the following command:
# testparm -v

#10: tcpd

The tcpd program can be set up to monitor incoming requests for telnet, finger, ftp, exec, rsh, rlogin, tftp, talk, comsat and other services that have a one-to-one mapping onto executable files. The tcpdchk command examines your tcp wrapper configuration and reports all potential and real problems it can find:
# tcpdchk
# tcpdchk -a
# tcpdchk -d
# tcpdchk -i /path/to/inetd.conf
# tcpdchk -v

#13: Nagios

Nagios is a popular open source computer system monitor, network monitoring and infrastructure monitoring software application. Use the following syntax to run a sanity check on nagios.cfg as follows:
# nagios -v /path/to/testing/nagios.cfg
Where,
  • -v : Verify your configuration.

#16: syslogd / rsyslogd

syslogd is Unix / Linux system logging server. rsyslogd is reliable and extended syslogd for modern Linux distros. Rsyslogd is derived from the sysklogd package which in turn is derived from the stock BSD sources. To check for syntax error, type:
# syslogd -f /etc/rsyslog.testing.conf -d
OR
rsyslogd -c4 -f /etc/rsyslog.testing.conf -N 1




Comments

Post a Comment

Popular posts from this blog

HAproxy logging

By OK -
ubuntu@ubuntu:/etc/haproxy$ cat /etc/rsyslog.d/haproxy.conf # Create an additional socket in haproxy's chroot in order to allow logging via # /dev/log to chroot'ed HAProxy processes $ModLoad imudp $UDPServerRun 514 local0.* -/var/log/haproxy-0.log local1.* -/var/log/haproxy-1.log ### keep logs in localhost ## $AddUnixListenSocket /var/lib/haproxy/dev/log ------------------- ubuntu@ubuntu:/etc/haproxy$ cat /etc/haproxy/haproxy.cfg global chroot /var/lib/haproxy user haproxy group haproxy log 127.0.0.1   local0         log 127.0.0.1   local1 notice daemon frontend www     bind 192.168.40.128:8282    # haproxy public IP     default_backend as-backend    # backend used backend as-backend    balance leastconn    mode http  server as1 192.168.40.128:8082 check    # application srv 1 defaults log global mode http option httplog option dontlognull         contimeout 5000    
Read more

tomcat catalina coyote jasper cluster

By OK -
Tomcat Component are Catalina Coyote Jasper Cluster Catalina :  Catalina is the name of the servlet container of Apache Tomcat since version 4.x. Tomcat implements Sun Microsystems' specifications for servlet and JavaServer Pages (JSP), which are important Java-based Web technologies. Tomcat's servlet container was redesigned as Catalina in Tomcat version 4.x. other components of the Tomcat engine are: Tomcat Jasper which converts the code portions within JavaServer Pages into servlets and pass them to Catalina to process. Tomcat Coyote which is an HTTP connector based on HTTP/1.1 specifications that receives and transmits web requests to the Tomcat engine by listening to a TCP/IP port and returns requests back to the requesting client. Coyote :  The Coyote JK Connector element represents a Connector component that communicates with a web connector via the JK protocol (also known as the AJP protocol). This is used for cases where you wish to invisibly integr
Read more

NFS mount add in fstab _netdev instead of default | firewall-cmd --list-all

By OK -
Redhat recommends us to add  _netdev  option for NFS file system in /etc/fstab. So that they can be mounted after starting the networking service. Alternative ways to refer to partitions: Label : LABEL=label Network ID Samba : //server/share NFS : server:/share SSHFS : sshfs#user@server:/share Device : /dev/sdxy (not recommended) Example #1 //192.168.1.134/share_name /mnt/share_name cifs username=server_user,password=server_password,_netdev 0 0 ^ Path to your share ^ Mountpoint ^ Username ^ Password ^ See note A Note A: The  _netdev  options makes sure the mount is only attempted AFTER a network connection has been established. Example #2 10.10.10.1:/vol1/fs1 /data nfs defaults,_netdev 0 0 ============================ [root@localhost ~]# firewall-cmd --list-all public   target: default   icmp-block-inversion: no   interfaces:   sources:   services: dhcpv6-client high-availability ssh   ports:   protocols:   masquera
Read more