Friday, July 8, 2011

Java, tomcat, Jboss, Oracle blog

SkyHi @ Friday, July 08, 2011
http://davidghedini.blogspot.com/

Thursday, July 7, 2011

How to change source SMTP IP address in sendmail

SkyHi @ Thursday, July 07, 2011

How to change source SMTP IP address in sendmail


Follow the steps below, if you want to change the source SMTP ip address in sendmail.
1) change the line below in sendmail.cf
#O ClientPortOptions=Family=inet, Address=x.x.x.x
to
O ClientPortOptions=Family=inet, Address=
3) restart sendmail
Send a test mail and check its header. The source IP address should have changed


REFERENCES
http://mohammednv.wordpress.com/2008/04/24/how-to-change-source-smtp-ip-address-in-sendmail/

iptables icmp

SkyHi @ Thursday, July 07, 2011
You have the following line in your configuration:
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
However, there are two types of ICMP request that can be considered a small security concern (from enter link description here):
Type  Name                   Reference          
...
13  Timestamp        [RFC792]
...
17  Address Mask Request     [RFC950]
Type 13 is a request for the exact time according to the destination computer. The exact time can be used to exploit some very weak encryption algorithms in some network protocols, allowing an attacker to gain access to privileged information. Type 17 is a request for the netmask of the interface on which the request was received. A valid response can assist an attacker in learning about the topology of your network. In place of the above rule, I recommend the following three rules:
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type 13 -j REJECT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type 17 -j REJECT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
These rules will prevent the two forbidden ICMP types and allow all others.

REFERENCES
http://serverfault.com/questions/287998/is-my-linux-firewall-secure

Wednesday, July 6, 2011

What risks are associated with recursive DNS queries?

SkyHi @ Wednesday, July 06, 2011
There are two types of DNS queries: iterative and recursive.

NOTE: We do not allow recursive DNS to run on dedicated or virtual dedicated servers unless it runs locally and for a specific IP range. If we find your server running an improper configuration of recursive DNS, we will exercise our right to suspend your account. The account will remain suspended until arrangements are made to turn off recursive DNS.

Iterative
Iterative DNS queries are ones in which a DNS server is queried and returns an answer without querying other DNS servers, even if it cannot provide a definitive answer. Iterative queries are also called non-recursive queries.
Recursive
Recursive DNS queries occur when a DNS client requests information from a DNS server that is set to query subsequent DNS servers until a definitive answer is returned to the client. The queries made to subsequent DNS servers from the first DNS server are iterative queries.

Recursive DNS query risks

A DNS server that supports recursive resolution is vulnerable to DOS (denial of service) attacks, DNS cache poisoning, unauthorized use of resources, and root name server performance degradation.

DOS attacks
Servers supporting recursive DNS queries are vulnerable to phony requests that flood a particular IP address with the results of each server's query. This can overwhelm the IP address with a volume of traffic too large to be processed.
DNS cache poisoning
Cache poisoning results from someone tricking a DNS server into believing that a fake DNS query response is authentic. Because responses are normally cached, this false information can be distributed to users of that server.
Unauthorized use of resources
With recursive DNS queries enabled, a server is more easily hijacked and its performance compromised.
Root name server performance degradation
When DNS servers are not configured correctly, queries using RFC1918 addressing (also known as "private" addressing) may be leaked to the root name servers, causing a degradation in service for legitimate queries to those servers.

Disabling recursive DNS

For information on disabling recursive DNS, see the following:

* Windows -- How do I disable recursive DNS queries on my Windows dedicated or virtual dedicated server?
* Windows w/ Plesk -- How do I disable recursive DNS queries on my Windows dedicated or virtual dedicated server with Plesk?
* Linux -- How do I disable recursive DNS queries on my Linux dedicated/virtual dedicated server?


Reference: http://help.godaddy.com/article/1184

How do I list all the DNS records for a domain?

SkyHi @ Wednesday, July 06, 2011
There are two ways, both require administrator access or trust to the DNS records:

* Perform an AFXR transfer on the domain to retrieve all records for the domain. The DNS administrator needs to explicitly allow AFXR transfers to your IP address from your chosen DNS server. You can perform such a transfer like this: dig @ns1.google.com google.com AFXR
* Directly view the zonefile on the relevant DNS server. You need administrator access to the DNS server for this.



#[home]# host -t axfr condominiumfirst.com ns1.superb.net
Trying "condominiumfirst.com"
;; communications error to 66.36.226.4#53: end of file


[home]# dig @ns1.superb.net condominiumfirst.com any

; <<>> DiG <<>> @ns1.superb.net condominiumfirst.com any
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41483
;; flags: qr aa rd; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 5

;; QUESTION SECTION:
;condominiumfirst.com. IN ANY

;; ANSWER SECTION:
condominiumfirst.com. 86400 IN MX 10 condominiumfirst.com.inbound10.mxlogic.net.
condominiumfirst.com. 86400 IN MX 10 condominiumfirst.com.inbound10.mxlogicmx.net.
condominiumfirst.com. 86400 IN NS ns1.superb.net.
condominiumfirst.com. 86400 IN NS ns2.superb.net.
condominiumfirst.com. 86400 IN NS ns3.superb.net.
condominiumfirst.com. 86400 IN NS ns4.superb.net.
condominiumfirst.com. 86400 IN NS ns5.superb.net.
condominiumfirst.com. 86400 IN SOA ns1.superb.net. hostmaster.superb.net. 1255116905 0 0 0 0
condominiumfirst.com. 86400 IN TXT "v=spf1 mx mx:mail.condominiumfirst.com ~all"
condominiumfirst.com. 86400 IN A 209.61.248.54

;; ADDITIONAL SECTION:
ns1.superb.net. 86400 IN A 66.36.226.4
ns2.superb.net. 86400 IN A 209.160.56.15
ns3.superb.net. 86400 IN A 207.228.249.4
ns4.superb.net. 86400 IN A 207.228.225.4
ns5.superb.net. 86400 IN A 209.160.56.4

;; Query time: 95 msec
;; SERVER: 66.36.226.4#53(66.36.226.4)
;; WHEN: Fri Oct 9 12:39:21 2009
;; MSG SIZE rcvd: 449

Trouble partioning and formatting new hard drive

SkyHi @ Wednesday, July 06, 2011
I'm new to Linux and I recently installed Fedora Core 6 and MythTV (kernel 2.6.18-1.2868.fc6). I have an existing Western Digital SATA 120 GB hard drive
and I'm attempting to add an additional Western Digital SATA 250 GB drive. I've been trying to partion and format the new drive using fdisk and mkfs but have been having trouble. In particular, I have attempted the following:




Code:

[root@localhost mnt]# fdisk /dev/sdb

The number of cylinders for this disk is set to 30401.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)

Command (m for help): p

Disk /dev/sdb: 250.0 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1       30401   244196001   85  Linux extended

Command (m for help): d
Selected partition 1

Command (m for help): p

Disk /dev/sdb: 250.0 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot      Start         End      Blocks   Id  System

Command (m for help): n
Command action
e   extended
p   primary partition (1-4)
e
Partition number (1-4): 1
First cylinder (1-30401, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-30401, default 30401):
Using default value 30401

Command (m for help): p

Disk /dev/sdb: 250.0 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1       30401   244196001    5  Extended

Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 85
Changed system type of partition 1 to 85 (Linux extended)

Command (m for help): p

Disk /dev/sdb: 250.0 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1       30401   244196001   85  Linux extended

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.
[root@localhost mnt]# fdisk /dev/sdb

The number of cylinders for this disk is set to 30401.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)

Command (m for help): p

Disk /dev/sdb: 250.0 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1       30401   244196001   85  Linux extended

Command (m for help): q

[root@localhost mnt]# mkfs -t ext3 /dev/sdb1
mke2fs 1.39 (29-May-2006)
/dev/sdb1: Invalid argument passed to ext2 library while setting up superblock
[root@localhost mnt]#

I'm getting the "/dev/sdb1: Invalid argument passed to ext2 library while setting up superblock" error when I try to format the new partition. What am I doing wrong?

syg00
Extended partition is a container for logical(s) - you can't use it
(directly) for data. Go back in and create a logical partition within
that extended, and use that. BTW, you can have multiple logicals; the
first logical doesn't have to use all the space.

bigrigdriver
If I read all this correctly, you have created an extended partition on sdb. Extended partitions are a device for getting around the limitation of 4 primary partitions listed in the MBR. They are containers which will be counted as primary partitions for MBR purposes.



After creating the extended partition, it is then necessary to create logical partitions inside the extended partition, and format those logical partitions. Then you can install operating systems or write files to the logical partitions.



Basically, you have gone part-way to doing what you want to do. Not go back to fdisk (or cfdisk) and create logical partitions inside the extended partition.

stress_junkie

syg00 and bigrigdriver, your diagnosis is correct but your remediation plan is terrible. Why keep an extended partition when there isn't even a single primary partition?



netrambler, the partition type should be 83 not 85. Also if your system has the cfdisk utility you would probably be happier using that than to use the fdisk utility. cfdisk has an ncurses graphical display. (ncurses is a library to create lines and position the cursor on text terminals or terminal windows.)




Code:

cfdisk /dev/sdb

Use the up/down arrow keys to select the existing partition. Use the right/left arrow keys to select [DELETE] and then press the Enter key. Then select [NEW] and press Enter. Use the default start point and size and press Enter. Use the arrow keys to select [TYPE] and press Enter. Make the partition type 83. Then use the arrow keys to select [WRITE]. Write the new partition table to the disk. Then exit from cfdisk.



Check your work by using the fdisk utility with the -l parameter.


Code:

fdisk -l

You will see a listing of partitions for both of your disks. The new partition on /dev/sdb should be identified as a Linux primary partition. If everything looks good then format the new disk partition as you had already attempted to do.


Code:

mkfs -t ext3 /dev/sdb1

netrambler Original Poster





I think I got it to work. I did the following:




Code:

[root@localhost boot]# fdisk /dev/sdb<br /><br />The number of cylinders for this disk is set to 30401.<br />There is nothing wrong with that, but this is larger than 1024,<br />and could in certain setups cause problems with:<br />1) software that runs at boot time (e.g., old versions of LILO)<br />2) booting and partitioning software from other OSs<br />   (e.g., DOS FDISK, OS/2 FDISK)<br /><br />Command (m for help): m<br />Command action<br />   a   toggle a bootable flag<br />   b   edit bsd disklabel<br />   c   toggle the dos compatibility flag<br />   d   delete a partition<br />   l   list known partition types<br />   m   print this menu<br />   n   add a new partition<br />   o   create a new empty DOS partition table<br />   p   print the partition table<br />   q   quit without saving changes<br />   s   create a new empty Sun disklabel<br />   t   change a partition's system id<br />   u   change display/entry units<br />   v   verify the partition table<br />   w   write table to disk and exit<br />   x   extra functionality (experts only)<br /><br />Command (m for help): p<br /><br />Disk /dev/sdb: 250.0 GB, 250059350016 bytes<br />255 heads, 63 sectors/track, 30401 cylinders<br />Units = cylinders of 16065 * 512 = 8225280 bytes<br /><br />   Device Boot      Start         End      Blocks   Id  System<br />/dev/sdb1               1       30401   244196001   85  Linux extended<br /><br />Command (m for help): d<br />Selected partition 1<br /><br />Command (m for help): p<br /><br />Disk /dev/sdb: 250.0 GB, 250059350016 bytes<br />255 heads, 63 sectors/track, 30401 cylinders<br />Units = cylinders of 16065 * 512 = 8225280 bytes<br /><br />   Device Boot      Start         End      Blocks   Id  System<br /><br />Command (m for help): w<br />The partition table has been altered!<br /><br />Calling ioctl() to re-read partition table.<br />Syncing disks.<br />[root@localhost boot]#<br />[root@localhost boot]# fdisk /dev/sdb<br /><br />The number of cylinders for this disk is set to 30401.<br />There is nothing wrong with that, but this is larger than 1024,<br />and could in certain setups cause problems with:<br />1) software that runs at boot time (e.g., old versions of LILO)<br />2) booting and partitioning software from other OSs<br />   (e.g., DOS FDISK, OS/2 FDISK)<br /><br />Command (m for help): m<br />Command action<br />   a   toggle a bootable flag<br />   b   edit bsd disklabel<br />   c   toggle the dos compatibility flag<br />   d   delete a partition<br />   l   list known partition types<br />   m   print this menu<br />   n   add a new partition<br />   o   create a new empty DOS partition table<br />   p   print the partition table<br />   q   quit without saving changes<br />   s   create a new empty Sun disklabel<br />   t   change a partition's system id<br />   u   change display/entry units<br />   v   verify the partition table<br />   w   write table to disk and exit<br />   x   extra functionality (experts only)<br /><br />Command (m for help): p<br /><br />Disk /dev/sdb: 250.0 GB, 250059350016 bytes<br />255 heads, 63 sectors/track, 30401 cylinders<br />Units = cylinders of 16065 * 512 = 8225280 bytes<br /><br />   Device Boot      Start         End      Blocks   Id  System<br /><br />Command (m for help): n<br />Command action<br />   e   extended<br />   p   primary partition (1-4)<br />p<br />Partition number (1-4): 1<br />First cylinder (1-30401, default 1):<br />Using default value 1<br />Last cylinder or +size or +sizeM or +sizeK (1-30401, default 30401):<br />Using default value 30401<br /><br />Command (m for help): p<br /><br />Disk /dev/sdb: 250.0 GB, 250059350016 bytes<br />255 heads, 63 sectors/track, 30401 cylinders<br />Units = cylinders of 16065 * 512 = 8225280 bytes<br /><br />   Device Boot      Start         End      Blocks   Id  System<br />/dev/sdb1               1       30401   244196001   83  Linux<br /><br />Command (m for help): w<br />The partition table has been altered!<br /><br />Calling ioctl() to re-read partition table.<br />Syncing disks.<br />[root@localhost boot]# mkfs -t ext3 /dev/sdb1<br />mke2fs 1.39 (29-May-2006)<br />Filesystem label=<br />OS type: Linux<br />Block size=4096 (log=2)<br />Fragment size=4096 (log=2)<br />30539776 inodes, 61049000 blocks<br />3052450 blocks (5.00%) reserved for the super user<br />First data block=0<br />Maximum filesystem blocks=0<br />1864 block groups<br />32768 blocks per group, 32768 fragments per group<br />16384 inodes per group<br />Superblock backups stored on blocks:<br />        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,<br />        4096000, 7962624, 11239424, 20480000, 23887872<br /><br />Writing inode tables: done<br />Creating journal (32768 blocks): done<br />Writing superblocks and filesystem accounting information: done<br /><br />This filesystem will be automatically checked every 29 mounts or<br />180 days, whichever comes first.  Use tune2fs -c or -i to override.<br />[root@localhost boot]#<br />[root@localhost boot]# cd /mnt<br />[root@localhost mnt]# ls<br />common  sdb1  video_ext<br />[root@localhost mnt]# mount -t ext3 /dev/sdb1 /mnt/video_ext<br />[root@localhost mnt]# ls<br />common  sdb1  video_ext<br />[root@localhost mnt]# cd video_ext<br />[root@localhost video_ext]# ls<br />lost+found

I'll let you know if I have any problems. Thanks for the help!

stress_junkie
If you want the new disk partition to automatically mount when the operating system
starts you can put a line in the file /etc/fstab as follows:


Code:

/dev/sdb1   /mnt/video_ext   auto   defaults   0 0

If you want to increase the security of your system my making it impossible to run programs on this disk partition then use this line:


Code:

/dev/sdb1  /mnt/video_ext  auto  defaults,noexec  0 0

Using the noexec option means that even if there is a program on that disk you cannot run it. That is good for security. You can do the same thing with any disk partition. One good idea is to have a partition for your /home directory and then to mount that using the noexec option. That can prevent malicious Java scripts from copying a program to your home directory and running it.



That's just one of many things that you can do to enhance security.

REFERENCES
http://www.linuxquestions.org/questions/linux-general-1/trouble-partioning-and-formatting-new-hard-drive-515018/

Thousands of Hacked Sites Seriously Poison Google Image Search Results

SkyHi @ Wednesday, July 06, 2011

Tuesday, July 5, 2011

Configuring a SAMBA Print Server

SkyHi @ Tuesday, July 05, 2011
You may be using Linux at home or in an office environment, but often we still need to provide access to Windows desktops. Begin Linux has taken you though setting up a SAMBA Domain Controller and File Server on openSUSE 11.4. In this tutorial, again using openSUSE 11.4 we will take the time to look at adding in Print Server capabilities. Providing Windows Users have transparent access to printing. The assumption is made that SAMBA is already installed and running on your Linux Server.
We will setup a CUPS (Linux printing) but no great detail of Linux printing is entered into as we are concentrating on SAMBA printing.
For the purpose of this tutorial is not important that your machine is a Domain Controller, although ours will be.


Overview of CUPS printing and creation of a Linux Printer

CUPS, or the Common UNIX Print System, is prevalent in most Linux distributions these days and has been for many years. If we share printers to our network with CUPS then we can print using IPP (Internet Printing Protocol) from our client. As such we should see TCP port 631 open for this purpose if we choose to look with tools such as netstat.
Setting up a CUPS printer could not be easier with openSUSE and YaST especially if, as many homes and businesses do, you have an HP printer model. You can see from the YaST Add Printer Wizard below that there is a “Run hp-setup” tool in the bottom right. This will detect and configure your HP Printer for CUPS printing.

Samba Print Server CUPS

The wizard will start and in this example we select that the printer is on the Network via the Discovery Window. The printer is directly connected to the network.

Samba Print Server Setup
Samba Print Server

The printer is then up and running and available to the Linux Desktop / Server. We can choose to share it via CUPS to our network and print to it from Windows using IPP, this is not the best method as the print driver is not shared, only the printer.
If we share the print driver as well as the printer, users do not need to configure printing and require no additional rights to their machines. For this we require a SAMBA Print Server.
This HP printer will only be shared via SAMBA so we do not need to configure Printer Sharing in YaST. The SAMBA Server prints locally to the CUPS printer so it does not need to be shared by CUPS.
With the wizard complete we now need to look at making this printer and the print driver available to our Windows Users though SAMBA.

Reviewing our Share Definitions to ensure the Linux Printer shares to Windows

The nice feeling that I always have at this point, is in the knowing that the SAMBA defaults to share all printers. We should check this to ensure that we have not missed anything and to complete our understanding of the contents of the /etc/samba/smb.conf file.
Samba Print Server smb.conf
From the extract above we can see:
  1. [printers] share: sharing all our Linux Printers. We can control access to the printers via Access Control List on the printer once configured.
  2. [print$] share: Always present on a Windows Print Server and hosts the print drivers for the clients. The location of this share is shown and we should see the path /var/lib/samba/drivers. You can change the location but there is no real advantage in doing so.
The path shown does exit but only holds a top level structure to represent hardware platforms. It does not contain any drivers. We have to add the Windows drivers to match the OS and Platform of our clients. So if we use 32 bit versions of Windows XP we must add the required drivers for all our printers into the directory: /var/lib/samba/drivers/W32X86. Drivers are easily added using the correct Windows OS and logged in as root. The graphic shows the directory structure (and the empty W32X86 directory) of the print$ share.

Samba Print Server Directory Structure

Windows Printer Drivers and the Print$ share

We will now move away from Linux to manage the print share from a Windows XP client, assuming we wish to add XP drivers. In this way we can add Windows drivers for the shared printer to the print$ share on the server.
We are working in a SAMBA Domain environment which we have already set-up with Begin Linux tutorials. Having created our Domain Administrators group, to ensure correct permissions, we are able to manage printers as the root user. The root user has also been SAMBA enabled. The XP workstation has been added to the BEGINLINUX domain in the normal manner using the System Control Panel. From the graphic below we will log in as root to the XP Workstation having joined the domain and restarted Windows.

Samba Print Server XP Workstation Added

In the setup of the SAMBA domain we have already made sure that root and other administrators have correct rights to manage Domain Machines by nominating a Linux Group to be Windows Domain Administrators.

net groupmap add ntgroup=“Domain Admins” unixgroup=domadmin rid=512 type=d
We can verify that this is set correctly and effective on the XP Workstation by checking the membership of the local administrators group, it should have BeginLinux\Domain Admins in its membership list.

Samba Print Server XP Workstation Added

So now we are in the Domain, (if it is a workgroup then just log on to XP locally and when we connect to the Print Server adding the root username and password then), you will need to connect to the Print Server using its’ name or IP Address. In the example the IP Address of the Server is used. From the start menu on Windows XP choose run and in the dialogue box type \\192.168.0.110 or at least the IP Address or Server Name or your Print Server.

Samba Print Server Administrators

If all is working then we should be displayed a list of shares including the printer share. We do not connect to the printer share but rather to “Printers and Faxes”. This will allow us to manage the Samba Printer instead of just connecting to the printer (HP) in the graphic following.

Samba Print Server Run

From within “Printers and Faxes” right-click on the HP printer and choose “Properties”. A dialogue will warn you that you have not added a driver yet. Select to “Add a Driver Now” and from the Windows selection box choose your printer model, or Have Disk if you need to load a driver that is not available to Windows.
NOTE: Now this is the strange bit, it does not add the driver at this stage. Choose the Advanced Tab and select New Driver. This will add the print driver to the share. I always select an incorrect driver from the first selection then with New Driver I add the correct driver, but we have to do this extra step even though it does not seem to make a lot of sense.

Samba Print Server
If you look at the driver being copied, once the wizard is complete, you will see that this time the driver is copied to the print$ share and the correct subdirectory. See below:

Samba Print Server Copying Files

Finally let’s look at the share to see what we have added: from the run command, again, select \\192.168.110\print$, (adjusting to your server details). You should see a result similar to this is in the W32X86 directory. Look carefully at the address bar to gauge how it will appear on your system.

Samba Print Server
From this point forward users just need to double-click on the HP printer share to add the driver to their own system without any elevated rights. The driver from the Print Server loads in RAM on the client. For each shared CUPS printer you will need to repeat this procedure. For the home or small office though one or two printers is about what you would expect. But there you have it, you have now set up printing via SAMBA on openSUSE 11.4
If you enjoyed this openSUSE tutorial by Andrew Mallett, please visit the openSUSE tutorial section for a complete list.

REFERENCES

Monday, July 4, 2011

What every programmer should know about time

SkyHi @ Monday, July 04, 2011
Some notes about time:

UTC: The time at zero degrees longitude (the Prime Meridian) is called Universal Coordinated Time (UTC).
GMT: UTC used to be called Greenwich Mean Time (GMT) because the Prime Meridian was (arbitrarily) chosen to pass through the Royal Observatory in Greenwich.
Other timezones can be written as an offset from UTC. Australian Eastern Standard Time is UTC+1000. e.g. 10:00 UTC is 20:00 EST on the same day.
Daylight saving does not affect UTC. It's just a polity deciding to change its timezone (offset from UTC). For example, GMT is still used: it's the British national timezone in winter. In summer it becomes BST.
Leap seconds: By international convention, UTC (which is an arbitrary human invention) is kept within 0.9 seconds of physical reality (UT1, which is a measure of solar time) by introducing a "leap second" in the last minute of the UTC year, or in the last minute of June.
Leap seconds don't have to be announced much more than six months before they happen. This is a problem if you need second-accurate planning beyond six months.
Unix time: Measured as the number of seconds since epoch (the beginning of 1970 in UTC). Unix time is not affected by time zones or daylight saving.
According to POSIX.1, Unix time is supposed to handle a leap second by replaying the previous second. e.g.:

59.00
59.25
59.50
59.75
59.00 ← replay
59.25
59.50
59.75
00.00 ← increment
00.25

This is a trade-off: you can't represent a leap second, and your time is guaranteed to go backwards. On the other hand, every day is exactly 86,400 seconds long, and you don't need a table of all previous and future leap seconds in order to format Unix time as human-preferred hours-minutes-seconds.
ntpd is supposed to make the replay happen after it sees the "leap bits" from upstream timeservers, but I've also seen it do nothing: the system goes one second into the future, then slowly slews back to the correct time.

What every programmer should know about time:

Timezones are a presentation-layer problem!
Most of your code shouldn't be dealing with timezones or local time, it should be passing Unix time around.
When measuring time, measure Unix time. It's UTC. It's easy to obtain. It doesn't have timezone offsets or daylight saving (or leap seconds).
When storing time, store Unix time. It's a single number.
If you want to store a humanly-readable time (e.g. logs), consider storing it along with Unix time, not instead of Unix time.
When displaying time, always include the timezone offset. A time format without an offset is useless.
The system clock is inaccurate.
You're on a network? Every other system's clock is differently inaccurate.
The system clock can, and will, jump backwards and forwards in time due to things outside of your control. Your program should be designed to survive this.
The number of [clock] seconds per [real] second is both inaccurate and variable. It mostly varies with temperature.
Don't blindly use gettimeofday(). If you need a monotonic (always increasing) clock, have a look at clock_gettime().
ntpd can change the system time in two ways:
Step: making the clock jump backwards or forwards to the correct time instantaneously.
Slew: changing the frequency of the clock so that it slowly drifts toward the correct time.
Slew is preferred because it's less disruptive, but it's only useful for correcting small offsets.

Special mentions:

Time passes at a rate of one second per second for every observer. The frequency of a remote clock relative to an observer is affected by velocity and gravity. The clocks inside GPS satellites are adjusted for relativistic effects.
MySQL (at least 4.x and 5.x) stores DATETIME columns as a "YYYY-MM-DD HH:MM:SS" string. I'm not even kidding. If you care at all about storing timestamps, store them as integers and use the UNIX_TIMESTAMP() and FROM_UNIXTIME() functions.

REFERENCES
http://unix4lyfe.org/time/

How to remove duplicate files without wasting time

SkyHi @ Monday, July 04, 2011
Duplicate files can enter in your computer in many ways. No matter how it happened, they should be removed as soon as possible. Waste is waste: why should you tolerate it? It’s not just a matter of principle: duplicates make your backups, not to mention indexing with Nepomuk or similar engines, take more time than it’s really necessary. So let’s get rid of them.

First, let’s find which files are duplicates
Whenever I want to find and remove duplicate files automatically I run two scripts in sequence. The first is the one that actually finds which files are copies of each other. I use for this task this small gem by J. Elonen, pasted here for your convenience:

#! /bin/bash

OUTF=rem-duplicates.sh;

echo "#! /bin/sh" > $OUTF;

echo "" >> $OUTF;

find "$@" -type f -print0 | xargs -0 -n1 md5sum | sort --key=1,32 | uniq -w 32 -d --all-repeated=separate | sed -r 's/^[0-9a-f]*( )*//;s/([^a-zA-Z0-9./_-])/\\\1/g;s/(.+)/#rm \1/' >> $OUTF;

chmod a+x $OUTF

In this script, which I call find_dupes.sh, all the real black magic happens in the sixth line. The original page explains all the details, but here is, in synthesis, what happens: first, xargs calculates the MD5 checksum of all the files found in all the folders passed as arguments to the script. Next, sort and uniq extract all the elements that have a common checksum (and are, therefore, copies of the same file) and build a sequence of shell commands to remove them. Several options inside the script, explained in the original page, make sure that things will work even if you have file names with spaces or non ASCII characters. The result is something like this (from a test run made on purpose for this article):

[marco@polaris ~]$ find_dupes.sh /home/master_backups/rule /tmp/rule/

[marco@polaris ~]$ more rem-duplicates.sh

#! /bin/sh

#rm /home/master_backups/rule/rule_new/old/RULE/public_html/en/test/makefile.pl

#rm /tmp/rule/bis/rule_new/old/RULE/public_html/en/test/makefile.pl

#rm /tmp/rule/rule_new/old/RULE/public_html/en/test/makefile.pl

#rm /tmp/rule/zzz/rule_new/old/RULE/public_html/en/test/makefile.pl

#all other duplicates...

As you can see, the script does find the duplicates (in the sample listing above, there are four copies of makefile.pl in three different folders) but lets you decide which one to keep and which ones to remove, that is, which lines you should manually uncomment before executing rem-duplicates.sh. This manual editing can consume so much time you’ll feel like throwing the computer out of the window and going fishing.

Luckily, at least in my experience, this is almost never necessary. In practically all the cases in which I have needed to find and remove duplicates so far, there always was:

one original folder,(/home/master_backups/” in this example) whose content should remain untouched.
all the unnecessary copies scattered over many other, more or less temporary folders and subfolders (that, in our exercise, all are inside /tmp/rule/).

If that’s the case, there’s no problem to massage the output of the first script to generate another one that will leave alone the first copy in the master folder and remove all the others. There are many ways to do this. Years ago, I put together these few lines of Perl to do it and they serve me well, but you’re welcome to suggest your preferred alternative in the comments:

1 #! /usr/bin/perl

2

3 use strict;

4 undef $/;

5 my $ALL = <>;

6 my @BLOCKS = split (/\n\n/, $ALL);

7

8 foreach my $BLOCKS (@BLOCKS) {

9 my @I_FILE = split (/\n/, $BLOCKS);

10 my $I;

11 for ($I = 1; $I <= $#I_FILE; $I++) { 12 substr($I_FILE[$I], 0,1) = ' '; 13 } 14 print join("\n", @I_FILE), "\n\n"; 15 } This code puts all the text received from the standard input inside $ALL, and then splits it in @BLOCKS, using two consecutives newlines as blocks separator (line 6). Every element of each block is then split in one array of single lines (@I_FILE in line 9). Next, the first character of all but the first element of that array (which, if you’ve been paying attention, was the shell comment character, ‘#’) is replaced by four white spaces. One would be enough, but code indentation is nice, isn’t it? When you run this second script (I call it dup_selector.pl) on the output of the first one, here’s what you get: [marco@polaris ~]mce_markernbsp; ./new_dup_selector.pl rem-duplicates.sh > remove_copies.sh

[marco@polaris ~]mce_markernbsp; more remove_copies.sh

#! /bin/sh

#rm /home/master_backups/rule/rule_new/old/RULE/public_html/en/test/makefile.pl

rm /tmp/rule/bis/rule_new/old/RULE/public_html/en/test/makefile.pl

rm /tmp/rule/rule_new/old/RULE/public_html/en/test/makefile.pl

rm /tmp/rule/zzz/rule_new/old/RULE/public_html/en/test/makefile.pl

....

Which is exactly what we wanted, right? If the master folder doesn’t have a name that puts it as the first element, you can temporarily change its name to something that will, like /home/0. What’s left? Oh, yes, cleaning up! After you’ve executed remove_copies.sh, /tmp/rule will contain plenty of empty directories, that you want to remove before going there with your file manager and look at what’s left without wasting time by looking inside empty boxes.

How to find and remove empty directories
Several websites suggest some variant of this command to find and remove all the empty subdirectories:

find -depth -type d -empty -exec rmdir {} \;

This goes down in the folder hierarchy (-depth), finds all the objects that are directories AND are empty (-type d -empty) and executes on them the rmdir command. It works… unless there is some directory with spaces or other weird characters in its name. That’s why I tend to use a slightly more complicated command for this purpose:

[marco@polaris ~]$ find . -depth -type d -empty | while read line ; do echo -n "rmdir '$line" ; echo "'"; done > rmdirs.sh

[marco@polaris ~]$ cat rmdirs.sh

rmdir 'rule/slinky_linux_v0.3.97b-vumbox/images'

rmdir 'rule/slinky_linux_v0.3.97b-vumbox/RedHat/RPMS'

...

[marco@polaris ~]$ source rmdirs.sh

Using the while loop creates a command file (rmdirs.sh) that wraps each directory name in single quotes, so that the rmdir command always receives one single argument. This always works… with the obvious exception of names that contain single quotes! Dealing with them requires some shell quoting tricks that… we’ll cover in another post! For now, you know that whenever you have duplicate files to remove quickly, you can do it by using the two scripts shown here in sequence. Have fun!

REFERENCES
http://www.techrepublic.com/blog/opensource/how-to-remove-duplicate-files-without-wasting-time/2667