Successful Client Requests | ||
200 | OK | |
201 | Created | |
202 | Accepted | |
203 | Non-Authorative Information | |
204 | No Content | |
205 | Reset Content | |
206 | Partial Content | |
Client Request Redirected | ||
300 | Multiple Choices | |
301 | Moved Permanently | |
302 | Moved Temporarily | |
303 | See Other | |
304 | Not Modified | |
305 | Use Proxy | |
Client Request Errors | ||
400 | Bad Request | |
401 | Authorization Required | |
402 | Payment Required (not used yet) | |
403 | Forbidden | |
404 | Not Found | |
405 | Method Not Allowed | |
406 | Not Acceptable (encoding) | |
407 | Proxy Authentication Required | |
408 | Request Timed Out | |
409 | Conflicting Request | |
410 | Gone | |
411 | Content Length Required | |
412 | Precondition Failed | |
413 | Request Entity Too Long | |
414 | Request URI Too Long | |
415 | Unsupported Media Type | |
Server Errors | ||
500 | Internal Server Error | |
501 | Not Implemented | |
502 | Bad Gateway | |
503 | Service Unavailable | |
504 | Gateway Timeout | |
505 | HTTP Version Not Supported |
THE APACHE SERVER STATUS & ERROR CODES
Apache Server Frequently Asked Questions
Error Log Messages and Problems Starting Apache
- Why do I get "setgid: Invalid argument" at startup? Your Group directive (probably in conf/httpd.conf) needs to name a group that actually exists in the /etc/group file (or your system's equivalent). This problem is also frequently seen when a negative number is used in the
Group
directive (e.g., "Group #-1
"). Using a group name -- not group number -- found in your system's group database should solve this problem in all cases.
- Why am I getting "httpd: could not set socket option TCP_NODELAY" in my error log? This message almost always indicates that the client disconnected before Apache reached the point of calling
setsockopt()
for the connection. It shouldn't occur for more than about 1% of the requests your server handles, and it's advisory only in any case.
- Why am I getting "connection reset by peer" in my error log? This is a normal message and nothing about which to be alarmed. It simply means that the client canceled the connection before it had been completely set up - such as by the end-user pressing the "Stop" button. People's patience being what it is, sites with response-time problems or slow network links may experience this more than high capacity ones or those with large pipes to the network.
- The errorlog says Apache dumped core, but where's the dump file? In Apache version 1.2, the error log message about dumped core includes the directory where the dump file should be located. However, many Unixes do not allow a process that has called
setuid()
to dump core for security reasons; the typical Apache setup has the server started as root to bind to port 80, after which it changes UIDs to a non-privileged user to serve requests.
Dealing with this is extremely operating system-specific, and may require rebuilding your system kernel. Consult your operating system documentation or vendor for more information about whether your system does this and how to bypass it. If there is a documented way of bypassing it, it is recommended that you bypass it only for the httpd server process if possible.
The canonical location for Apache's core-dump files is the ServerRoot directory. As of Apache version 1.3, the location can be set via the CoreDumpDirectory directive to a different directory. Make sure that this directory is writable by the user the server runs as (as opposed to the user the server is started as).
- When I run it under Linux I get "shmget: function not found", what should I do? Your kernel has been built without SysV IPC support. You will have to rebuild the kernel with that support enabled (it's under the "General Setup" submenu). Documentation for kernel building is beyond the scope of this FAQ; you should consult the Kernel HOWTO, or the documentation provided with your distribution, or a Linux newsgroup/mailing list. As a last-resort workaround, you can comment out the
#define USE_SHMGET_SCOREBOARD
definition in the LINUX section of src/conf.h and rebuild the server (prior to 1.3b4, simply removing#define HAVE_SHMGET
would have sufficed). This will produce a server which is slower and less reliable.
- Server hangs, or fails to start, and/or error log fills with "fcntl: F_SETLKW: No record locks available" or similar messages These are symptoms of a fine locking problem, which usually means that the server is trying to use a synchronization file on an NFS filesystem.
Because of its parallel-operation model, the Apache Web server needs to provide some form of synchronization when accessing certain resources. One of these synchronization methods involves taking out locks on a file, which means that the filesystem whereon the lockfile resides must support locking. In many cases this means it can't be kept on an NFS-mounted filesystem.
To cause the Web server to work around the NFS locking limitations, include a line such as the following in your server configuration files:
LockFile /var/run/apache-lock
- Why am I getting "Expected but saw " when I try to start Apache? This is a known problem with certain versions of the AIX C compiler. IBM are working on a solution, and the issue is being tracked by problem report #2312.
- I'm using RedHat Linux and I have problems with httpd dying randomly or not restarting properly RedHat Linux versions 4.x (and possibly earlier) RPMs contain various nasty scripts which do not stop or restart Apache properly. These can affect you even if you're not running the RedHat supplied RPMs.
If you're using the default install then you're probably running Apache 1.1.3, which is outdated. From RedHat's ftp site you can pick up a more recent RPM for Apache 1.2.x. This will solve one of the problems.
If you're using a custom built Apache rather than the RedHat RPMs then you shouldrpm -e apache
. In particular you want the mildly broken/etc/logrotate.d/apache
script to be removed, and you want the broken/etc/rc.d/init.d/httpd
(orhttpd.init
) script to be removed. The latter is actually fixed by the apache-1.2.5 RPMs but if you're building your own Apache then you probably don't want the RedHat files.
We can't stress enough how important it is for folks, especially vendors to follow the stopping Apache directions given in our documentation. In RedHat's defense, the broken scripts were necessary with Apache 1.1.x because the Linux support in 1.1.x was very poor, and there were various race conditions on all platforms. None of this should be necessary with Apache 1.2 and later.
- I upgraded from an Apache version earlier than 1.2.0 and suddenly I have problems with Apache dying randomly or not restarting properly You should read the previous note about problems with RedHat installations. It is entirely likely that your installation has start/stop/restart scripts which were built for an earlier version of Apache. Versions earlier than 1.2.0 had various race conditions that made it necessary to use
kill -9
at times to take out all the httpd servers. But that should not be necessary any longer. You should follow the directions on how to stop and restart Apache.
As of Apache 1.3 there is a scriptsrc/support/apachectl
which, after a bit of customization, is suitable for starting, stopping, and restarting your server.
- When I try to start Apache from a DOS window, I get a message like "Cannot determine host name. Use ServerName directive to set it manually." What does this mean? It means what it says; the Apache software can't determine the hostname of your system. Edit your conf\httpd.conf file, look for the string "ServerName", and make sure there's an uncommented directive such as
ServerName localhost
ServerName www.foo.com
Also, make sure that your Windows system has DNS enabled. See the TCP/IP setup component of the Networking or Internet Options control panel.
After verifying that DNS is enabled and that you have a valid hostname in your ServerName directive, try to start the server again.
- When I try to start Apache for Windows, I get a message like "Unable To Locate WS2_32.DLL...". What should I do? Short answer: You need to install Winsock 2, available from http://www.microsoft.com/windows95/downloads/
Detailed answer: Prior to version 1.3.9, Apache for Windows used Winsock 1.1. Beginning with version 1.3.9, Apache began using Winsock 2 features (specifically, WSADuplicateSocket()). WS2_32.DLL implements the Winsock 2 API. Winsock 2 ships with Windows NT 4.0 and Windows 98. Some of the earlier releases of Windows 95 did not include Winsock 2.
- Apache for Windows does not start. Error log contains this message: "[crit] (10045) The attempted operation is not supported for the type of object referenced: Parent: WSADuplicateSocket failed for socket ###". What does this mean? We have seen this problem when Apache is run on systems along with Virtual Private Networking clients like Aventail Connect. Aventail Connect is a Layered Service Provider (LSP) that inserts itself, as a "shim," between the Winsock 2 API and Window's native Winsock 2 implementation. The Aventail Connect shim does not implement WSADuplicateSocket, which is the cause of the failure.
The shim is not unloaded when Aventail Connect is shut down. Once observed, the problem persists until the shim is either explicitly unloaded or the machine is rebooted. Another potential solution (not tested) is to addapache.exe
to the Aventail "Connect Exclusion List".
Apache is affected in a similar way by any firewall program that isn't correctly configured. Assure you exclude your Apache server ports (usually port 80) from the list of ports to block. Refer to your firewall program's documentation for the how-to.
- When I try to start Apache on Windows, I get a message like "
System error 1067 has occurred. The process terminated unexpectedly
." What does this mean? This message means that the Web server was unable to start correctly for one reason or another. To find out why, execute the following commands in a DOS window:
c: cd "\Program Files\Apache Group\Apache" apache
(If you don't get the prompt back, hit Control-C to cause Apache to exit.)
The error you see will probably be one of those preceding this question in the FAQ.
As of Apache 1.3.14, first check the Windows NT Event Log for Application errors using the Windows NT/2000 Event Viewer program. Any errors that occur prior to opening the Apache error log will be stored here, if Apache is run as a Service on NT or 2000. As with any error, also check your Apache error log.
- On a SuSE Linux system, I try and configure access control using basic authentication. Although I follow the example exactly, authentication fails, and an error message "
admin: not a valid FDN: ....
" is logged. In the SuSE distribution, additional 3rd party authentication modules have been added and activated by default. These modules interfere with the Apache standard modules and cause Basic authentication to fail. Our recommendation is to comment all those modules in/etc/httpd/suse_addmodule.conf
and/etc/httpd/suse_loadmodule.conf
which are not actually required for running your server.
- Why do I have weird entries in my logs asking for
default.ida
andcmd.exe
? The host requesting pages from your website and creating those entries is a Windows machine running IIS that has been infected by an Internet worm such as Nimda or Code Red. You can safely ignore these error messages as they do not affect Apache. ApacheWeek has an article with more information.
- Why am I getting server restart messages periodically, when I did not restart the server? Problem: You are noticing restart messages in your error log, periodically, when you know you did not restart the server yourself:
[Thu Jun 6 04:02:01 2002] [notice] SIGHUP received. Attempting to restart [Thu Jun 6 04:02:02 2002] [notice] Apache configured -- resuming normal operations
Check your cron jobs to see when/if your server logs are being rotated. Compare the time of rotation to the error message time. If they are the same, you can somewhat safely assume that the restart is due to your server logs being rotated.
- Why am I getting "module module-name is not compatible with this version of Apache" messages in my error log? Module Magic Number (MMN) is a constant defined in Apache source that is associated with binary compatibility of modules. It is changed when internal Apache structures, function calls and other significant parts of API change in such a way that binary compatibility cannot be guaranteed any more. On MMN change, all third party modules have to be at least recompiled, sometimes even slightly changed in order to work with the new version of Apache.
If you're getting the above error messages, contact the vendor of the module for the new binary, or compile it if you have access to the source code.
How To Install Oracle On RHEL5?
In this post we will come to know that how to install Oracle on RHEL5?
The most popular database(DB) software known to man is Oracle.
Step1 : Before installing Oracle it require following packages to be installed on the machine.
1. compat-gcc
2. compat-libstdc++
3. compat-db
4. make-3.79
5. binutils-2.11.90.0.8-12
6. gcc-3.2
7. openmotif-2.2
8. setarch-1.3
All these packages are there in RHEL5 DVD so you just implement YUM server for easy installation of the above packages, other wise you have to install one by one with rpm command which will create a lot of dependencies.
Step2 : Set kernel parameters by editing /etc/sysctl.conf or using sysctl -w command. As follows.
Note : When ever you edit any files take backup of that files before editing those files.
kernel.shmall = 268435456
kernel.sem = 250 32000 100 128
kernel.shmmax = 2147483647
kernel.shmmni = 4096
kernel.shmall = 2097152
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
kernel.sem=250 32000 100 128
net.core.rmem_default = 4194304
net.core.rmem_max= 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 262144
#cp /etc/sysctl.conf /etc/sysctl.conf.org
#vi /etc/sysctl.conf
After entering the above values save and exit the file
or use sysctl -w to edit kernel paramaters.
Here I will just give one example how to edit sysctl.conf using sysctl -w command.
Suppose I want to edit kernel.sem value just execute below command.
#/sbin/sysctl -w kernel.sem=”250 32000 100 128”
Step3 : After editing the file check if any issue is there or not by printing the sysctl content.
#sysctl -p
Note1 : Most part of the installation is done by oracle user. Untill and unless specified. Only at the end of installation we require to run two scripts which will set path variables.
Note2 : If you are installing Oracle on remote machine we have to export the display to local machine or we have to take vnc to the remote machine.
Step4 : Create Group name
#groupadd dba
Step5 : Creat oracle user with group equal to dba and home directory equal to /oracle
#useradd -d /oracle -g dba oracle
Installation :
Step1 : Copy Oracle software to some folder. Change the directory to bin directory as showen below.
cd /test/database
Here you will find run Installer script which you should execute in oracle user and this should be done in GUI it self(so in order to execute this command you have to export display or take vnc to remote machine). Here in this document I have taken vnc connection to remote machine where I am installing OS. For those who don't have vnc export display as follows.
Step2 : Exporting display, you have to execute this command as oracle user on remote machine where you are going to install oracle. And one more thing. Display should be exported to local machine where you are going to preform your installation.
DISPLAY = system name/ip: 0.0
Export DISPLAY
Note : System name/ip in the above display command is the ip/system name of your local machine.
Image.
The above screen shot shows that you have to run the script. And this should be run only by root.
Step3 : Script to be run by root user.[root@test oracle]# /oracle/oracle/product/10.2.0/db_1/root.shRunning Oracle10 root.sh script...
The following environment variables are set as :ORACLE_OWNER= oracle
ORACLE_HOME= /oracle/oracle/product/10.2.0/db_1
Enter the full pathname of the local bin directory : [/usr/local/bin]:
Copying dbhome to /usr/local/bin ...
Copying oraenv to /usr/local/bin ...
Copying coraenv to /usr/local/bin ...
Entries will be added to the /etc/oratab file as needed by
Database Configuration Assistant when a database is created
Finished running generic part of root.sh script.
Now product-specific root actions will be performed.
Once run this as root go to oracle user gui login and say ok.. to exit..
4. To start the database executeSQL> startup
ORACLE instance started.
Total System Global Area 289406976 bytesFixed Size 1301536 bytes
Variable Size 262677472 bytes
Database Buffers 25165824 bytes
Redo Buffers 262144 bytes
Database mounted.
Database opened.
SQL>5. To check the name of the databaseSQL> select name from v_$database;
NAME
---------
IASDB
The most popular database(DB) software known to man is Oracle.
Step1 : Before installing Oracle it require following packages to be installed on the machine.
1. compat-gcc
2. compat-libstdc++
3. compat-db
4. make-3.79
5. binutils-2.11.90.0.8-12
6. gcc-3.2
7. openmotif-2.2
8. setarch-1.3
All these packages are there in RHEL5 DVD so you just implement YUM server for easy installation of the above packages, other wise you have to install one by one with rpm command which will create a lot of dependencies.
Step2 : Set kernel parameters by editing /etc/sysctl.conf or using sysctl -w command. As follows.
Note : When ever you edit any files take backup of that files before editing those files.
kernel.shmall = 268435456
kernel.sem = 250 32000 100 128
kernel.shmmax = 2147483647
kernel.shmmni = 4096
kernel.shmall = 2097152
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
kernel.sem=250 32000 100 128
net.core.rmem_default = 4194304
net.core.rmem_max= 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 262144
#cp /etc/sysctl.conf /etc/sysctl.conf.org
#vi /etc/sysctl.conf
After entering the above values save and exit the file
or use sysctl -w to edit kernel paramaters.
Here I will just give one example how to edit sysctl.conf using sysctl -w command.
Suppose I want to edit kernel.sem value just execute below command.
#/sbin/sysctl -w kernel.sem=”250 32000 100 128”
Step3 : After editing the file check if any issue is there or not by printing the sysctl content.
#sysctl -p
Note1 : Most part of the installation is done by oracle user. Untill and unless specified. Only at the end of installation we require to run two scripts which will set path variables.
Note2 : If you are installing Oracle on remote machine we have to export the display to local machine or we have to take vnc to the remote machine.
Step4 : Create Group name
#groupadd dba
Step5 : Creat oracle user with group equal to dba and home directory equal to /oracle
#useradd -d /oracle -g dba oracle
Installation :
Step1 : Copy Oracle software to some folder. Change the directory to bin directory as showen below.
cd /test/database
Here you will find run Installer script which you should execute in oracle user and this should be done in GUI it self(so in order to execute this command you have to export display or take vnc to remote machine). Here in this document I have taken vnc connection to remote machine where I am installing OS. For those who don't have vnc export display as follows.
Step2 : Exporting display, you have to execute this command as oracle user on remote machine where you are going to install oracle. And one more thing. Display should be exported to local machine where you are going to preform your installation.
DISPLAY = system name/ip: 0.0
Export DISPLAY
Note : System name/ip in the above display command is the ip/system name of your local machine.
Image.
The above screen shot shows that you have to run the script. And this should be run only by root.
Step3 : Script to be run by root user.[root@test oracle]# /oracle/oracle/product/10.2.0/db_1/root.shRunning Oracle10 root.sh script...
The following environment variables are set as :ORACLE_OWNER= oracle
ORACLE_HOME= /oracle/oracle/product/10.2.0/db_1
Enter the full pathname of the local bin directory : [/usr/local/bin]:
Copying dbhome to /usr/local/bin ...
Copying oraenv to /usr/local/bin ...
Copying coraenv to /usr/local/bin ...
Entries will be added to the /etc/oratab file as needed by
Database Configuration Assistant when a database is created
Finished running generic part of root.sh script.
Now product-specific root actions will be performed.
Once run this as root go to oracle user gui login and say ok.. to exit..
Step4 : Now we have to check whether oracle is installed perfectly or not. We have to set ORACLE_HOME variable for oracle user .bash_profile file to export oracle bin directory as follows. So that we can start/stop oracle service with lsnrctl edit .bashrc file for the oracle user.$vi ~/.bash_profile
PATH=$PATH:$HOME/bin
export PATH
PATH=$PATH:$HOME/bin
export PATH
ORACLE_HOME=/oracle/oracle/product/10.2.0/db_1
PATH=$PATH:$ORACLE_HOME/bin
ORACLE_SID=orcl
export PATH ORACLE_HOME ORACLE_SID
PATH=$PATH:$ORACLE_HOME/bin
ORACLE_SID=orcl
export PATH ORACLE_HOME ORACLE_SID
Save and exit the file. Once done we have to source the .bash_profile file. Then start the oracle service by using below command.
[oracle@v-itig42 ~]$ lsnrctl start
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 05-MAR-2010 07:12:13
Copyright (c) 1991, 2005, Oracle. All rights reserved.
TNS-01106: Listener using listener name LISTENER has already been startedFor checking status.[oracle@v-itig42 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 05-MAR-2010 07:12:01
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC3)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 05-MAR-2010 06:10:20
Uptime 0 days 1 hr. 1 min. 41 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /oracle/oracle/product/10.2.0/db_1/network/admin/listener.ora
Listener Log
[oracle@v-itig42 ~]$ lsnrctl start
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 05-MAR-2010 07:12:13
Copyright (c) 1991, 2005, Oracle. All rights reserved.
TNS-01106: Listener using listener name LISTENER has already been startedFor checking status.[oracle@v-itig42 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.1.0 - Production on 05-MAR-2010 07:12:01
Copyright (c) 1991, 2005, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC3)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production
Start Date 05-MAR-2010 06:10:20
Uptime 0 days 1 hr. 1 min. 41 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /oracle/oracle/product/10.2.0/db_1/network/admin/listener.ora
Listener Log
File /oracle/oracle/product/10.2.0/db_1/network/log/listener.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC3)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=v-itig42.persistent.co.in)(PORT=1523)))
Services Summary :
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "orcl" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orclXDB" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orcl_XPT" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
The command completed successfully
Step5 : Connect to Oracle sql database(and this should be done only as oracle user).
[oracle@v-itig42 ~]$ sqlplus /nolog
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC3)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=v-itig42.persistent.co.in)(PORT=1523)))
Services Summary :
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "orcl" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orclXDB" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orcl_XPT" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
The command completed successfully
Step5 : Connect to Oracle sql database(and this should be done only as oracle user).
[oracle@v-itig42 ~]$ sqlplus /nolog
SQL*Plus: Release 10.2.0.1.0 - Production on Fri Mar 5 07:22:56 2010
Copyright (c) 1982, 2005, Oracle. All rights reserved.
SQL>
This sql> prompt indicates you have sucessfully connected..
SQL> conn sys@iasdb as sysdba
Enter password :Connected to an idle instance.SQL>If the database is not started it will show the messages as connected to idle instance.Copyright (c) 1982, 2005, Oracle. All rights reserved.
SQL>
This sql> prompt indicates you have sucessfully connected..
SQL> conn sys@iasdb as sysdba
4. To start the database executeSQL> startup
ORACLE instance started.
Total System Global Area 289406976 bytesFixed Size 1301536 bytes
Variable Size 262677472 bytes
Database Buffers 25165824 bytes
Redo Buffers 262144 bytes
Database mounted.
Database opened.
SQL>5. To check the name of the databaseSQL> select name from v_$database;
NAME
---------
IASDB
How to use the "lsof" command
Problem:
You have a service that cannot bind to a port and the only message you have in log files is 'port already in use' or you have a need to find out exactly what processes are currently manipulating your server and what files they are affecting.
Solution:
Use the "lsof" command. lsof stands for LiSt Open Files. lsof can save you a lot of time and hassle if you are just checking on the status of your machine, but more importantly can give you valuable information and point you in the right direction when troubleshooting what exactly your machine is up to. Most are familiar with the command 'netstat' which provides a wealth of information about your network sockets. But the name implies exactly what it is good at: revealing information about your network sockets.
lsof takes it a notch further. Linux treats most everything as a file. Sockets, devices, directories, etc, can all be viewed as files. When a process or application interacts with these files it has to "open" them if you will. Using this command you can delve into and see what your system is up to. Checking out the man pages on lsof (#man lsof) is a great start to see how to explore the current "goingson" of your box. Some examples are included to show you the power and wealth of information from this little lister.
It's a great tool for administrators.
Example:
Show all open TCP files - Will return what service is running, who is running it, the process ID and the connections on all TCP ports:
# lsof -i TCP
Show open TCP files on port 80 -
# lsof -i TCP:80
returns --> httpd2-wo 7010 wwwrun 3u IPv6 14787 TCP *:http (LISTEN)
Show open LDAP connections on TCP -
# lsof -i TCP:636
Want to know what files are open by a particular command (substitute your command after the c, and yes you can abbreviate it matches the closest command)-
# lsof -c mysq
returns -->
mysqld 991 admin cwd DIR 8,3 240 148743 /home/admin/novell/idm/mysql/data
mysqld 991 admin rtd DIR 8,3 536 2 /
mysqld 991 admin txt REG 8,3 5464060 148691 /home/admin/novell/idm/mysql/bin/mysqld
mysqld 991 admin 0r CHR 1,3 41715 /dev/null
mysqld 991 admin 1w REG 8,3 1250 149954 /home/admin/novell/idm/mysql/mysql.log
mysqld 991 admin 2w REG 8,3 1250 149954 /home/admin/novell/idm/mysql/mysql.log
mysqld 991 admin 3u IPv4 86990 TCP *:63306 (LISTEN)...
Want to know what files are open by a particular device?
#lsof /dev/cdrom
returns --> bash 30904 admin cwd
DIR 3,0 2048 63692 /media/cdrecorder/linux/user_application_provisioning
You can change TCP to UDP and narrow down your requests to very specific items you
want to target (i.e. is there an established connection from xyz.somesite.com?).
# lsof -i TCP@192.168.0.2:636 (lists LDAP connections to my server)
returns --> java 890 root 18u IPv6 8365030
TCP myserver.somecompany.com:42936->myserver.somecompany.com:ldaps (ESTABLISHED)
ndsd 6520 root 262u IPv4 8390927
TCP myserver.somecompany.com:ldaps->myserver.somecompany.com:43123 (ESTABLISHED)
List all open files belonging to PID (process ID) 11925:
#lsof -p 11925
List all open files belonging to processes owned by the user named "al":
#lsof -u al
List files open in the directory specified, but don't descend into sub-directories:
#lsof +d '/Users/al'
The next command lists files that are open in the directory specified, and also descends into sub-directories. Beware: this can take a very long time to run for large directory structures:
#lsof +D '/Users/al'
You have a service that cannot bind to a port and the only message you have in log files is 'port already in use' or you have a need to find out exactly what processes are currently manipulating your server and what files they are affecting.
Solution:
Use the "lsof" command. lsof stands for LiSt Open Files. lsof can save you a lot of time and hassle if you are just checking on the status of your machine, but more importantly can give you valuable information and point you in the right direction when troubleshooting what exactly your machine is up to. Most are familiar with the command 'netstat' which provides a wealth of information about your network sockets. But the name implies exactly what it is good at: revealing information about your network sockets.
lsof takes it a notch further. Linux treats most everything as a file. Sockets, devices, directories, etc, can all be viewed as files. When a process or application interacts with these files it has to "open" them if you will. Using this command you can delve into and see what your system is up to. Checking out the man pages on lsof (#man lsof) is a great start to see how to explore the current "goingson" of your box. Some examples are included to show you the power and wealth of information from this little lister.
It's a great tool for administrators.
Example:
Show all open TCP files - Will return what service is running, who is running it, the process ID and the connections on all TCP ports:
# lsof -i TCP
Show open TCP files on port 80 -
# lsof -i TCP:80
returns --> httpd2-wo 7010 wwwrun 3u IPv6 14787 TCP *:http (LISTEN)
Show open LDAP connections on TCP -
# lsof -i TCP:636
Want to know what files are open by a particular command (substitute your command after the c, and yes you can abbreviate it matches the closest command)-
# lsof -c mysq
returns -->
mysqld 991 admin cwd DIR 8,3 240 148743 /home/admin/novell/idm/mysql/data
mysqld 991 admin rtd DIR 8,3 536 2 /
mysqld 991 admin txt REG 8,3 5464060 148691 /home/admin/novell/idm/mysql/bin/mysqld
mysqld 991 admin 0r CHR 1,3 41715 /dev/null
mysqld 991 admin 1w REG 8,3 1250 149954 /home/admin/novell/idm/mysql/mysql.log
mysqld 991 admin 2w REG 8,3 1250 149954 /home/admin/novell/idm/mysql/mysql.log
mysqld 991 admin 3u IPv4 86990 TCP *:63306 (LISTEN)...
Want to know what files are open by a particular device?
#lsof /dev/cdrom
returns --> bash 30904 admin cwd
DIR 3,0 2048 63692 /media/cdrecorder/linux/user_application_provisioning
You can change TCP to UDP and narrow down your requests to very specific items you
want to target (i.e. is there an established connection from xyz.somesite.com?).
# lsof -i TCP@192.168.0.2:636 (lists LDAP connections to my server)
returns --> java 890 root 18u IPv6 8365030
TCP myserver.somecompany.com:42936->myserver.somecompany.com:ldaps (ESTABLISHED)
ndsd 6520 root 262u IPv4 8390927
TCP myserver.somecompany.com:ldaps->myserver.somecompany.com:43123 (ESTABLISHED)
List all open files belonging to PID (process ID) 11925:
#lsof -p 11925
List all open files belonging to processes owned by the user named "al":
#lsof -u al
List files open in the directory specified, but don't descend into sub-directories:
#lsof +d '/Users/al'
The next command lists files that are open in the directory specified, and also descends into sub-directories. Beware: this can take a very long time to run for large directory structures:
#lsof +D '/Users/al'
Subscribe to:
Posts (Atom)