PHPlist – Open Source Email Newsletter Manager (Mass Mailing) Application for Linux

phpList is one of the most popular open source mailing list manager that has a capability of sending newsletters, news, messages to a huge number of subscribers. It provides a user friendly interface where you can manage newsletter, subscriptions lists, newsletter reports, notification and much more. You can also call it as mass mailing software. It’s very easy to integrate with any website.

Install phpList in Centos

phpList Newsletter Manager for Linux

The phpList uses MySQL database for storing information and the script is written in PHP. It runs on any web server which helps the administrator to set up a system for newsletter subscription wherein the users can subscribe to the respective mailing list. You can manage your own mailing list and also attach files to the emails (deal announcement, business documents) etc.

The software was designed for GNU/Linux with Apache. It is also supports other Unix-like systems, such as FreeBSDOpenBSDMac OS X, and Windows.

phpList Demo’s
  1. Watch Frontend Demo of script – http://demo.phplist.com/lists/
  2. Watch Admin Demo of script – http://demo.phplist.com/lists/admin/

Features of phpList

  1. phpList is great for newsletters, notifications and many other uses. It is capable of managing large number of mailing list subscribers. It even works well with small list too.
  2. Phplist web interface allows you to write, send messages and manage the phplist over the internet. However it keeps on sending messages even though your system is turned off.
  3. The templates are fully customizable and can be integrated with several website.
  4. Keep a track of number of users opened your email message.
  5. With the help of FCKeditor and TinyMCE editors you can edit HTML messages. You can give a choice between text or html email message to your subscribers.
  6. It delivers the message in a queue so that each and every subscriber gets the message. It also ensures that they do not receive two copies even they’re subscribed to several list.
  7. Subscriber’s Attributes such as name, country etc. can be personalized, that means you can specify the important information that you need from the users at the time of subscription.
  8. User Management tools are good to maintain as well as manage huge databases of subscribers.
  9. Throttling can limit the load on your server so it doesn’t overload.
  10. Schedule sending allows you to schedule your message as on when the message is to be sent. RSS feeds can be automatically sent to a mailing list weekly, daily, or monthly.
  11. Phplist is presently available in English, French, Portuguese, German, Spanish, Dutch, Traditional Chinese, Vietname and Japanese. Work Translation for other languages in still in progress.

Requirement of phpList

In order to install PhPlist application we require:

  1. GNU/Linux operating system
  2. Apache web server<./li>
  3. PHP version 4.3 or higher
  4. PHP Imap Module
  5. MySQL server version 4.0 or higher
Testing Environment
  1. Operating System – CentOS 6.4 & Ubuntu 13.04
  2. Apache – 2.2.15
  3. PHP – 5.5.3
  4. MySQL – 5.1.71
  5. phpList – 3.0.5

Installation of phpList Newsletter Manager in Linux

As I mentioned earlier that phpList is developed in PHP for Linux with Apache. So, you must have a running Web server with PHP and MySQL installed on the system. Additionally, you also have to install IMAP module for bounce message processing. If not, install them using package manager tool called yum or apt-get according to your Linux distribution.

Step 1: Install Apache, PHP and MySQL

Install on Red Hat based systems using yum command.

# yum install httpd
# yum install php php-mysql php-imap
# yum install mysql mysql-server
# service httpd start
# service mysqld start

Install on Debian based systems using apt-get command.

# apt-get install apache2
# apt-get install php5 libapache2-mod-auth-mysql php5-mysql php5-imap
# apt-get install mysql-server mysql-client
# service apache2 start
# service mysql start

Step 2: Create phpList Database

Once you’ve installed all the required packages on the system, just login to your database (MySQL, here).

# mysql -u root -p

Enter mysql root password. Now create a database (say phplist).

mysql> create database phplist;
Query OK, 1 row affected (0.00 sec)

It is not a good practice to access database from root user directly, hence create a user called ‘tecmint’ and grant all the permission to user on the database ‘phplist‘ with a password to access it. Replace ‘my_password‘ with your own password, we need this password later while configuring phpList.

mysql> grant all on phplist.* to tecmint@localhost identified by 'my_password';
Query OK, 0 rows affected (0.00 sec)

Now reload privileges to reflect new changes on the database and quit the mysql shell.

mysql> flush privileges;
Query OK, 0 rows affected (0.08 sec)

mysql> quit;
Bye

Step 3: Download and Install phpList

Now go the official phpList site and download the latest source tarball (i.e version 3.0.5) using below link.

  1. http://www.phplist.com/download

Alternatively, you may also download the latest source package using the following wget command.

# wget http://garr.dl.sourceforge.net/project/phplist/phplist/3.0.5/phplist-3.0.5.tgz

After Downloading the phplist package, unpack the package files. It will create a directory called ‘phplist-3.0.5′in this directory, you will find a ‘public_html‘ which contains the directory lists.

# tar -xvf phplist-3.0.5.tgz
# cd phplist-3.0.5
# cd public_html/

Now Copy the “lists” directory into a Apache web root directory that can be accessed via the web.

# cp -r lists /var/www/html/        [For RedHat based Systems]

# cp -r lists /var/www/            [For Debian based Systems]

Step 4: Configuring phpList

Open phpList configuration file ‘config.php‘ from the ‘lists/config’ directory in your preferred text editor.

# vi config.php

Add the phpList database connection settings such hostnamedatabase namedatabase user and database password as shown below.

# what is your Mysql database server hostname
$database_host = "localhost";

# what is the name of the database we are using
$database_name = "phplist";

# what user has access to this database
$database_user = "tecmint";

# and what is the password to login to control the database
$database_password = 'my_password';

You need to edit one more setting, by default phpList in ‘testmode‘, so you need to change the value from ‘1‘ to ‘0‘ to disable testmode.

define ("TEST",0);

Once you’ve entered all the details details. Save and close the file.

Step 5: Access phpList Application

Finally, point to your browser at ‘lists/admin‘ directory of your phpList installation. A web-based installation wizard will walk you through the rest.

http://localhost/lists/admin

OR

http://ip-address/lists/admin

Note: If your website ‘example.com‘ is pointed to the directory ‘/var/www/html/‘, and you have placed your phpList files under ‘/var/www/html/lists‘, then you should point your browser to http://www.example.com/lists/admin/.

phpList Installation Wizard

phpList Installation Wizard

Now click on ‘Initialise database‘ and fill information about your organization and set ‘admin‘ password.

phpList Database Initialisation

phpList Database Initialisation

Once, database initialise completes, continue to phpList setup to complete your configuration as per your requirements.

phpList Database Initialisation Completes

phpList Database Initialisation Completes

Once, setup complete. Login into your phpList admin panel.

phpList Admin Login

phpList Admin Login

Start creating new campaigns, view campaigns, add/delete users, view statistics and many more features to explore from the Dashboard.

phpList Dashboard

phpList Dashboard

That’s it! Now, you can start customizing and branding of your newly installed phpList newsletter manager application.

Reference Links

phpList Homepage

I know most of the users, don’t know how to install and configure applications in Linux. If you’re looking for someone to host/setup a phpList on your hosting/personal server, contact us why because we provide a wide range of Linux services at fair minimum rates.

Do let me know if you’re using any other newsletter application which is more robust than the phpList and don’t forget to share this article.

Source

How to Install Java 9 in Debian and Ubuntu Systems

This tutorial will guide you on how to install Java 9 Standard Edition Development Kit (JDK) in Debian and Ubuntu based Linux distributions using PPA and from sources.

Installing Java 9 Using PPA

To install latest Java 9 version, first add following webupd8team/java PPA to your system and update the repository package database as shown.

$ sudo add-apt-repository ppa:webupd8team/java
$ sudo apt-get update

Once PPA has been added and updated, now search for the packages with name oracle-java9 as shown.

$ apt-cache search oracle-java9

Search Java Packages

Search Java Packages

The above output confirms that the Java 9 is available to install using the following command.

$ sudo apt-get install oracle-java9-installer

Install Java 9 in Ubuntu

Install Java 9 in Ubuntu

If you have more than one Java installed on your system, you can install oracle-java9-set-default package to set Java 9 as default as shown.

$ sudo apt-get install oracle-java9-set-default

Please note that the same webupd8team/java PPA also offers older versions of Java packages like Java 8 and Java 7.

Installing Java 9 from Sources

In order to install Java 9 SE SDK in your system, on a Desktop Linux machine, first open a browser and navigate to Java SE official download page.

Here, select Java SE Development Kit 9, hit on Downloads link and check Accept License Agreement in order to start the download process of the latest version of the tarball package.

Java offers no pre-compiled packages in the form of .deb packages for Debian based Linux distributions, so we need to use the gzipped tarball file to perform the installation.

If you install Java on a headless machine or in servers, download Java 9 SE JDK archive via wget command line utility, by issuing the below command.

$ wget --no-cookies --no-check-certificate --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/9.0.4+11/c2514751926b4512b076cc82f959763f/jdk-9.0.4_linux-x64_bin.tar.gz 

After the download completes, navigate to the directory where Java package has been downloaded and issue the below commands to start installing Java software.

The commands executed below will decompress Java tarball archive directly into /opt directory. Enter java extracted path from /opt directory and issue ls command to list the content of the directory. Java executable files are located in bin directory.

$ sudo tar xfz jdk-9.0.4_linux-x64_bin.tar.gz -C /opt/
$ cd /opt/jdk-9.0.4/
$ ls

Java Executable Files

Java Executable Files

Next, insert Java environment variables and the executable files path into your system $PATH variable, by issuing the below commands that will create a new file named java.sh into system profile.

This method ensures that Java environment variables and executables will be accessible system-wide.

$ sudo echo 'export JAVA_HOME=/opt/jdk-9.0.4/' | sudo tee /etc/profile.d/java.sh
$ sudo echo 'export PATH=$PATH:/opt/jdk-9.0.4/bin' | sudo tee -a /etc/profile.d/java.sh

Set Java Environment Variables

Set Java Environment Variables

Finally, log out and log in back again to apply the settings and issue the below command to verify Java installed version on your system.

$ java --version

Verify Java Version

Verify Java Version

Congratulations! The latest version of Java 9 SE SDK is now installed in your Debian based Linux machine.

Source

Tasksel – Easily and Quickly Install Group Softwares in Debian and Ubuntu

One of the several tasks that a Linux user is bound to handle is software installation. There are possibly two methods especially on Debian/Ubuntu Linux systems you can use for installing software. The first is installing individual packages using package management tools such as apt-getaptaptitude and synaptic.

The other is by using Tasksel, is a simple and easy-to-use tool developed for Debian/Ubuntu that provides users an interface to enable them to install a group of related packages such as LAMP ServerMail ServerDNS Server, etc. as a single pre-configured task. It works comparably to meta-packages, you will find nearly all tasks in tasksel present in meta-packages.

How To Install and Use Tasksel in Debian and Ubuntu

To install tasksel, simply run the command below:

$ sudo apt-get install tasksel

After installing Tasksel, it enables you to install one or more predefined group of packages. User need to run it from the command line with a few arguments, it provides a graphical user interface as well where one can select software to install.

The general syntax of running tasksel from the command line is:

$ sudo tasksel install task_name
$ sudo tasksel remove task_name
$ sudo tasksel command_line_options

To start the tasksel user interface, issue the command below:

$ sudo tasksel

Tasksel - List of Software Collection

Tasksel – List of Software Collection

Where you see an asterisk (*) without the red highlighter, it means that software is already installed.

To install one or more software, use the Up and Down arrows to move the red highlighter, press the Space bar to select the software and use the Tab key to move the to <ok>. Then hit Enter button to install the selected software as shown in the screencast below.

Tasksel - Install Software Group

Alternatively, you can list all tasks from the command line as well, by using the command below. Note that in the first column of the list, u (uninstalled) means software is not installed and i (installed) means software is installed.

$ sudo tasksel --list-tasks 
Sample Output
u manual	Manual package selection
u kubuntu-live	Kubuntu live CD
u lubuntu-live	Lubuntu live CD
u ubuntu-gnome-live	Ubuntu GNOME live CD
u ubuntu-live	Ubuntu live CD
u ubuntu-mate-live	Ubuntu MATE Live CD
u ubuntustudio-dvd-live	Ubuntu Studio live DVD
u ubuntustudio-live	Ubuntu Studio live CD
u xubuntu-live	Xubuntu live CD
u cloud-image	Ubuntu Cloud Image (instance)
u dns-server	DNS server
u edubuntu-desktop-gnome	Edubuntu desktop
u kubuntu-desktop	Kubuntu desktop
u kubuntu-full	Kubuntu full
u lamp-server	LAMP server
u lubuntu-core	Lubuntu minimal installation
u lubuntu-desktop	Lubuntu Desktop
u mail-server	Mail server
u mythbuntu-backend-master	Mythbuntu master backend
u mythbuntu-backend-slave	Mythbuntu slave backend
u mythbuntu-desktop	Mythbuntu additional roles
u mythbuntu-frontend	Mythbuntu frontend
u postgresql-server	PostgreSQL database
u samba-server	Samba file server
u tomcat-server	Tomcat Java server
i ubuntu-desktop	Ubuntu desktop
...

You can find a full description of all tasks in /usr/share/tasksel/*.desc and /usr/local/share/tasksel/*.desc files.

Let’s install some group of software packages such LAMPMail ServerDNS Server etc..

Install LAMP stack Using Tasksel

As an example, we shall cover the installation of LAMP (Linux, Apache, MySQL and PHP) stack in Ubuntu 16.04.

You can either use the user interface or the command line option, but here, we shall utilize the command line option as follows:

$ sudo tasksel install lamp-server

Install LAMP Server Using Tasksel in Ubuntu

While the Mysql package is being installed, you will be prompted to configure Mysql by setting a root password. Simply enter a strong and secure password, then hit the Enter key to proceed.

Wait for the installation to complete. After all is done, you can test the LAMP stack installation as follows.

$ sudo task --list-tasks | grep “lamp-server”

i lamp-server	LAM server

Similarly you can also install Mail Server or DNS Server as shown:

$ sudo tasksel install mail-server
$ sudo tasksel install dns-server

Look through the tasksel package man page for more usage options.

$ man tasksel

As a conclusion, tasksel is a simple and easy-to-use interface for users to install software on their Debian/Ubuntu Linux systems.

However, which method of software installation i.e using apt-get/apt/aptitude package management tools or tasksel, do you actually prefer and why? Let us know via the comment section below, as well as any suggestions or other vital feedback.

Source

Install Latest ‘Thunderbird’ Email Client in Linux Systems

Thunderbird is an open source free cross-platform web based email, news and chat client application that is designed to handle multiple email accounts and news feeds.

On December 28, 2016 Mozilla team announced the release of Thunderbird 45.6.0. This new version comes with these features and they are:

Thunderbird 45.6.0 Features

  1. The system integration dialog was shown every time when starting Thunderbird
  2. Various bug fixes and improvements in performance.
  3. Various security fixes.

Check out more about what’s new features and known issues for Thunderbird 45.6.0 version at Thunderbird Release Note.

This article will explain you how to install Thunderbird email client on Linux distributions such as FedoraUbuntuand its derivatives.

In many Linux distributions Thunderbird package included by default, and can be installed using the default package management system, because it will:

  1. Ensure that you have all the needed libraries
  2. Adds a Desktop shortcut to launch Thunderbird
  3. Make Thunderbird accessible to all system users on your computer
  4. It may not offer you the latest version of Thunderbird

Install Thunderbird Email Client in Linux

To install Thunderbird from the default system repositories issue:

$ sudo apt-get install thunderbird   [On Ubuntu based systems]
$ dnf install thunderbird            [On Fedora based systems]

As I said, installing from default repositories will give you older version of Thunderbird. If you want to install most recent version of Mozilla Thunderbird, you can use the PPA maintained by the Mozilla team.

Use CTRL + ALT + T from the desktop to open terminal and add the Thunderbird repository under Ubuntu and its derivatives.

$ sudo add-apt-repository ppa:ubuntu-mozilla-security/ppa

Next, update the system software packages using update command.

$ sudo apt-get update

Once you’ve updated the system, install it using the following command.

$ sudo apt-get install thunderbird

Thunderbird Preview

Install Thunderbird in Linux

Install Thunderbird in Linux

That’s it, you’ve successfully installed Thunderbird 45.6.0 under your Linux system. Thunderbird also available for other operating systems at Thunderbird download page.

Source

10 Useful Open Source Security Firewalls for Linux Systems

Being an Nix admin over 5+ years, I always be responsible for the security management of Linux servers. Firewalls plays an important role in securing Linux systems/networks. It acts like an security guard between internal and external network by controlling and managing incoming and outgoing network traffic based on set of rules. These set of firewall rules only allows legitimate connections and blocks those which are not defined.

Linux Firewalls

10 Open Source Linux Firewalls

There are dozens of open source firewall application available for download in the market. Here in this article, we’ve come up with 10 most popular open source firewalls that might be very useful in selecting one that suits your requirements.

1. Iptables

Iptables/Netfilter is the most popular command line based firewall. It is the first line of defence of a Linux server security. Many system administrators use it for fine-tuning of their servers. It filters the packets in the network stack within the kernel itself. You can find a more detailed overview of Iptables here.

Features of IPtables

  1. It lists the contents of the packet filter ruleset.
  2. It’s lightning fast because it inspects only the packet headers.
  3. You can Add/Remove/Modify rules according to your needs in the packet filter rulesets.
  4. Listing/zeroing per-rule counters of the packet filter rulesets.
  5. Supports Backup and restoration with files.

IPtables Homepage
Basic Guide to Linux IPTables Firewall

2. IPCop Firewall

IPCop is an Open Source Linux firewall distribution, IPCop team is continuously working to provide a stable, more secure, user friendly and highly configurable Firewall management system to their users. IPCop provides a well designed web interface to manage the firewall. It’s very useful and good for Small businesses and Local PCs.

You can configure an Old PC as a secure VPN to provide a secure environment over the internet. It’s also keeps some frequently used information to provide better web browsing experience to its users.

Features of IPCop Firewall

  1. Its Color coded Web Interface allows you to Monitor the performance Graphics for CPU, Memory and Disk as well as Network throughput.
  2. It views and auto rotate logs.
  3. Support Multiple language support.
  4. Provides very secure stable and easily implementable upgrade and add on patches.

IPCop Homepage

3. Shorewall

Shorewall or Shoreline Firewall is another very popular Open source firewall specialized for GNU/Linux. It is build upon the Netfilter system built into the Linux kernel that also supports IPV6.

Feature of Shorewall

  1. Uses Netfilter’s connection tracking facilities for stateful packet filtering.
  2. Supports a wide range of routers/firewall/gateway applications.
  3. Centralized firewall Administration.
  4. A GUI interface with Webmin control Panel.
  5. Multiple ISP support.
  6. Supports Masquerading and port forwarding.
  7. Supports VPN

Shorewall Homepage
Shorewall Installation

4. UFW – Uncomplicated Firewall

UFW is the default firewall tool for Ubuntu servers, it is basically designed to lesser the complexity of the iptables firewall and makes it more user friendly. A Graphical user interface of ufw, GUFW is also available for Ubuntu and Debian users.

Features of UFW

  1. Supports IPV6
  2. Extended Logging options with On/Off facility
  3. Status Monitoring
  4. Extensible Framework
  5. Can be Integrated with Applications
  6. Add/Remove/Modify Rules according to your needs.

UFW Homepage
GUFW Homepage
UFW Installation

5. Vuurmuur

Vuurmuur is another powerful Linux firewall manager built or manage iptables rules for your server or network. At the same time its very user friendly to administrate, no prior iptables working knowledge required to use Vuurmuur.

Features of Vuurmuur

  1. Support IPV6
  2. Traffic shaping
  3. More advanced Monitoring features
  4. Real time monitoring connection and bandwidth usage
  5. Can be easily configured with NAT.
  6. Have Anti-spoofing features.

Vuurmuur Homepage
Vuurmuur Flash Demos

6. pfSense

pfSense is another Open Source and a very reliable firewall for FreeBSD servers. Its based on the concept of Stateful Packet filtering. It offers wide ranges of feature which is normally available on expensive commercial firewalls only.

Features of pfsense

  1. Highly configurable and upgraded from its Web – based interface.
  2. Can be deployed as a perimeter firewall, router, DHCP & DNS server.
  3. Configured as wireless access point and a VPN endpoint.
  4. Traffic shaping and Real Time information about the server.
  5. Inbound and Outbound load balancing.

pfSense Homepage

7. IPFire

IPFire is another open source Linux based firewalls for Small Office , Home Office (SOHO) environments. Its designed with modularity and highly flexibility. IPfire community also took care of Security and developed it as a Stateful Packet Inspection(SPI) firewall.

Features of IPFire

  1. Can be deployed as a firewall, a proxy server or a VPN gateway.
  2. Content filtering
  3. Inbuilt Intrusion detection system
  4. Supports through Wiki, forums and Chats
  5. Support hypervisors like KVM, VmWare and Xen for Virtualization environment.

IPFire Homepage

8. SmoothWall & SmoothWall Express

SmoothWall is an Open Source Linux firewall with a highly configurable Web based interface. Its Web based interface is know as WAM (Web Access manager). A freely distributable version of SmoothWall is know as SmoothWall Express.

Features of SmoothWall

  1. Supports LAN, DMZ, and Wireless networks, plus External.
  2. Real Time content filtering
  3. HTTPS filtering
  4. Support proxies
  5. Log viewing and firewall activity monitor
  6. Traffic stats management on per IP, interface and visit basis
  7. Backup and restoration facility like.

SmoothWall Homepage

9. Endian

Endian firewall is another Stateful packet Inspection concept based firewall which can be deployed as routers, proxy and Gateway VPN with OpenVPN. Its originally developed from IPCop firewall which is also a fork of Smoothwall.

Features of Endian

  1. Bidirectional firewall
  2. Snort Intrusion prevention
  3. Can secure web server with HTTP &FTP proxies, antivirus and URL blacklist.
  4. Can secure Mail servers with SMTP and POP3 proxies, Spam Auto-learning, Greylisting.
  5. VPN with IPSec
  6. Real time Network traffic logging

Endian Homepage

10. ConfigServer Security Firewall

Last, But not the last Configserver security & firewall. It’s a cross platform and a very versatile Firewall, it’s also based on the concept of Stateful packet inspection (SPI) Firewall. It supports almost all Virtualization environments like Virtuozzo, OpenVZ, VMware, XEN, KVM and Virtualbox.

Features of CSF

  1. Its daemon process LFD( Login failure daemon) checks for login failures of sensitive servers like ssh, SMTP, Exim, Imap,Pure & ProFTP, vsftpd, Suhosin and mod_security failures.
  2. Can configure email alerts to notify if something goes unusual or detect any kind of intrusion on your server.
  3. Can be easily integrated popular web hosting control panels like cPanel, DirectAdmin and Webmin.
  4. Notifies excessive resource user and suspicious process via email alerts.
  5. Advanced Intrusion detection system.
  6. Can protect your linux box with the attacks like Syn flood and ping of death.
  7. Checks for exploits
  8. Easy to start/restart/stop & lots more

CSF Homepage
CSF Installation

Other than these Firewalls there are many other firewalls like Sphirewall, Checkpoint, ClearOS, Monowall available in the web to secure your Linux box. Please let the world know which is your favourite firewall for your Nix box and leave your valuable suggestions and queries below in the comment box.

Source

Setting Up OpenERP (Odoo) 9 with Nginx on RHEL/CentOS and Debian/Ubuntu

Odoo, formerly known as OpenERP, is an Open Source Enterprise Resource Planning ERP web based business software written in Python which comes with a suite of web apps designed for every business, such as Website Builders, eCommerce modules, Billing and Accounting, Human Resources, Point of Sale, Customer Relationship Management, Inventory module, Live Chat and many other apps and features.

This tutorial will guide you on you how to install the latest stable version of Odoo (version 9) on a RHEL/CentOS/Fedora or Debian/Ubuntu based systems with Nginx server to act as a reverse proxy in frontend in order to access the web interface faster, securely and from standard web browsing ports, without the need to burden the users to use browser redirect ports.

Step 1: Install and Secure PostgreSQL Database

1. Before you start proceeding with Odoo installation first assure that your system ships with packages provided by Epel repositories in order to install the backend PostgreSQL database.

Also make sure the server is up-to-date with the latest security packages and patches by issuing the below commands:

----------- On RedHat/CentOS based systems ----------- 
# yum update
# yum install -y epel-release

----------- On Debian/Ubuntu based systems ----------- 
# apt-get update && sudo apt-get upgrade # On Debian 

2. Next, go ahead and install PostgreSQL database server, which is the default database used by Odoo to store information.

----------- On RedHat/CentOS based systems -----------
# yum install postgresql-server

----------- On Debian/Ubuntu based systems -----------
# apt-get install postgresql postgresql-client

Initialize PostgreSQL database.

# postgresql-setup initdb	

Now finally start the PostgreSQL database by issuing the below command:

----------- On SystemD systems -----------
# systemctl start postgresql

----------- On SysVinit systems -----------
# service postgresql start

As an additional step to secure PostgreSQL default user, which has a blank password, issue the below command with root privileges in order to change the password:

sudo -u postgres psql
postgres=# \password postgres

Step 2: Install Odoo 9 – OpenERP

3. In order to install Odoo 9 from official repository, first create new yum repository file for Odoo with the following content:

On CentOS/RHEL Systems

# vi /etc/yum.repos.d/odoo.repo

Add the following excerpt to file odoo.repo.

[odoo-nightly]
name=Odoo Nightly repository
baseurl=http://nightly.odoo.com/9.0/nightly/rpm/
enabled=1
gpgcheck=1
gpgkey=https://nightly.odoo.com/odoo.key

On Debian/Ubuntu Systems

On Debian/Ubuntu issue the following command to add the Odoo repositories:

# wget -O - https://nightly.odoo.com/odoo.key | apt-key add -
# echo "deb http://nightly.odoo.com/9.0/nightly/deb/ ./" >> /etc/apt/sources.list

4. Next install Odoo 9 software from binaries.

----------- On RedHat/CentOS based systems -----------
# yum install odoo

----------- On Debian/Ubuntu based systems -----------
# apt-get update && sudo apt-get install odoo

Next, start it and check daemon status by issuing the below commands:

----------- On SystemD systems -----------
# systemctl start odoo
# systemctl status odoo

----------- On SysVinit systems -----------
# service odoo start
# service odoo status

As an additional step you can verify Odoo service listening port by running the ss or netstat command:

# ss -tulpn
OR
# netstat -tulpn

By default, Odoo listens for network connections on port 8069/TCP.

Step 3: Configure Odoo from Web Interface

5. In order to configure Odoo further fire-up a browser and access Odoo web interface at the following URI:

http://host-or-IP-address:8069/

6. Next you will be prompted to create a new database for Odoo and set a strong password for admin account.

Create Odoo Database

Create Odoo Database

7. Once the database has been created you will be redirected to the administration web panel where you can further install applications and configure your ERP. For the moment leave the application as default and log out.

Odoo Administrative Web Panel

Odoo Administrative Web Panel

8. Once returned at the login screen, hit on Manage Databases link and Set a master password in order to secure Odoo database manager.

Odoo Manage Databases

Odoo Manage Databases

Set Odoo Database Manager Password

Set Odoo Database Manager Password

Set New Odoo Manager Password

Set New Odoo Manager Password

9. Once you have secured Odoo database manager you can login on your application and start to configure it further with your required apps and settings.

Install Configure Odoo Applications

Install Configure Odoo Applications

Step 4: Access Odoo from Nginx Frontend

You can configure the system so that users can access Odoo web panel via Nginx reverse proxy. This can facilitate the users to navigate Odoo web interface faster, due to some Nginx frontend caching, on standard HTTP ports without the need to manually enter the http port 8069 on their browsers.

In order to configure this setting first you need to install and configure Nginx on your system by issuing the following steps.

10. First install Nginx web server with the following command:

----------- On RedHat/CentOS based systems -----------
# yum install nginx

----------- On Debian/Ubuntu based systems -----------
# apt-get install nginx

11. Next, open Nginx main configuration file with a text editor and insert the following block after the line which specifies Nginx document root location.

----------- On RedHat/CentOS based systems -----------
# vi /etc/nginx/nginx.conf 

----------- On Debian/Ubuntu based systems -----------
# nano /etc/nginx/sites-enabled/default

Add the following configuration excerpt to nginx.conf file:

 location / {
        proxy_pass http://127.0.0.1:8069;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

Also, comment Nginx location statement by placing a # in front of the following lines. Use the below screenshot as a guide.

#location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
        #       try_files $uri $uri/ =404;
        #}

Configure Nginx for Odoo Reverse Proxy

Configure Nginx for Odoo Reverse Proxy

12. After you’ve made all the above changes, restart Nginx daemon but not before you run getenforcecommand to check if Selinux in enabled on your machine.

On CentOS/RHEL Systems

In case the policy is set to Enforced disable it by issuing the below commands:

# setenforce 0
# getenforce

To completely disable Selinux, open /etc/selinux/config file with a text editor and set the line SELINUX to disabled.

Disable SELinux in CentOS and RHEL

Disable SELinux in CentOS and RHEL

If you don’t want to completely disable Seliux policy and just want to relax the rules in order to grant Nginx proxy with permissive access to network socket run the following command:

# setsebool httpd_can_network_connect on -P
# getsebool -a | grep httpd 

Then, restart Nginx daemon to reflect the changes made above:

# systemctl restart nginx
OR
# service nginx restart

13. This next step is a security optional feature and implies the change of the network socket that Odooapplication is listening, changing the binding address from all interfaces (or address) to localhost only.

This change must be done only in conjunction with Nginx reverse proxy due to the fact that binding the application on localhost only implies that Odoo will not be accessible from users inside the LAN or other networks.

In order to active this change, open /etc/odoo/openerp-server.conf file and edit xmlrpc_interfaceline to bind on localhost only as suggested on the below screenshot.

xmlrpc_interface = 127.0.0.1

Configure Odoo Interface

Configure Odoo Interface

In order to reflect changes restart Odoo service by running the below command:

# systemctl restart odoo.service
OR
# service odoo restart

14. In case your machine has a network defense line provided by the firewall, issue the following commands in order to open firewall ports to outside world for Nginx proxy:

----------- On FirewallD based systems -----------
# firewall-cmd --add-service=http --permanent
# firewall-cmd --reload
----------- On IPTables based systems -----------
# iptables -A INPUT -p tcp -m tcp --sport 80 -j ACCEPT
# iptables -A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
# /etc/init.d/iptables save
----------- On UFW Firewall systems -----------
# ufw allow http

15. That’s it! Now you can successfully access your ERP Odoo application by visiting your server IP Address or domain name.

http://192.168.1.40
http://domain.tld

Odoo Web Interface

Odoo Web Interface

16. In order to automatically run the services after a system reboot issue the following command to enable all the daemons system-wide with one-shot.

------------ On SystemD Systems ------------  
# systemctl enable postgresql.service 
# systemctl enable odoo.service
# systemctl enable nginx.service
------------ On SysVinit Systems ------------ 

# chkconfig postgresql on
# chkconfig odoo on
# chkconfig nginx on

NOTE: For PDF reports, you must manually download and install wkhtmltopdf binary packages for your own distribution by visiting the following link Install wkhtmltopdf to Convert HTML Page to PDF.

Source

5 Tips to Boost the Performance of Your Apache Web Server

According to a recent report by Netcraft (a well-known Internet company that provides among other services web browser usage statistics), Apache continues to be the most widely used web server among sites and Internet-facing computers.

Improve Apache Web Server Performance

5 Tips to Boost Your Apache Web Server Performance

Additionally, Apache keeps experiencing the largest growth among the top web servers, followed by Nginx and IIS. Thus, if you are a system administrator in charge of managing Apache installations, you need to know how to make sure your web server performs at the best of its capacity according to your (or you client’s) needs.

In this article we will discuss a few tips that will help you ensure that Apache will run smoothly and be able to handle the number of requests you are expecting from remote clients.

However, please keep in mind that Apache was not designed with the objective of setting benchmark records – but, even so, it is still capable of providing high performance in almost any usage case you can possibly think of.

​TIP #1: Always keep Apache updated to its latest version

It goes without saying that having the latest version of Apache installed is probably one of the first things you need to consider. As of November 19, 2015, the latest version of Apache available in the CentOS 7 repositories is 2.4.6, whereas in Debian’s is 2.4.10.

However, there may be a recent improvement or a bug fix that has been added to a newly-released stable version, which is then made available to download and install from source. Compilation and installation instructions are also provided here – just remember that if you choose this update method, you may want to back up your current configuration files / sites / virtual hosts as a precaution.

In any event, you can check your currently installed version as follows:

# httpd -v               [On RedHat/CentOS based systems]
# apache2 –v             [On Debian/Ubuntu based systems] 

Check Apache Version

Check Apache Version

As a rule of thumb, stick with the update method provided by the package manager of your chosen distribution (yum update httpd or aptitude safe-upgrade apache2, for CentOS or Debian, respectively) unless there is no other way. You can read the latest release notes in the Apache Documentation section in the Apache HTTP server Project website.

TIP #2: If you are using a Kernel older than 2.4, consider upgrading now

Why? Kernel versions 2.4 and above have the sendfile kernel system call enabled by default. That, in turn, facilitates high performance network file transfers (which are desired in the context of web server-client communications) and enables Apache to deliver static content faster and with lower CPU utilization by performing simultaneous read and send operations.

You can view your currently installed kernel with:

# uname -r

and compare it to the latest stable kernel in www.kernel.org (4.3 at the time of this writing).

Check Linux Kernel Version

Check Linux Kernel Version

Although it is a process not intended for beginners, upgrading your kernel is an interesting exercise to learn more about the internals of Linux.

​TIP #3: Choose the Multi-Processing Module (MPM) that works best for your case

In practice, MPMs extend the modular functionality of Apache by allowing you to decide how to configure the web server to bind to network ports on the machine, accept requests from clients, and use children processes (and threads, alternatively) to handle such requests.

Beginning with version 2.4, Apache offers three different MPMs to choose from, depending on your needs:

    1. The prefork MPM uses multiple child processes without threading. Each process handles one connection at a time without creating separate threads for each. Without going into too much detail, we can say that you will want to use this MPM only when debugging an application that uses, or if your application needs to deal with, non-thread-safe modules like mod_php.
    2. The worker MPM uses several threads per child processes, where each thread handles one connection at a time. This is a good choice for high-traffic servers as it allows more concurrent connections to be handled with less RAM than in the previous case.
  1. Finally, the event MPM is the default MPM in most Apache installations for versions 2.4 and above. It is similar to the worker MPM in that it also creates multiple threads per child process but with an advantage: it causes KeepAlive or idle connections (while they remain in that state) to be handled by a single thread, thus freeing up memory that can be allocated to other threads. This MPM is not suitable for use with non-thread-safe modules like mod_php, for which a replacement such a PHP-FPM must be used instead.

To check the MPM used by your Apache installation, you can do:

# httpd -V

The image below show that this particular web server is using the prefork MPM.

Check Apache MPM

Check Apache MPM

To change this, you will need to edit:

# /etc/httpd/conf.modules.d/00-mpm.conf          [On RedHat/CentOS based systems]
# /etc/apache2/mods-available/<mpm>.load   [On Debian/Ubuntu based systems]

Where <mpm> can be mpm_eventmpm_worker, or mpm_prefork.

and uncomment the line that loads the desired module like so:

LoadModule mpm_event_module modules/mod_mpm_event.so

Note: To make the event MPM work in Debian, you may have to install the libapache2-mod-fastcgi package from the non-free repositories.

Additionally, for CentOS you will need php-fpm (along with fcgi and mod_fcgid) whereas in Debian it’s called php5-fpm (along with apache2-mpm-event).

Last, but not least, restart the web server and the newly installed php-fpm (or php5-fpm) service:

On RedHat/CentOS

# systemctl restart httpd php-fpm && systemctl enable httpd php-fpm

On Debian/Ubuntu

# systemctl restart apache2 php5-fpm && systemctl enable apache2 php5-fpm

Although you can set Apache to use a specific MPM, that configuration can be overridden on a per-virtual hostbasis in the same fashion as indicated earlier.

Just drop the corresponding tags into the configuration file for each virtual host and you’re ready to go – but make sure you’re using one and only one MPM per vhost.

Finally, please note that regardless of your chosen distribution, php-fpm relies on the implementation of FastCGI, which is the reason why I recommended the additional package installations earlier.

For more details and examples on php-fpm and how it can along with the event MPM increase the performance of Apache, you should refer to the official documentation.

This is what I see after changing the default MPM from prefork to event in the same box shown in the previous image:

Choose Apache MPM Module

Choose Apache MPM Module

In CentOS 7, you will need to make sure that the http and https services are enabled through the firewall, and that the network interface(s) are properly added to the default zone.

For example:

# firewall-cmd --zone=internal --add-interface=tun6to4 
# firewall-cmd --zone=internal --add-interface=tun6to4 --permanent 
# firewall-cmd --set-default-zone=internal 
# firewall-cmd --add-service=http 
# firewall-cmd --add-service=https 
# firewall-cmd --add-service=http --permanent 
# firewall-cmd --add-service=https --permanent 
# firewall-cmd --reload

The reason why I’m bringing this up is because I recently experienced an issue where the default firewalld configuration settings in a cloud VPS prevented php-fpm and Apache from processing php files.

As a basic test (I am sure you can think of more complicated or stressful ones), I will create a php file that checkes the existence of another file named test.php in the same directory of two CentOS 7 servers with the same hardware characteristics and load but with different MPM. One of them will use event and the other one will use prefork:

Compare Apache Event and Prefork Module

Compare Apache Event and Prefork Module

This is the php code that I’ve saved into a file named checkiffileexists.php:

<?php
$filename = 'test.php';

if (file_exists($filename)) {
    echo "The file $filename exists";
} else {
    echo "The file $filename does not exist";
}
?>

Then we will run the Apache benchmark tool (ab) with 200 simultaneous requests until 2000 requests are completed:

# ab -k -c 100 -n 2000 localhost/checkiffileexists.php

Let’s run the test and compare the results. Pay attention to the performance statistics:

Apache Performance Load Testing

Apache Performance Load Testing

As you can see, the performance of the server with event is highly superior to its prefork counterpart in every aspect of this test.

TIP #4: Allocate RAM wisely for Apache

Perhaps the most critical hardware item to be taken into account is the amount of RAM allocated for each Apache process. While you cannot control this directly, you can restrict the number of child processes through the MaxRequestWorkers directive (formerly known as MaxClients in Apache 2.2), which will put limits on the RAM usage by Apache. Again, you can set this value on a per host or per virtual host basis.

To do this, you should take note of the average amount of RAM used by Apache, then multiply it by the number of MaxRequestWorkers, and that is the amount of memory that will be allocated for Apache processes. One thing you never want your web server to do is to begin using swap, as that will significantly decrease its performance. Thus, you should always keep the usage of RAM by Apache within the limits that you can afford and never rely on swap for it.

For example, the following block will restrict the number of simultaneous clients to 30. If more clients hit the host, they may experience a delay or a momentary failure that can be easily solved by refreshing the browser. While this may be considered undesirable, it is healthier for the server and in the long run, best for your site as well.

You can place this block inside /etc/httpd/conf/httpd.conf or /etc/apache2/apache2.conf, depending on whether you are using CentOS or Debian.

Please note that the same principle applies to all MPMs – I am using event here to continue with the concept outlined in the previous tip:

<IfModule mpm_event_module>
    StartServers 3
    MinSpareThreads          25
    MaxSpareThreads          75
    ThreadLimit                      64
    ThreadsPerChild          25
    MaxRequestWorkers    30
    MaxConnectionsPerChild    1000
</IfModule>

In any event, it is highly recommended that you refer to the Apache 2.4 docs to see which directives are allowed for your chosen MPM.

​TIP #5: Know your applications

As a rule of thumb, you should not load any Apache modules that are not strictly needed for your application to work. This will require at least an overall knowledge of the applications running on your server, specially if you are a system administrator and there’s another team in charge of development.

You can list the currently loaded modules with:

# httpd -M          [On RedHat/CentOS based systems]
# apache2ctl -M     [On Debian/Ubuntu based systems]

To unload / disable modules in CentOS, you will need to comment out the line that begins with LoadModule(either in the main configuration file or in an auxiliary one inside /etc/httpd/conf.modules.d.

On the other hand, Debian provides a tool called a2dismod to disable modules and is used as follows:

# a2dismod module_name

To enable it back:

# a2enmod module_name

In either case, remember to restart Apache for the changes to take effect.

​ Summary

In this article we have reviewed 5 tips that will help you tune the Apache web server and increase its performance. In addition, you should remember that optimization and performance without security is pointless, so you may want to refer to the install mod_pagespeed to improve webserver performance and Apache hardening tips article in Tecmint.com as well.

Since we cannot adequately cover all the aspects of this topic in this article, perhaps you will think of other ideas that you would like to share with the rest of the community. If so, feel free to let us know using the comment form below.

Source

How to Password Protect Web Directories in Apache Using .htaccess File

When you manage online projects, you often need to limit access to that project in order to protect it against the outside world. There are might be different reasons for that – for example you want to prevent search engine crawlers from accessing your site while it is still in development phase.

Password Protect Apache Web Directories

Password Protect Apache Web Directories

In this tutorial, I am going to show you how to password protected different web sites directories in Apache web server. There are many ways you can achieve this, but we will review two of them which are most commonly used.

The first method configures password protection directly in Apache’s configuration file, while the second one uses .htaccess file.

Requirements

In order to setup password protection for your web directories, you will need to have:

  • A working Apache web server
  • The AllowOverride AuthConfig directive must be enabled in Apache configuration file.

Setup Apache Password Protected Directory

1. For this tutorial, we will be protecting the main web root directory /var/www/html.  To protect that directory, open your Apache’s configuration:

---------------- On RedHat/CentOS based systems ----------------
# vi /etc/httpd/conf/httpd.conf

---------------- On Debian/Ubuntu based systems ----------------
# nano /etc/apache2/sites-available/000-default.conf

2. Find the Apache Document directory root for /var/www/html and add the following things as suggested:

On Apache 2.2 Version

<Directory /var/www/html> 
Options Indexes Includes FollowSymLinks MultiViews 
AllowOverride All
Order allow,deny
Allow from all 
</Directory>

On Apache 2.4 Version

<Directory /var/www/html> 
Options Indexes Includes FollowSymLinks MultiViews 
AllowOverride All 
Require all granted 
</Directory>

Apache 2.4: Enable AllowOverride All

Apache 2.4: Enable AllowOverride All

3. Save the file and restart Apache by using the following command:

--------------- On Systemd -------------------
# systemctl restart httpd         [On RedHat based systems]
# systemctl restart apache2       [On Debian based systems]


--------------- On SysV init -----------------
# service httpd restart           [On RedHat based systems]
# service apache2 restart         [On Debian based systems]

4. Now we will use the htpasswd command to generate username and password for our protected directory. This command is used to manage user files for basic authentication.

The general syntax of the command is:

# htpasswd -c filename username

The -c option specifies the file that will keep the encrypted password and username specifies the user for the authentication.

5. Our password file needs to be located out of the Apache’s web accessible directory so that it is well protected. For that purpose, we will create new directory:

# mkdir /home/tecmint

6. After that we will generate our username and password that will be stored in that directory:

# htpasswd -c /home/tecmint/webpass tecmint

Once you execute this command you will have to enter a password for our new user "tecmint" twice:

Create Apache User Password

Create Apache User Password

After that we will need to make sure that Apache is able to read the “webpass” file. For that purpose, you will need to change the ownership of that file with the following command:

---------------- On RedHat/CentOS based systems ----------------
# chown apache: /home/tecmint/webpass
# chmod 640 /home/tecmint/webpass
---------------- On Debian/Ubuntu based systems ----------------
# chown www-data /home/tecmint/webpass
# chmod 640 /home/tecmint/webpass

7. At this point our new user and password are ready. Now we need to tell Apache to request password when accessing our targeted directory. For that purpose, create file called .htaccess in /var/www/html:

# vi /var/www/html/.htaccess

Add the following code in it:

AuthType Basic
AuthName "Restricted Access"
AuthUserFile /home/tecmint/webpass
Require user tecmint

Create Apache Restricted Access

Create Apache Restricted Access

8. Now save the file and put your setup to the test. Open your browser and enter your IP address or domain name in the web browser, for example:

http://ip-address

You should be prompted for username and password:

Apache Password Protected Directory Authentication

Apache Password Protected Directory Authentication

Enter the username and password that you set to proceed to your page.

Additional Notes

If you are using shared hosting, you will most probably not have access to the Apache configuration file. However most hosting companies have enabled the “AllowOverride All” option by default. This means that you will only need to generate the username and password and then select directory that you wish to protect. This significantly eases your task.

Conclusion

I hope that you found this tutorial useful and help you achieve your goal. If you have any questions or comments, please do not hesitate to post them in the section below.

Source

Limit CPU Usage of a Process in Linux with CPULimit Tool

In an earlier post, we’ve explained CPUTool for limiting and controlling CPU utilization of any process in Linux. It allows a system administrator to interrupt execution of a process (or process group) if the CPU/system load goes beyond a defined threshold. Here, we will learn how to use a similar tool called cpulimit.

Cpulimit is used to restrict the CPU usage of a process in the same way as CPUTool, however, it offers more usage options compared to its counterpart. One important difference is that cpulimit doesn’t manage system load unlike cputool.

Suggested Read: 9 Useful Commands to Get CPU Information on Linux

Install CPULimit to Limit CPU Usage Of a Process in Linux

CPULimit is available to install from default software repositories of Debian/Ubuntu and its derivatives using a package management tool.

$ sudo apt install cpulimit

In RHEL/CentOS and Fedora, you need to first enable EPEL repository and then install cpulimit as shown.

# yum install epel-release
# yum install cpulimit

Limiting Process CPU Usage With CUPLimit

In this sub section, we’ll explain how cpulimit works. First, let’s run a command (same dd command we looked at while covering cputool) which should result into a high CPU percentage, in the background (note that the process PID is printed out after running the command).

$ dd if=/dev/zero of=/dev/null &

[1] 17918

Next, we can use the top or glances tools which output the actual frequently updated state of a running Linux system, to watch the CPU usage of the command above.

$ top

Monitor CPU Usage in Linux

Monitor CPU Usage in Linux

Looking at the output above, we can see that the dd process is utilizing the highest percentage of CPU time 100.0%.

But we can limit this using cputlimit as follows. The --pid or -p option is used to specify the PID and --limit or -l is used to set a usage percentage for a process.

The command below will limit the dd command (PID 17918) to 50% use of one CPU core.

$ sudo cpulimit --pid 17918 --limit 50  

Process 17918 detected

Once we run cpulimit, we can view the current CPU usage for the dd command with top or glances. From the output, the value ranges from (51.5%-55.0% or slightly beyond).

Limit CPU Usage of Process in Linux

Limit CPU Usage of Process in Linux

We can throttle its CPU usage for a second time as follows, this time lowering the percentage further as follows:

$ sudo cpulimit --pid 17918 --limit 20 

Process 17918 detected

As we did before, we can run top or glances to view the new CPU usage for the process, which will range from 20%-25.0% or slightly beyond this.

$ top

Throttle CPU Usage in Linux

Throttle CPU Usage in Linux

Note: The shell becomes un-interactive – doesn’t expect any user input when cpulimit is running. To kill it (which should stop the CPU usage limitation operation), press [Ctrl + C].

To run cpulimit as a background process, use the --background or -b switch, freeing up the terminal.

$ sudo cpulimit --pid 17918 --limit 20 --background

To specify the number of CPU cores present on the system, use the --cpu or -c flag (this is normally detected automatically).

$ sudo cpulimit --pid 17918 --limit 20 --cpu 4

Rather than limit a process’s CPU usage, we can kill it with the --kill or -k option. The default is signal sent to the process is SIGCONT, but to send a different signal, use the --signal or -s flag.

$ sudo cpulimit --pid 17918 --limit 20 --kill 

To exit if there is no suitable target process, or in case it dies, include the -z or --lazy like this.

$ sudo cpulimit --pid 17918 --limit 20 --kill --lazy

For additional information and usage options, view the cpulimit man page.

$ man cpulimit

Do check out the following useful guides for finding CPU info and CPU/system performance monitoring.

  1. Find Top Running Processes by Highest Memory and CPU Usage in Linux
  2. Cpustat – Monitors CPU Utilization by Running Processes in Linux
  3. CoreFreq – A Powerful CPU Monitoring Tool for Linux Systems
  4. Find Top Running Processes by Highest Memory and CPU Usage in Linux
  5. 20 Command Line Tools to Monitor Linux Performance
  6. 13 Linux Performance Monitoring Tools – Part 2

In comparison, after testing CPUTool and CPULimit, we noticed that the former offers a more effective and reliable “process CPU usage limitation” functionality.

This is according to the percentage range of CPU usage observed after running both tools against a given process. Try out both tools and add your thoughts to this article using the feedback form below.

Source

All You Need To Know About Processes in Linux [Comprehensive Guide]

In this article, we will walk through a basic understanding of processes and briefly look at how to manage processes in Linux using certain commands.

process refers to a program in execution; it’s a running instance of a program. It is made up of the program instruction, data read from files, other programs or input from a system user.

Types of Processes

There are fundamentally two types of processes in Linux:

  • Foreground processes (also referred to as interactive processes) – these are initialized and controlled through a terminal session. In other words, there has to be a user connected to the system to start such processes; they haven’t started automatically as part of the system functions/services.
  • Background processes (also referred to as non-interactive/automatic processes) – are processes not connected to a terminal; they don’t expect any user input.

What is Daemons

These are special types of background processes that start at system startup and keep running forever as a service; they don’t die. They are started as system tasks (run as services), spontaneously. However, they can be controlled by a user via the init process.

Linux Process State

Linux Process State

Creation of a Processes in Linux

A new process is normally created when an existing process makes an exact copy of itself in memory. The child process will have the same environment as its parent, but only the process ID number is different.

There are two conventional ways used for creating a new process in Linux:

  • Using The System() Function – this method is relatively simple, however, it’s inefficient and has significantly certain security risks.
  • Using fork() and exec() Function – this technique is a little advanced but offers greater flexibility, speed, together with security.

How Does Linux Identify Processes?

Because Linux is a multi-user system, meaning different users can be running various programs on the system, each running instance of a program must be identified uniquely by the kernel.

And a program is identified by its process ID (PID) as well as it’s parent processes ID (PPID), therefore processes can further be categorized into:

  • Parent processes – these are processes that create other processes during run-time.
  • Child processes – these processes are created by other processes during run-time.

The Init Process

Init process is the mother (parent) of all processes on the system, it’s the first program that is executed when the Linux system boots up; it manages all other processes on the system. It is started by the kernel itself, so in principle it does not have a parent process.

The init process always has process ID of 1. It functions as an adoptive parent for all orphaned processes.

You can use the pidof command to find the ID of a process:

# pidof systemd
# pidof top
# pidof httpd

Find Linux Process ID

Find Linux Process ID

To find the process ID and parent process ID of the current shell, run:

$ echo $$
$ echo $PPID

Find Linux Parent Process ID

Find Linux Parent Process ID

Starting a Process in Linux

Once you run a command or program (for example cloudcmd – CloudCommander), it will start a process in the system. You can start a foreground (interactive) process as follows, it will be connected to the terminal and a user can send input it:

# cloudcmd

Start Linux Interactive Process

Start Linux Interactive Process

Linux Background Jobs

To start a process in the background (non-interactive), use the & symbol, here, the process doesn’t read input from a user until it’s moved to the foreground.

# cloudcmd &
# jobs

Start Linux Process in Background

Start Linux Process in Background

You can also send a process to the background by suspending it using [Ctrl + Z], this will send the SIGSTOP signal to the process, thus stopping its operations; it becomes idle:

# tar -cf backup.tar /backups/*  #press Ctrl+Z
# jobs

To continue running the above-suspended command in the background, use the bg command:

# bg

To send a background process to the foreground, use the fg command together with the job ID like so:

# jobs
# fg %1

Linux Background Process Jobs

Linux Background Process Jobs

You may also like: How to Start Linux Command in Background and Detach Process in Terminal

States of a Process in Linux

During execution, a process changes from one state to another depending on its environment/circumstances. In Linux, a process has the following possible states:

  • Running – here it’s either running (it is the current process in the system) or it’s ready to run (it’s waiting to be assigned to one of the CPUs).
  • Waiting – in this state, a process is waiting for an event to occur or for a system resource. Additionally, the kernel also differentiates between two types of waiting processes; interruptible waiting processes – can be interrupted by signals and uninterruptible waiting processes – are waiting directly on hardware conditions and cannot be interrupted by any event/signal.
  • Stopped – in this state, a process has been stopped, usually by receiving a signal. For instance, a process that is being debugged.
  • Zombie – here, a process is dead, it has been halted but it’s still has an entry in the process table.

How to View Active Processes in Linux

There are several Linux tools for viewing/listing running processes on the system, the two traditional and well known are ps and top commands:

1. ps Command

It displays information about a selection of the active processes on the system as shown below:

# ps 
# ps -e | head 

List Linux Active Processes

List Linux Active Processes

2. top – System Monitoring Tool

top is a powerful tool that offers you a dynamic real-time view of a running system as shown in the screenshot below:

# top 

List Linux Running Processes

List Linux Running Processes

Read this for more top usage examples: 12 TOP Command Examples in Linux

3. glances – System Monitoring Tool

glances is a relatively new system monitoring tool with advanced features:

# glances

Glances - Linux Process Monitoring

Glances – Linux Process Monitoring

For a comprehensive usage guide, read through: Glances – An Advanced Real Time System Monitoring Tool for Linux

There are several other useful Linux system monitoring tools you can use to list active processes, open the link below to read more about them:

  1. 20 Command Line Tools to Monitor Linux Performance
  2. 13 More Useful Linux Monitoring Tools

How to Control Processes in Linux

Linux also has some commands for controlling processes such as kill, pkill, pgrep and killall, below are a few basic examples of how to use them:

$ pgrep -u tecmint top
$ kill 2308
$ pgrep -u tecmint top
$ pgrep -u tecmint glances
$ pkill glances
$ pgrep -u tecmint glances

Control Linux Processes

Control Linux Processes

To learn how to use these commands in-depth, to kill/terminate active processes in Linux, open the links below:

  1. A Guide to Kill, Pkill and Killall Commands to Terminate Linux Processess
  2. How to Find and Kill Running Processes in Linux

Note that you can use them to kill unresponsive applications in Linux when your system freezes.

Sending Signals To Processes

The fundamental way of controlling processes in Linux is by sending signals to them. There are multiple signals that you can send to a process, to view all the signals run:

$ kill -l

List All Linux Signals

List All Linux Signals

To send a signal to a process, use the kill, pkill or pgrep commands we mentioned earlier on. But programs can only respond to signals if they are programmed to recognize those signals.

And most signals are for internal use by the system, or for programmers when they write code. The following are signals which are useful to a system user:

  • SIGHUP 1 – sent to a process when its controlling terminal is closed.
  • SIGINT 2 – sent to a process by its controlling terminal when a user interrupts the process by pressing [Ctrl+C].
  • SIGQUIT 3 – sent to a process if the user sends a quit signal [Ctrl+D].
  • SIGKILL 9 – this signal immediately terminates (kills) a process and the process will not perform any clean-up operations.
  • SIGTERM 15 – this a program termination signal (kill will send this by default).
  • SIGTSTP 20 – sent to a process by its controlling terminal to request it to stop (terminal stop); initiated by the user pressing [Ctrl+Z].

The following are kill commands examples to kill the Firefox application using its PID once it freezes:

$ pidof firefox
$ kill 9 2687
OR
$ kill -KILL 2687
OR
$ kill -SIGKILL 2687  

To kill an application using its name, use pkill or killall like so:

$ pkill firefox
$ killall firefox 

Changing Linux Process Priority

On the Linux system, all active processes have a priority and certain nice value. Processes with higher priority will normally get more CPU time than lower priority processes.

However, a system user with root privileges can influence this with the nice and renice commands.

From the output of the top command, the NI shows the process nice value:

$ top  

List Linux Running Processes

List Linux Running Processes

Use the nice command to set a nice value for a process. Keep in mind that normal users can attribute a nice value from zero to 20 to processes they own.
Only the root user can use negative nice values.

To renice the priority of a process, use the renice command as follows:

$ renice +8  2687
$ renice +8  2103

Check out our some useful articles on how to manage and control Linux processes.

  1. Linux Process Management: Boot, Shutdown, and Everything in Between
  2. Find Top 15 Processes by Memory Usage with ‘top’ in Batch Mode
  3. Find Top Running Processes by Highest Memory and CPU Usage in Linux
  4. How to Find a Process Name Using PID Number in Linux

That’s all for now! Do you have any questions or additional ideas, share them with us via the feedback form below.

Source

WP2Social Auto Publish Powered By : XYZScripts.com