How to use pflogsumm command to analyze postfix logs

To use the pflogsumm command to find general rejection reasons in your mail logs, you need to ensure that your mail server logs contain the necessary information about rejected or bounced emails. Once you have the logs, you can use pflogsumm to analyze them and generate a summary report that includes rejection reasons. Here’s how you can do it:

Install pflogsumm:

sudo yum install postfix-perl-scripts

or

sudo apt-get install postfix-pflogsumm

Once installed, you can run pflogsumm with the path to your mail log file(s) as an argument. For example:

pflogsumm /var/log/mail.log

This command will analyze the mail logs and generate a summary report, including various statistics and information about mail delivery, rejection reasons, etc.

I feel pflogsumm give a general idea, but it does not show you specific emails that are deferring and/or reason(said). I need to look deeper into this and wear my favorite soy hat beanie to concentrate better.

AWStats install and configure in RedHat RHEL

After brewing a great Latin America coffee from Peru I received an email from on of my clients. The client recently installed Apache on RedHat RHEL and wanted to install and configure AWStats in order to track their traffic.

Personally, I don’t have much experience dealing with log files other than just using vim or grep to find the info I need. Anyways, I decided to wear my Espresso machine beanie and take a walk in NYC during the first snow day.

First, you need to SSH to your Linux server and install the perl dependencies:

sudo yum install perl-Time-HiRes perl-libwww-perl 

Next, download the latest version of AWStats or use yum to install it. This is what I did to get the latest AWStats version:

wget https://downloads.sourceforge.net/awstats/awstats-7.9.tar.gz 

Extract the tar.gz

tar xvzf awstats-7.9.tar.gz 

Move the extracted folder to Apache root directory:

mv awstats-7.9 /var/www/html/awstats

Configure AWStats

Make a new directory in:

mkdir /etc/awstats

Then copy the sample config file from the awstats folder you moved above to your /etc/awstats:

sudo cp /var/www/html/awstats/wwwroot/cgi-bin/awstats.model.conf /etc/awstats/awstats.sample.com.conf 

Replace the name awstats.sample.com with your domain name/hostname.

Edit the new config you moved above. Use the text editor of your choice:

sudo vim /etc/awstats/awstats.sample.com.conf 

There are 3 main options I configure for my case:

LogFile: Path to your apache log file

SiteDomain: Domain name of your site.

DirData: Location AWStats will store data.

Configure Apache

Create a new host file:

sudo vim /etc/httpd/conf.d/awstats.<your_domain>.conf

You can use this sample conf file:

<VirtualHost *:80>
  ServerName awstats.example.com
  DocumentRoot /var/www/html/awstats/wwwroot
  ScriptAlias /awstats/ /var/www/html/awstats/wwwroot/cgi-bin/
  <Directory /var/www/html/awstats/wwwroot/cgi-bin/>
    Options ExecCGI
    AllowOverride None
    Order allow,deny
    Allow from all
  </Directory>
  <Directory /var/www/html/awstats/wwwroot/>
    Options None
    AllowOverride None
    Order allow,deny
    Allow from all
  </Directory>
</VirtualHost>

Save changes. You may need to reload Apache.

Go back to:

cd /var/www/html/awstats/ 

and run the perl script in there:

perl tools/awstats_updateall.pl now-config=<your_domain>.com -awstatsprog=./wwwroot/cgi-bin/awstats.pl 

Finally, access your stats using this URL:

http://awstats.<your_domain.com>/awstats/awstats.pl

You should see some data displaying:

Configure AWStats RedHat server
Configure AWStats RedHat server

Hopefully this can help anybody to install and configure AWstats on your server. There are some tasks you should consider. Setup a cronjob to autoupdate AWStats database so it can access new log files. We should place the two commands above into a cronjob:

#maybe run every hour or daily?
0 * * * * cd /var/www/html/awstats/ && perl tools/awstats_updateall.pl now -config=example.com -awstatsprog=./wwwroot/cgi-bin/awstats.pl

Change the cronjob as needed. Thanks!

Clean System Data storage using macOS Terminal

The other day a client contacted me panicking about one his new macOS running out of disk space. He told me his System Data storage shows over 300GB of space. I quickly remembered a related issue on older macs on how to clean system data storage using the terminal.

I quickly put my moka pot beanie, so I can think better. Then I ssh to the client’s mac in their office. After using our friendly commands to find more about disk space:

du -sh - Displays usage info for each file and directories.
df -h - Displays in human readable info on file system disk usage

Check the man pages for more details about the above commands.

To start to clean System Data storage using the Terminal I had to:

sudo su

In order to gain access to other users directories. So, I went to the only user for this mac:

/Users/paco

I noticed the user’s Library folder was HUGE. Then I went for it:

/Users/paco/Library

Ran the below du -sh * to get all folders and their respective size. Wow! ScreenRecordings was taking a huge amount of space.

sh-3.2# du -sh *
452K	Accounts
1.1M	AppleMediaServices
188K	Application Scripts
5.5G	Application Support
2.6M	Assistant
  0B	Assistants
8.0K	Audio
  0B	Autosave Information
 92M	Biome
475M	Caches
4.5M	Calendars
  0B	CallServices
  0B	ColorPickers
  0B	Colors
  0B	Compositions
4.0K	Contacts
 12K	ContainerManager
415M	Containers
  0B	Cookies
299G	ScreenRecordings

In this case ScreenRecordings solve the issue. Other locations you can check are:

~/Application Support

~/Caches

~/Containers

~/Group Containers

~/Logs

~/Mail

~/Messages

~/Mobile Documents

clean system data storage
macOS storage

Remember to contact me if you have any questions or want to collaborate. Thanks!

Update macOS from Terminal

After another snow day in NYC a customer contacted me about not being able to push macOS updates using his MDM provider. Why is the MDM provider not working? Their support was not that helpful and they blamed Apple for the updates not working. Then I said to myself “update macos from terminal?”

Yes, I assumed to update macOS from Terminal was impossible. But, I wished this can be done without any user interaction.

These are the simple steps. Open your Terminal and run:

softwareupdate --list-full-installers

The above command will give you a list of available macOS full installers updates available. You should see an output like this:

Finding available software
Software Update found the following full installers:
* Title: macOS Sonoma, Version: 14.3, Size: 13073941KiB, Build: 23D56
* Title: macOS Sonoma, Version: 14.2.1, Size: 13066225KiB, Build: 23C71
* Title: macOS Sonoma, Version: 14.2, Size: 13066238KiB, Build: 23C64
* Title: macOS Sonoma, Version: 14.1.2, Size: 12604083KiB, Build: 23B92
* Title: macOS Sonoma, Version: 14.1.1, Size: 12604952KiB, Build: 23B81
* Title: macOS Sonoma, Version: 14.1, Size: 12603757KiB, Build: 23B74
* Title: macOS Ventura, Version: 13.6.4, Size: 11912664KiB, Build: 22G513
* Title: macOS Ventura, Version: 13.6.3, Size: 11915962KiB, Build: 22G436
* Title: macOS Ventura, Version: 13.6.1, Size: 11662168KiB, Build: 22G313
* Title: macOS Monterey, Version: 12.7.3, Size: 12109975KiB, Build: 21H1015
* Title: macOS Monterey, Version: 12.7.2, Size: 12116623KiB, Build: 21G1974
* Title: macOS Monterey, Version: 12.7.1, Size: 12110635KiB, Build: 21G920
* Title: macOS Big Sur, Version: 11.7.10, Size: 12125478KiB, Build: 20G1427

Next, you have some options available to download/install these macOS updates.

Download the latest macOS form Terminal

Run the below command:

softwareupdate --fetch-full-installer

The above command will download the latest macOS to your Applications folder. Once the download is done you can start it by double clicking on it. I’m trying to find a way to run it from the Terminal instead.

Download and install the update

Run the below command:

softwareupdate --fetch-full-installer --launch-installer

The above command will download and start the install windows interface. Follow the prompts.

Download specific update version to install later

Run the command:

softwareupdate --fetch-full-installer --full-installer-version version_number

The version_number is the version you saw from the previous command ‘softwareupdate –list-full-installers’. The text in bold below would be the version number:

Title: macOS Sonoma, Version: 14.3, Size: 13073941KiB, Build: 23D56

If you wanted to install the above macOS Sonoma version 14.3 run:

softwareupdate --fetch-full-installer --full-installer-version 14.3

The above will only download it. You will need to run the installer file from the Applications folder.

Launch the installer right away

softwareupdate --fetch-full-installer --full-installer-version version_number --launch-installer

I need to double check the above since it worked on one mac, but not on another one. More results coming soon. Let me run some more tests. Thanks.

smb_full_audit_connect: Samba Linux Failing connect

Another interesting error in Samba Linux I found the in logs of a clients Linux(RedHat 9.3) box: smb_full_audit_connect: Failing to connect

A client contacted me about setting up shares in a Linux server, so Windows clients can connect. No AD lives in this environment, so I decided to setup a stand-alone Samba server. First, I needed to brew my specialty coffee from Honduras using my new Aeropress coffee maker.

Install Samba as stand-alone server

First, you need to run yum. This is for RedHat based servers:

yum install samba

After the samba install is complete you need to configure the server in the /etc/smb.conf file. The below is an essential/basic share configuration I found un an older server:

[tt]
        comment = test
        path = /var/www
        writeable = yes
        browseable = yes
;       security = user
        follow symlinks = yes
        valid users = paco, example
;        vfs objects = full_audit
;        full_audit:prefix = nasaudit|%u|%I|%m
;        full_audit:success = mkdir rmdir pwrite ulink rename
;        full_audit:failure = mkdir rmdir pwrite ulink rename

This example was not working for me and gave me the error:

smb_full_audit_connect: Invalid success operations list. Failing connect

If you see above I had to comment out some sections that start with ‘full’, ‘vfs’ ‘security’ is optional for me. In the samba config file you can comment configuration lines using ‘ ; ‘.

After making the changes you have to verify you smb.conf file syntax is OK by running this command:

testparm

You should see something like this if everything is good:

Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback)
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
# Global parameters
[global]
	log file = /var/log/samba/log.%m
	max log size = 50
	security = USER
	server string = Samba Server Version %v
	workgroup = MYGROUP
	idmap config * : backend = tdb
	create mask = 0664
	cups options = raw
	directory mask = 0775

[tt]
	comment = test
	path = /var/www
	read only = No
	valid users = pepe example

Next, make sure you allow samba if you have firewalld enabled. If not, you can skip the below commands:

# firewall-cmd --permanent --add-service=samba
# firewall-cmd --reload

Currently, we tend to disable the firewalld in Linux RedHat at this client’s location.

Finally, enable and start the Samba service in Linux:

systemctl enable --now smb

Remember to reload or restart Samba’s configuration if you make any changes to your /etc/smb.conf file:

Reload Samba: (Samba services reload every 3min automatically)

smbcontrol all reload-config

Restart Samba: (When you change parameters such as security and others)

systemctl restart smb

There are many options in Samba these are only essential ones. You can always contact me if you have any questions.

Remember to see my cool coffee mugs and T-Shirt designs in my shop. Let me know what you think. Thanks!

Find macOS version using the Terminal

I like to use the Terminal for most of my work and to find macOS version is quite simple. I help most of my clients remotely and using the Terminal is usually fast and simple in my opinion. As usual, I need to brew a great cup of coffee at home before taking on any job.

Open your Terminal and run the sw_vers command. You should see the below output:

admin@some-mac ~ % sw_vers     
ProductName:	macOS
ProductVersion:	12.7.2
BuildVersion:	21G1974

There is another Terminal command system_profiler which can give you more details about your mac. For example, run:

system_profiler SPSoftwareDataType

admin@some-mac ~ % system_profiler SPSoftwareDataType
Software:
    System Software Overview:
      System Version: macOS 12.7.2 (21G1974)
      Kernel Version: Darwin 21.6.0
      Boot Volume: Macintosh HD
      Boot Mode: Normal
      Computer Name: some-mac
      User Name: Admin (admin)
      Secure Virtual Memory: Enabled
      System Integrity Protection: Enabled
      Time since boot: 6:03

The above will give you more details about your mac as you can see. There are also more details you can grab using your macos Terminal. Type:

system_profiler --help

The system_profiler command will give you all options including the -listDataTypes option. This will give you all possible ‘datatypes’ available. For example to learn more about your macOS hardware type:

system_profiler SPHardwareDataType

You should see an output:

Hardware:
    Hardware Overview:
      Model Name: iMac
      Model Identifier: iMac21,1
      Chip: Apple M1
      Total Number of Cores: 8 (4 performance and 4 efficiency)
      Memory: 16 GB
      System Firmware Version: 10151.61.4
      OS Loader Version: 7459.141.1.701.1
      Serial Number (system): H4TJL28XQ6X3
      Hardware UUID: 25A75F6A-6189-5341-B20D-BE420D1564FF
      Provisioning UDID: 00008103-000665441163401E
      Activation Lock Status: Disabled

Hope this brief tutorial helps somebody. Contact me if you have any questions or like to collaborate. Check out my cool T-Shirts and coffee mugs shop. I make my own designs. Currently, I’m working on new creations. I will let you know when they are available.

4 ways to run Linux Commands in the Background

This is also another Linux command I tend to forget. I usually need to re-search how to run Linux commands in the background. This happens when I stop using the command line for a while. This time I’m going to write a brief Linux tutorial about this. First I need have brew a good cup of coffee from Nicaragua while wearing my Moka pot beanie at home.

I’m sure there are more ways to run Linux commands in the background, but I’m adding the four ways to accomplish it for now.

1. Add the ‘&’ ampersand after the command

For example, if you want to launch VSCode or other app from the command line. You can also run any scripts:

code &
./my_script &

2. Use the bg command

This one is simple to use, but I didn’t understand how it worked. For example:

some_command

Then press the keys Control+Z. This suspends the running process. Then, type:

bg

You will see something like:

[1]+ some_command &

Then, use the jobs command to see the running process/commands running in the background.

3. Screen Command

This one I find it very easy to use. In your Terminal type:

screen

You will be presented with something like this:

Type your command as usual. Then press control+a followed by a ‘d’. This will detach it from the screen session and place it in the background.

You can type screen -r to re-attached the session.

4. nohup command

The nohup command you can run a script/command and you can exit your Terminal and the process will remain.

nohup your_command &

There are many other ways to run Linux commands in the background. The above are only some. I’m still learning. Contact me if you have any questions or want to collaborate. Thanks.

My shop. I make my own designs.

Use the tar command to create/extract files in Linux

Sometimes I struggle to remember basic Linux commands. For example, how to create a tar.gz file in the command line is one of them. Also, how to extract the contents of a tar.gz file or view the contents or how to use my camera for street photography in Brooklyn. We need to use our friendly tar command for this purpose. This is very easy!

The tar command is mainly used to create archives while keeping most file properties. Strangely, the tar command is one of the few Linux commands that you can use without a ‘ – ‘ dash. Simple examples below:

Create a tar.gz file using command line

The below command creates an archive of your_directory named yourfile.tar.gz:

tar -czvf yourfile.tar.gz your_directory

Let’s say you want to create an archive of all your .csv files:

tar -czvf yourfiles.tar.gz *.csv

To make sure the .tar.gz was created run:

ls -l yourfiles.tar.gz
or
ls -l and look for the created .tar.gz

List the contents of a tar.gz

You can easily list the contents of the tar.gz. Use the flag ‘t’:

tar -ztvf your_file.tar.gz

Extract the contents of a .tar.gz in Linux

The syntax is similar just use the flag ‘x’ to extract the contents of a .tar.gz file:

tar -xvzf your_file.gz

Brief tar command explanation

tar command flag/optionWhat it does
-cCreate new archive
-xExtract from archive
-tList contents of a .tar.gz
-vVerbose output
-fUse the specified file hello.tar.gz
-CChange to a directory before any operations
-zFilter the archive with gzip to compress/decompress

Remember to contact me if you have any questions. Also, check out my shop for cool coffee mugs and T-Shirts. I make my own designs. Some examples below. Thanks!

10 Tips for Writing Google Friendly Content

I have been trying to learn more about SEO and how to start writing google friendly content. To be honest this topic is mysterious in my opinion. I still don’t get it. Anyways, I put my thinking beanie hat and decided to get a list of things everyone should be aware below.

Tips for writing Google friendly content

  1. Keyword Research:
    • Identify relevant keywords related to your content. Use tools like Google Keyword Planner to find keywords with high search volume and incorporate them naturally into your content.
  2. Quality Content:
    • Provide valuable and well-written content that answers the user’s query. Google rewards content that is informative, engaging, and adds value to the reader.
  3. Headings and Subheadings:
    • Organize your content using clear headings and subheadings. This not only makes it easier for readers to follow but also helps search engines understand the structure and relevance of your content.
  4. Meta Tags:
    • Optimize your meta title and meta description with relevant keywords. This is the information displayed in search engine results, so make it compelling and informative.
  5. Mobile-Friendly Design:
    • Ensure your website or content is mobile-friendly. Google prioritizes mobile-responsive sites, and having a mobile-friendly design improves user experience.
  6. Internal and External Links:
    • Include internal links to other relevant content on your site and external links to reputable sources. This helps search engines understand the context and authority of your content.
  7. Optimized Images:
    • Compress and optimize images to improve page load speed. Use descriptive file names and alt text for images, as search engines use this information to understand the content.
  8. Regular Updates:
    • Regularly update your content to keep it relevant. Google favors fresh and up-to-date information.
  9. Social Media Integration:
    • Share your content on social media platforms. Social signals can indirectly impact search engine rankings.
  10. User Experience:
    • Focus on creating a positive user experience. A well-designed, easy-to-navigate site with quality content contributes to higher rankings.

These ColdFusion components can only be accessed from localhost and other allowed IP addresses error

After installing ColdFusion 2023 on Red Hat Linux I got this error:

You tried to access the ColdFusion Administrator or other internal components from a disallowed IP address (70.x.x.x). These ColdFusion components can only be accessed from localhost and other allowed IP addresses.

What my client wanted to do was to access the Admin portal for the new ColdFusion 2023 install. I remember during the installation there was an option like:

Allowed admin IPs are the client IP addresses that can access the ColdFusion administrator. They can be a comma separated list of IP addresses (for example, 10.16.20.23, 172.16.10.10, etc.). IP addresses can range from 10-30, or * wild cards. Both IPv4 and IPv6 addresses are supported.

I got lockout of the CF2023 admin portal. After brewing my own coffee at home I was able to find a solution.

To fix this, you need to login to our friend the Terminal and find this file in your ColdFusion install directory usually at /opt/ColdFusion:

neo-security.xml

ColdFusion documentation is not clear to me. So, I had to do lots of research. But, using the handy find command from within my cfusion directory /opt/ColdFusion/cfusion. I found the neo-security.xml file at:

find . -name neo-security.xml

the location is:

./lib/neo-security.xml

The xml file will look a little messy. Find the lines that show:

<var name='allowedAdminIPList'><string>
[your IPs go here]
</string></var>

Enter the IP or IPs. You can use IP wildcards such as:

10.*.*.*, 192.168.*.*, 172.15.10.4

Save the file and restart ColdFusion:

sh /opt/ColdFusion/cfusion/bin/coldfusion restart

You will need to be root or use sudo.

Try to access the admin portal now. As usual, you can contact me if you have any questions of like collaborate. I’m not an expert, but I like to play and learn different technologies = IT Handyman. Thanks!