vi (aka vim) tutorial, tips, tricks and useful commands

vi (aka vim) tutorial, tips, tricks and useful commands
Where grep came from (RE being Regular Expression):
:g/RE/p
Delete lines 10 to 20 inclusive:
:10,20d
or with marks a and b:
:'a,'bd
Delete lines that contain pattern:
:g/pattern/d
Delete all empty lines:
:g/^$/d
Delete lines in range that contain pattern:
:20,30/pattern/d
or with marks a and b:
:'a,'b/pattern/d
Substitute all lines for first occurance of pattern:
:%s/pattern/new/
:1,$s/pattern/new/
Substitute all lines for pattern globally (more than once on the line):
:%s/pattern/new/g
:1,$s/pattern/new/g
Find all lines containing pattern and then append -new to the end of each line:
:%s/\(.*pattern.*\)/\1-new/g
Substitute range:
:20,30s/pattern/new/g
with marks a and b:
:'a,'bs/pattern/new/g
Swap two patterns on a line:
:s/\(pattern1\)\(pattern2\)/\2\1/
Capitalize the first lowercase character on a line:
:s/\([a-z]\)/\u\1/
more concisely:
:s/[a-z]/\u&/
Capitalize all lowercase characters on a line:
:s/\([a-z]\)/\u\1/g
more concisely:
:s/[a-z]/\u&/g
Capitalize all characters on a line:
:s/\(.*\)/\U\1\E/
Capitalize the first character of all words on a line:
:s/\<[a-z]/\u&/g
Uncapitalize the first character of all words on a line:
:s/\<[A-Z]/\l&/g
Change case of character under cursor:
~
Change case of all characters on line:
g~~
Change case of remaining word from cursor:
g~w
Increment the number under the cursor:

Decrement the number under the cursor:

redraw:

Turn on line numbering:
:set nu
Turn it off:
:set nonu
Number lines (filter the file through a unix command and replace with output):
:%!cat -n
Sort lines:
:%!sort
Sort and uniq:
:%!sort -u
Read output of command into buffer:
:r !ls -l
Refresh file from version on disk:
:e!
Open a new window:
n
Open a new window with the same file (split):
s
Split window vertically:
v
Close current window:
c
:q
Make current window the only window:
o
Cycle to next window:
w
Move to window below current window:
j
Move to window above current window:
k
Move to window left of current window:
h
Move to window right of current window:
l
Set textwidth for automatic line-wrapping as you type:
:set textwidth=80
Turn on syntax highlighting
:syn on
Turn it off:
:syn off
Force the filetype for syntax highlighting:
:set filetype=python
:set filetype=c
:set filetype=php
Use lighter coloring scheme for a dark background:
:set background=dark
Htmlize a file using the current syntax highlighting:
:so $VIMRUNTIME/syntax/2html.vim
Or, htmlize from a command prompt:
in 2html.sh put:
#!/bin/sh
vim -n -c ':so $VIMRUNTIME/syntax/2html.vim' -c ':wqa' $1 > /dev/null 2> /dev/null
Now just run: shell> 2html.sh foo.py
Document originally from http://www.cs.ualberta.ca/~luca/tricks.vim.html
updated and maintained by Greg Lawler
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
var pageTracker = _gat._getTracker("UA-256828-4");
pageTracker._trackPageview();

Configuring sendmail with STARTTLS and SASL on RedHat Enterprise Linux Server release 5 (Tikanga)

The Required RPMs
If missing any of the above rpms, please use yum or other methods to install.


· sendmail-cf-8.13.8-2.el5
· sendmail-8.13.8-2.el5
· cyrus-sasl-2.1.22-4
· cyrus-sasl-plain-2.1.22-4
· openssl-0.9.8b-8.3.el5
· m4-1.4.5-3.el5.1


The Procedure
1. Back up your configuration files:

#mkdir /etc/mail/SAVE
#cp –p /etc/mail/sendmail.cf /etc/mail/SAVE
#cp –p /etc/mail/sendmail.mc /etc/mail/SAVE


2. Edit sendmail.mc

Please note that m4 doesn't use the # symbol for comments, instead, it starts a line with dnl, which stands for "delete until new line".
The confAUTH_OPTIONS macro allows you to instruct sendmail not to offer plain text authentication until after a secure mechanism such as TLS is active (the p option). We are also prohibiting anonymous logins (the y option). The A option is a workaround for broken MTAs:

define(`confAUTH_OPTIONS', `A y')dnl
Now we define which authentication mechanisms we will trust and use:
TRUST_AUTH_MECH(`LOGIN PLAIN')dnldefine(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl

3. Make a pki certificate

#cd /etc/pki/tls/certs#make sendmail.pem

The current certificate is listed below for future reference:

[root@backup1]# ls -l /etc/pki/tls/certs/sendmail.pem
-rw------- 1 root root 2186 Mar 13 16:18 /etc/pki/tls/certs/sendmail.pem
[root@backup1 etc]# keytool -printcert -file /etc/pki/tls/certs/sendmail.pem

Owner: C=US,ST=FL,L=Tempa,O=markproductions.com,OU=backup1,CN=backup1,1.2.840.113549.1.9.1=markbao123@yahoo.com
Issuer: C=US,ST=FL,L=Tempa,O=markproductions.com,OU=backup1,CN=backup1,1.2.840.113549.1.9.1=markbao123@yahoo.com
Serial number: 0
Valid from: Friday March 13, 2009 AD - 9:18:05;367 o'clock PM GMT-04:00
until: Saturday March 13, 2010 AD - 8:18:05;367 o'clock PM GMT-05:00
Certificate fingerprints
MD5: 39:D7:82:93:03:40:98:FF:89:0C:C7:47:CA:45:62:9E
SHA-160: 8B:3B:F6:D4:0D:69:C2:C2:B7:00:87:65:FD:AD:71:A6:93:79:49:E7
[root@backup1 etc]#

4. Start the saslauthd and the sendmail processes

Start saslauthd

[root@backup1]# chkconfig --level 2345 saslauthd on
[root@backup1]# chkconfig --list saslauthd
saslauthd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@backup1]# service saslauthd start
[root@backup1]# service saslauthd status
saslauthd (pid 6026 6025 6024 6023 6022) is running...

Start sendmail

[root@backup1]# chkconfig --level 345 sendmail on
[root@backup1]# chkconfig --list sendmail
sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@backup1]# service sendmail stop
Shutting down sm-client: [ OK ]
Shutting down sendmail: [ OK ]
[root@backup1# service sendmail start
Starting sendmail: [ OK ]
Starting sm-client: [ OK ]
[root@backup1]# service sendmail status
sendmail (pid 11291 11283) is running...
[root@backup1 mail]#

5. Verify the configuration parameters

NOTE: the compilation options must have “SASLv2” and “STARTTLS”
Also notice that AUTH is offered with the allowed mechanisms (but not STARTTLS, which isn't needed here, as the channel is already encrypted). Authentication takes place, and the message is relayed to its destination.

[root@backup1]# sendmail -d0.10 -bv
Version 8.13.8
Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP STARTTLS TCPWRAPPERS USERDB USE_LDAP_INIT
OS Defines: ADDRCONFIG_IS_BROKEN HASFCHOWN HASFCHMOD
HASGETDTABLESIZE HASINITGROUPS HASLSTAT HASNICE HASRANDOM
HASRRESVPORT HASSETREGID HASSETREUID HASSETRLIMIT HASSETSID
HASSETVBUF HASURANDOMDEV HASSTRERROR HASUNAME HASUNSETENV
HASWAITPID IDENTPROTO NEEDSGETIPNODE REQUIRES_DIR_FSYNC
USE_DOUBLE_FORK USE_SIGLONGJMP
Kernel symbols: /boot/vmlinux
Conf file: /etc/mail/submit.cf (default for MSP)
Conf file: /etc/mail/sendmail.cf (default for MTA)
Pid file: /var/run/sendmail.pid (default)
Canonical name: backup1.markproductions.com
UUCP nodename: backup1.markproductions.com
Conf file: /etc/mail/sendmail.cf (selected)
Pid file: /var/run/sendmail.pid (selected)

============ SYSTEM IDENTITY (after readcf) ============
(short domain name) $w = backup1
(canonical domain name) $j = backup1.markproductions.com
(subdomain name) $m = markproductions.com
(node name) $k = backup1.markproductions.com
========================================================
Recipient names must be specified
[root@backup1 ~]#

[root@backup1]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 backup1.markproductions.com ESMTP Sendmail 8.13.8/8.13.8; Fri, 20 Mar 2009 17:37:25 -0400
EHLO localhost
250-backup1.markproductions.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
^]
telnet> q
Connection closed.
[root@backup1 ~]


6. Update Linux host based firewall

# /sbin/ iptables -A INPUT -p tcp --dport 25 --syn -j ACCEPT
#service iptables save
# grep 'dport 25' /etc/sysconfig/iptables
-A INPUT -p tcp --dport 25 --syn -j ACCEPT
[root@backup1 sysconfig]# service iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
[root@backup1 sysconfig]# service iptables start
Applying iptables firewall rules: [ OK ]
Loading additional iptables modules: [ OK ]

[root@backup1 etc]# service iptables status grep "tcp dpt:25"
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 flags:0x17/0x02

7. Test with sending an email
[markbao@backup1]# Mail -v markbaoxxx@gmail.com
Subject: test from sendmail smtp gateway to gmail mail
.
Cc:
Null message body; hope that's ok
markbao123@gmail.com... Connecting to [127.0.0.1] via relay...
220 backup1.markproductions.com ESMTP Sendmail 8.13.8/8.13.8; Fri, 20 Mar 2009 18:15:02 -0400
>>> EHLO backup1.markproductions.com
250-backup1.markproductions.com Hello localhost.localdomain [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
>>> MAIL From: SIZE=78 AUTH=markbao@backup1.markproductions.com
250 2.1.0 ... Sender ok
>>> RCPT To:
>>> DATA
250 2.1.5 ... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 n2KMF2Xa013041 Message accepted for delivery
markbaoxxx@gmail.com... Sent (n2KMF2Xa013041 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 backup1.markproductions.com closing connection
[markbao@backup1 ~]

-----Original Message-----From: markbao@localhost.localdomain [mailto:markbao@localhost.localdomain] Sent: Friday, March 20, 2009 6:18 PMTo: markbaoxxx@gmail.comSubject: test from sendmail smtp gateway to gmail mail

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.0.238 / Virus Database: 270.11.20/2013 - Release Date: 03/20/09 06:59:00

8. References:
http://sendmail.org/
http://www.whoopis.com/howtos/sendmail-auth-howto.html
http://www.joreybump.com/code/howto/smtpauth.html
http://www.redhat.com/magazine/025nov06/features/email/index.html
http://www.screaming-penguin.com/node/4214

Solstice Disksuite: Recovering the quorum after a disk failure on the system start-up

In a scenario where we lost one disk during the boot, the system start-up couldn't be finalised due to loss of the quorum. So the system will prompt to enter in single user Enter in single user and type the following.

# metadb -i
This will list all meta databases. The replicas that have problems would be flagged with “M”.
So, would be necessary to remove all the replicas from the meta database in order to get the correct
quorum for the mirror to work.
Example
flags first blk block count
M 16 1034 /dev/dsk/c1t0d0s7 <-- failed disk0 M 1050 1034 /dev/dsk/c1t0d0s7 <-- failed disk0 a m p luo 16 16 /dev/dsk/c1t1d0s7 a p luo 1050 1034 /dev/dsk/c1t1d0s7 # metadb -d /dev/dsk/c1t0d0s7 Ignore the messages saying cannot change the file “read-only file-system” # reboot The system will boot from the mirrored disk and this time without quorum issues. Reconnecting the disk0 after bootable mirror test Assuming that you are doing a full test, and the previous Troubleshooting procedure was followed, then issue the following commands: # metadb -a -f -c2 /dev/dsk/c1t0d0s7 The above command will recreate the meta database on the disk0 and once that done, and since it was not a disk failure/corruption. So, the meta structure remains in the disk, the SDS immediately starts the synchronization in all file-systems. # metastat or # metastat grep “%” Disabling the Quorum Rule # echo “set md:mirrored_root_flag=1” >> /etc/system

A Legal Distortion

=============================================
ISR News: Heartland Class Action Lawsuit
Posted: 18 Mar 2009 10:05 AM PDT
Excerpts From ComputerWeekly.com An investor has filed a proposed class action in the US district court of New Jersey on behalf of all other investors in Heartland between August 2008 and February 2009. The complaint alleges that Heartland issued false or misleading statements and failed to disclose material adverse facts about its business, operations and prospects during that period. Heartland's shares during that period also declined from $21.84 per share, or approximately 80%, from its high of $27.19 per share in September 2008.
=============================================

Sure, the security breach of Heartland is shameful. After reading many news and blogger articles, I still have no clue of what kind of spyware could have caused 100 million credit card information to be exposed. I have just taken a security training class. It would have taken a huge amount negligence on the IT management to have allowed a disaster of this magnitude. But business is governed by rule of laws. If having violated any, Heartland will receive its due penalties. Last Friday, for example, PCI council put Hearland's PCI DSS certification on probation. For those lawyers who proposed this class action, I can imagine a motion picture as follows: in the wild safari of Africa, when an elephant is wounded and fell on the ground, a group vultures begin hanging low.