On Linux, there’s many ways to control services that can run on your system. Here are the main and most known init systems that you can find on the common distros, depending on their version.

SystemV

That system is one of the oldest and one of the most common. Its init scripts are stored in /etc/init.d/

To list all the available services, you have to use that command:

To perform an action on one of those services, you will be using:

Upstart (initctl)

Upstart is a successor of SystemV scripts. It works asynchronously, and its scripts are stored in /etc/init/

To list all the available scripts, you have to use that command:

To perform an action on one of those services, you will be using:

SystemD

Its name SystemD means System Daemon. It manages daemons that can be running on a system. It’s a successor of upstart and allows a more flexible management for the services. Init scripts are stored in /etc/systemd/system/

To list all the available scripts, you have to use that command:

To perform an action on one of those services, you will be using:

SupervisorD

Finally, SupervisorD is a supervisor focusing mainly on the applications more than the system. It allows management of applications execution and control their life like you could do with system services.

To display all the applications managed by supervisord:

To control those processes, you will be using:

Generate a CSR (Certificate Signing Request) on your server when you want to get a certificate from a certified provider is often a mandatory step, very easy to execute.

Here are the different steps to execute:

1. Create a specific directory where you will put all your files
   
   mkdir sub.domain.com && cd sub.domain.com

   1	mkdir sub.domain.com && cd sub.domain.com

2. Generate a private key of 2048 bits
   
   openssl genrsa -out sub.domain.com.key 2048

   1	openssl genrsa -out sub.domain.com.key 2048

3. Now generate a CSR with openssl and with the private key you just generated
   
   openssl req -new -sha256 -key sub.domain.com.key -out sub.domain.com.csr

   1	openssl req -new -sha256 -key sub.domain.com.key -out sub.domain.com.csr

   
   Many information will be asked during the creation:
   
   Country Name (2 letter code) []: State or Province Name (full name) []: Locality Name (eg, city) []: Organization Name (eg, company) []: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []: Email Address []: A challenge password []: An optional company name []:

   1 2 3 4 5 6 7 8 9

   Country Name (2 letter code) []: State or Province Name (full name) []: Locality Name (eg, city) []: Organization Name (eg, company) []: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []: Email Address []: A challenge password []: An optional company name []:

4. You now have your CSR and your private key

It’s up to you to get your signed certificate from an official provider using those files.

It can happen that you’re getting that message when trying to connect to your linux server:

The message is quite explicit and you need to update your password right now.

If you don’t want to update your password too many times, you can update the frequency of the expiration to 90 days for example:

Or you can completely disable the expiration by pushing the max value for expiration date to 99999 days:

If you’re getting many “unstrusted issuer” alerts in your app logs, it might be due to some CA trusted certificates outdated.
To fix that, just perform an update:

For Ubuntu/Debian

For CentOS/RedHat

If you need to push multiple lines to one file through a bash script, you can simply use that syntax:

Tip: Be aware that if you’re using indentation, last line should not be indented (this would lead you to some errors).

If you want to add line instead of overwriting file (like we did in the previous example), just replace the “>” with “>>” after cat command.

There’s no easy way to list all the IPs connecting to your postfix server for sending mail. But you can easily extract them from all your postfix logs.

For our example, we will consider the logs from postfix to be as default and located in /var/log/maillog

Here is what a postfix log look like when a connection is received:

For extracting exclusively the IPs, we will use a combination of commands:

• grep ” connect from ” /var/log/maillog will extract every lines containing a connection attempt
• cut -d ‘[‘ -f3 |cut -d ‘]’ -f1 will extract the IP from the line (which is contained between [] )
• sort -u will sort the output by unique values

Here is what we will get as a result once the command is executed (nothing will appear until it finished):

You can obviously re-use this command for any log file that you want to filter out by updating the filtering.