tag:blogger.com,1999:blog-34999034161331703682024-03-13T20:16:19.042+05:30Simple Solutionsto make life easyAnonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.comBlogger14125tag:blogger.com,1999:blog-3499903416133170368.post-82907922391990368562013-06-20T01:26:00.001+05:302013-06-20T01:26:52.355+05:30Increasing the maximum processes value in Linux<div dir="ltr" style="text-align: left;" trbidi="on">
The maximum number of processes which can be running concurrently on a Linux Server is 32768 (value of short int). Which means at any given time a 32768 processes can exist concurrently on a Linux Server. However this value can be increased to a larger number by modifying pid_max parameter under /proc/sys/kernel/ folder. The setting can be made permanent by adding this parameter to /etc/sysctl.conf.<div>
<br /></div>
<div>
To increase the number in realtime, execute following command :</div>
<div>
<br /></div>
<div>
echo 33000 > /proc/sys/kernel/pid_max. Replace 33000 with the maximum number of process you want on your servers.</div>
<div>
<br /></div>
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0tag:blogger.com,1999:blog-3499903416133170368.post-10911733072161383382013-05-29T23:31:00.000+05:302013-05-29T23:31:25.202+05:30Authentication refused: bad ownership or modes for file<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
This is one of the common error many system administrators face after configuring password-less ssh (key based authentication between two unix servers. The password-less ssh does not work and (ssh asks for the user password) and /var/log/messages file would show an error message “sshd[15426]:Authentication refused: bad ownership or modes for file”.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
Most of the times this error comes due to incorrect permissions on $HOME/.ssh/authorized_keys file.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
Make sure the permissions of $HOME/.ssh/authorized_keys file and other important files is as given below to fix this error.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin: 0px; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
<div style="border: 0px; font-family: inherit; font-style: inherit; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
1. Permissions of $HOME/.ssh folder (.ssh folder in home directory of user) should be 700 (drwx——)</div>
</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
2. Permissions on authorized_keys file in $HOME/.ssh folder should be 740</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
3. Permissions on id_dsa or id_rsa (depending upon the algorithm type used) file in $HOME/.ssh folder should be 600</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
4. Permissions on id_dsa.pub or id_rsa.pub file in $HOME/.ssh folder should be 640</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
5. Permissions on known_hosts files in $HOME/.ssh folder should be 640.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
6. Make sure the $HOME/.ssh folder and all the above mentioned files in $HOME/.ssh folder has correct ownership (example. If you logged in using pwssh user then the ownership on the .ssh folder and all the files inside .ssh folder should be pwssh:pwssh).</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
Cheers!!</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0tag:blogger.com,1999:blog-3499903416133170368.post-37642729677429728682013-05-29T23:28:00.000+05:302013-05-29T23:28:00.925+05:30Immutable Files in Linux<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
Recently I came across a situation. I was trying to delete a configuration file in Linux and got error “rm: cannot remove `path/filename’: Operation not permitted”. I was logged in as root but even though I was neither able to change the contents of file nor able to delete it. I checked the ownership and permissions on the file and found that the file is owned by root user and permissions are 644 which are the default permission when you create a new file.</div>
<blockquote style="background-color: white; border: 0px; color: #373737; font-family: Georgia, 'Bitstream Charter', serif; font-size: 15px; font-style: italic; line-height: 24px; margin: 0px 3em; outline: 0px; padding: 0px; quotes: ''; text-align: justify; vertical-align: baseline;">
<div style="border: 0px; font-family: inherit; font-style: inherit; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
[root@vcsnode1 ~]# ls -l /etc/configfile<br />-rw-r–r– 1 root root 0 Jan 26 08:45 /etc/configfile<br />[root@vcsnode1 ~]#</div>
</blockquote>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
After little troubleshooting, I found that Immutable Flag was set on the file.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
<strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="border: 0px; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-decoration: underline; vertical-align: baseline;">What is Immutable Flag :</span></strong></div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
Immutable flag is an additional file attribute which can be set on file so that anyone should not be able to delete/tamper with the file. It is very useful to setup this flag on Production Servers where changes to configuration files are rare. This attribute can be set on a Linux second extended file system only.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
<strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="border: 0px; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-decoration: underline; vertical-align: baseline;">Who can set immutable flag on a file:</span></strong></div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
Either root user or any process having CAP_LINUX_IMMUTABLE capability can set or clear this attribute.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
<strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="border: 0px; font-family: inherit; font-style: inherit; font-weight: inherit; margin: 0px; outline: 0px; padding: 0px; text-decoration: underline; vertical-align: baseline;">How to check whether immutable flag is set on a file</span></strong></div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
lsattr command can be used to check whether an immutable flag is set on a file.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
Syntax : lsattr filename</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
Example :</div>
<blockquote style="background-color: white; border: 0px; color: #373737; font-family: Georgia, 'Bitstream Charter', serif; font-size: 15px; font-style: italic; line-height: 24px; margin: 0px 3em; outline: 0px; padding: 0px; quotes: ''; vertical-align: baseline;">
<div style="border: 0px; font-family: inherit; font-style: inherit; margin-bottom: 1.625em; outline: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
[root@vcsnode1 ~]# lsattr /etc/configfile<br />—-i——– /etc/configfile<br />[root@vcsnode1 ~]#</div>
</blockquote>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; text-decoration: underline; vertical-align: baseline;"><strong style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">How to Set/Unset Immutable Flag</strong></span></div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
Immutable flag can be set/unset using the chattr command.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
To set the flag use the + sign wi=th chattr command and to unset use the – sign with chattr command</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
Syntax : chattr +or- i filename</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
Example</div>
<blockquote style="background-color: white; border: 0px; color: #373737; font-family: Georgia, 'Bitstream Charter', serif; font-size: 15px; font-style: italic; line-height: 24px; margin: 0px 3em; outline: 0px; padding: 0px; quotes: ''; vertical-align: baseline;">
<div style="border: 0px; font-family: inherit; font-style: inherit; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
[root@vcsnode1 ~]# chattr +i /etc/configfile<br />[root@vcsnode1 ~]# lsattr /etc/configfile<br />—-i——– /etc/configfile<br />[root@vcsnode1 ~]# chattr -i /etc/configfile<br />[root@vcsnode1 ~]# lsattr /etc/configfile<br />————- /etc/configfile<br />[root@vcsnode1 ~]#</div>
</blockquote>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
There are many other file attributes which can be set on a file on Linux second extended file system. A couple of attributes are mentioned below :</div>
<ol style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; list-style-image: initial; list-style-position: initial; margin: 0px 0px 1.625em 2.5em; outline: 0px; padding: 0px; vertical-align: baseline;">
<li style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">append only (a) : – File with this attribute can be opened in append mode only. One has to be root or a process having CAP_LINUX_Immutable capability to set/unset this flat.</li>
<li style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">compressed (c) : - File with this attribute keep the file in compressed state on the disk by the kernel. A read to this file always</li>
<li style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">no dump (d) :- File with this attribute set, would not be a candidate for backup when the dump program executes.</li>
<li style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">data journalling (j) :- File with this attribute set writes all it’s data to journal before writing the data to the file if the file system is mounted with ordered or writeback journaling options. If the file system is mounted with “journal” journaling option, this flag has no effect as the “journal” journaling option would provide similar functionality for all the files stored on the file system.</li>
<li style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">secure deletion (s) :- If the file with this attribute set is deleted, all the data blocks for the file are zeroed and written back to the disk.</li>
</ol>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
All the above attributes can be set/unset using the chattr command.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
Syntax : chattr + or – flag filename.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
To set an attribute use “+” sign with chattr command followed by the flag mentioned above in “()”.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
To unset an attribute use “-” sign with chattr command followed by the flag mentioned above in “()”.</div>
<div style="background-color: white; border: 0px; color: #373737; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; margin-bottom: 1.625em; outline: 0px; padding: 0px; vertical-align: baseline;">
References : Man page for lsattr and chattr</div>
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0tag:blogger.com,1999:blog-3499903416133170368.post-80206586585172671132013-03-03T01:56:00.000+05:302013-03-03T01:56:13.781+05:30Securing JBOSS JMX and Web Console<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="entry-content">
<div style="text-align: justify;">
After installing the JBOSS Application
Server, the jmx console can be accessed by anybody without providing
any username/password. This is a big security risk as anybody can
perform changes though the jmx and web console. Setting up basic
username/password security for the jboss jmx/web console can be
accomplished by performing the following steps on the JBOSS Application
Server.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
1. Edit $JBOSS_HOME/server/all/conf/props/jmx-console-users.properties to add jmx console users. Replace <strong>all</strong>
with your JBOSS profile name. The syntax to add users is
username=password. By default admin user would be available in this file
with admin as password.</div>
<blockquote>
<div style="text-align: justify;">
<strong>Ex : sysadmin=Password007 ##
This configuration will create a new jmx and web console user as sysadmin and set the password as Password007</strong></div>
</blockquote>
<div style="text-align: justify;">
2. To provide admin privileges on jmx and web console to the newly created user, edit <span style="font-family: Verdana; font-size: 10pt;">jmx-console-roles.properties file available in $JBOSS_HOME/server/all/conf/props folder and add username=JBossAdmin. </span></div>
<blockquote>
<div style="text-align: justify;">
<strong>Ex : sysadmin=JBossAdmin ## This configuration will provide admin privileges to sysadmin user on jmx and web console.</strong></div>
</blockquote>
<div style="text-align: justify;">
<span style="font-family: Verdana; font-size: 10pt;">3.
Edit
$JBOSS_HOME/server/all/deploy/jmx-console.war/WEB-INF/jboss-web.xml file
and uncomment the security domain as shown below.</span></div>
<blockquote>
<div style="text-align: justify;">
<span style="font-family: Verdana; font-size: 10pt;"><strong><jboss-web><br />
<security-domain><br />
java:/jaas/jmx-console<br />
</security-domain><br />
</jboss-web></strong></span></div>
</blockquote>
<div style="text-align: justify;">
<span style="font-family: Verdana; font-size: 10pt;">4. Edit $JBOSS_HOME/server/all/deploy/jmx-console.war/WEB-INF/web.xml file and uncomment the security constraint as shown below.</span></div>
<blockquote>
<div style="text-align: justify;">
<span style="font-family: Verdana; font-size: 10pt;"><strong><security-constraint><br />
<web-resource-collection><br />
<web-resource-name><br />
HtmlAdaptor<br />
</web-resource-name><br />
<description><br />
An example security config that only allows<br />
users with the role JBossAdmin to access the<br />
HTML JMX console web application<br />
</description><br />
<url-pattern>/*</url-pattern><br />
<http-method>GET</http-method><br />
<http-method>POST</http-method><br />
</web-resource-collection><br />
<auth-constraint><br />
<role-name>JBossAdmin</role-name><br />
</auth-constraint><br />
</security-constraint></strong></span></div>
</blockquote>
<div style="text-align: justify;">
5. The location, path or name of the
users and roles configuration files i.e. jmx-console-users.properties or
jmx-console-roles.properties can be changed by editing <span style="font-family: Verdana; font-size: 10pt;">$JBOSS_HOME/server/all/conf/login- -config.xml file.</span><span style="font-family: Verdana; font-size: 10pt;"> Sample configuration is given below.</span></div>
<blockquote>
<div style="text-align: justify;">
<span style="font-family: Verdana; font-size: 10pt;"><strong><application-policy name=”jmx-console”><br />
<authentication><br />
<login-module code=<br />
“org.jboss.security.auth.spi.UsersRolesLoginModule”<br />
flag=”required”><br />
<module-option name=”usersProperties”><br />
props/jmx-console-users.properties<br />
</module-option><br />
<module-option name=”rolesProperties”><br />
props/jmx-console-roles.properties<br />
</module-option><br />
</login-module><br />
</authentication><br />
</application-policy></strong></span></div>
</blockquote>
<div style="text-align: left;">
<span style="font-family: Verdana; font-size: 10pt;">6.
Edit $JBOSS_HOME/server/all/deploy/management/console-mgr.sar/
web-console.war/WEB-INF/jboss-web.xml file and remove the comment of the
security domain as shown below.</span></div>
<blockquote>
<div style="text-align: left;">
<span style="font-family: Verdana; font-size: 10pt;"><strong><jboss-web><br />
<security-domain>java:/jaas/web-console</security-domain><br />
<depends>jboss.admin:service=PluginManager</depends><br />
</jboss-web></strong></span></div>
</blockquote>
<div style="text-align: left;">
7. <span style="font-family: Verdana; font-size: 10pt;">Edit
$JBOSS_HOME/server/all/deploy/management/console-mgr.sar/
web-console.war/WEB-INF/web.xml file and remove the comment of the
security constraint as shown below. </span></div>
<blockquote>
<div style="text-align: left;">
<span style="font-family: Verdana; font-size: 10pt;"><strong><security-constraint><br />
<web-resource-collection><br />
<web-resource-name>HtmlAdaptor</web-resource-name><br />
<description>An example security config that only allows<br />
users with the role JBossAdmin to access the<br />
HTML JMX console web application<br />
</description><br />
<url-pattern>/*</url-pattern><br />
<http-method>GET</http-method><br />
<http-method>POST</http-method><br />
</web-resource-collection><br />
<auth-constraint><br />
<role-name>JBossAdmin</role-name><br />
</auth-constraint><br />
</security-constraint></strong></span></div>
</blockquote>
<div style="text-align: left;">
8. <span style="font-family: Verdana; font-size: 10pt;">Restart JBOSS.</span></div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0tag:blogger.com,1999:blog-3499903416133170368.post-30908503933498843682013-03-03T01:52:00.003+05:302013-03-03T01:52:48.816+05:30Sharing Keyboard and Mouse without KVM Switch using Synergy<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="entry-content">
Synergy is an open source platform independent application which
allows you to control two system using the same Keyboard and Mouse
without using a KVM Switch and help the organization save few dollars <img alt=":)" class="wp-smiley" src="http://localhost/blog/wp-includes/images/smilies/icon_smile.gif" /> <br />
Latest release of Synergy supports almost all Windows Platforms and
Unix platforms with X Windows Version 11 revision 4 or up. Synergy uses
the network to share keyboard and mouse hence, all the systems must
support TCP/IP Networking .<br />
Synergy is open source and released under the <a href="http://synergy2.sourceforge.net/license.html#GPL">GNU Public License (GPL)</a>.<br />
<span style="text-decoration: underline;"><strong>Setting up Synergy on Linux<br />
</strong></span><br />
1. Download and install Synergy Software from http://sourceforge.net/projects/synergy2/files/<br />
2. Identify one system as server system and other would be the client. I always prefer using a unix machine as server.<br />
3. In this example, I am going to use one Linux System and one
Windows System to configure synergy. On the linux system, create
/etc/synergy.conf file with the following information.<br />
<blockquote style="background: #F0F8FF; border: 2px solid;">
[root@linuxhost ~]# cat /etc/synergy.conf<br />
# define the hosts<br />
section: screens<br />
linuxhost:<br />
windowshost:<br />
end<br />
# define links i.e. which host is @ which side<br />
section: links<br />
linuxhost:<br />
right=windowshost<br />
windowshost:<br />
left=linuxhost<br />
end<br />
[root@linuxhost ~]#</blockquote>
There are two sections in the configuration file.<br />
<span style="text-decoration: underline;">Screens</span>: This
section defines the hosts or systems on which you want to share keyboard
and mouse. The dns must be configured or else an entry has to be made
in the hosts file before using the host names in /etc/synergy.conf
file.<br />
<span style="text-decoration: underline;">Links: </span>This section
defines which host is on which side i.e. in the above example windows
host machine is @ the right side of linux machine, so if you move the
mouse pointer to the right side on linux machine, the pointer should go
to Windows Machine and vice versa.<br />
4. Execute the following command <strong>to start Synergy as Server</strong> on Linux Machine. You should see a message in /var/log/messages files that the synergy server is started.<br />
<blockquote style="background: #F0F8FF; border: 2px solid;">
[root@linuxhost ~]# synergys<br />
[root@linuxhost ~]# tail -1 /var/log/messages<br />
Mar 31 12:35:54 linuxhost Synergy 1.3.1: NOTE: synergys.cpp,500: started server<br />
[root@linuxhost ~]#</blockquote>
5. To make sure synergy starts at system boot time, add “synergys ” to /etc/rc.local file.<br />
6. Now open synergy application on the windows system.<br />
7. Select “Use another computer’s shared keyboard and mouse
(client) and type the linux system’s hostname in “Other Computer’s Host
Name” text box.<br />
<br />
8. Click on “Test”.<br />
<div style="text-align: center;">
</div>
9. If you see a message “Connected to server”, then the configuration is successful.<br />
10. Close the test window and click on “Stop”.<br />
<br />
11. Now, click on “AutoStart”<br />
<br />
12. Click on “Install” under “When Computer Starts”. You will get
a dialog box saying “Installed auto-start”. Click on “OK”.<br />
<br />
13. Click on “Start”. You will get a message that synergy is successfully started. Click on “OK”<br />
<br />
Cheers!!<br />
</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0tag:blogger.com,1999:blog-3499903416133170368.post-46665206760980268162013-03-03T01:48:00.002+05:302013-03-03T01:48:48.655+05:30Setting up slewing NTP option in Linux<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="entry-content">
Many times while installing/configuring Oracle Cluster, DBA’s receive the following error message.<br />
<blockquote style="background: #F0F8FF; border: 2px solid;">
<div style="padding-left: 30px;">
Checking NTP daemon command line for slewing option “-x”
<br />
<div style="padding-left: 30px;">
Check: NTP daemon command line</div>
<div style="padding-left: 30px;">
Node Name Slewing Option Set?</div>
<div style="padding-left: 30px;">
vcsnode1 no</div>
<div style="padding-left: 30px;">
vcsnode2 no</div>
Result:NTP daemon slewing option check failed on some nodes
PRVF-5436 : The NTP daemon running on one or more nodes lacks the
slewing option “-x”Result: Clock synchronization check using Network
Time Protocol(NTP) failed</div>
</blockquote>
To fix this error, slewing needs to be configured.<br />
Follow the below steps to configure slewing in Linux.<br />
<ul>
<li>Stop ntpd daemon using the following command.</li>
</ul>
<blockquote style="background: #F0F8FF; border: 2px solid;">
<div id="_mcePaste" style="padding-left: 30px;">
[root@vcsnode1 ~]# service ntpd stop</div>
<div id="_mcePaste" style="padding-left: 30px;">
Shutting down ntpd: [OK]</div>
<div id="_mcePaste" style="padding-left: 30px;">
[root@vcsnode1 ~]#</div>
</blockquote>
<div>
<ul>
<li>Edit /etc/sysconfig/ntpd file. Â Usually the file looks as given below.</li>
</ul>
</div>
<blockquote style="background: #F0F8FF; border: 2px solid;">
<div style="padding-left: 30px;">
[root@vcsnode1 sysconfig]# cat ntpd<br />
# Drop root to id ‘ntp:ntp’ by default.<br />
OPTIONS=”-u ntp:ntp -p /var/run/ntpd.pid”</div>
<div style="padding-left: 30px;">
# Set to ‘yes’ to sync hw clock after successful ntpdate<br />
SYNC_HWCLOCK=no<br />
[root@vcsnode1 sysconfig]#</div>
</blockquote>
<ul>
<li>Edit the file and add “-x” to  “OPTIONS=”-u ntp:ntp -p /var/run/ntpd.pid”" line befor e”-u”</li>
<li>After editing the file, the contents should look like given below</li>
</ul>
<blockquote style="background: #F0F8FF; border: 2px solid;">
<div style="padding-left: 30px;">
[root@vcsnode1 sysconfig]# cat ntpd<br />
# Drop root to id ‘ntp:ntp’ by default.<br />
OPTIONS=”-x -u ntp:ntp -p /var/run/ntpd.pid”</div>
<div style="padding-left: 30px;">
# Set to ‘yes’ to sync hw clock after successful ntpdate<br />
SYNC_HWCLOCK=no<br />
[root@vcsnode1 sysconfig]#</div>
</blockquote>
<ul>
<li>Start ntpd daemon using the following command</li>
</ul>
<blockquote style="background: #F0F8FF; border: 2px solid;">
<div id="_mcePaste" style="padding-left: 30px;">
<div id="_mcePaste">
[root@VCSNode2 ~]# service ntpd start</div>
<div id="_mcePaste">
Starting ntpd: [OK]</div>
<div id="_mcePaste">
[root@VCSNode2 ~]#</div>
</div>
</blockquote>
<div>
<ul>
<li>Ask the DBA to install/proceed to configure Oracle Cluster</li>
</ul>
</div>
<div>
Cheers!!</div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0tag:blogger.com,1999:blog-3499903416133170368.post-15433215921501302202012-11-24T01:36:00.000+05:302012-11-24T01:36:16.149+05:30Configuring Jboss Cluster using Apache JK Module:<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<br />
<div style="margin: 0in 0in 0.0001pt;">
<b><u><span style="font-family: Trebuchet MS, sans-serif;">Configuring Jboss Cluster using Apache JK Module: <o:p></o:p></span></u></b></div>
<div style="margin: 0in 0in 0.0001pt;">
<span style="font-family: Trebuchet MS, sans-serif;"><br /></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<span style="font-family: Trebuchet MS, sans-serif;">Jboss clustering is used to enable
application failover and load balancing.
To configure jboss cluster, you need to Jboss Application Servers with
similar configuration and one apache server.
Apache can also be configured on any one of the jboss application
server. <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt;">
<span style="font-family: Trebuchet MS, sans-serif;">Please follow the below steps to configure
a jboss cluster using Apache JK Module. <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">1. Install
apache 2.0.x server.<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">2. Download
and install JK module from apache.org. If the JK module is installed, you would find
a file with name mod_jk.so in /etc/httpd/modules folder provided the apache
(http) server’s configuration files reside in /etc/httpd folder. <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">3. Load
the JK module by adding below line /etc/httpd/conf/httpd.conf file (Apache
Configuration File)<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt; text-indent: 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">LoadModule jk_module modules/mod_jk.so<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">4. Once
the module is loaded, add the following entries at the end of the /etc/httpd/conf/httpd.conf
(Apache configuration file) <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;"><IfModule mod_jk.c><o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">include conf/modjk.conf<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;"></IfModule><o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">5. Now create
modjk.conf file in /etc/httpd/conf folder with the following contents <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">JkLogFile logs/modjk.log<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">JkLogLevel info<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">JkWorkersFile conf/jkworkers.properties<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">JkMountFile conf/jkmount.properties<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;"><Location /status/><o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">JkMount jkstatus<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">Order deny,allow<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">Allow from all<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;"></Location><o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<span style="font-family: 'Trebuchet MS', sans-serif; text-indent: -0.25in;"> 6. Once
modjk configuration file is created, create the jkworkers.properties file in </span></div>
<div style="margin: 0in 0in 0.0001pt;">
<span style="font-family: 'Trebuchet MS', sans-serif; text-indent: -0.25in;"> /etc/httpd/conf/ with the following contents.</span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.list=jboss,jkstatus<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;"># Entries for 1st node<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node1.type=ajp13<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node1.host=10.154.2.202 ## IP address of 1st node<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node1.port=8009<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node1.lbfactor=1<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node1.disabled=false<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node1.socket_timeout=10<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node1.connect_timeout=20000<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;"># Entries for 2nd node<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node2.type=ajp13<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node2.host=10.154.2.186 ## IP address of 2nd node<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node2.port=8009<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node2.lbfactor=1<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node2.disabled=false<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node2.socket_timeout=10<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.node2.connect_timeout=20000<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">#Load Balancer<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.jboss.type=lb<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.jboss.balance_workers=node1,node2<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.jboss.sticky_session=true<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.jboss.sticky_session_force=false<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.jboss.method=R<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.jboss.lock=P<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">worker.jkstatus.type=status<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">7. Now,
create the jkmount.properties file in /etc/httpd/conf/ folder with the
following contents<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; text-indent: 0.5in;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt; text-indent: 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">/jmx-console*=jboss<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">/application/* = jboss <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: Trebuchet MS, sans-serif;">Replace your application url in place of “/application/*” above
i.e. if your application is url is <a href="http://jbossserver:8080/myapp">http://jbossserver:8080/myapp</a> replace “/myapp/*”
with “/aplication/*”<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.5in;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">8. Restart
httpd (apache) server.<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.25in;">
<span style="font-family: Trebuchet MS, sans-serif;">Now, we have completed the apache configuration however the jboss
configuration is still pending. <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.25in;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">9. Copy
server/all to server/nodex.<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt 0.25in;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">10.Add jvm
route to differentiate jboss instances by updating. To add jvm route, locate a line which
contains “<Engine name=jboss.web defaultHost=localhost>” in $JBOSS_HOME/deploy/jboss-web.deployer/server.xml
file and replace it with “<Engine name=jboss.web defaulHost=localhost
jvmRoute=nodex)” <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">11.
<!--[endif]-->Now,
as a last step, enable JK Module in Jboss.
To enable JK Module, locate a line which contains “<attribute name=UseJK>
false </attribute>” and replace it with “<attribute name=UseJKtrue </attribute>”
in $JBOSS_HOME/server/nodex/deploy/jboss-web.deployer/META-INF/jboss-service.xml
file<o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">12.
<!--[endif]-->Repeat
steps 9,10 & 11 for all the Jboss Nodes.
You need to replace nodex with the appropriate node number i.e. node1,
node2 etc. <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Trebuchet MS, sans-serif;">13.
<!--[endif]-->Restart
jboss application server with new profile i.e. node1, node2 etc. <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt;">
<b><u><span style="font-family: Trebuchet MS, sans-serif;">Deploying Web Applications:<o:p></o:p></span></u></b></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt;">
<span style="font-family: Trebuchet MS, sans-serif;">You need to deploy the applications on any
node in server/profile/farm folder. Replace profile with the appropriate
profile i.e. node1, node2 etc based upon the node on which you are deploying
your applications. Once application is
deployed on any one node in the cluster, the cluster service will copy those
applications on other nodes automatically and the application would be
available on all the nodes. <o:p></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt;">
<b><u><span style="font-family: Trebuchet MS, sans-serif;">Accessing the Web Applications:<o:p></o:p></span></u></b></div>
<div style="margin: 0in 0in 0.0001pt;">
<br /></div>
<div style="margin: 0in 0in 0.0001pt;">
<span style="font-family: Trebuchet MS, sans-serif;">The application can now be accessed
directly by accessing the apache http server url i.e.<a href="http://httpserver/application">http://httpserver/application</a>. Replace
httpserver with domainname or ip address of http server and application with
the application you configured in jkmount.properties file. The additional port
number is not required to access the Web application. The JK module will
automatically forward the request to specific port on JBOSS Application Server.<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0tag:blogger.com,1999:blog-3499903416133170368.post-16715775191868243122012-10-30T01:13:00.000+05:302012-10-30T01:13:15.464+05:30Recovering Linux without getting into rescue mode<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: left;">
</div>
<div style="text-align: justify;">
In large organizations, mostly the servers would be managed remotely through the console (ilo/drac/imm). The large company's also change the root password on all servers periodically which mostly happen through scripts. If, due to any reason, the root password is not updated on server and if the server crash due to any file system related issues, the system admin has to spent lot of time to recover the server because the system admin cannot even get into single user mode due to the fact that file system has issues and the root password is not known. In these situations, the system admin has to boot the system with the Linux Boot CD and get into rescue mode to recover server/root password. The large organizations also mostly would not have a CD at the datacenter and the system admins are expected to use boot.iso (which comes with the linux distribution) to get into rescue mode. Since, the iso image is connected from user desktop, mostly the server (high end) would take huge time to boot up and get into rescue mode.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
However, there is an easy method to quickly recover the server in these situations. Linux allows system admins to provide kernel parameters at boot time (grub screen). rc.sysinit script is responsible for checking the file system(s) and mounting them in the read/write mode. If the system admin can skip the init process and get a root prompt, the kernel will not check for the file system and drop you to the # prompt. The following steps needs to be followed to skip init from loading into the memory in the booting process.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
1. Reboot the server.</div>
<div style="text-align: justify;">
2. At the Grub Prompt, press “a” to provide additional kernel parameters.</div>
<div style="text-align: justify;">
3. Add “init=/bin/bash” at the end and press “Enter”. Basically, we are just telling the kernel to load /bin/bash in place of init to skip init from loading into the memory. The kernel would load /bin/bash in place of init and would drop you to the # Prompt. But, since rc.sysinit script is not yet executed, the root file system is mounted in read-only mode. Hence you need to mount the root file system in read/write mode before making any changes to the system configuration. </div>
<div style="text-align: justify;">
4. mount the root file system in read/write mode using the following command :<br />
<br /></div>
<div style="text-align: justify;">
<blockquote style="background-color: aliceblue; border: 2px solid; color: #373737; font-family: Georgia, 'Bitstream Charter', serif; font-size: 15px; font-style: italic; line-height: 24px; margin: 0px 3em; outline: 0px; padding: 0px; quotes: ''; vertical-align: baseline;">
<span style="background-color: aliceblue; color: #373737; font-family: Georgia, 'Bitstream Charter', serif; font-size: 15px; font-style: italic; line-height: 24px;">bash-3.1# mount -o remount,rw /</span></blockquote>
</div>
<span style="background-color: aliceblue; color: #373737; font-family: Georgia, 'Bitstream Charter', serif; font-size: 15px; font-style: italic; line-height: 24px;">
</span><br />
<div style="text-align: justify;">
5.Now you can do everything, which you can do from single user mode. Update any config file, scan file systems for errors or even enable/disable services at boot time. Once you are done, type exit and hit enter to reboot the server. You would get an error message, “Kernel panic – not syncing : Attempted to kill init !”. Ignore the error and hard reboot the server.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Cheers,</div>
<div style="text-align: justify;">
Vaibhav</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com1tag:blogger.com,1999:blog-3499903416133170368.post-81445824752305001602012-10-27T15:06:00.006+05:302012-10-27T15:06:59.138+05:30RPM Package Management a Quick How To<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<b><u>Quick How to on Red Hat Package Manager (RPM)</u></b></div>
<div style="text-align: left;">
<b><u><br /></u></b></div>
<div style="text-align: left;">
How to install packages with all the dependency packages if all the packages are available at a common repository?</div>
<b>Ans </b>: rpm -ivh --aid packagename.<br /><br />How to check, where a particular package installed it’s configuration files.<br /><b>Ans </b>: rpm -qc packagename.<br /><br />How to check the change log of the installed package.<br /><b>Ans </b>: rpm -q --changelog packagename.<br /><br />How to check, where a particular package installed it’s doc files.<br /><b>Ans</b> : rpm -qd packagenme<br /><br />How to check all the files installed by package?<br /><b>Ans</b> : rpm -q --filesbypkg packagename<br /><br />How to check the version of files installed by a package<br /><b>Ans</b> : rpm -qi packagename<br /><br />How to check the dependencies for a particular packages i.e. Required libraries packages etc.<br /><b>Ans</b> : rpm -q -R packagename.<br /><br />How to upgrade the packages which are already installed on to the linux box.<br /><b>Ans</b> : rpm -F install options packagename.<br /><br />What is the command to update only the rpm database.<br /><b>Ans</b> : rpm -i --justdb packagename<br /><br />What is the command to check whether a particular package installation would be successful but would not actually install the package.<br /><b>Ans</b> : rpm -ivh --test packagename<br /><br />How to check that a particular file belong to which package<br /><b>Ans</b> : rpm -qf filename<br /><br />How to list files in a package<br /><b>Ans</b> : rpm -ql packagename<br /><br />How to verify whether the files installed by package are intact or been tampered/corrupted.<br /><b>Ans</b> : rpm -qs packagename<br /><br />What is the command to create a new RPM Database<br /><b>Ans</b> : rpm --initdb<br /><br />What is the command to rebuild the RPM Database<br /><b>Ans</b> : rpm --rebuilddb<br /><br />Cheers!!<div>
Vaibhav</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0tag:blogger.com,1999:blog-3499903416133170368.post-30166158212182170532012-10-27T00:29:00.002+05:302012-10-27T12:21:10.297+05:30Enabling HTTPS Support in JBOSS<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b><u>Perform the below steps to enable HTTPS support in JBOSS :</u></b></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
1. Execute the following command to generate encryption key for HTTPS.</div>
<div style="text-align: justify;">
<br /></div>
<blockquote style="background-color: aliceblue; border: 2px solid; color: #373737; font-family: Georgia, 'Bitstream Charter', serif; font-size: 15px; font-style: italic; line-height: 24px; margin: 0px 3em; outline: 0px; padding: 0px; quotes: ''; vertical-align: baseline;">
<div style="text-align: justify;">
/usr/java/jdk1.5.0_14/bin/keytool -genkey -keyalg RSA -keystore jboss.keystore -validity 3650</div>
</blockquote>
<div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
2. The command will ask you some information like, name company, country etc. Provide the information, keystore password and key password for mykey. The command will create a file with name jboss.keystore in your current working directory.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
3. Copy the keystore file to $JBOSS_HOME/server/all/conf/ folder.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
4. Edit the $JBOSS_HOME/server/all/deploy/jboss-web.deployer/server.xml file and uncomment the SSL/TLS Connector section. Also update the keystore file location and keystore password in the server.xml file as shown below.</div>
<div style="text-align: justify;">
<br /></div>
</div>
<div>
<blockquote style="background-color: aliceblue; border: 2px solid; color: #373737; font-family: Georgia, 'Bitstream Charter', serif; font-size: 15px; font-style: italic; line-height: 24px; margin: 0px 3em; outline: 0px; padding: 0px; quotes: ''; vertical-align: baseline;">
<div style="text-align: justify;">
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"</div>
<div style="text-align: justify;">
maxThreads="150" scheme="https" secure="true"</div>
<div style="text-align: justify;">
clientAuth="false"</div>
<div style="text-align: justify;">
keystoreFile="${jboss.server.home.dir}/conf/jboss.keystore"</div>
<div style="text-align: justify;">
keystorePass="server" sslProtocol = "TLS" /></div>
</blockquote>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
5. Restart JBOSS.</div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0tag:blogger.com,1999:blog-3499903416133170368.post-41743796517556790512012-10-26T00:29:00.000+05:302012-10-27T12:22:05.689+05:30Reserved Blocks in Linux<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
Reserved blocks are disk blocks reserved by the kernel for processes owned by privileged users to prevent operating system from a crash due to unavailability of storage space for critical processes. For example, just imagine the size of root file system is 14 GB and the root file system is 100% full, all the non privileged user processes would not be able to write data to the root file system whereas processes which are owned by privileged user (root by default) would still be able to write the data to the file system. With the help of reserved blocks, operating system keeps running for hours or sometimes days even though root file system is 100% full.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The default percentage of reserved block is 5 % of the total size of file system and can be increased or decreased based upon the requirement. However, it is not recommended to reduce the percentage of reserved block less than 5 %. Reserved blocks are supported on ext2 and ext3 file system(s).</div>
<div style="text-align: justify;">
<br /></div>
<b></b><br />
<div style="text-align: justify;">
<b><b><u>How to check how many blocks are reserved :</u></b></b></div>
<b>
</b><br />
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
To check the number of blocks reserved on a file system, execute the following command<span style="color: #333333; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="font-size: 15px; line-height: 24px;">.</span></span></div>
<div style="text-align: justify;">
<span style="color: #333333; font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="font-size: 15px; line-height: 24px;"><br /></span></span></div>
<div>
<blockquote data-mce-style="background: #F0F8FF; border: 2px solid;" style="background-color: aliceblue; border: 2px solid; color: #333333; font-family: Georgia, 'Bitstream Charter', serif !important; font-size: 15px; font-style: italic !important; line-height: 24px; margin: 0px 3em;">
<div id="_mcePaste" style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625;">
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]# dumpe2fs -h /dev/VolGroup00/LogVol00 | grep -i block</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
dumpe2fs 1.39 (29-May-2006)</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Block count: 3637248</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Reserved block count: 181862</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Free blocks: 2709898</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
First block: 0</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Block size: 4096</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Reserved GDT blocks: 887</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Blocks per group: 32768</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Inode blocks per group: 1024</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Reserved blocks uid: 0 (user root)</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Reserved blocks gid: 0 (group root)</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Journal backup: inode blocks</div>
<div id="_mcePaste" style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]#</div>
</div>
</blockquote>
<div data-mce-style="text-align: justify;" style="color: #333333; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; text-align: justify;">
<br /></div>
<div style="text-align: justify;">
To find the value for reserved block percentage, compare "Block Count" and "Reserved Block Count" values. In above example, Block Count (Total Blocks) = 3637248 and Reserved Block Count = 181862 so the reserved block percentage option is set to 181862/3637248*100 i.e. 5 % (default value).</div>
<div style="text-align: justify;">
<br /></div>
</div>
<div>
<div style="text-align: justify;">
<b><u>How to change/configure reserve block percentage value :</u></b></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
The value for Reserved Block Percentage can be set at the time of creating the file system as well as after creating the file system. To set the value at the time of creating file system, pass -m option followed by desired value (in percentage) for reserved blocks to the mkfs command.</div>
<div style="text-align: justify;">
<br /></div>
</div>
<div style="text-align: justify;">
To set the reserved block percentage value after creating file system, use the following command.</div>
<div>
<div style="text-align: justify;">
</div>
<div>
<blockquote data-mce-style="background: #F0F8FF; border: 2px solid;" style="background-color: aliceblue; border: 2px solid; color: inherit; font-family: Georgia, 'Bitstream Charter', serif !important; font-size: 15px; font-style: italic !important; line-height: 1.625; margin: 0px 3em;">
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]# tune2fs -m 3 /dev/VolGroup00/LogVol00</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
tune2fs 1.39 (29-May-2006)</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
Setting reserved blocks percentage to 3% (109117 blocks)</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]#</div>
</blockquote>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Above command would set the reserved block percentage value to 3 % of total block count.</div>
<div style="text-align: justify;">
Just in case if you do not want to provide percentage and would like to set exact reserved blocks, you can also accomplish that with the help of below command</div>
</div>
<div style="text-align: justify;">
<br /></div>
<div data-mce-style="text-align: justify;">
<blockquote data-mce-style="background: #F0F8FF; border: 2px solid;" style="background-color: aliceblue; border: 2px solid; color: inherit; font-family: Georgia, 'Bitstream Charter', serif !important; font-size: 15px; font-style: italic !important; line-height: 1.625; margin: 0px 3em;">
<div data-mce-style="text-align: justify;" style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]# tune2fs -r 109117 /dev/VolGroup00/LogVol00</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
tune2fs 1.39 (29-May-2006)</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
Setting reserved blocks count to 109117</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]#</div>
</blockquote>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; font-style: inherit; line-height: 1.625; text-align: justify;">
<strong style="color: inherit; font-style: inherit; line-height: 1.625;"><span data-mce-style="text-decoration: underline;" style="color: inherit; font-style: inherit; font-weight: inherit; line-height: 1.625; text-decoration: underline;"><br /></span></strong></div>
<b></b><br />
<div style="text-align: justify;">
<b><b><u>Which user can access reserved blocks:</u></b></b></div>
<b>
</b><br />
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
By default, only root user is allowed to access reserved blocks, but this can be changed. To allow any other user or group to access reserved blocks, execute the following commands.</div>
</div>
<div data-mce-style="text-align: justify;">
<div style="text-align: justify;">
<br /></div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; font-style: inherit; line-height: 1.625;">
<blockquote data-mce-style="background: #F0F8FF; border: 2px solid;" style="background-color: aliceblue; border: 2px solid; color: inherit; font-family: Georgia, 'Bitstream Charter', serif !important; font-style: italic !important; line-height: 1.625; margin: 0px 3em;">
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]# tune2fs -u oracle /dev/VolGroup00/LogVol00</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
tune2fs 1.39 (29-May-2006)</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
Setting reserved blocks uid to 500</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]#</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625;">
<div style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]# tune2fs -g dba /dev/VolGroup00/LogVol00</div>
<div style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
tune2fs 1.39 (29-May-2006)</div>
<div style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
Setting reserved blocks gid to 500</div>
<div style="color: inherit; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]#</div>
</div>
</blockquote>
</div>
<div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; font-style: inherit; line-height: 1.625; text-align: justify;">
<br /></div>
<div style="text-align: justify;">
To check which user/group is allowed to access reserved blocks, execute the following command<span style="color: rgba(0, 0, 0, 0); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="font-size: 15px; font-style: inherit; line-height: 1.625;">.</span></span></div>
<div style="text-align: justify;">
<span style="color: rgba(0, 0, 0, 0); font-family: Helvetica Neue, Helvetica, Arial, sans-serif;"><span style="font-size: 15px; font-style: inherit; line-height: 1.625;"><br /></span></span></div>
<div>
<blockquote data-mce-style="background: #F0F8FF; border: 2px solid;" style="background-color: aliceblue; border: 2px solid; color: inherit; font-family: Georgia, 'Bitstream Charter', serif !important; font-size: 15px; font-style: italic !important; line-height: 1.625; margin: 0px 3em;">
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]# dumpe2fs -h /dev/VolGroup00/LogVol00 | grep -i reserved</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
dumpe2fs 1.39 (29-May-2006)</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
Reserved block count: 109117</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
Reserved GDT blocks: 887</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
Reserved blocks uid: 500 (user oracle) // oracle user is allowed to access reserved blocks</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
Reserved blocks gid: 500 (group dba) // dba group is allowed to access reserved blocks</div>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-style: inherit; line-height: 1.625; text-align: justify;">
[root@VCSNode2 ~]#</div>
</blockquote>
<div style="color: inherit; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; font-style: inherit; line-height: 1.625; text-align: justify;">
<br /></div>
<div style="text-align: justify;">
If the available storage is limited, it is always a good idea to set this option specifically for Oracle/Mysql Database Servers where there is a risk of operating system/database being crashed due to file system full. This option give some extra time to system administrator/database administrator to fix space issues and prevents Operating System/Database from crash.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Note : It is never recommended to reduce reserved block percentage or changes in reserved block uid/gid on root file system.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Cheers !!</div>
</div>
</div>
<div style="text-align: justify;">
Vaibhav</div>
</div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com1tag:blogger.com,1999:blog-3499903416133170368.post-76947001716326599312012-10-25T02:05:00.000+05:302012-10-27T12:23:19.402+05:30Scanning SCSI Bus and HBA Devices in Linux<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<b><u>How to scan HBA’s to acquire newly added storage:</u></b></div>
<div style="text-align: justify;">
<b><u><br /></u></b></div>
<div style="text-align: justify;">
<b><u>Loop Initialization Protocol (issue_lip):</u></b> Loop Initialization Protocol is a method to perform bus reset which scan the scsi bus and updates the scsi layer to reflect all the scsi devices. This is a asynchronous operation and may take longer time to complete. Usually after executing the command to trigger issue_lip, you would get a command prompt immediately, but in actual it might take up longer time to complete the bus scan.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Loop Initialization Protocol method to scan the HBA’s can cause delay and I/O timeouts if the HBA/Device is in use and can also remove devices unexpectedly. Hence performing the scan using this method is not recommended on any production server where the SAN Devices are already configured in use. This type of scan is recommended on a newly built server to scan all the LUNS/Devices.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
To perform the bus scan using this method, execute the following command as root.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
echo “1″ > /sys/class/fc_host/host*/issue_lip // this command will scan all the HBA’s</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
If you want to scan any specific HBA, then execute the command as below</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
echo “1″ > /sys/class/fc_host/hostN/issue_lip //replace N with the number of HBA to scan</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b><u>Scanning specific device/path :</u></b></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
If you have a running server where you need to scan specific device or a path to the device, it is not recommended to use issue_lip method and you should use the below method to scan for the updated device information.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
To scan a specific device/lun, you need the following information at minimum.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
1. WWNN Number of the HBA to scan</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
2. Lun number (which is assigned from SAN)</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Once you have the above mentioned information, you can identify the HBA number, HBA Channel and SCSI Target ID information by executing the following command.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
grep 1111111111111111 /sys/class/fc_transport/*/node_name //replace ’1111111111111111′ with actual WWNN Number.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
This command would display output as below</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
/sys/class/fc_transport/target4:0:1/node_name:0×5006016090203181</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
In this case, the HBA number (Host) is 4, HBA Channel is 0 and SCSI Target id is 1. If the Lun Number is 11, execute the following command to scan this device.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
echo “0 1 11″ >/sys/class/scsi_host/host4/scan //here 4 is the HBA Number.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
If you do not have the HBA Number, HBA Channel, SCSI Target ID or Lun ID Information, and wanted to scan all devices on specific HBA, execute the following command.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
echo “- – -” > /sys/class/scsi_host/hostN/scan //replace N with the HBA Number.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Cheers !!</div>
<div style="text-align: justify;">
Vaibhav</div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com1tag:blogger.com,1999:blog-3499903416133170368.post-32186871888335757362012-10-24T00:35:00.001+05:302012-10-25T02:16:03.217+05:30Killing Multiple Processes<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
I was working on one of the issue today, where in the passwordless ssh was not working for one user. When I checked, I found more than 3000 defunct processes running on the server owned by a specific user and the system was not allowing to start a new process due to the user's nproc limit. The same user was also running 100's of other processes which were not defunct. The server was running multiple applications so I didn't had the liberty to reboot the server. Hence, the only option I had was to kill all the processes which were running under the ownership of that specific user. </div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
In this scenario, killing all the processes one by one is a very tedious task. Also, since there were many defunct processes running on the server, it was very difficult to identify the parent process and kill the parent process of the defunct process. I decided to write a long command using awk and grep.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Below is the command I used to kill all the processes owned by that user (xyz) in a single command which saved my lot of time.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
linux-ydn1:~ # ps -ef | grep -i xyz| awk '{print "kill -9 ", $2}' | sh</div>
<div>
<div style="text-align: justify;">
<br /></div>
</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<b><u>Command explanation : </u></b></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
1. The first part of command (ps -ef) is providing the list of all the processes running on the server.</div>
<div style="text-align: justify;">
2. The 2nd part, (grep -i xyz) is searching for processes where word xyz exist. This can be customized based upon the specific requirement.</div>
<div style="text-align: justify;">
3. The 3rd part is searching for the pid of the running process and prefixing the kill command before the pid.</div>
<div style="text-align: justify;">
4. The fourth and the last command is executing each line printed by the 1st 3 parts of the long command using sh command.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Cheers !!</div>
<div style="text-align: justify;">
Vaibhav</div>
<div style="text-align: justify;">
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com1tag:blogger.com,1999:blog-3499903416133170368.post-64631621330560847082012-10-23T03:07:00.001+05:302012-10-23T03:07:54.036+05:30sort: open failed: +1: No such file or directory<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
Newer versions of POSIX are not fully compatible with older version
of POSIX as a result, there are some changes in the parameters/switches
for some commands like sort.<br />
For Example, if the POSIX Version is 200112 or above, “sort +2″
command would through an error message “sort: open failed: +1: No such
file or directory” as the newer version 200112 (1003.1-2001) is not
fully compatible with POSIX older versions like 199209 (1003.2-1992).<br />
<blockquote style="background: #F0F8FF; border: 2px solid;">
[root@vcsnode1 ~]# ps -ef | sort +2<br />
sort: open failed: +2: No such file or directory<br />
[root@vcsnode1 ~]#</blockquote>
As a result, the sort command needs to be executed as below to sort
the output based on column three which is equivalent to sort +2<br />
<blockquote style="background: #F0F8FF; border: 2px solid;">
[root@vcsnode1 ~]# ps -ef | sort -k 3 | head<br />
root 1 0 0 May18 ? 00:00:00 init [5]<br />
root 2670 1 0 May18 ? 00:00:00 auditd<br />
root 2929 1 0 May18 ? 00:00:00 automount<br />
avahi 3400 1 0 May18 ? 00:00:00 avahi-daemon: running [vcsnode1.local]<br />
root 3835 1 0 May18 ? 00:00:00 /bin/dbus-daemon –fork –print-pid 4 –print-address 6 –session<br />
root 1990 1 0 May18 ? 00:00:00 /bin/sh – /usr/lib/vxvm/bin/vxconfigbackupd<br />
root 1988 1 0 May18 ? 00:00:00 /bin/sh – /usr/lib/vxvm/bin/vxrelocd root<br />
root 3281 1 0 May18 ? 00:00:00 crond<br />
root 3034 1 0 May18 ? 00:00:00 cupsd<br />
dbus 2812 1 0 May18 ? 00:00:00 dbus-daemon –system<br />
[root@vcsnode1 ~]#</blockquote>
The current version of POSIX can be checked by executing the following command<br />
<blockquote style="background: #F0F8FF; border: 2px solid;">
[root@vcsnode1 ~]# getconf -a | grep ^POSIX2_VERSION<br />
POSIX2_VERSION 200112<br />
[root@vcsnode1 ~]#</blockquote>
For any reason, if you still want to use the old syntax of sort command, there is a work around available.<br />
If you set the “_POSIX2_VERSION:” environment variable to older POSIX
Version value, you can still execute the sort command by providing
switch as +2.<br />
<blockquote style="background: #F0F8FF; border: 2px solid;">
[root@vcsnode1 ~]# ps -ef | sort +2<br />
sort: open failed: +2: No such file or directory<br />
[root@vcsnode1 ~]# export _POSIX2_VERSION=199209<br />
[root@vcsnode1 ~]# ps -ef | sort +2 | head<br />
root 1 0 0 May18 ? 00:00:00 init [5]<br />
root 2670 1 0 May18 ? 00:00:00 auditd<br />
root 2929 1 0 May18 ? 00:00:00 automount<br />
avahi 3400 1 0 May18 ? 00:00:00 avahi-daemon: running [vcsnode1.local]<br />
root 3835 1 0 May18 ? 00:00:00 /bin/dbus-daemon –fork –print-pid 4 –print-address 6 –session<br />
root 1990 1 0 May18 ? 00:00:00 /bin/sh – /usr/lib/vxvm/bin/vxconfigbackupd<br />
root 1988 1 0 May18 ? 00:00:00 /bin/sh – /usr/lib/vxvm/bin/vxrelocd root<br />
root 3281 1 0 May18 ? 00:00:00 crond<br />
root 3034 1 0 May18 ? 00:00:00 cupsd<br />
dbus 2812 1 0 May18 ? 00:00:00 dbus-daemon –system<br />
[root@vcsnode1 ~]#</blockquote>
</div>
Anonymoushttp://www.blogger.com/profile/08970083028586150069noreply@blogger.com0