Posts

Showing posts from September, 2011

Recovery Mysql root password.

You can recover MySQL database server password with following five easy steps. Step # 1: Stop the MySQL server process. Step # 2: Start the MySQL (mysqld) server/daemon process with the --skip-grant-tables option so that it will not prompt for password Step # 3: Connect to mysql server as the root user Step # 4: Setup new root password Step # 5: Exit and restart MySQL server Here are commands you need to type for each step (login as the root user): Step # 1 : Stop mysql service # /etc/init.d/mysql stop Output: Stopping MySQL database server: mysqld. Step # 2: Start to MySQL server w/o password: # mysqld_safe --skip-grant-tables & Output: [1] 5988 Starting mysqld daemon with databases from /var/lib/mysql mysqld_safe[6025]: started Step # 3: Connect to mysql server using mysql client: # mysql -u root Output: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 1 to server version: 4.1.15-Debian_1-log Type 'help;' or '\h' for help. Ty...

hOW tO eNCRYPT aND dECRYPT fILES wITH a pASSWORD

To encrypt and decrypt files with a password, use gpg command. It is an encryption and signing tool for Linux/UNIX like operating system such as FreeBSD/Solaris. GnuPG stands for GNU Privacy Guard and is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility. Encrypting a file in linux To encrypt single file, use command gpg as follows: $ gpg -c filename To encrypt myfinancial.info file, type the command: $ gpg -c myfinancial.info Output: Enter passphrase: Repeat passphrase: This will create a myfinancial.info.gpg file. Option: * -c : Encrypt with symmetric cipher. Caution if you ever forgot your password aka passphrase, you cannot recover the data as it use very strong encryption. Task: decrypt file To decrypt file use gpg command: $ gpg myfinancial.info.gpg Output: gpg myfinancial.info.gpg gpg: CAST5 encrypted data Enter passphrase: Decrypt file and write output...

LINUX or UNIX PASSWORD PROTECT FILES

Linux and other Unixish oses offers strong file permissions and ACL (access control list) concept in Linux/UNIX computer security used to enforce privilege separation. However, none of them offers a password to protect files. You can use GNU gpg (GNU Privacy Guard) encryption and signing tool. It is a suite of cryptographic software. Many new UNIX/Linux users get confused with this fact. Solution is to use following commands to encrypt or decrypt files with a password. * Use GNU gpg command * Use mcrypt command * Use openssl command mcrypt command Mcrypt is a simple crypting program, a replacement for the old unix crypt. When encrypting or decrypting a file, a new file is created with the extension .nc and mode 0600. The new file keeps the modification date of the original. The original file may be deleted by specifying the -u parameter. Examples Encrypt data.txt file: $ mcrypt data.txt Output: Enter the passphrase (maximum of 512 characters) Please use a combination...

uNIX sEMAPHORES aND sHARED mEMORY eXPLAINED

Unix Semaphores and Shared Memory Explained =========================================== General ======= Shared memory is exactly that - a memory region that can shared between different processes. Oracle uses shared memory for implementing the SGA, which needs to be visible to all database sessions. Shared memory is also used in the implementation of the SQL*Net V1 Fast driver as a means of communicating between the application and shadow process. On the RS/6000, each shadow process stores its PGA in a shared memory segment (however, only the shadow attaches this segment). In the latter two cases, Oracle allocates the shared memory dynamically as opposed to the allocation of the SGA, which occurs at instance startup. This allocation will not be discussed in this paper. Semaphores can be thought of as flags (hence their name, semaphores). They are either on or off. A process can turn on the flag or ...

OpenSource backup Solution: Amanda Netbackup

Amanda is the Advanced Maryland Automatic Network Disk Archiver, developed at the University of Maryland in the 1990s. While it is now maintained at SourceForge and support is provided only through mailing lists and a FAQ-O-MATIC, it is still a highly useful, stable network backup utility with a wide range of features. Amanda is tailored for networks that have a central server with a high-capacity tape drive and multiple backup clients. Although Amanda was built for UNIX systems, it has been extended to provide backup services to Windows clients (via Samba, although a separate project is underway to develop a native Windows client) to allow deployment in heterogeneous environments. Architecture Amanda is a client-server application where the server pulls backups from individual clients according to specifications defined in a named configuration. Amanda can pull multiple streams from different clients at the same time, writing each stream to a file on a designated “holding...

SOLARIES: SOME OF THE USE FULL UTILITIES

Solaris Command Reference HD info(vendor, RPM, capacity) oasis:/home/tse/dxy[9:18pm] iostat -E sd0 Soft Errors: 0 Hard Errors: 3 Transport Errors: 0 Vendor: SEAGATE Product: ST34371W SUN4.2G Revision: 7462 Serial No: 9742K71685 RPM: 7200 Heads: 16 Size: 4.29GB <4292075520 bytes> Media Error: 0 Device Not Ready: 0 No Device: 3 Recoverable: 0 Illegal Request: 0 Predictive Failure Analysis: 0 sd1 Soft Errors: 0 Hard Errors: 3 Transport Errors: 0 Vendor: SEAGATE Product: ST32171W SUN2.1G Revision: 7462 Serial No: 9736T74649 RPM: 5400 Heads: 19 Size: 2.13GB <2127708160 bytes> Media Error: 0 Device Not Ready: 0 No Device: 3 Recoverable: 0 Illegal Request: 0 Predictive Failure Analysis: 0 sd6 Soft Errors: 0 Hard Errors: 3 Transport Errors: 0 Vendor: TOSHIBA Product: XM5701TASUN12XCD Revision: 0997 Serial No: 04/09/97 RPM: 0 Heads: 0 Size: 18446744073.71GB <-8589934591 bytes> Media Error: 0 Device Not Ready: 3 No Device: 0 Recoverable: 0 Illegal Request: 0 Pred...

LPR Issue after installing Dell Driver for Printer

The following Example has been given on the installation of the Dell Driver for the Printer Type DELL LASER MFP 1815DN. Follow the following steps to install the Dell Driver for Printer. 1.Download the Driver from the following URL:- http://support.dell.com/support/downloa ... tid=&impid 2. Untar with the following command:- #tar xvzf Dell1815dn_Linux_DriverA02.tar.gz 3. Enter to the extracted Directory. #cd cdroot 4. Run the following binary file. (it should be run in GUI Env) #./autorun 5. The above run will install the Dell driver.. 6. You will find the newly installed drivers and binaries in the following location. /opt/DELL/mfp 7. The most important configuration changed from the above installation from the default one is as follow:- The Default lpr binary location and link #which lpr /usr/bin/lpr #ls -d /usr/bin/lpr lrwxrwxrwx 1 root root 23 Dec 23 21:38 lpr -> /etc/alternatives/print #ls -ld /etc/alternatives/print lrwxrwxrwx 1 root root 17 May 20 2007 /etc/alternat...

How to pass password as text to the 'passwd' command?

'passwd' command is used to change the user password on Linux. As a SysAdmin you may need to change/reset the user password on multiple servers in a network. As a root user you could use the 'passwd' command over ssh to do so. Generally the passwd command need new password to be supplied twice, but using --stdin option you can change the password providing new password on command line. This will also help to reduce the typo errors during changing the password. The example command: #echo 'newpass' | passwd --stdin user1 where : newpass is new password to be set for user user1. Note: --stdin option can be used only by ROOT user

Find a string in all files of the system

find / -type f -print0 | xargs -0 grep -i "string"

How to Bounce Emails in Qmail for Non Existing Accounts.

Type the following in the /home/vpopmail/domian/.qmail-default | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox

Growing the devices in a Software RAID array

Growing the devices in a Software RAID array As hard disk space is ever increasing, you may get replacement drives that are significantly larger than the original devices that they replace, so this tip will show how to increase the size of a RAID array using larger partitions to replace smaller partitions in the original RAID array. We will assume that you have a RAID 5 array using three partitions (/dev/sdb1, /dev/sdc1, and /dev/sdd1) on /dev/md0. These partitions are 1 GiB each, giving you about 2 GiB of usable space. You add new disks and create three partitions (/dev/sde1, /dev/sdf1, and /dev/sdg1) of 5 GiB in size. By the end, you should have about 10 GiB of usable space. After you have created the partitions and set the partitions type to 0xfd, you can add these devices to the array. They will become hot spares: mdadm /dev/md0 -a /dev/sde1 /dev/sdf1 /dev/sdg1 Fail the original devices one at a time, ensuring that the array rebuilds after each failed device. DO NOT f...

How to configure Netdump on Linux?

What is Netdump? Unlike traditional crash dump facilities, this facility dumps memory images to a centralized server via the network. The goal of a crash dump facility is to provide fault analysis, particularly exhaustive first fault analysis (first fault analysis is when a bug can be corrected without requiring reproducing the bug), in the case of software or hardware bugs that manifest as system crashes (in Linux parlance, Oops, BUG(), or panic). Linux has traditionally provided an abbreviated signature of a crash which includes the processor state (on the processor that registered the crash), a stack trace, and a limited instruction trace. The utility of these signatures has been proved over the years; they nearly always provide all the information that is required to debug a fault, even at first fault. The network console functionality provides the ability to log all kernel messages, including Linux crash signature messages, to a network syslog server. This has very lo...

Unload qlogic modules

The qlogic modules are not able to unload "rmmod", says bussy. Below are the dependencies that need to be cleared before attampt to unload qlaxxx modules. 1. Stop SAN-Surfer GUI/CLI if running. 2. Stop qlogic SAN-Serfer agent service if running. # service iqlremote stop >>>>>> for iSCSI # service qlremote stop >>>>>> for FC 3. Check whether qlogic IOCTL module is loaded rmmod qisioctl 4. Check and kill if any process running for qlogic. #ps -ef | grep qla Before killing the process be 100% confirm that the process belongs to qlogic. i.e. qla4xxx_3_dpc qla4xxx_2_dpc.

Creating RAW devices on RHEL5.

The rawdevices service and /etc/sysconfig/rawdevices file no longer exist in RHEL5 and raw devices are now configured via udev rules. Creating the raw devices: Nevertheless, to create raw devices, add entries to /etc/udev/rules.d/60-raw.rules in the following formats: Quote: ACTION=="add", KERNEL==" ", RUN+="raw /dev/raw/rawX %N" If using unpartitioned LUNs: Quote: ACTION=="add", KERNEL=="sd*[!0-9]", PROGRAM=="/sbin/scsi_id -g -u -s %p", RESULT=="3600601601bd2180072193a9242c3dc11", RUN+="/bin/raw /dev/raw/raw1 %N" If using partitioned LUNs: Quote: ACTION=="add", KERNEL=="sd*[0-9]", PROGRAM=="/sbin/scsi_id -g -u -s %p", RESULT=="3600601601bd2180072193a9242c3dc11", RUN+="/bin/raw /dev/raw/raw%n %N" Setting ownership and permissions on the raw devices: Quote: ACTION=="add", KERNEL=="raw*", OWNER=="root", GROUP=="disk...

Verify RPM and its Attributes

When verifying a package, RPM produces output only if there is a verification failure. When a file fails verification, the format of the output is a bit cryptic, but it packs all the information you need into one line per file. Here is the format: SM5DLUGT c Where: S is the file size. M is the file's mode. 5 is the MD5 checksum of the file. D is the file's major and minor numbers. L is the file's symbolic link contents. U is owner of the file. G is the file's group. T is the modification time of the file. c appears only if the file is a configuration file. This is handy for quickly identifying config files, as they are very likely to change, and therefore, very unlikely to verify successfully. is the file that failed verification. The complete path is listed to make it easy to find. It's unlikely that every file attribute will fail to verify, so each of the eight attribute flags will only appear if there is a problem...

Stop SNMP Connection and Transport Socket Log

Stop SNMP Connection and Transport Socket Log in /var/log/messages. The following logs always fills the /var/log/messages and makes difficult to identify the other System and OS related logs. And it always logs in two places in /var/log/messages and /var/log/snmpd.log respectively. Connection from - 192.168.177.35 transport socket = 14 With two ways we can stop the log to go to /var/log/messages and loging in only to one place /var/log/snmpd.log. Procedure 1 Step1. view the service script /etc/init.d/snmpd if you find the following lines if [ -e /etc/sysconfig/snmpd.options ]; then . /etc/sysconfig/snmpd.options else OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid -a" fi Step 2. Create a file /etc/sysconfig/snmpd.options #touch /etc/sysconfig/snmpd.options Step 3. Insert the following in the above created file. OPTIONS="-LS e d -Lf /dev/null -p /var/run/snmpd.pid -a" Step 4. Restart t...

Making the cpan shell to use http mirrors instead of ftp

Image
In some network ftp port is blocked.This prevents the installation on cpan modules as cpan uses ftp mirrors by default. This Procedure makes the perl shell to use http mirrors for installation of perl modules. *************************************************************************************************************************************************** Go to perl cpamn shell: #perl -MCPAN -e shell Get the list of the current urls that cpan shell uses to get modules. cpan> o conf urllist urllist 0 [ftp://cpan.modperl.cn/] Type 'o conf' to view all configuration items Add http url, url list is available @http://www.cpan.org/SITES.html. cpan> o conf urllist push http://cpan.modperl.cn Check if the new URL is added: cpan> o conf urllist Save the changes: cpan> o conf commit cpan> exit ***********************************************************************************************************************************************...

Multiple bond devices on single server..

Problem You want to set up more than one bonded interface on your Red Hat Enterprise Linux 4 or 5 system. Solution Multiple bonding setup is different for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. For Red Hat Enterprise Linux 5: Because initscripts package is updated to fix several problem about bonding, if you are using Red Hat Enterprise Linux 5.3 (or update to initscripts-8.45.25-1.el5), configure multiple bonding channels is very similar to configure single bonding channel. You can setup the ifcfg-bondN and ifcfg-ethX files as if there were only one bonding channel. You can specify different BONDING_OPTS for different bonding channels so that they can have different mode and other settings. Refer to the Red Hat Enterprise Linux 5 Deployment Guide "14.2.3. Channel Bonding Interfaces" for more information. For example, you can add the following line to /etc/modprobe.conf: alias bond0 bonding alias bond1 bonding And here is an example for ifcfg-bond...

How to Filter a Subversion repository.

Note: The below command can be utilized where the SVN repository size is grown up with unwanted large files i.e. audio and video. Quote: svnadmin dump /d03/repos/svn/marketing | svndumpfilter --preserve-revprops exclude `cat list` | svnadmin load /d03/repos/svn/marketing_new Note: Above command will dump the existing repository with all history and logs of the repository and after filter the excluded directory it loads the same in new repository. cat list = list of directories to be excluded.

CLAMAV upgrade in Qmail

upgraded the CLAMAV on Qmail server from version 0.87-1 to 0.95.3-1. Previously there are following two packages were installed. clamav-0.87-1.i386.rpm clamav-devel-0.87-1.i386.rpm Before upgrade the permission of the related files. [root@webmail bin]# ll /var/lib/clamav -rw-r--r-- 1 clamav clamav 4105118 Jan 25 07:42 daily.cvd -rw-r--r-- 1 qscand qscand 21253696 May 15 2009 main.cvd [root@webmail bin]# ls -ld /var/lib/clamav drwxrwxr-x 2 qscand clamav 4096 Jan 25 07:42 /var/lib/clamav -rw-r--r-- 1 root qscand 8156 Nov 6 2008 /etc/clamd.conf [root@webmail bin]# ll /var/run/clamav -rw-rw-r-- 1 clamav clamav 5 Jan 25 08:58 clamd.pid srwxrwxrwx 1 clamav clamav 0 Jan 25 08:58 clamd.sock [root@webmail bin]# ls -ld /var/run/clamav drwxr-xr-x 2 clamav clamav 4096 Jan 25 08:58 /var/run/clamav But in the upgraded one we installed the following four packages. clamav-0.95.3-1.el4.rf clamd-0.95.3-1.el4.rf clamav-db-0.95.3-1.el4.rf clamav-devel-0.95.3-1.el4.rf Step 1 Download the package...

OPEN MANAGE Installation with ESX 4

Dell OpenManage 6.1 installation on New ESX4 server. Reading from the documents there was a prerequisites patch (patch01) for installing OpenManage on ESX4. One copy of the patch file exists at below location. /d01/admin/dell_OM/ESX4-OM-Patch/ESX400-200906001.zip To install the patch unzip the file and run the following command. # esxupdate -m metadata.zip update [root@ESX-host1 OM_6.1.0]# omreport chassis remoteaccess | grep -A15 MAC Attribute : MAC Address Value : 00-1C-23-C7-B1-DD IPv4 Address Attribute : IP Address Source Value : Static Attribute : IP Address Value : 192.168.21.120 Attribute : IP Subnet Value : 255.255.255.0 Attribute : IP Gateway Value : 192.168.21.1 [root@ESX-host1 OM_6.1.0]# omreport system version Version Report --------------------- Main System Chassis --------------------- Name : BIOS Version : 1.4.6 Name : BMC Version : 2.36 Name : DRAC 5 Version : 1.45 ---------- Software ---------- Name : VMware ESX Version : 4.0.0 build-164009 Kernel 2.6.18-128.ESX (x8...

How to make a bootable iso in Redhat

Sometimes we want to create a bootable CD for installation. For this reason follow the following steps, Create a folder/directory named isolinux. The folder should contain following things taken from OS dump directory. i)initrd.img ii)isolinux.bin iii)isolinux.cfg iv)linux (Kernel) v)boot.cat The above things can be found in isolinux directory of OS dump. To create a iso file run the following command mkisofs -o /tmp/DDLJ.iso -b isolinux.bin -c boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table /root/isolinux Where DDLJ.iso = name of the iso /root/isolinux = Path of the isolinux directory which we created for the iso image. Now burn the DDLJ.iso to cd. And boot the machine with this bootable disk.

Clearing Sendmail queue

This one is quite old but still handy. For those of still using sendmail that ever felt the need of flushing the sendmail queue then this post is for you. If you're worried about sendmail pending mail flush do the following two things: 1) manually method –> delete /var/spool/mail/*.* files in this dir –> delete /var/mqueue/*.* files then check if all mail gone using mailq command. all mail will be deleted. 2) using command: use simple command sendmail -v -q in root prompt. it will flush all pending mails. 3) if you want to delete a certain domain or user or recipient mail use this command sendmail -qS -v test.com it will delete all mail from *@test.com sendmail -qR -v hotmail.com it will delete all mail from recepient of hotmail….

Online Resizing of the Lun

When we do online resizing of the lun. We have to resize the volume at the SAN side then have to refresh the multipath at the server side to get the size of the volume detected. Resizing of the LUN at SAN side : 1. Open the SAN cosole -> Click on the SAN volume that you want to resize. 2. On the left hand side of the console -> Click on the Modify volume settings -> Select the Tab Space -> Enter the size and click on apply. Server Side : 1.Use the following command to find the paths to the LUN: #multipath -ll 2.Resize your paths. For SCSI devices, writing a 1 to the rescan file for the device causes the SCSI driver to rescan, as in the following command: #echo 1 > /sys/block/device_name/device/rescan 3.Resize your multipath device by running the multipathd resize command: # multipathd -k'resize map mpath0' 4. If it is in lvm, a)Do the pvresize, pvscan, vgresize, vgscan, lvresize. b)Run resize2fs command to effect the changes on the filesystem online. Other...

customizing process monitoring of Oracle under ServiceGuard

You can add /remove the oracle processes being monitored by Service Guard cluster by modifying the ' haoracle.conf ' file in the package directory. There will be separate file for each of the package you configure under SG. ==> snip from haoracle.conf ############################################################################### # MONITOR_PROCESSES: # This is the list of all the critical oracle processes for an # instance that must be executing to assume that the instance is up # and running. User can add more oracle instance processes. Suppose # if this particular oracle instance needs to be run with archiving # enabled then this toolkit needs to mointor oracle archiver process # ora_arch_${SID_NAME} process too. This can be done by adding this # to the array variable MONITOR_PROCESSES. MONITOR_PROCESSES array # is indexed from 0 and the next index is obtained by incrementing # current by 1. By default the follwi...

Using DRAC as fence device for RedHat cluster

fence_drac is an I/O Fencing agent which can be used with the Dell Remote Access Card (DRAC). This card provides remote access to controling power to a server. It logs into the DRAC through the telnet interface of the card. By default, the telnet interface is not enabled. To enable the interface, you will need to use the racadm command in the racser-devel rpm available from Dell. To enable telnet on the DRAC: [root]# racadm config -g cfgSerial -o cfgSerialTelnetEnable 1 [root]# racadm racreset fence_drac accepts options on the command line as well as from stdin. Fenced sends parameters through stdin when it execs the agent. fence_drac can be run by itself with command line options. This is useful for testing and for turning outlets on or off from scripts.

Add a Persistent Static Route in Redhat Enterprise Linux

If you know there is always going to be a permanent route for a destination then a static route can be a viable option.To add a persistent static route in Redhat Enterprise Linux create a file called route- X in the /etc/sysconfig/network-scripts/ directory where is the interface number and X is the interface number. As you would expect, these are specified in seperate file for each of the available interface. Example: /etc/sysconfig/network-scripts/route-eth0 /etc/sysconfig/network-scripts/route-eth1 Every entry or a route has three entities as follows: GATEWAY =xxx.xxx.xxx.xxx NETMASK =yyy.yyy.yyy.yyy ADDRESS =zzz.zzz.zzz.zzz As the names implies, they are the gateway IP, Netmask and the IP/Network Address Note the next to each of the three entities. This number defines the route entry number and should be the same on all the entities. Example: GATEWAY0=192.168.1.1 NETMASK0=255.255.255.0 ADDRESS0=10.10.10.0 GATEWAY1=192.168.1.1 NETMASK1...

ESX Firewall for Web Interface Open Manage port 1311

Run the following command to access the Web Interface of Open Manage port 1311 esxcfg-firewall -o 1311,tcp,in,OpenManage Same thing to open a custom port like 5666 which is used by NRPE can be done as follows.. esxcfg-firewall -o 5666,tcp,in,nrpe Verify the this with exit code echo $?

Automate fdisk

[root@RHEL5-VM ~]echo "n p 1 w "|fdisk /dev/hdb [root@RHEL5-VM ~]# fdisk -l "See the magic......" With a for loop in place we can partiton and format any number of disks with in few minutes for i in /dev/sda /dev/sdb /dev/sdc;do echo "n p 1 w "|fdisk $i;mkfs.ext3 $i\1;done PS:This particular sequence will create a single slice of the disk with maximum space.Try this only in test environments You can make it more simple.... Add all the fdisk commands in one file... e.g create a partition.txt with following contents: Quote: n p 1 w and then run it as follows: Quote: # for i in sda sdb sdc sdd ;do echo " *** partitioning disk /dev/$i ****";fdisk /dev/$i < partition.txt;done This is useful in case of creating the same partitions on many disks, say you need to create single partition on all disks with available space..

The terminal server has exceeded the maximum number of allow

Image
Some time the RDP may give you the following error. "The terminal server has exceeded the maximum number of allow" For that you can run the following in the command prompt:- mstsc /v:xx.xx.xx.xx /admin /f -console replace the xx.xx.xx.xx with the real IP of the RDP Server.

Import foreign configuration in Dell Open Manage.

A foreign configuration is data residing on physical disks that have been moved from one enclosure to another or to a different controller. Virtual disks residing on physical disks that have been moved are considered to be a foreign configuration. Some controllers enable you to import a foreign configuration so that virtual disks are not lost after moving the physical disks. To be imported, the foreign configuration must contain a virtual disk that is in either Ready or Degraded state. In other words, all of the virtual disk data must be present, but if the virtual disk is using a redundant RAID level, the additional redundant data does not need to be present. For example, if the foreign configuration contains only one side of a mirror in a RAID 1 virtual disk, then the virtual disk is in Degraded state and can be imported. On the other hand, if the foreign configuration contains only one physical disk that was originally configured as a RAID 5 using three physical disks,...