Disk encryption in Fedora: Past, present and future

""The data on a stolen laptop may be far more valuable than the device itself""

Follow the link
http://www.redhatmagazine.com/2007/01/18/disk-encryption-in-fedora-past-present-and-future/

Auto logout in shell

Shell Bash
file .bash_profile
export TMOUT=60
TMOUT in seconds

Shell Csh
file .cshrc
set autologout = (VAL1 VAL2)
VAL1 The number of minutes of inactivity before automatic logout
VAL2 The number of minutes of inactivity before automatic locking will take place this is optional.

Script is not running as cron job

Be sure you set cron job right.
I assume your script is running manually.
You can check it has executed from cron
# tail -f /var/log/cron

Also check root mails to errors.
# less /var/mail/root

Probably you have environment variables problem.
You can check differences between you cron and command environment
# env > /tmp/envmanual
and put a cron job
* * * * * env > /tmp/envcron

Look for differences
# diff /tmp/env*
Put differences that you found in your script and export them.
e.g export TERM=linux

Solaris i386 nge e1000 network settings

Look status
# dladm show-dev
nge0 link: up speed: 1000 Mbps duplex: full

Set duplex speed,

ndd -set /dev/nge0 adv_1000fdx_cap 1
ndd -set /dev/nge0 adv_100fdx_cap 0
ndd -set /dev/nge0 adv_100hdx_cap 0
ndd -set /dev/nge0 adv_autoneg_cap 0
1 enable related settings and 0 disable. These commands enable 1000 Full duplex.

mpathadm luxadm fcinfo usage info

Solaris 10 i386
Sun Microsystems Sun Fire X4100 M2
QLE2462

Which library support mpath
# mpathadm list mpath-support
mpath-support: libmpscsi_vhci.so


mpathadm list initiator-port (also you can get these wwn via fcinfo hba-port)
Initiator Port: iqn.1986-03.com.sun:01:ba98a3efffff.47286525,4000002a00ff
Initiator Port: 2100001b32025dc6
Initiator Port: 2101001b32225dc6
Initiator Port: 2101001b32224f93
Initiator Port: 2100001b32024f93


# mpathadm list lu
/dev/rdsk/c8t60060E800429D200000029D20000003Fd0s2
Total Path Count: 2
Operational Path Count: 2
/dev/rdsk/c8t60060E800429D200000029D200000800d0s2
Total Path Count: 2
Operational Path Count: 2


Check if your SAN is supported.
# mpathadm show mpath-support libmpscsi_vhci.so
Vendor: HITACHI
Product: OPEN
Revision:
Supported Load Balance Types:
round-robin



# mpathadm show initiator-port 2101001b32224f93
Initiator Port: 2101001b32224f93
Transport Type: Fibre Channel
OS Device File: /devices/pci@0,0/pci10de,5d@d/pci1077,143@0,1/fp@0,0



Get information about disk
# mpathadm show lu /dev/rdsk/c8t60060E800429D200000029D20000003Fd0s2
Logical Unit: /dev/rdsk/c8t60060E800429D200000029D20000003Fd0s2
mpath-support: libmpscsi_vhci.so
Vendor: HITACHI
Product: OPEN-V -SUN
Revision: 5007
Name Type: unknown type
Name: 60060e800429d200000029d20000003f
Asymmetric: no
Current Load Balance: none
Logical Unit Group ID: NA
Auto Failback: off
Auto Probing: NA

Paths:
Initiator Port Name: 2101001b32224f93
Target Port Name: 50060e800429d274
Override Path: NA
Path State: OK
Disabled: no

Initiator Port Name: 2100001b32024f93
Target Port Name: 50060e800429d264
Override Path: NA
Path State: OK
Disabled: no

Target Ports:
Name: 50060e800429d274
Relative ID: 0

Name: 50060e800429d264
Relative ID: 0



# This is another way to see disk information.
luxadm disp /dev/rdsk/c8t60060E800429D200000029D20000003Fd0s2
DEVICE PROPERTIES for disk: /dev/rdsk/c8t60060E800429D200000029D20000003Fd0s2
Vendor: HITACHI
Product ID: OPEN-V -SUN
Revision: 5007
Serial Num: 50 029D2003F
Unformatted capacity: 46088.000 MBytes
Write Cache: Enabled
Read Cache: Enabled
Minimum prefetch: 0x0
Maximum prefetch: 0x0
Device Type: Disk device
Path(s):

/dev/rdsk/c8t60060E800429D200000029D20000003Fd0s2
/devices/scsi_vhci/disk@g60060e800429d200000029d20000003f:c,raw
Controller /dev/cfg/c4
Device Address 50060e800429d264,2
Host controller port WWN 2100001b32024f93
Class primary
State ONLINE
Controller /dev/cfg/c5
Device Address 50060e800429d274,2
Host controller port WWN 2101001b32224f93
Class primary
State ONLINE




# You can get hba info
fcinfo hba-port
HBA Port WWN: 2100001b32025dc6
OS Device Name: /dev/cfg/c6
Manufacturer: QLogic Corp.
Model: QLE2462
Firmware Version: 4.0.27
FCode/BIOS Version: N/A
Type: unknown
State: offline
Supported Speeds: 1Gb 2Gb 4Gb
Current Speed: not established
Node WWN: 2000001b32025dc6
HBA Port WWN: 2101001b32225dc6
OS Device Name: /dev/cfg/c7
Manufacturer: QLogic Corp.
Model: QLE2462
Firmware Version: 4.0.27
FCode/BIOS Version: N/A
Type: unknown
State: offline
Supported Speeds: 1Gb 2Gb 4Gb
Current Speed: not established
Node WWN: 2001001b32225dc6
HBA Port WWN: 2100001b32024f93
OS Device Name: /dev/cfg/c4
Manufacturer: QLogic Corp.
Model: QLE2462
Firmware Version: 4.0.27
FCode/BIOS Version: N/A
Type: N-port
State: online
Supported Speeds: 1Gb 2Gb 4Gb
Current Speed: 2Gb
Node WWN: 2000001b32024f93
HBA Port WWN: 2101001b32224f93
OS Device Name: /dev/cfg/c5
Manufacturer: QLogic Corp.
Model: QLE2462
Firmware Version: 4.0.27
FCode/BIOS Version: N/A
Type: N-port
State: online
Supported Speeds: 1Gb 2Gb 4Gb
Current Speed: 2Gb
Node WWN: 2001001b32224f93



# Get remote information over hba
fcinfo remote-port -l -s -p 2101001b32224f93
Remote Port WWN: 50060e800429d274
Active FC4 Types: SCSI
SCSI Target: yes
Node WWN: 50060e800429d274
Link Error Statistics:
Link Failure Count: 0
Loss of Sync Count: 0
Loss of Signal Count: 0
Primitive Seq Protocol Error Count: 0
Invalid Tx Word Count: 0
Invalid CRC Count: 0
LUN: 1
Vendor: HITACHI
Product: OPEN-V*5 -SUN
OS Device Name: /dev/rdsk/c8t60060E800429D200000029D200000800d0s2
LUN: 2
Vendor: HITACHI
Product: OPEN-V -SUN
OS Device Name: /dev/rdsk/c8t60060E800429D200000029D20000003Fd0s2

Rman settings

configure rman settings before starting backup
rman> connect target
rman> show all;
rman> configure retention policy to recovery window of 7 days;
RMAN> configure CONTROLFILE AUTOBACKUP on;

SQL> show parameter db_recovery_file;
look how to configure http://tlepsh.blogspot.com/2007/08/oracle-flash-recovery-area.html
move oracle archive mode http://tlepsh.blogspot.com/2007/08/moving-oracle-to-archive-mode.html


RMAN> configure default device type to disk;
RMAN> configure controlfile autobackup on;
RMAN> configure device type disk parallelism n; n=1,2,3...
RMAN> backup database plus archivelog;
RMAN> list backup summary;

Flash recovery space usage

delete backed up archivelog
rman> backup archivelog all delete all input;

reclaim archived log
delete archivelog
rman> delete archivelog until time 'sysdate-2';

delete old backup
rman> report obsolote;
http://tlepsh.blogspot.com/2007/08/oracle-deleting-old-backup-from-rman.html
rman> delete expired backup;
RMAN> report obsolete;
RMAN> delete obsolete;

Oracle point in time recovery RMAN Backup Restore

Backup database
RMAN> connect target
RMAN> backup database;
# sqlplus hr/hr
SQL> create table new as select * from employees;
SQL> insert into new select * from new;
SQL> commit;
SQL> select count(*) from new;
COUNT(*)
----------
214
SQL> alter session set nls_date_format = 'dd-mm-yyyy hh24:mi';
SQL> select sysdate from dual;

SYSDATE
----------------
24-10-2007 18:47

# sqlplus / as sysdba
SQL> select * from v$log;

get sequence number
Create new records
SQL> insert into new select * from new;
SQL> select count(*) from new;
COUNT(*)
----------
428


RMAN> shutdown immediate;

Restore to a time
RMAN> startup mount;
RMAN> run {
2> restore database until time "to_date('2007-10-24 18:48','YYYY-MM-DD HH24:MI:SS')";
3> recover database until time "to_date('2007-10-24 18:48','YYYY-MM-DD HH24:MI:SS')";}

Check that
# sqlplus / as sysdba
SQL> alter database open resetlogs;
# sqlplus hr/hr
SQL> select count(*) from new;

COUNT(*)
----------
214

Oracle RMAN backup/restore

Backup database
RMAN> connect target;
RMAN> backup database;
RMAN> shutdown immediate;

delete files
# mv *.dbf backup/

restore database
RMAN> startup;
RMAN> restore database;

Oracle tablespace Backup/Restore (OS backup)

I tested tablespace recovery.

Be sure your database in archive mode
SQL> archive log list;
SQL> select count(*) from hr.employees;

Begin backup.
SQL> alter tablespace example begin backup;
Check the tablespace in backup state
SQL> select * from v$backup;
Prepare hr account
SQL> alter user hr account unlock;
SQL> alter user hr identified by hr;
# sqlplus hr/hr
Make some changes
SQL> create table employees2 as select * from employees;

Backup your file (This means that if you put your database in backup state you can do filesystem backup for oracle)
# cp example01.dbf example01.dbf.backup
End backup mode
# sqlplus / as sysdba
SQL> alter tablespace example end backup;

Shutdown database, delete table and restore table
SQL> shutdown abort;
# rm example01.dbf
# sqlplus / as sysdba
SQL> startup
ORA-01157: cannot identify/lock data file 5 - see DBWR trace file
ORA-01110: data file 5: '/u01/app/oracle/oradata/orcl/example01.dbf'

You want database to be open while you are restoring tablespace.
SQL> alter database datafile '/path/example01.dbf' offline;
SQL> alter database open;

Restore tablespace and recover it
# mv example01.dbf.backup example01.dbf
SQL> recover tablespace example;
SQL> alter tablespace example online;

Verify recovery
# sqlplus hr/hr
SQL> select count(*) from employees2;

Oracle Offline Database Backup/Restore (OS backup)

I did some tests. Here I backed up oracle and do some changes. Later I restored with copying files. You can just copy or use any backup software.

Backup
RMAN> connect target;
RMAN> shutdown immediate;
copy oracle datafiles to backup directory
#cp -R /oracle_datafiles_dir/* /backup_dir/
remove redolog files
#rm redo*.log /backdir

Break down your database
open database and do some changes
RMAN> startup;
shutdown database and delete datafiles
RMAN> shutdown immediate;
#rm /oracle_datafiles_dir/*.dbf

Restore
Move backup files to original directory
#cp -R /backup_dir/* /oracle_datafiles_dir/
start database
RMAN> startup mount;
RMAN> recover database until cancel;
RMAN> alter database open resetlogs;

You do not have to do last two steps if you backup redo logs and restore it.

Osiris agent installation Solaris 10

I did installation for sparc and i386 platform.
I revise configure and find how to install osiris ...
osiris-4.2.3

# cd osiris-4.2.3
edit configure file and change tonew , like below.

<       for ssldir in $tryssldir "" /usr/sfw/lib /usr/sfw/bin /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do
>       for ssldir in $tryssldir "" /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/pkg /opt /opt/openssl ; do

<             LIBS="$saved_LIBS $ssldir/lib/libssl.a $ssldir/lib/libcrypto.a -lsocket -lnsl -lresolv"
>             LIBS="$saved_LIBS $ssldir/lib/libssl.so $ssldir/lib/libcrypto.so -lsocket -lnsl -lresolv"

<     LIBS="$saved_LIBS $ssldir/lib/libssl.a $ssldir/lib/libcrypto.a"
>     LIBS="$saved_LIBS $ssldir/lib/libssl.so $ssldir/lib/libcrypto.so"

# export PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin
# ./configure --with-ssl-dir=/usr/sfw
# make agent

# gunzip osiris-agent-4.2.3-release-sparc-SunOS-5.10.tar.gz
# tar xvf osiris-agent-4.2.3-release-sparc-SunOS-5.10.tar
# cd osiris-agent-4.2.3-release
# ./install.sh

RHES 2.1 "grub-install" Fails with "Does Not Have Corresponding BIOS Drive" Error Message

Red Hat Enterprise Linux v2.1 - "grub-install" Fails with "Does Not Have Corresponding BIOS Drive" Error Message

/dev/cciss/c0d0 does not have any corresponding BIOS drive.
To resolve the problem, manually run grub and use commands as in the following example

grub> device (hd0) /dev/cciss/c0d0
grub> root (hd0,0)

Filesystem type is ext2fs, partition type 0x83
grub> find /grub/stage1

(hd0,0)
grub> setup (hd0)
Checking if "/boot/grub/stage1" exists... yes
Checking if "/boot/grub/stage2" exists... yes
Checking if "/boot/grub/e2fs_stage1_5" exists... yes
Running "embed /boot/grub/e2fs_stage1_5 (hd0)"... 22 sectors are embedded. succeeded
Running "install /boot/grub/stage1 d (
hd0) (hd0)1+22 p
(hd0,0)/boot/grub/stage
2 /boot/grub/grub.conf"...
succeeded Done.
grub> quit

How to get wwn in Solaris 10

fcinfo Fibre Channel HBA Port Command Line Interface
This command gives you related output.
fcinfo hba-port

long lines in ps output

ps -ef do not give you all output including parameters and commands
So you can use this command in solaris
/usr/ucb/ps -awwwwx | grep smthing

SUN Configure the NET MGT Port

The other name is ALOM (Advanced Lights Out Manager) Ethernet) Port
Connect ALOM serial port
look current configuration
sc> showsc
sc> setsc if_network true
sc> setsc netsc_tpelinktest true
sc> setsc netsc_dhcp false
sc> setsc netsc_ipaddr 10.100.180.27
sc> setsc netsc_ipnetmask 255.255.255.0
sc> setsc netsc_ipgateway 10.100.180.1
verify
sc> shownetwork

Also you can do this configuration from Operating system
You cand find under /usr/platform/`uname -i`/sbin/scadm

#scadm set if_network true
#scadm set netsc_tpelinktest true
#scadm set netsc_dhcp false
#scadm set netsc_ipaddr 10.100.180.27
#scadm set netsc_ipnetmask 255.255.255.0
#scadm set netsc_ipgateway 10.100.180.1
verify
#scadm shownetwork

Linux/Unix Timezone

Look for your timezone
/etc/TIMEZONE

check for DST time
zdump -v EET | grep 2007

Vmware server Fedora 6 installation

I use vmware workstation on my laptop (windows xp). I installed vmware server in Fedora 6 and copy the virtual machine's image files from windows to Fedora 6 linux. This is working.

Install required packages
yum -y install kernel-devel
yum install gcc gcc-c++ xinetd

Install Vmware server
rpm -Uvh VMware-server-1.0.3-44356.i386.rpm

get patch and apply it http://knihovny.cvut.cz/ftp/pub/vmware/
tar xzvf vmware-any-any-update114.tar.gz
cd vmware-any-any-update114
./runme.pl

Answer the questions. (Vmware server does not have wireless support. You should bind to ethernet interface)

Updating /usr/bin/vmware-config.pl ... now patched
The file /usr/lib/vmware/modules/source/vmmon.tar that this script was about to
install already exists. Overwrite? [yes] yes

The file /usr/lib/vmware/modules/source/vmnet.tar that this script was about to
install already exists. Overwrite? [yes] yes

"/usr/bin/vmware-config.pl". Do you want this script to invoke the command for
you now? [yes] yes

In which directory do you want to install the mime type icons?
[/usr/share/icons]

What directory contains your desktop menu entry files? These files have a
.desktop file extension. [/usr/share/applications]

In which directory do you want to install the application's icon?
[/usr/share/pixmaps]

What is the location of the directory of C header files that match your running
kernel? [/lib/modules/2.6.22.9-61.fc6/build/include]

Extracting the sources of the vmmon module.
Do you want networking for your virtual machines? (yes/no/help) [yes]

Your computer has multiple ethernet network interfaces available: ath0, eth0,
virbr0. Which one do you want to bridge to vmnet0? [eth0] eth0

Do you wish to configure another bridged network? (yes/no) [no] no

Do you want to be able to use NAT networking in your virtual machines? (yes/no)
[yes] yes

What will be the IP address of your host on the private
network? 192.168.2.2


What will be the netmask of your private network? 255.255.255.0

Do you wish to configure another NAT network? (yes/no) [no] no

Do you want to be able to use host-only networking in your virtual machines?
[yes] yes

Do you want this program to probe for an unused private subnet? (yes/no/help)
[yes]

What will be the IP address of your host on the private
network? 192.168.68.4

What will be the netmask of your private network? 255.255.255.0

Do you wish to configure another host-only network? (yes/no) [no] no

Please specify a port for remote console connections to use [904] 909

In which directory do you want to keep your virtual machine files?
[/var/lib/vmware/Virtual Machines]

Type XXXXX-XXXXX-XXXXX-XXXXX or 'Enter' to cancel: ENTER YOUR SERIAL NUMBER (http://register.vmware.com/content/registration.html)

N73 mgmaps download map tiles to your phone

I use following procedure for offline browsing of maps in my mobile phone. So you will not pay for gprs.
http://forum.mgmaps.com/viewtopic.php?t=1116

Briefly,
Download and install Mgmaps into your mobile phone. http://www.mgmaps.com/download.php
Generate map info from this site http://map.outdated.info , you will use map file in the next step.
Download and install mapmaker for creating maps http://www.mgmaps.com/gMapMaker-setup.exe , select map file you created, use proxy option.
Copy files which created to your sd card. configure gmap settings for using offline content.

If you have gps module, GMAP supports gps.

Linux Live CD generator

Try this link to generate and download your live cd.
http://custom.nimblex.net/

Understanding Load Average

Please take a look for details:
http://www.teamquest.com/resources/gunther/display/5/index.htm


Summary

So, what have we learned? Those three innocuous looking numbers in the LA triplet have a surprising amount of depth behind them.

The triplet is intended to provide you with some kind of information about how much work has been done on the system in the recent past (1 minute), the past (5 minutes) and the distant past (15 minutes).

As you will have discovered if you tried the LA Triplets quiz, there are problems:

1. The "load" is not the utilization but the total queue length.
2. They are point samples of three different time series.
3. They are exponentially-damped moving averages.
4. They are in the wrong order to represent trend information.

Schtasks

I set scheduled tasks with schtasks command to create for all servers.
This command create task which runs every 5 minutes.


schtasks /create /s "\\server" /U domain\username /p "password" /SC MINUTE /MO 5 /tn taskname /tr "scriptpath"

ERROR: passing the user credential on local connection.
You have to give server name in this format "\\server"

Vbscript encrypt runas

I use this script to run an application with another user rights.
Do not forget to encrypt the script with screnc.exe, and move the file extension vbe

On Error Resume Next
dim WshShell,oArgs,FSO


sUser="domain\user"
sPass="password"&VBCRLF
sCmd="applicationpath"

set WshShell = CreateObject("WScript.Shell")
set WshEnv = WshShell.Environment("Process")
WinPath = WshEnv("SystemRoot")&"\System32\runas.exe"
set FSO = CreateObject("Scripting.FileSystemObject")

if FSO.FileExists(winpath) then
 'wscript.echo winpath & " " & "verified"
else
 wscript.echo "!! ERROR !!" & VBCRLF & "Can't find or verify " & winpath &"." & VBCRLF & "You must be running Windows 2000 for this script to work."
 set WshShell=Nothing
 set WshEnv=Nothing
 set oArgs=Nothing
 set FSO=Nothing
 wscript.quit
end if

rc=WshShell.Run("runas /user:" & sUser & " " & CHR(34) & sCmd & CHR(34), 2, FALSE)
wscript.echo "runas /user:" & sUser & " " & CHR(34) & sCmd & CHR(34) 
Wscript.Sleep 30 'need to give time for window to open.
WshShell.AppActivate(WinPath) 'make sure we grab the right window to send password to
WshShell.SendKeys sPass  'send the password to the waiting window.

set WshShell=Nothing
set oArgs=Nothing
set WshEnv=Nothing
set FSO=Nothing

wscript.quit

Vbscript write log file entries to event log

this script reads log files at these server and writes every line to windows event log for the related server.
you can specify search keyword via regex for lines. Please find detailed information here http://msdn2.microsoft.com/en-us/library/ms974570.aspx#scripting05_topic2
change regex details for yourself.
If there is any error when executing script, it sends you an email about the problem.

I use this script Global Array Manager (GAM) log entries for writing them to windows event log. So we can monitor these entries and raise error via MOM.

On Error Resume Next
' v0.2


'Dont forget to update number of servers.
Dim nos
nos=8

dim objFile(100)
dim objFileCopy(100)
dim patika(100)
dim strSearchString(100)
Dim server(100)
Dim xc

'Write hostnames here 
server(1)="server1"
server(2)="server2"
server(3)="server3"
server(4)="server4"
server(5)="server5"
server(6)="server6"
server(7)="server7"
server(8)="server8"


LOGSEVERITY=1
mailserver="mailserverip"
mailfrom="gamlog@domain.com"
mailto="your@mail.adress"
path="\c$\"&"Program Files\Mylex\Global Array Manager Client\gam2cl.log"

'Shell object
Set objShell = WScript.CreateObject("WScript.Shell")

'Filesystem Object
Set objFSO = CreateObject("Scripting.FileSystemObject")
Const ForReading = 1

'Regex Object
Set objRegEx = CreateObject("VBScript.RegExp")
objRegEx.Pattern = "^\s\s......[0-3]"

'Start checking
For xc= 1 to nos
 'Open file
 patika(xc)="\\" &server(xc)& path
 strFilePath=patika(xc)

 'Check if the file exist
 If objFSO.FileExists(patika(xc)) Then
  Set objFile(xc) = objFSO.OpenTextFile(patika(xc), ForReading)
 
  'Read line by line
  Do Until objFile(xc).AtEndOfStream
   strSearchString(xc) = objFile(xc).ReadLine
   Set colMatches = objRegEx.Execute(strSearchString(xc))  
   If colMatches.Count > 0 Then
           For Each strMatch in colMatches   
     'wscript.echo strSearchString(xc)
     objShell.LogEvent LOGSEVERITY, strSearchString(xc) ,server(xc)
           Next
   End If
  Loop
  objFile(xc).Close
  
  'Move file 
  strDestination=patika(xc) &"_" & Year(now())& Right("0" & Month(now()), 2) & Right("0" & Day(now()), 2) & Right("0" & Hour(now()), 2) & Right("0" & Minute(now()), 2) & Right("0" & Second(now()), 2) &".log"
  objFSO.Movefile strFilePath ,strDestination

  'If there is an error, send an email
  If Err.Number <> 0 then
   res="There is a error, check why: http://support.microsoft.com/kb/180751"
   Set objEmail = CreateObject("CDO.Message")
   objEmail.From = mailfrom
   objEmail.to = mailto
   objEmail.Subject = "SC Hardware control problem" &" Error Code:" & Err.Number&"  "&server(xc)
   bodybody= res & vbCr & " Error Code:"& Err.Number
   objEmail.Textbody = bodybody
   objEmail.Configuration.Fields.Item _
       ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
   objEmail.Configuration.Fields.Item _
       ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = _
           mailserver 
   objEmail.Configuration.Fields.Item _
       ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
   objEmail.Configuration.Fields.Update
   objEmail.Send
  End If
 end if
Next

Wu-ftp how to restrict a ftp user to home directory

You can restrict user3 to home directry
guestuser user3

Also you can restrict all users and allow some users to other directories.
guestuser *
realuser user1 user2

Python ssh paramiko run command at every server

I have more than 40 linux server and sometimes I need to check something at servers one by one. I got tired and started to use this script.
You have to install paramiko module http://www.lag.net/paramiko/ . You need to have same username for every server. This script asks you a username password and command to execute at servers.

#!/usr/bin/python
#import sys, os, base64, getpass, socket, traceback, termios, tty, select
import paramiko, getpass

serverList = ["ipadress1","ipadress2"]

command=raw_input("Command: ")
userName=raw_input("User: ")
userPass=getpass.getpass("Password: ")

for server in serverList:
        t = paramiko.Transport((server,22))
        try:
                t.connect(username=userName,password=userPass,hostkey=None)
        except:
                print server + ": Bad password or login!"
                t.close()
                break
        else:
                ch = t.open_channel(kind = "session")
                ch.exec_command(command)
                if (ch.recv_ready):
                        print server + ": " + ch.recv(1000)
                t.close()

Oscommerce insallation in Fedora 7 Linux

Install php
yum install php

Install mysql
yum install mysql

Start httpd service
service start httpd
chkconfig httpd on

Start mysql service
service start mysqld
chkconfig mysqld on

Change password of mysql
/usr/bin/mysqladmin -u root password 'new-password'

install phpMyAdmin
yum install phpMyAdmin

edit /etc/httpd/conf.d/phpMyAdmin.conf if you are not working from local.
edit /etc/phpMyAdmin/config.inc.php and change username and password for mysql

Open url from browser http://localhost/phpMyAdmin
login with mysql username and password
Create a database and user for this database give full access. You will use these information at installation of oscommerce.

Download oscommerce package and extract it under /var/www/html/
Tip: If you extract it in another folder and copy only Catalog folder you will get error:
"You don't have permission to access /catalog/install on this server."

chmod 777 /var/www/html/catalog/includes/configure.php
chmod 777 /var/www/html/catalog/admin/includes/configure.php

open http://localhost/catalog/install/install.php
Supply information and complete configuration.

You can access oscommerce http://localhost/catalog

Monitor your adsl bandwith usage

I use fedora 6, mrtg and snmp tools to monitor adsl router bandwith for all interfaces (wlan,atm,lan)

install packages:
net-snmp
net-snmp-utils
mrtg
You can install yum install packagename. Or download package and rpm -ivh package name.

configure mrtg:
for snmp v1:
cfgmaker --output=/etc/mrtg/mrtg.cfg --global \
"workdir: /var/www/mrtg" -ifref=ip \
--global 'options[_]: growright,bits' public@192.168.2.1
for snmp v2:

cfgmaker --output=/etc/mrtg/192.168.2.1.cfg \
-ifref=ip --global "workdir: /var/www/mrtg" \
--snmp-options=:::::2 public@192.168.2.1



for public@192.168.2.1 use your snmp community and your adsl router ip address.
check your /etc/mrtg/mrtg.cfg and comment out interfaces you want to monitor.

run this command three times to collect data. You will get error for the first two times.
env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg

make your html page:
indexmaker --output=/var/www/mrtg/index.html \
/etc/mrtg/mrtg.cfg

put configuration to crontab:
0-59/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg

httpd configuration:
edit configuration /etc/httpd/conf.d/mrtg.conf and comment deny restrictions if you want to access your http service remotely.
then start service
service httpd start

enable this service
chkconfig httpd on

access your mrtg page http://yourmachineipadressorhostname/mrtg/

ssh auto login

You want to auto login Host B from Host A
Host A Look in your ~/.ssh directory. There should be two files, id_rsa and id_rsa.pub. If not, create them using ssh-keygen -t rsa.
Host B Append local id_rsa.pub to the Host B ~/.ssh/authorized_keys.
The file mode of ~/.ssh/authorized_keys must be 644. You can assure this with chmod 644 ~/.ssh/authorized_keys
You might have to change your /etc/sshd_config and add the following lines:
RSAAuthentication yes
PubkeyAuthentication yes

Hp Openview active passive state

I coded this script because hp openview does not have script to track status of active and passive system together and reflect status of service(I mean two server is working for one aim) in service graph screen.
Put this script both active and passive system. It is going to help tracking status of servers and if active system goes down the script running on passive system change status to critical in service graph screen. If passive system goes down the script on the active system is going to change status to ok in service graph screen why because active system is working, so you are serving you service.
You have to create this file C:\Documents and Settings\Administrator\Desktop\ACTIVE on the active server.

Dim machine
Set fs=CreateObject("Scripting.FileSystemObject")
machine = "server1" 'write other server

'If you can ping server
If reachable(machine) Then
 'wscript.echo machine & " reachable" 
 'Check if you send alarm before, clear alarm because you can ping
 If fs.FileExists ("c:\alarm.lck")then 
  'WScript.Echo ("alarm send, clear the alarm")
  strstate= "normal"
  hpov (strstate)
  Set objFSO = CreateObject("Scripting.FileSystemObject")
  objFSO.DeleteFile("C:\alarm.lck")
 Else 
  'WScript.Echo ("Nothing to do")
 End If
Else
 'You cant ping server
 'wscript.echo machine & " not reachable"
 'Check if this server is active
 If fs.FileExists("C:\Documents and Settings\Administrator\Desktop\ACTIVE") Then 
  'WScript.Echo ("This is active system")
  If fs.FileExists ("c:\alarm.lck")then 
   'WScript.Echo ("You send alarm before, clearing the alarm,if you can reach the HP Openview") 
   strstate= "normal"
   hpov (strstate)
   Set objFSO = CreateObject("Scripting.FileSystemObject")
   objFSO.DeleteFile("C:\alarm.lck")
  End If 
 Else   
  'WScript.Echo ("This is passive system")
  'This server is passive 
  'Check if you send alarm to hpov
  If fs.FileExists ("c:\alarm.lck")then 
   'WScript.Echo ("something")
  Else 
   'You didnt send alarm Hpov before so send alarm now because you cant ping active server
   'WScript.Echo ("Send alarm")
   strstate = "critical"
   hpov (strstate)
   Set objFSO = CreateObject("Scripting.FileSystemObject")
   objFSO.CreateTextFile("C:\alarm.lck")
  End If
 End If
End If


Function hpov(state)
'WScript.Echo state  
Set objShell = CreateObject("WScript.Shell")
   strMessage="""Node down : server1"""
   'Ask you hp openview administrator about command and arguments.
   strCommand = "C:\usr\OV\bin\Opc\opcmsg severity=" & state & " a=IMA o=Node_Down msg_text=" &strMessage&  " msg_grp=TCELL node=server2 service_id=ima_server2_scr"
   'WScript.Echo strcommand
   intRC = objShell.Run (strCommand,1 ,TRUE) 
End Function


function reachable(HostName)
 dim wshShell, fso, tfolder, tname, TempFile, results, retString, ts
 Const ForReading = 1, TemporaryFolder = 2
 reachable = False
 set wshShell=wscript.createobject("wscript.shell")
 set fso = CreateObject("Scripting.FileSystemObject")
 Set tfolder = fso.GetSpecialFolder(TemporaryFolder)
 tname = fso.GetTempName
 TempFile = tfolder & tname
 '-w 100000 is 5 mins worth of timeout to cope with establishing a dialup
 wshShell.run "cmd /c ping -n 3 -w 1000 " & HostName & ">" & TempFile,0,true
 set results = fso.GetFile(TempFile)
 set ts = results.OpenAsTextStream(ForReading)
 do while ts.AtEndOfStream <> True
  retString = ts.ReadLine
  if instr(retString, "Reply")>0 then
   reachable = true
   exit do
  end If
 Loop
 ts.Close
 results.delete
end Function

Hp Openview Microsoft Windows file check template

Hp Openview does not have all the scripts for Windows, so I coded this vbscript to help us checking if the file exist and changes related monitoring status. This script has to be run from hp openview services. You have to call script with file name and monitoring name from HP Openview.

strArgument1 = Wscript.Arguments(0)        'file name
strArgument2 = Wscript.Arguments(1)        'monitor name 
Set objFs=CreateObject("Scripting.FileSystemObject")
Set objShell = CreateObject("WScript.Shell")
StrOpcmon = "c:\usr\OV\bin\OpC\opcmon" 

If objFs.FileExists (strArgument1)then 
 strCommand = StrOpcmon & " " & strArgument2 & "=1"
 intRC = objShell.Run (strCommand,1 ,TRUE)
 Else 
 strCommand = StrOpcmon & " " & strArgument2 & "=0"
 intRC = objShell.Run (strCommand,1 ,TRUE)
End If

Sync directories Fedora , Red Hat Linux encrypted

I use this script to sync my scripts to other servers. -e ssh option make communication encrypted.

rsync.conf includes folders like this source, dest directories.
/usr/local/test/;/usr/local/test/

rsynchosts.conf put hostnames (a host for every line)

REMOTEUSER=username
CONFFILE=/usr/local/etc/rsync.conf
HOSTFILE=/usr/local/etc/rsynchosts.conf


cat $HOSTFILE | grep -v "#" | while read HOSTFILE
do
        REMOTEHOST=`echo $HOSTFILE |awk -F";" '{ print $1 }'`


                cat $CONFFILE | grep -v "#" | while read CONF
                do
                LOCALDIR=`echo $CONF |awk -F";" '{ print $1 }'`
                REMOTEDIR=`echo $CONF |awk -F";" '{ print $2 }'`
                echo $REMOTEHOST
                rsync -avz -e ssh $LOCALDIR $REMOTEUSER@$REMOTEHOST:$REMOTEDIR


done
done

Forwarding root mails to your inbox

Forward all root mails to your email address

edit /etc/resolv.conf
put you dns servers which knows your email server.
domain domainname
nameserver x.x.x.x
nameserver x.x.x.x
be sure you can resolve domain.

and create .forward and add your email address into this file.
As you see you do not need to configure sendmail...
Check status from maillog tail -f /var/log/maillog

Password recovery Red Hat, Fedora Linux

Follow the procedure at "bootloader is corrupted Fedora Linux-recue it"
do not do grub-install
after chroot edit /etc/shadow
root:deleteallcharachterhere:13222:0:99999:7:::
root::13222:0:99999:7:::
You password is empty now.
Probably passwd command also will help you to change your password.

Go to a runlevel at boot time with grub

You want to go certain run level in Fedora or Red Hat Linux with GRUB.

on boot at GRUB splash screen
press any key
select boot option that you want boot from
press a to append
press space and write here which run level you want to go (1,2,3,emergency,s)
kernel /vmlinuz-2.6.9-5.ELsmp ro root=LABEL=/ hda=ide-scsi rhgb quiet 1
press enter and booting...

BTW brief information
1 : this is going to process rc.sysinit and rc1.d scripts
s, S, or single : this is going to process only rc.sysinit
emergency : this is going to run sulogin only

System crontab files in Fedora, Red Hat Linux

Fedora and Red Hat cron files somewhat different than other Unix.
If you want to look for all cron job do not forget to look

/etc/cron.hourly
/etc/cron.daily
/etc/cron.weekly
/etc/cron.monthly
/etc/crontab

And crontab -e as you know...

Most used rpm commands

Automatic installation, you are tired of installing packages one by one and finding requirements use this:
rpm –ivh --aid xsane*

Ok this is most useful (after install option :)) command that checks if package files changed
rpm -V packagename

If you want to be sure that you are installing signed packages
gpg --import gpg_key (find gpg_key from Red Hat)
rpm --import gpg_key
rpm --checksig package_file_name (This command checks signature)


rpm -qa (gives all packages installed)
rpm -q packagename -i (gives package information)
rpm -q packagename -l (list files in the package)
rpm -q packagename --requires (show which package required to install this package)
rpm -q packagename -scripts (gives you installation script)
rpm -q packagename -changelog (gives you changelog information about package)

rpm2cpio (Use this for extracting rpm packages)

Controlling services under Red Hat , Fedora Linux

Graphical tools
system-config-services (or redhat-config-services ) requires X interface
ntsysv

Command line tools
service (service smb stop)

List all services and change status
chkconfig --list (gives all services and status)
chkconfig smb off/on (stop starting services after restart)

Set ip adress in Fedora Red Hat

If you are not familiar with commands and configuration files use this command
netconfig
This tool works in terminal, telnet or ssh.

Ok you want to create virtual ip adress or virtual ethernet interface
netconfig -d eth0:0

Pretty simple

Hardware information Fedora Red Hat

use these commands to get hardware information
lspci
lspnp
For detailed information use verbose option (lspci -v )

Also you can get information from /proc
cat /proc/bus/pci/*
cat /proc/isapnp
cat /proc/scsi/*

USB and IEEE 1394 Buses
/sbin/hotplug, (/etc/hotplug)

Information in /proc/bus subdirectories
/sbin/lsusb and /sbin/usbmodules utilities

PCMCIA Bus
/sbin/cardmgr, (/etc/pcmcia/)

Information in /proc/bus/pccard
/sbin/cardctl utility

John the Ripper identify weak passwords

You can check your users if they are using weak passwords,

get you /etc/shadow file

make word list if you predict common word or find here http://www.word-list.com/

following command gives you user names and you can use this file as a dictionary(this is going to help who used username and password same).

cat /etc/passwd | awk -F : '{print $1}' > word.lst

merge dictionary files.

use John the Ripper,
john --wordlist=word.lst shadow

Script for dumping information from Mssql tables

(select from top to end of script , copy and paste to your editor)

Const adOpenStatic = 3
Const adLockOptimistic = 3

Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=SQLOLEDB;server=servername;database=msdb;uid=sa;password=password"

Set objRecordSet = CreateObject("ADODB.Recordset")
objRecordSet.Open "SELECT * FROM sysjobs", objConnection, adOpenStatic, adLockOptimistic
objRecordSet.MoveFirst

'excel output
Set objExcel = CreateObject("Excel.Application")
objExcel.Visible = True
objExcel.Workbooks.Add

'chane field name for which column you dump
X=1
Do Until objRecordSet.EOF

 objExcel.Cells(x, 1).Value = objRecordSet.Fields("name").Value
 objRecordSet.MoveNext
 x=x+1
Loop


'XML output
'objRecordSet.Save "output.xml" , adPersistXML
'Number of record
'Wscript.Echo objRecordSet.RecordCount
'Wscript.Echo objRecordSet.Fields("name").Value


'Close connection
objRecordSet.Close
objConnection.Close

Script to get board information of your computer

On Error Resume Next

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colItems = objWMIService.ExecQuery("Select * from Win32_BaseBoard")

For Each objItem in colItems
    For Each strOption in objItem.ConfigOptions
        Wscript.Echo "Configuration Option: " & strOption
    Next
    Wscript.Echo "Depth: " & objItem.Depth
    Wscript.Echo "Description: " & objItem.Description
    Wscript.Echo "Height: " & objItem.Height
    Wscript.Echo "Hosting Board: " & objItem.HostingBoard
    Wscript.Echo "Hot Swappable: " & objItem.HotSwappable
    Wscript.Echo "Manufacturer: " & objItem.Manufacturer
    Wscript.Echo "Model: " & objItem.Model
    Wscript.Echo "Name: " & objItem.Name
    Wscript.Echo "Other Identifying Information: " & _
        objItem.OtherIdentifyingInfo
    Wscript.Echo "Part Number: " & objItem.PartNumber
    Wscript.Echo "Powered-On: " & objItem.PoweredOn
    Wscript.Echo "Product: " & objItem.Product
    Wscript.Echo "Removable: " & objItem.Removable
    Wscript.Echo "Replaceable: " & objItem.Replaceable
    Wscript.Echo "Requirements Description: " & objItem.RequirementsDescription
    Wscript.Echo "Requires Daughterboard: " & objItem.RequiresDaughterBoard
    Wscript.Echo "Serial Number: " & objItem.SerialNumber
    Wscript.Echo "SKU: " & objItem.SKU
    Wscript.Echo "Slot Layout: " & objItem.SlotLayout
    Wscript.Echo "Special Requirements: " & objItem.SpecialRequirements
    Wscript.Echo "Tag: " & objItem.Tag
    Wscript.Echo "Version: " & objItem.Version
    Wscript.Echo "Weight: " & objItem.Weight
    Wscript.Echo "Width: " & objItem.Width
Next

Vbscript get model of your server

SystemName = "localhost"

set tmpObj = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & SystemName & "\root\cimv2").InstancesOf ("Win32_ComputerSystem")
for each tmpItem in tmpObj
  MakeModel = trim(tmpItem.Manufacturer) & " " & trim(tmpItem.Model)
next
Set tmpObj = Nothing: Set tmpItem = Nothing

msgbox MakeModel

Vbscript listing memory config

Sometimes our bosses ask about configuration of memories or you need to detailed information about memory configuration, may be you will add extra memory and you want to learn bank status without restarting server.

On Error Resume Next

strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colItems = objWMIService.ExecQuery("Select * from Win32_PhysicalMemory")

For Each objItem in colItems
    Wscript.Echo "Bank Label: " & objItem.BankLabel
    Wscript.Echo "Capacity: " & objItem.Capacity / 1048576
    Wscript.Echo "Data Width: " & objItem.DataWidth
    Wscript.Echo "Description: " & objItem.Description
    Wscript.Echo "Device Locator: " & objItem.DeviceLocator
    Wscript.Echo "Form Factor: " & objItem.FormFactor
    Wscript.Echo "Hot Swappable: " & objItem.HotSwappable
    Wscript.Echo "Manufacturer: " & objItem.Manufacturer
    Wscript.Echo "Memory Type: " & objItem.MemoryType
    Wscript.Echo "Name: " & objItem.Name
    Wscript.Echo "Part Number: " & objItem.PartNumber
    Wscript.Echo "Position In Row: " & objItem.PositionInRow
    Wscript.Echo "Speed: " & objItem.Speed
    Wscript.Echo "Tag: " & objItem.Tag
    Wscript.Echo "Type Detail: " & objItem.TypeDetail
    Wscript.Echo "-------------------------"
Next

Linux ethtool

Ethtool and mii-tool are tools to set network interface options. I had problems setting speed 1000 with mii-tool so I prefer ethtool.

ethtool -s eth0 speed 100 duplex full autoneg off

If you want to set this every reboot put above command /etc/rc.local or
add following option to this file /etc/sysconfig/network-scripts/ifcfg-eth0
ETHTOOL_OPTS="speed 100 duplex full autoneg off"

Linux LVM basics

Prepare disk
dd if=/dev/zero of=/dev/sdb bs=1k count=1
pvcreate /dev/sdb

Setup a volume group
vgcreate my_volume_group /dev/sdb

Change status of volume group
vgchange -a y my_volume_group
vgchange -a n my_volume_group (deactivate)

Extend or reduce volume group
vgextend my_volume_group /dev/hdc1
vgreduce my_volume_group /dev/hda1 (removing)

Create logical volume group
lvcreate -L1500 -ntestlv my_volume_group
lvcreate -- logical volume "/dev/my_volume_group/testlv" successfully created

Create the file system
mke2fs /dev/my_volume_group/testlv

Mount the file system
mount /dev/my_volume_group/testlv /disk2

Resizing of a logical volume
e2fsadm /dev/my_volume_group/testlv -L+100

Detailed information:
http://www.tldp.org/HOWTO/LVM-HOWTO/recipes.html

Putty for symbian

Here you can find putty for symbian os based phones.
http://s2putty.sourceforge.net/download.html

Vbscript list users in domain or find disabled users

You can list users computers etc with this script in domain. If you want to list only disabled users read following script.

Set A=GetObject("LDAP://DC=domain,DC=co,DC=uk")
EnumerateUsers A
Sub EnumerateUsers(oCont)
Dim x
For Each x In oCont
 Select Case LCase(x.Class)
 Case "user"
 Wscript.Echo "User: "& x.Get ("name") & ";" & x.displayName & ";" & x.givenname &";"& x.sn & ";" & x.userAccountControl & ";" & x.userprincipalName & ";" & x.createTimeStamp  & ";" & x.sAMAccountName   & ";" &  x.distinguishedName
 'If you want to get disable users comment out three following lines and comment previos line 
 'If x.userAccountControl=66050 Then
 ' wscript.echo "User:" & x.Get ("name")
 'Else 
 'End If                                   
 Case "computer"
  'Wscript.Echo "Computer: "&  x.Get ("name") & ";" & x.operatingSystem & ";" & x.operatingSystemVersion & ";" & x.operatingSystemServicePack   & ";" &  x.distinguishedName
 Case "volume"
  'Wscript.Echo "Volume: "&  x.Get ("name") & ";" & x.uNCName    & ";" &  x.distinguishedName
 Case "group"
  'Wscript.Echo "Group: "&  x.Get ("name")    & ";" &  x.distinguishedName
 Case "site"
  'WScript.Echo x.distinguishedName
  Set objRootDSE = GetObject("LDAP://RootDSE")
  strConfigurationNC = objRootDSE.Get("configurationNamingContext")
  strSitesContainer = "LDAP://CN=Servers,CN=" & x.cn & ",cn=Sites," & strConfigurationNC
  Set objSitesContainer = GetObject(strSitesContainer)
  objSitesContainer.Filter = Array("server")
  For Each objSite In objSitesContainer
   'WScript.Echo objSite.Name
   'Wscript.Echo "Site: "&  x.cn & ";" & objSite.Name & ";" & x.description    & ";" &  x.distinguishedName
  Next 
 Case "organizationalunit" , "container"
  EnumerateUsers x
  'Wscript.Echo "OU |Container: "&  x.Get ("name") & ";" & x.ou    & ";" &  x.distinguishedName
 Case Else
  'Wscript.Echo x.Class&": " &  x.distinguishedName
 End Select 
Next
End Sub

Process explorer

If task manager in windows is not enough for you use this tool.
You can use this tool to suspend some process, if they are spy ware or etc. before cleaning.

Process Explorer shows you information about which handles and DLLs processes have opened or loaded.
The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.

http://www.microsoft.com/technet/sysinternals/Utilities/ProcessExplorer.mspx

kSar sar grapher

ksar is a java application that graph sar output. You can connect you servers via ssh and see graphical output of sar commands.

Find detailed information http://ksar.atomique.net/

Change terminal services or rdp listening port

Change the following registry key. Restart system.

HKEY_LOCAL_MACHINE\SYSTEM\Curr­entControlSet\Control\Termina
l Server\WinStations\RDP-Tcp

ghost or copy a partition to another drive- create identical system

I used this procedure copy my Fedora Linux OS.
Boot server in rescue mode

Boot the server from CDROM with rescue mode. At the boot prompt:
linux rescue

Choose mount filesystem when it is asked.

Create folder under root
mkdir /destination

Mount your destination partition under
mount /dev/hdb1 /destination

Copy all of them, because all files are not used by any process you will not have any problem
cp -ar /mnt/sysimage /destination

or copy all disk
dd if=/dev/hda of=/dev/hdb


If you are copying your boot partition you have to install grub for booting system
move hdb to hda (You have to switch master slave jumpers for both of disks)
Boot with rescue mode, mount filesystem (if you have problem, you know partitin location mount /dev/sda1 /mnt/sysimage)
chroot /mnt/sysimage
grub-install

Now you have copy of the system...

bootloader is corrupted Fedora Linux -- Rescue it

Boot the server from CDROM with rescue mode. At the boot prompt:
linux rescue

Choose mount filesystem when it is asked.

Your file syste will be mounted under /mnt/sysimage, chroot there
chroot /mnt/sysimage

Install group boot loader.
grub-install /dev/sda

Reboot your server.

Alias in shell help lazy administrators

If you are tired to enter same command, make it short for you

if u using bash write to .bash_profile , for ksh write to .profile
alias cdt='cd /usr/local/man/'

cdt will change your directory to target after next login.

Calculate DB size with sqlplus in Oracle

select sum(bytes)/1024/1024 "Meg" from dba_data_files;

Oracle deleting old backup from rman

rman
RMAN>connect catalog username/password@RMANSID;
connected to recovery catalog database
RMAN>DELETE NOPROMPT OBSOLETE RECOVERY WINDOW OF 7 DAYS;

or
delete expired backup;

Oracle Flash Recovery Area configuration

Changing directory
alter system set db_recovery_file_dest = '/data01';

Changing size
alter system set DB_RECOVERY_FILE_DEST_SIZE= 5G;

Moving oracle to archive mode

shutdown immediate
startup nomount

alter database mount;
alter database archivelog;
alter database open;

Verifying archive mode
archive log list;
select log_mode from v$database;

Rpm package installation history

If you need when the packages installed in Red Hat or Fedora

rpm -qa --queryformat '%{NAME} || %{INSTALLTIME:date}\n'

output:
gnome-bluetooth || Mon 06 Aug 2007 05:05:55 PM EEST
gnome-screensaver || Mon 06 Aug 2007 05:06:24 PM EEST
evolution-webcal || Mon 06 Aug 2007 05:07:06 PM EEST
gnome-system-monitor || Mon 06 Aug 2007 05:07:51 PM EEST
smartmontools || Mon 06 Aug 2007 05:08:15 PM EEST
perl-Test-Harness || Mon 06 Aug 2007 05:08:18 PM EEST
system-config-network || Mon 06 Aug 2007 05:08:22 PM EEST

Legato networker restore a server to another server

If you want to restore HostA files to HostB

Put HostB to HostA access list in Legato Administration.
Run this command for starting restore:
On HostB, nwrecover -s backupserver -c hostA

mysql backup

Command which I am using for back up
mysqldump --single-transaction --all-databases -u username --password=password> backup_sunday_1_PM.sql

Quick nfs share on Solaris

hostA
sharing /cdrom
share -F -o ro nfs /cdrom

show if you it's shared.
showmount -e

hostB
mount hostA:/cdrom /cdrom

Cfengine installation Fedora 7 Linux

I have Fedora 7 with development package selected, so this selection provide all package that I need for compiling.

Download package (I used cfengine-2.2.1)
http://www.cfengine.org/download.phtml

tar zxf cfengine-2.2.1.tar.gz
cd cfengine-2.2.1
./configure
make
make install

That's all.

Installation of SecondLife in Fedora

Download Linux package from http://secondlife.com/community/downloads.php

Unzip the package
bunzip2 SecondLife_i686*.tar.bz2

Extract the tar
tar xvf SecondLife_i686*.tar

Run it
double click secondlife on graphical environment.


If you get windows creation error:
For nvidia, Download graphic card driver from Nvidia
http://www.nvidia.com/object/unix.html
There is two binary packages try them, one of them will suit your graphic card gpu
NVIDIA-Linux-x86-1.0-9639-pkg1.run
NVIDIA-Linux-x86-1.0-9755-pkg1.run

Double click to start installation.
After installation you can double click secondlife and enjoy the game.

Mount ntfs Fedora Linux

Install these packages with yum install packagename

kmod-ntfs-kdump
kmod-ntfs
ntfs-kmod-common

find your ntfs partition
fdisk -l | grep NTFS

output like:
/dev/hdb1 * 1 3824 30716248+ 7 HPFS/NTFS

and mount it
mount /dev/hdb1 /mnt/disk4part1

SAN driver on Red Hat

There are some trick for installing qla drivers in Red Hat servers:
One of them is using up to date gcc
The other is you need up to date cciss driver, because if you compile qla drivers with old cciss driver, servers try to boot from storage through hba.

BTW there is another important situation, your device number could change in the future, if you mount with device names it could cause problems after mounting.
So I strictly recommend to label your disks

e2label /dev/sda1 DATA01
fstab --> LABEL= DATA01 data01 ext3 defaults 1 2



OS : Red Hat Linux Advanced Server release 2.1AS (Pensacola)
kernel : 2.4.9-e.35smp
Hardware : HP DL380
HBA : qla2300
Storage : HITACHI DF600F or EMC SYMMETRIX 5771

Installed cciss driver cause trouble, so backup them
cd /lib/modules/2.4.9-e.35smp/kernel/drivers/addon/cciss/
cp cciss.o cciss.o.old
cd /lib/modules/2.4.9-e.35/kernel/drivers/addon/cciss
cp cciss.o cciss.o.old

Install new version
rpm -ivh cpq_cciss-2.4.54-14.rhel21.i686.rpm
reboot server, see if it is booting

Use up to date gcc
mv /usr/bin/gcc /usr/bin/gcc.296
ln -s /usr/bin/gcc3 /usr/bin/gcc

Install HBA driver
rpm -ivh hp_qla2x00src-7.05.00p8-19.linux.rpm

Install fibeutils you are going to use this
rpm -ivh fibreutils-2.0-4b.linux.i386.rpm
Reboot server

Check your adapter is working
adapter_info

Free YouTube to iPod Converter

http://www.dvdvideosoft.com/guides/dvd/convert-YouTube-FLV-video-to-iPod-MP4-video.htm

Osiris painless installation for Fedora 7

Install Fedora 7, select development package at package selection screen so you wont need to install extra packages one by one.
If you don't need unselect office and productivity

Download Osiris source package from http://osiris.shmoo.com/download.html
I downloaded this version osiris-4.2.3.tar.gz

gunzip osiris-4.2.3.tar.gz
tar xvf osiris-4.2.3.tar
cd osiris-4.2.3
./configure --with-root-dir=/var/osiris --with-osiris-user=osiris --enable-fancy-cli=yes
make all
If you havent got any error...
cd src/install
./install.sh

Sum of your partition

This script gives you sum of all of your partition
(Select from top to bottom and copy,paste to any editor to get all)

hostnm=`hostname`

# We need to allow for different versions of 'df' on differt Unix OS's
ostype=`/bin/uname`
#echo $ostype
if [ $ostype = "Linux" -o $ostype = "SunOS" ]; then
dfbinary="/bin/df -kl"

elif [ $ostype = "IRIX64" ]; then       ## Newer SGI's.  Irix 6.5 at least
dfbinary="/bin/df -Pkl"
else                                    ## use the GNU version of df
dfbinary="/irus/bin/df"
fi

##disksum=`$dfbinary | grep dev | awk '{t += $2; u += $3} \
disksum=`$dfbinary | awk '/dev/ {t += $2; u += $3} \
      END { printf("%d MB, %d MB used",t/1024,u/1024) }'`

HP Raid control in Linux

Think that you are using HP DL series (DL380) hardware and running linux, you want to check raid status then you need:

• Install hpacucli from HP.
• Run this script
  

#!/bin/sh
SLOTLIST=$(hpacucli ctrl all show | \
grep Slot | sed -e 's/^.*Slot //g' -e 's/ .*$//g')

for i in $SLOTLIST
do
echo
hpacucli ctrl slot=$i show status | grep -v "^$"
echo
hpacucli ctrl slot=$i ld all show status | grep -v "^$"
hpacucli ctrl slot=$i pd all show status | grep -v "^$"
done
echo

• Output:

Smart Array 6i in Slot 0
Controller Status: OK
Cache Status: OK

logicaldrive 1 (203 GB, 5): Ok
physicaldrive 2:0 (port 2:id 0, 72.8 GB): OK
physicaldrive 2:1 (port 2:id 1, 72.8 GB): OK
physicaldrive 2:2 (port 2:id 2, 72.8 GB): OK
physicaldrive 2:3 (port 2:id 3, 72.8 GB): OK

Osiris [info] outgoing: error message.

I was getting this annoying error from Red Hat 7 servers.

[info] outgoing: error message.

So I moved to service into quite mode with editing /etc/init.d/osirisd
adding -q option.
line: daemon $osirisd -q -r $osirisd_root $OPTIONS

Mailing list ARChives

You can find mailing list archive at http://marc.info/
It helped me when I could not reach osiris mailing group.

Oracle Schema changes

I use this script to track schema changes for a schema on Oracle server.
(Select from top to bottom and copy,paste to any editor to get all)

user=username
password=password
DWH=schema
OWNERDWH=schemaowner
WORKDIR=/var/log/
OUTPUT=/var/log/aname.log
mv $WORKDIR/schema_$DWH.log $WORKDIR/schema_$DWH.log.1
sqlplus $user/$password < $WORKDIR/schema_$DWH.log.draft
set pages 10000
set hea off
set lines 500
set feedback off
column TABLE_NAME format a30
column COLUMN_NAME format a25
column DATA_TYPE format a8
column DATA_LENGTH format 9999
column DATA_PRECISION format 999
column DATA_SCALE format 999
column NULLABLE format a1
column COLUMN_ID format 999
SELECT ATC.TABLE_NAME
     ,ATC.COLUMN_NAME
     ,ATC.DATA_TYPE
     ,ATC.DATA_LENGTH
     ,ATC.DATA_PRECISION
     ,ATC.DATA_SCALE
     ,ATC.NULLABLE
     ,ATC.COLUMN_ID
FROM ALL_TABLES ATT, ALL_TAB_COLUMNS ATC
WHERE ATT.OWNER = '$OWNERDWH'
 AND ATC.OWNER = ATT.OWNER
 AND ATC.TABLE_NAME = ATT.TABLE_NAME;
exit;
EOF
cat $WORKDIR/schema_$DWH.log.draft |grep -v '^$'| egrep -v "10.1.0.5.0|Copyright|Connected to|OLAP and Data Mining|SQL\>" > $WORKDIR/schema_$DWH.log
#diff $WORKDIR/schema_$DWH.log $WORKDIR/schema_$DWH.log.1
cmp $WORKDIR/schema_$DWH.log $WORKDIR/schema_$DWH.log.1 >> $OUTPUT

Fujitsu Siemens servers - Server View Agents -

We try to get events from hardware for Fujitsu Siemens servers running Windows OS.
Here is the way how can we collect events for pdu,disk etc.
You have to install GAM for disk messages.

Logging Server View Events to Windows Event Log
Open ServerViewAgents --> Agent Configuration-->Trap Forwarding
Select all for Report to system event log
Choose apply
Then restart serverview agents tool and Click restart.

GAM Installation
Find installation file from lsilogic web site.
Run installation file

There is trick when you want to change settings
If there isnt a user named gamroot in the domain, create user and give a password.
It will be used when you need to change settings. Or you can create user locally.

Osiris

I implemented Osiris version 4.2.3 in the company. I compile it on Fedora 7 and running on Vmware ESX.

web site
http://osiris.shmoo.com/

You can find comparison of host integrity tools here
http://www.securityfocus.com/infocus/1771

Osiris:
Osiris is a Host Integrity Monitoring System that periodically monitors one or more hosts for change. It maintains detailed logs of changes to the file system, user and group lists, resident kernel modules, and more. Osiris can be configured to email these logs to the administrator. Hosts are periodically scanned and, if desired, the records can be maintained for forensic purposes. Osiris keeps an administrator apprised of possible attacks and/or nasty little trojans. The purpose here is to isolate changes that indicate a break-in or a compromised system. Osiris makes use of OpenSSL for encryption and authentication in all components.

Filtering is a bit complicated.
\[mq.*\]\[.*\]\[/opt/oracle/product/RDBMS10g/.*_dwh.*\]\[(mtime|ctime|checksum|inode)\]
.* is like * in unix.

Also you can configure filtering in configuration of hosts:

exclude file (^/opt/oracle/product/RDBMS10g/dbs/spfiledwh.ora$)
exclude file (^/opt/oracle/product/RDBMS10g/dbs/lkDWH$)
exclude file (^/opt/oracle/product/RDBMS10g/dbs/orapwdwh$)
exclude file ("product/RDBMS10g/dbs/snapcf_dwh.f")
exclude file ("product/RDBMS10g/dbs/snapcf_dwh.f")
exclude file (^/opt/oracle/product/RDBMS10g/dbs/hc_dwh.dat$)
Recursive 1
NoEntry product/RDBMS10g/rdbms/log
NoEntry product/RDBMS10g/admin/dwh/bdump
NoEntry product/RDBMS10g/rdbms/audit
NoEntry product/RDBMS10g/network/log
NoEntry product/RDBMS10g/oc4j/j2ee/OC4J_DBConsole_*_dwh/log
NoEntry product/RDBMS10g/css/log
NoEntry product/RDBMS10g/admin/dwh/udump
NoEntry product/RDBMS10g/css/init
NoEntry product/RDBMS10g/oc4j/j2ee
IncludeAll

Enabling remote logging for Syslog

If you want to enable remote logging in Red Hat edit /etc/sysconfig/syslog file.
change the line like below
SYSLOGD_OPTIONS="-m 0 -r"

BTW editing this file /etc/init.d/syslog does not help.

Ipod torrent

Good sites for ipod content. Use them with your own risk.

http://www.ipodnova.tv/
http://www.podtropolis.com/

Avi to mp4 with subtitle

Very strange that there is only one program could convert avi and subtitle files to Ipod compatible mp4 file.

xvid4psp runs on windows.
http://www.winnydows.com

Webmin

I use this product for a long time. It helped me to manage my Linux machine when I didn't know not much about Linux.
Also I used it with Solaris machines at the work at 2003. I distribute some sendmail rights to people.
Now I am using webmin for accessing my computer from work.

Ssh on port 80

I use this command to open another ssh daemon listening on port 80. It helps to pass away proxy servers.

/usr/sbin/sshd -p 80

Check process

I use this simple python script to check bittorrent process and if it is not running it starts to vnc.

import os
def check_proc( *args ):
        process = os.popen("ps -ef | grep bitt").read().splitlines()
        if len(process) > 2:
                print "process running"
        else:
                print "process not running"
                os.system('su - user -c "export DISPLAY=127.0.0.1:2.0;bittorrent&"')"

check_proc()

Xen in Fedora 6 part 2

Here is my configuration for fedora7 virtual machine. With vnc options you can reach your virtual machine consoles from another computer with vnc.


name = "fedora7"
uuid = "99cf59acb58214579335b8e1f9a3239a"
maxmem = 256
memory = 256
vcpus = 1
bootloader = "/usr/bin/pygrub"
kernel = "/var/lib/xen/vmlinuz.QAI1O_"
ramdisk = "/var/lib/xen/initrd._9EXMc"
extra = "ro root=LABEL=/ rhgb quiet"
on_reboot = "restart"
on_crash = "restart"
sdl = 0
vnc = 5910
vnc=1
vnclisten= '0.0.0.0'
vncconsole=1
vncpasswd='passwd'
disk = [ "tap:aio:/mnt/disk3part3/xen/vm/fedora7.img,xvda,w" ]
vif = [ "mac=00:16:3e:01:5d:9c,bridge=xenbr1,script=vif-bridge" ]

Xen in Fedora 6 part 1

I followed http://fedoraproject.org/wiki/FedoraXenQuickstartFC6 this procedure.
I used nfs for install location, dont forget to give real ip adress of your nfs (never write 127.0.0.1)

Simply building nfs server :
mount -o loop F-7-i386-DVD.iso /mnt/disk3part3/xen/fedora
Put below to /etc/exports
/mnt/disk3part3/xen/fedora
start nfs service
service nfs start

encrypted partition in linux

Put hese into rc.local file for loading crypto modules.
modprobe cryptoloop
modprobe aes

if you need many loop device add below to modprobe.conf file.
options loop max_loop=32

Prepare encrypted file about 40Gb
dd if=/dev/zero of=/mnt/disk3part4/xfile01 bs=100M count=400
losetup -e aes /dev/loop1 /mnt/disk3part4/xfile01
mkfs -t ext2 /dev/loop1

Mounting encrypted file
losetup -e aes /dev/loop11 /mnt/disk3part4/xfile01
mount -o loop /dev/loop11 /home/username/torrent01

VNC

Configuration of VNC in Fedora 6
run vncconfig

edit /etc/sysconfig/vncservers
VNCSERVERS="2:username"
VNCSERVERARGS[2]="-geometry 1024x768"

add /home/username/.vnc/xstartup
gnome-session&

start vnc server sevice
service vncserver start

Torrent

This summary is not available. Please click here to view the post.

Dlink D520

Operating system FC6

installed madwifi packages
rpm -qa | grep madwifi
kmod-madwifi-0.9.2.1-1.2.6.18_1.2869.fc6
kmod-madwifi-kdump-0.9.2.1-1.2.6.18_1.2869.fc6
madwifi-0.9.2.1-1.lvn6

I am using wep for security.
Related documentation configuring madwifi with wep

iwconfig ath0 essid any
Put your network name instead of any...
iwconfig ath0 key XXXXXXXX
Put your security key instead of XXXXXXXXX
dhclient ath0

Vmware

Best virtual machine softwere.
I use workstation on my laptop for testing Solaris 10, several Red Hat versions.
We are planning to use Wmware ESX in my company. I am involved in this project.

Best practises about vmware "Using VMware Infrastructure for Backup and Restore" (must see)
And other published articles...

HP Pavilion dv6097ea

I bought HP Pavilion dv6097ea. You can look specifications here.

AMD Turion™ 64 X2 Mobile Technology TL-56. But There is a bit heating problem.
Lightscribe Super Multi DVD Writer. LightScribe is an innovative technology that uses a special disc drive, special media, and label-making software to burn labels directly onto CDs and DVDs.
IEEE-1394 (also named FireWire, i.LINK) , that I use capturing video from my Sony DCR-HC23E.