Thursday, August 2, 2007
Debug Checkpoint
On the Management server run this command:
fw debug fwm on TDERROR_ALL_ALL=3
and install the policy, in the install window you will see detailed installation messages, read the last part to see the reason for failing to install and at what stage it happened. To turn off debug use:
fw debug fwm off TDERROR_ALL_ALL=0
Run the following debug command on the module console:
fw debug fwd on TDERROR_ALL_ALL=3
fw fetch ip_of_management
To turn off debugging run the command:
fw debug fwd off TDERROR_ALL_ALL=0
Send the cpd.elg file from firewall and fwm.elg file from mgmt to the support.
cpd.elg dile is located under $CPDIR/log on the firewall and mgmt station $FWDIR/log where the fwm.elg
Monday, July 30, 2007
Linux Disc Duplication
Linux System Duplication
Andrew McGill, ledge.co.za
Revision 0.3; $Id: systemduplication.sgml,v 1.10 2006/11/16 07:58:08 andrewm Exp $Step by step instructions for duplicating a Linux system by copying the files from one hard disk to another.
1. Introduction
You may need to duplicate your Linux system onto another hard disk for any number of reasons, including:
- You have just replaced your hard disk with a newer, bigger or more reliable one
- You have a new computer
- You tried it with Ghost, and it messed up. You would like to mess it up yourself.
- You want to change the filesystem type you are using (e.g. reiserfs to ext3fs)
1.1 Assumptions
The following assumptions have been used in this document to simpify things (for the author, and not so much for the reader):
- The original, working system resides on a single IDE disk (e.g. hda)
- A second disk is available for copying the system to (e.g. hdc)
- You can type commands fairly accurately (no dyslexia)
- You can think and adapt if your system is a little different
- You want to duplicate your system
1.2 Introduction to the method
- Do some research (
mount; fdisk -p /dev/hda
) - Set up second system's drive on /dev/hdc
- Create similar partitions on the new disk hdc (fdisk /dev/hdc)
- Format the new partitions (mke2fs / mkreiserfs / mkswap /dev/hdc99)
- Mount the new disk on /mnt (mount /dev/hdc3 /mnt) and create mount directories in /mnt and mount the new file systems there
- Copy the files (cp -vax /. /mnt ... or something similar) (don't try cp -vax /* /mnt - it's not the same)
- Shutdown the system
- Install the hard disk (hdc) in a new system (it won't work yet)
- Boot the new system using a rescue disk (or something)
- Run lilo, reboot and test
1.3 Disclaimer
You will destroy your data. Don't blame me.
2. Research
Short version: Make notes of the partitions on your existing disk
Before you can copy a system, you need to know how big the various partitions are. Write down the output of one of the commands below. (fdisk is more useful if your new disk is the same as the old, and df is more useful at other times). The output of grep will show where your partitions should be mounted.
You may have a disk with SCSI or SATA drives. In this case the drives are named
fdisk -p /dev/hda
df -hl
mount
grep hd /etc/fstab
/dev/sda
, /dev/sdb
etc, and the partitions are named /dev/sda1
, /dev/sda2
, /dev/sda3
, etc. On my system with a 12G drive, the output looks like this:
tonto:~ # fdisk -l /dev/hda
Disk /dev/hda: 255 heads, 63 sectors, 1467 cylinders
Units = cylinders of 16065 * 512 bytes
Device Boot Start End Blocks Id System
/dev/hda1 * 1 255 2048256 c Win95 FAT32
/dev/hda2 256 264 72292+ 82 Linux swap
/dev/hda3 265 776 4112640 83 Linux
/dev/hda4 777 1467 5550457+ 5 Extended
/dev/hda5 777 777 8001 83 Linux
/dev/hda6 778 1467 5542393+ 83 Linux
tonto:~ # df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda3 3.9G 3.7G 262M 94% /
/dev/hda5 7.6M 5.7M 1.5M 79% /boot
/dev/hda6 5.3G 4.7G 700M 88% /data
shmfs 58M 0 57M 0% /dev/shm
/dev/hda1 1.9G 1.6G 399M 80% /windows/C
tonto:~ # mount
/dev/hda3 on / type reiserfs (rw)
proc on /proc type proc (rw)
devpts on /dev/pts type devpts (rw,mode=0620,gid=5)
/dev/hda5 on /boot type ext2 (rw)
/dev/hda6 on /data type reiserfs (rw)
shmfs on /dev/shm type shm (rw)
usbdevfs on /proc/bus/usb type usbdevfs (rw)
/dev/hda1 on /windows/C type vfat (rw,noexec)
tonto:~ # grep hd /etc/fstab
/dev/hda1 /windows/C vfat noauto,user 0 0
/dev/hda5 /boot ext2 defaults 1 2
/dev/hda2 swap swap defaults 0 2
/dev/hda3 / reiserfs defaults 1 1
/dev/hda6 /data reiserfs defaults 1 1
(it's a wonderfully bad example, since it includes a Windows filesystem). The thing to take note of is the size of the partitions (how many megabytes M or gigabytes G) and their locations. You will be creating identical partitions on your new disk.
3. Playing with hardware I
Short version: Plug in new hard disk into old machine
This howto works on the assumption that your system is configured something like the following: (or that you are smart enough to figure out what to do)
Primary IDE channel: Master : /dev/hda Original system
Slave : /dev/hdb CDROM or unused
Secondary IDE channel: Master : /dev/hdc Duplicate system
Slave : /dev/hdd Unused
If you plug the duplicate hard disk into /dev/hdb instead of /dev/hdc, then you will need to set the jumpers on the hard disk for it to act as a "Slave" and not as a "Master". Copying data between disks on separate interfaces could make things work a little faster though.
4. Create similar partitions
Short version: fdisk /dev/hdc; (d)elete existing partitions and make (n)ew paritions using (t)ype 82 and 83.
Fdisk is a tool that edits the first part of the disk, which is called the partition table. This determines how the space on the disk is allocated.
The resources for using fdisk are the fdisk man page, and the output of the help command when you run fdisk:
man fdisk
fdisk /dev/hdc
Command (m for help): m
Here's the procedure:
- Make sure you are using the correct disk (/dev/hdc, not /dev/hda)
fdisk /dev/hdc
- Test how to escape - press Ctrl+C to stop fiddling the partition table.
- Delete the existing partitions
You may have to delete the `logical' partitions before you delete the extended partitionp # Print the existing partition table
d # Delete a partition - Create new partitions of the correct sizes. Use the same numbers as before. To create partitions with a number greater than 4, create an extended partition, and then create additional "logical" partitions.
n # new partition
Command (m for help): n
Command action
l logical (5 or over)
p primary partition (1-4)
p # primary partition
Partition number (1-4): 1
First cylinder (1-1467, default 1): 1
Last cylinder or +size or +sizeM or +sizeK
(1-255, default 255): 255 - Set the type of the new partitions you have created. For Linux partitions, you will want to set the type to Linux (83) for the data partitions, and to Linux swap (82) for the swap partition(s).
Command (m for help): t
Partition number (1-6): 1
Hex code (type L to list codes): 83
Changed system type of partition 1 to 83 (Linux) - Have a look at the new partition table (it should look something like the one on the original disk)
If you are happy with what you see, write it to the disk:p
If fdisk complains that it cannot convince the kernel to reload the new partition table, you will have to reboot the system. This is normally a bad sign though, because there is no reason you will see this on an unused disk:w
If you inadvertently overwrote your original system's partition table, you should be able to recover by using the tool gpart (guess partitions) which is found on most rescue disks. Alternatively you can simply re-enter the same partition information as you had previously. Note that some systems have a menu driven program called cfdisk. If you like menu driven programs, you can give it a try, but don't blame me. When all is done, if it is done correctly, then these commands should produce similar output:Calling ioctl() to re-read partition table.
WARNING: Re-reading the partition table failed with error
16: Device or resource busy. The kernel still uses the
old table. The new table will be used at the next reboot.
Syncing disks.fdisk -p /dev/hda
fdisk -p /dev/hdc
5. Format the new partitions
Short version: mke2fs or mkreiserfs and mkswap
If the output of
looks like this:
grep hd /etc/fdtab
/dev/hda1 /windows/C vfat noauto,user 0 0
/dev/hda5 /boot ext2 defaults 1 2
/dev/hda2 swap swap defaults 0 2
/dev/hda3 / reiserfs defaults 1 1
/dev/hda6 /data reiserfs defaults 1 1
Then these are the commands that you will use to `format' the new partitions: There is an IMPORTANT change here! All of the partitions are being created on the NEW drive /dev/hdc, not on the old drive. Don't get it wrong, or you will delete the system you are trying to duplicate.
There is also
mkfs.ext2 /dev/hdc4
mkswap /dev/hdc2
mkfs.reiserfs /dev/hdc3
mkfs.reiserfs /dev/hdc6
mkfs.ext3
which makes ext3
format filesystems. We won't need the Windows partion on the new system :) ... but if we did for some reason, it would be safer to get Windows to do it with its own format command.
6. Mount partitions
Mount the root partition of the new system on the /mnt point:
mount /dev/hdc3 /mnt
Create directories in this system for each of the mount points it will use. On my system, this means three directories (although you probably won't have all of these)
mkdir -p /mnt/boot
mkdir -p /mnt/windows/C
mkdir -p /mnt/data
Now mount the partitions on the directory mount points you have made:
Check your work. The output of `mount' should show similar entries for /dev/hda (point points based at /) and /dev/hdc (based at /mnt/).
mount /dev/hdc5 /mnt/boot
mount /dev/hdc3 /mnt/
mount /dev/hdc6 /mnt/data
7. Copy files
For each partition, copy all the files (see GOTCHA in endnotes). The copy command make exact(ish) archive (-a) copies, has a handy verbose mode (-v), and a `don't cross filesystems' option (-x), which we will use. Copy each of the partitions from the old system to the new system:
Alternatively, you can use tar to do the same thing. This is a better idea if you have sparse files (but if you are reading this howto, you might not know what those are...)
cp -vax /boot/. /mnt/boot
cp -vax /. /mnt
cp -vax /data/. /mnt/data
You have to specify each mount point, since the `l' option above tells tar not to cross between file-systems (similar to the `-x' option in cp).
cd /
tar clS / /data /boot | tar xv -C /mnt
Did I mention that if you have a database server or a mail server running you should stop it during the time that you copy its files? If you fail to do this on a relatively busy server, you may copy files which are in a particularly nonsensical state which they pass though during updates.
To be (relatively) sure that the data has been copied to the disk:
sync
That's it. Well, almost.
7.1 If you changed device names and file systems ...
You're one of those people who is doing this whole thing because you're migrating from ext3 to jfs (crazy!), from SCSI to IDE, and now suddenly your system doesn't boot because of kernel panics or something similar.
You need to edit files:
vi /mnt/etc/fstab
-- edit the filesystem table that says which devices should be put where.vi /mnt/etc/lilo
-- if your system is using LILO to boot, then make sure that the lineroot=/dev/sda8
points to the device your main partition (/.
) is on. If you've changed filesystem types, thenreiserfs
may change toext2
andjfs
so that the device names correspond again with the partition types they contain. After changing this file, runchroot /mnt
andlilo
again as described above.vi /mnt/boot/grub/menu.lst
-- if you're using GRUB as your boot loader, then this is where you need to change your device names.
vi
, here's a three point tutorial: - Press
i
to insert, andEscape
when you're finished inserting. - Type
ZZ
(capitals) to save and exit, orZQ
to exit without saving. - If in doubt, quit
vi
and run the commandvimtutor
to learn how to do it.
7.2 If you changed your disk controller ...
If you are using a different disk controller on the target system (e.g. sata_nv
to piix
), for most distributions, you will have to make a new initial root disk, using the mkinitrd
command. If you need to do this and you don't do this, you will get a kernel panic "cannot mount root filesystem".
You need to:
- Find out which module(s) the disk requires
- Tell
mkinitrd
to include it (or them) - Run
mkinitrd
on the target system to make a newinitrd
file for booting.
lspci
and lsmod
. As the kernel becomes more and more modular, it becomes harder to know which is your disk controller module. You can use modinfo piix
to see what a module says about itself: If you don't know, guess. It can't hurt that much.
modinfo piix
filename: /lib/modules/2.6.15-23-386/kernel/drivers/ide/pci/piix.ko
author: Andre Hedrick, Andrzej Krzysztofowicz
description: PCI driver module for Intel PIIX IDE
license: GPL
vermagic: 2.6.15-23-386 preempt 486 gcc-4.0
Now tell mkinitrd
to include the module:
- Debian/Ubuntu:
vi /etc/mkinitrd/modules
, then runupdate-initrd
. - SuSE:
vi /etc/sysconfig/kernel
, then runmkinitrd
. - Redhat ... erk ... suggestions welcome
8. Playing with hardware II
Now you have to get the new system to be bootable.
8.1 Method 1 (easy) (using rescue disk)
- Shutdown the original system.
- Remove the duplicate hard disk.
- Put the duplicate disk in the new system.
- Boot up the duplicate system using the rescue disk or rescue boot option provided by your Linux distribution. This should dump you at a shell prompt.
- Mount the root partition:
mount /dev/hda3 /mnt
- Enter the new system, mount additional filesystems (e.g. /boot), and run lilo to make the system bootable.
If you are using the GRUB boot loader, then instead of lilo, you typechroot /mnt
mount -a
lilogrub-install /dev/hda
to install GRUB on the MBR.On some distributions,
grub-install
is broken. For these you have to ...grub
root (hd0,0) # assuming /boot is /dev/hda1
setup (hd0)
quit - Now you can exit and shutdown:
umount -a
sync
exit
umount /mnt
reboot
Remove the disk and reboot. The system should boot as a duplicate.
8.2 Method 2 (best for GRUB) (hard, but you don't need a rescue disk)
If your system boots with GRUB, you can set up the second disk to be ready to boot when it becomes the first disk:
- Boot up the original system with the duplicate hard disk in (probably you are here already)
- Chroot into the new system.
- Lie to GRUB about where its hard disks are
- Install GRUB (on the second disk)
- Tell GRUB the truth again for posterity
Here's the detail:
- Mount the duplicated root partition:
mount /dev/hdc3 /mnt
- Chroot into the new system, mount additional filesystems (e.g. /boot):
chroot /mnt
mount -a - Now edit
/boot/grub/device.map
, and tell it that the first disk is your duplicate disk (/dev/hdc):
Change the contents of device.map from this ...cd /boot/grub
cp device.map device.map.foo
vi device.map.foo
... to this...(hd0) /dev/hda
(hd0) /dev/hdc
- Now, tell GRUB to install itself. GRUB's device naming is funny, but you have to give the partition number-1. If your duplicated root partition is
/dev/hdc7
, then the name to give GRUB is(hd0,6)
. Here's how you run grub and get it to install: you start GRUB, using the device map file that says what the BIOS drive number will be after we swap the disks ...grub --device-map=device-map.foo
root (hd0,6)
setup (hd0)
quit
8.3 Method 3 (best for LILO) (hard, but you don't need a rescue disk)
If your system boots with LILO, you can set up the second disk to be ready to boot when it becomes the first disk:
- Boot up the original system with the duplicate hard disk in (probably you are here already)
- Chroot into the new system.
- Lie to LILO about where its hard disks are
- Install LILO (on the second disk)
- Tell LILO the truth again for posterity
Here's the detail:
- Mount the duplicated root partition:
mount /dev/hdc3 /mnt
- Chroot into the new system, mount additional filesystems (e.g. /boot):
chroot /mnt
mount -a - Now edit
/etc/lilo.conf
, and tell it that the first disk is your duplicate disk (/dev/hdc). You need to add this data:disk=/dev/hdc
bios=0x80
disk=/dev/hda
bios=0x80 - Now, tell LILO to install itself on the new hard disk.
lilo -b /dev/hdc
lilo.conf
on the new disk, but you could happily leave them there too. 8.4 Method 4 (easier, but more likely to fail) (actually, 100% likely)
This method involves booting up off a floppy disk. The only problem is that you cannot use an initial root disk (initrd), which may make scsi and reiserfs and ext3 systems fail. Actually, it's not very likely to work at all Actually, it's not very likely to work at all. It won't work. Do this if you're desparate.
Create a boot disk containing the Linux kernel:
dd if=/boot/vmlinuz of=/dev/fd0 bs=18k
Set the root partition
rdev /dev/fd0 /dev/hda3
- Shutdown the original system.
- Remove the duplicate hard disk.
- Put the duplicate disk in the new system.
- Boot up the duplicate system using the kernel disk you made.
- It should boot as a duplicate of the original system.
- Login as root and install lilo:
lilo
9. History
Version 0.1: Thanks to Brett Geer for pointing out that cp -vax /* /mnt is wrong. That was not pretty.
Version 0.2: Added some GRUB data ... and a bit of fstab and menu.lst notes.
Did I mention you will destroy your data?
Someone from Spain says there's a "mistake mounting partitions", but didn't elaborate. So be careful there.
Gotcha: Newer systems may mount a temporary filesystem over /dev
for devfs or udev. This causes cp -a
to be incomplete, and the result is an unbootable system (missing /dev/console
). To avoid this, the root filesystem of the source must be remounted somewhere where the real contents of /dev
are not hidden. That's a TODO.
Tuesday, June 26, 2007
Oracle: Making system view
A must need: Creating the Data Dictionary Scripts
Script Name | Needed For | Description |
---|---|---|
All databases | Creates the data dictionary and public synonyms for many of its views Grants | |
All databases | Runs all scripts required for, or used with PL/SQL | |
Real Application Clusters | Creates Real Application Clusters data dictionary views |
An optionnal need: Additional Data Dictionary Structures
| Performance management |
| Creates views that can dynamically display lock dependency graphs |
Exporting data to Oracle7 |
| Creates the dictionary views needed for the Oracle7 Export utility to export data from the Oracle Database in Oracle7 Export file format | |
Heterogeneous Services |
| Installs packages for administering heterogeneous services | |
Performance management |
| Allows I/O to be traced on a table-by-table basis | |
Security |
| Creates the Oracle Cryptographic Toolkit package | |
Advanced Queuing | | Creates the dictionary objects required for Advanced Queuing | |
Oracle Replication |
| Runs all SQL scripts for enabling database replication | |
Recovery Manager |
| Creates recovery manager tables and views (schema) to establish an external recovery catalog for the backup, restore, and recovery functionality provided by the Recovery Manager (RMAN) utility | |
Storage management | Any user | Analyzes chained rows in index-organized tables | |
Performance management |
| Enables DBA to lock PL/SQL packages, SQL statements, and triggers into the shared pool | |
Concurrency control |
| Provides a facility for user-named locks that can be used in a local or clustered environment to aid in sequencing application actions | |
Performance monitoring |
| Respectively start and stop collecting performance tuning statistics | |
Storage management | Any user | For use with the Oracle Database. Creates tables for storing the output of the | |
Year 2000 compliance | Any user | Provides functions to validate that | |
Metadata management | Any user | Creates tables and views that show dependencies between objects | |
Constraints | Any user | For use with the Oracle Database. Creates the default table ( | |
PL/SQL |
| Used primarily for upgrade and downgrade operations. It invalidates all existing PL/SQL modules by altering certain dictionary tables so that subsequent recompilations will occur in the format required by the database. It also reloads the packages | |
PL/SQL |
| Used to change from 32-bit to 64-bit word size or vice versa. This script recompiles existing PL/SQL modules in the format required by the new database. It first alters some data dictionary tables. Then it reloads the packages | |
Performance monitoring |
| Displays a lock wait-for graph, in tree structure format | |
Security |
| Creates PL/SQL functions for default password complexity verification. Sets the default password profile parameters and enables password management features. | |
PL/SQL |
| Recompiles all existing PL/SQL modules that were previously in an | |
Examples |
| Creates sample tables, such as | |
Oracle Replication | Any user | Copies a snapshot schema from another snapshot site | |
Performance management |
| Creates the TKPROFER role to allow the TKPROF profiling utility to be run by non-DBA users | |
Partitioned tables | Any user | Creates tables required for storing output of | |
Performance management | Any user | Creates the table |
and the no-scripts, used to remove dictionary information for various optional services or components.
The NO Scripts:
| Objects |
| Drops views and synonyms on dictionary metadata that relate to object types |
Security |
| Drops views and synonyms on auditing metadata | |
Heterogeneous Services |
| Removes Heterogeneous Services dictionary metadata | |
Partitioning |
| Drops views and synonyms on dictionary metadata that relate to partitioned tables and indexes | |
Advanced Queuing |
| Removes Advanced Queuing dictionary metadata | |
Recovery Manager | Owner of recovery catalog | Removes recovery catalog schema | |
Server Manager |
| Removes Oracle7 Server Manager views and synonyms | |
Distributed management |
| Drops the DBSNMP user and SNMPAGENT role |
The upgrades scripts:
| Downgrading | Provides a direct downgrade path from the new Oracle Database 10g release |
Upgrading | Provides a direct upgrade path to the new Oracle Database 10g release | |
Pre-Upgrade Information | Analyzes the database to be upgraded, detailing requirements and issues for the upgrade to release 10.2 | |
Post-Upgrade Status | Displays the component upgrade status after an upgrade to release 10.2 |
The Java Script are useful only if the JServer option is installed.
| Initializes JServer by installing core Java class libraries and Oracle-specific Java classes |
Removes all elements of the JServer | |
Installs Java-related packages and classes |
Thursday, April 26, 2007
Suppression d'un fichier avec des caractères spéciaux
Ci dessous plusieurs solutions, une interactive puis une autre avec les inodes.
Exemple:
$ ll ftp*
-rw-r--r-- 1 root sys 0 Apr 26 10:13 ftp.txt
-rw-r--r-- 1 root sys 0 Apr 26 10:13 ftp??
$ rm ftp^A^?\?
rm: cannot lstat `ftp\001\177?': No such file or directory
[Exit 1 ]
-1- Suppression Interactive
Avec un rm -i * on force la demande de suppression:
$ rm -i ftp*
rm: remove regular empty file `ftp.txt'? n
rm: remove regular empty file `ftp\177?'? y
-2- Avec le listing des inodes
$ ll -i ftp*
206 -rw-r--r-- 1 root sys 0 Apr 26 10:13 ftp.txt
205 -rw-r--r-- 1 root sys 0 Apr 26 10:13 ftp??
$ find . -xdev -type f -inum 205 -ls
205 0 -rw-r--r-- 1 root sys 0 Apr 26 10:13 ./ftp\177?
On force la suppression du fichier qui a l'inode numéro 205
$ find . -xdev -type f -inum 205 -exec rm -f {} \;
Wednesday, April 18, 2007
HPUX: Tips Gestion des Packages
swinstall -v -x allow_multiple_versions=true -x verbose=1 -x mount_all_filesystems=false -s "$depot" "$name"
ou $depot => xpm-3.4k-hppa-11.00.depot
et $name => xpm
Enlever un package récalcitrant
- swremove to remove package in swlist's host system
- stop/start of swagentd
- enforce_dependencies=false in swremove option while removing from depot.
Lister les programmes installé: swlist
Liste des produits:
$ swlist -l product
Liste des fileset:
$ swlist -l fileset
Liste des depot:
$ swlist -l depot
$ swlist -s mmstyy00:/
List all products with revision and description for each:
$ swlist all product | more
List all filesets which have a state other than configured:
$ swlist all fileset a state | grep -v -e '^#' -e configured
List all patches in the depot /var/MyDepot on the system grendel:
$ swlist -d -l product *,c=patch @ grendel:/var/MyDepot
List the filesets modified by installed patch PHSS_8675
$ swlist -a ancestor PHSS_8675
List all of the files delivered within patch PHCO_12140 after downloading from the ITRC:
$ swlist -d -l file @ /tmp/PHCO_12140.depot
List all the files delivered within product:
$ swlist -l file HP-APA-KRN
List all patches that have modified the LVM product
$ swlist -l patch LVM
Display the documentation for all patches containing critical functionality
$ swlist -a readme -l product *,c=critical
List all category tags defined in the depot /var/MyDepot on the system grendel
$ swlist -d -l category @ grendel:/var/MyDepot
Lire le Readme d'un package
swlist -s mmsdyy00:/SD_CDROM -a readme J5316AA
Commit patches
Efface la sauvegarde faite dans "/var/adm/sw/save/"
$ swmodify -x patch_commit=true '*.*'
Création
Créer un .depot
$ swpackage -x target_type=tape -s
$ swpackage -x target_type=tape -s
Enregistrer le depot
$ swreg -l depot
*Supprimer l'accés distant
$ swreg -u -l depot
Préparation
$ swcopy -x enforce_dependencies=false -s
$ swask -s
Résultat dans:
ou encore:
# Depot=MCPS-SHC
$ swcopy -s
$ swask -s
Install
swinstall -s mmstyy00:/
Procédure Complete
# Depot=MCPS-SHC
$ swacl -l root -M user:root@
$ swcopy -s
$ swinstall -s
$ swask -s
$ swinstall -s
Gestion des droits
- Pour autoriser l'utilisateur marie à ajouter de nouveaux produits au dépôt :
$ swacl -l depot -M user:marie:a [@ hôte:dépôt]
- Pour autoriser l'utilisateur marie à modifier les produits existants d'un dépôt :
$ swacl -l product -M user:marie:a \* [@ hôte]
- Pour modifier le modèle de telle sorte que l'utilisateur marie puisse modifier les nouveaux produits créés par d'autres dans le dépôt :
$ swacl -l global_product_template -M user:marie:a [@ hôte]
Pour authoriser un utilisateur distant à gérer un depot:
# Exemple: user=unix host=mmsdyy00 depot=/mkenv/sw-depot
# A executer sur mmstyy00
$ swacl -l depot -M user:unix@mmsdyy00:a @ /mkenv/sw-depot
$ swacl -l depot -M user:root@mmsdyy00:a @ /mkenv/sw-depot
$ swacl -l depot -M host:mmsdyy00:a @ /mkenv/sw-depot
$ swacl -l depot -M host:mmsdyy00:a
$ swacl -l product -M host:mmsdyy00:a \*
$ swacl -l global_product_template -M host:mmsdyy00:a
Lister les droits d'un dépot:
$ swacl -l depot @ /mkenv/sw-depot
HPUX: LVM quick reference guide
Note The following example is using the disk c1t6d0, the volume
group vg01 and the logical volume lvhome
1) Prepare the disk
pvcreate /dev/rdsk/c1t6d0
Note if the disk was previously used in another VG use the
following command instead:
pvcreate -f /dev/rdsk/c1t6d0
2) Create the Volume Group (VG):
a) mknod /dev/vg01/group c 64 0x010000
Note: the group number (last parameter) is in hexadecimal and
should be different for each volume group. For vg02, that number
would be 0x020000. The default limit is 10 volume groups as set by
the kernel parameter maxvgs.
b) vgcreate /dev/vg01 /dev/dsk/c1d0s2
Note: When a volume group is created the maximum physical
extents per volume (max_pe parameter) will be set to the max_pe
of the largest physical volume (PV) or 1016, which ever is
greater, if no max_pe is specified. The effect of not setting
the max_pe parameter would be that any PV added to the volume
group in the future regardless of there size will be limited
to the volume groug creation value of max_pe. Therefore,
consider increasing the max_pe to accommodate PV's that may
likely be larger than the largest PV used to create the Volume
Group. The formula to use to determine the value is:
physical_extent_size * max_pe = size_of_the_disk.
The default value for physical_extent_size is 4M and the maximum
value for max_pe is 65535 (example for 18 gig disk use a value
4608 for max_pe: 4M * 4608 = 18 gig).
There is also a default value of a maximum of 16 disks per volume
group. The following is an example of the creation of a volume
group modifying these two parameters (max_pe = 4608, maximum
number of disk = 24):
vgcreate -e 4608 -p 24 /dev/vg01 /dev/dsk/c1d0s2
II) How to create a Logical Volume (LV) and mount the filesystem.
1) Create the Logical Volume (LV)
lvcreate -L 120 -n lvhome /dev/vg01
Note: this will create a logical volume of 120 meg.
2) Create the filesystem
newfs -F vxfs /dev/vg01/rlvhome
Note: to create an hfs filesystem change vxfs to
hfs in the previous command.
3) Mount the Logical Volume:
a) mkdir /home
b) mount /dev/vg01/lvhome /home
III) How to add a disk to a Volume Group
Note The following examples is using the disk c1t6d0 and the volume
group vg01
1) Prepare the disk
pvcreate /dev/rdsk/c1t6d0
Note if the disk was previously used in another VG use the
following command instead:
pvcreate -f /dev/rdsk/c1t6d0
Note: Use caution when using pvcreate -f as this will
overwrite the existing volume group information on the disk.
2) Add the disk to the Volume Group
vgextend /dev/vg01 /dev/dsk/c1t6d0
IV) How to increase the size of a logical volume without online JFS
(advanced JFS).
Note: the following example is using the volume group vg01 and the
logical volume lvhome
Note: Increasing the root filesystem (/) is not feasible
1) lvextend -L 240 /dev/vg01/lvhome
The new total size will be 240M.
2) umount /home
Note: If the filesystem is in use, it is impossible to unmount it.
Therefore stop all the processes (applications) that use the
filesystem then unmount it.
Processes that use /usr and /var cannot be all stopped,
the only solution is to reboot in single user mode.
3) extendfs -F vxfs /dev/vg01/rlvhome
4) mount /dev/vg01/lvhome /home
V) How to remove a Logical Volume
Note: the following example is using the volume group vg01 and the
logical volume lvhome
1) Backup all user data
2) Umount the filesystem
umount /home
3) remove the Logical volume
lvremove /dev/vg01/lvhome
VI) How to reduce the size of a logical volume without online JFS (advanced JFS)
Note: the following example is using the volume group vg01 and the
logical volume lvhome
1) Backup all user data
2) Umount the filesystem
umount /home
3) Reduce the size
lvreduce -L 60 /dev/vg01/lvhome
Note: the new total size will be 60M.
4) Re-create the filesystem
newfs -F vxfs /dev/vg01/rlvhome
Note: to create an hfs filesystem change vxfs by
hfs in the previous command.
5) Mount the Logical Volume:
mount /dev/vg01/lvhome /home
6) Restore the user data
VII) How to remove a disk from a volume group
Note: the following example is using the disk c1t6d0 and the
volume group vg01
1) Make sure that the disk is not in use:
pvdisplay /dev/dsk/c1t6d0
Look at line starting with Allocated PE the number at the end
of the line should be 0. If it is not the disk is still in use.
2) Remove the disk
vgreduce /dev/vg01 /dev/dsk/c1t6d0
VIII) How to remove a volume group
Note: the following example is using the volume group vg01 and the
logical volume lvhome
1) Backup all user data
2) Find the name of all logical volume in this volume group
vgdisplay -v /dev/vg01
3) unmount all logical volumes
Note: repeat the following command for each logical command
umount /dev/vg01/lvhome
4) Remove the volume group:
vgexport /dev/vg01
Note: using vgexport to remove a volume group is easier
and faster than using the vgreduce on each physical volume
except the last one, followed by a vgremove. The other
advantage is that the /dev/vg01 directory is also removed.
IX) How to increase the primary swap
Note: Because of the contiguous allocation policy, create a bigger
logical volume and modify the Boot Data Reserved Area (BDRA) to make it
primary.
1) lvcreate -C y -L 240 /dev/vg00
The name of this new logical volume will be displayed on the
screen, note it, it will be needed later. (let say it
is /dev/vg00/lvol8)
Note: This new logical volume has to be in vg00
2) lvlnboot -v /dev/vg00
This will display the current root and swap volumes
Note: lvol2 is the default primary swap.
3) lvlnboot -s /dev/vg00/lvol8 /dev/vg00
Note: use the logical volume name from step 1
4) lvlnboot -R /dev/vg00
Recover any missing links to all of the logical volumes specified
in the BDRA and update the BDRA of each bootable physical volume in
the volume group
5) reboot the system
X) How to create a secondary boot disk
Note: This will create an identical copy of the current vg00. The
new volume group needs to as big as vg00. This will also be a static
version of the primary boot disk which could be use in case of
problem.
Note: The following example is using the disk c1t6d0 and the
volume group vg01
1) Initialize the disk and make it bootable
pvcreate -B /dev/rdsk/c1t6d0
Note: the -B parameter tells pvcreate that this will be a bootable
disk.
mkboot /dev/dsk/c1t6d0
mkboot -a "hpux" /dev/rdsk/c1t6d0
2) Create the volume group
mkdir /dev/vg01
mknod /dev/vg01/group c 64 0x010000
vgcreate /dev/vg01 /dev/dsk/c1t6d0
3) Find the size of each logical volume in vg00
vgdisplay -v /dev/vg00 | more
look at LV Size (Mbytes) for each logical volume and note it.
Note: this example will use these value:
lvol1 84M
lvol2 256M
lvol3 140M
lvol4 500M
lvol5 64M
lvol6 20M
lvol7 500M
lvol8 500M
Note: The size of the new logical volumes needs to be exactly the
same as the size of the logical volumes on the primary root disk.
4) Create the first 3 logical volumes contiguous (needed by the system)
lvol1:
lvcreate -L 84 -C y -r n /dev/vg01
lvol2:
lvcreate -L 256 -C y -r n /dev/vg01
lvol3:
lvcreate -L 140 -C y -r n /dev/vg01
5) Now create the other logical volumes
lvol4:
lvcreate -L 500 /dev/vg01
lvol5:
lvcreate -L 64 /dev/vg01
lvol6:
lvcreate -L 20 /dev/vg01
lvol7:
lvcreate -L 500 /dev/vg01
lvol8:
lvcreate -L 500 /dev/vg01
6) Copy each logical volume except the swap which is usually lvol2.
dd if=/dev/vg00/rlvol1 of=/dev/vg01/rlvol1 bs=1024k
dd if=/dev/vg00/rlvol3 of=/dev/vg01/rlvol3 bs=1024k
dd if=/dev/vg00/rlvol4 of=/dev/vg01/rlvol4 bs=1024k
dd if=/dev/vg00/rlvol5 of=/dev/vg01/rlvol5 bs=1024k
dd if=/dev/vg00/rlvol6 of=/dev/vg01/rlvol6 bs=1024k
dd if=/dev/vg00/rlvol7 of=/dev/vg01/rlvol7 bs=1024k
dd if=/dev/vg00/rlvol8 of=/dev/vg01/rlvol8 bs=1024k
7) Verify the integrity of all the new volume except swap.
Note: The following lines are base on a system with vxfs
filesystems except for /stand (lvol1) which needs to be hfs.
fsck -F hfs /dev/vg01/rlvol1
fsck -F vxfs /dev/vg01/rlvol3
fsck -F vxfs /dev/vg01/rlvol4
fsck -F vxfs /dev/vg01/rlvol5
fsck -F vxfs /dev/vg01/rlvol6
fsck -F vxfs /dev/vg01/rlvol7
fsck -F vxfs /dev/vg01/rlvol8
8) Now configure the Boot Data Reserved Area (BDRA)
Note: The following commands assume that /stand is lvol1,
swap is lvol2 and / is lvol3
lvlnboot -b /dev/vg01/lvol1 /dev/vg01
lvlnboot -r /dev/vg01/lvol3 /dev/vg01
lvlnboot -s /dev/vg01/lvol2 /dev/vg01
lvlnboot -d /dev/vg01/lvol2 /dev/vg01
9) Modify the fstab file on the new disk.
a) If /tmp_mnt doesn't exist create it
mkdir /tmp_mnt
b) Mount the new root filesystem on /tmp_mnt
mount /dev/vg01/lvol3 /tmp_mnt
c) change to etc directory on the new disk.
cd /tmp/etc
d) Modify all occurence of vg00 in the fstab for vg01
sed "s/vg00/vg01/" fstab > fstab.out
mv fstab fstab.BAK
mv fstab.out fstab
e) Unmount the new root filesystem
cd /
umount /tmp_mnt
XI) How to mirror a logical volume
Note: Data mirroring is provided by an additionnal purchasable
software product called MirrorDisk/UX.
Note: the following example is using the volume group vg01 and the
logical volume lvhome
To add a mirror to an existing logical volume:
lvextend -m 1 /dev/vg01/lvhome
This will add 1 mirror (2 copies of the filesystem).
To add 2 mirrors (3 copies of the filesystem) use -m 2 instead.
To create a new logical volume of 200M with 1 mirror:
lvcreate -m 1 -L 200 /dev/vg01
XII) How to unmirror a logical volume
Note: the following example is using the volume group vg01 and the
logical volume lvhome
lvreduce -m 0 /dev/vg01/lvhome
XIII) How to create a mirrored boot disk
Note the following example is using the disk c1t6d0 as the
mirrored boot disk and c0t6d0 as the boot disk.
1) Initialize the disk and make it bootable
pvcreate -B /dev/rdsk/c1t6d0
Note: the -B parameter tell pvcreate that this will be a
bootable disk.
2) Add the physical volume to the volume group
vgextend /dev/vg01 /dev/dsk/c1t6d0
3) Use mkboot to place the boot utilities in the boot area and add
the AUTO file.
mkboot /dev/dsk/c1t6d0
mkboot -a "hpux -lq" /dev/rdsk/c1t6d0
4) Use mkboot to update the AUTO file on the primary boot
disk.
mkboot -a "hpux -lq" /dev/rdsk/c0t6d0
5) Mirror the stand, root and swap logical volumes
lvextend -m 1 /dev/vg00/lvol1
lvextend -m 1 /dev/vg00/lvol2
lvextend -m 1 /dev/vg00/lvol3
Note: LVM will resynchronize the new mirror copies. This step will
takes several minutes
Repeat the lvextend for all other logical volumes on the boot
mirror.
6) Modify your alternate boot path to point to the mirror copy of the
boot disk.
setboot -a 8/8.6.0 # Use the Hardware path for your new
boot disk.
XIV) How to mirror a logical volume on a specific physical volume
Note: the following example, is using the disk c1t6d0 for the
primary copy, c2t6d0 for the mirror copy, the volume group vg01,
the logical volume lvhome and the size will be 200M
lvcreate -n lvhome /dev/vg01
lvextend -L 200 /dev/vg01/lvhome /dev/dsk/c1t6d0
lvextend -m 1 /dev/vg01/lvhome /dev/dsk/c2t6d0
XV) How to create a Physical Volume Group (PVG)
create a file named /etc/lvmpvg with the following syntax:
VG vg_name
PVG pvg_name
pv_path
...
PVG pvg_name
pv_path
...
VG vg_name
PVG pvg_name
pv_path
...
For example, to use two PVGs in vg01 with c1t6d0 and c2t6d0
in one PVG (PVG0), c3t6d0 and c4t6d0 in the other PVG (PVG1) the
contents of the file (/etc/lvmpvg) should be:
VG /dev/vg01
PVG PVG0
/dev/dsk/c1t6d0
/dev/dsk/c2t6d0
PVG PVG1
/dev/dsk/c3t6d0
/dev/dsk/c4t6d0
XVI) How to use PVG to mirror logical volumes on specific physical volumes.
Note: in the following text, the volume group will be vg01 and the
logical volume will be name lvhome
After creating the /etc/lvmpvg file as describe above, each copy
of your mirror could be force on different PVG. To achieve this if
the logical volume is already created but not mirrored yet, use the
following command:
lvchange -s g /dev/vg01/lvhome
lvextend -m 1 /dev/vg01/lvhome
If the logical volume is not created yet:
lvcreate -s g -m 1 -n lvhome -L 200 /dev/vg01
Index:
Regular tasks
I) How to create a Volume Group (VG).
II) How to create a Logical Volume (LV) and mount the filesystem.
III) How to add a disk to a Volume Group
IV) How to increase the size of a logical volume without OnlineJFS
(advanced JFS)
V) How to remove a Logical Volume
VI) How to reduce the size of a logical volume without OnlineJFS
(advanced JFS)
VII) How to remove a disk from a volume group
VIII) How to remove a volume group
IX) How to increase the primary swap
X) How to create a secondary boot disk
LVM Mirroring
XI) How to mirror a logical volume
XII) How to unmirror a logical volume
XIII) How to create a mirrored boot disk
XIV) How to mirror a logical volume on a specific physical volume
Physical Volume Group
XV) How to create a Physical Volume Group (PVG)
XVI) How to use PVG to mirror logical volumes on specific physical
volumes.
HPUX: build a kernel via the command line
CONFIGURATION: Operating System - HP-UX Version - 10.X, 11.X Hardware System - HP 9000 Series - N/A RESOLUTION 10.X:
1. Change directories to /stand/build.
cd /stand/build
2. Create a new system file from the running kernel.
/usr/lbin/sysadm/system_prep -s /stand/build/system
3. Update the system file with the planned changes using
vi /stand/build/system or kmtune(1m).
Example setting nproc tunable to 400:
kmtune -s nproc=400 -S /stand/build/system
4. Build the new kernel.
/usr/sbin/mk_kernel -s /stand/build/system
5. Move the old system and vmunix files so if anything goes wrong, the system can be booted from the old kernel.
mv /stand/system /stand/system.prev
mv /stand/build/system /stand/system
mv /stand/vmunix /stand/vmunix.prev
mv /stand/build/vmunix_test /stand/vmunix
6. Reboot the system off the new kernel.
shutdown -r
11.X:
1. Change directories to /stand/build.
cd /stand/build
2. Create a new system file from the running kernel.
/usr/lbin/sysadm/system_prep -s /stand/build/system
3. Edit the kernel with the planned changes.
vi /stand/build/system
4. Build the new kernel.
/usr/sbin/mk_kernel -s /stand/build/system
5. Move the old system and vmunix files so if anything goes wrong, the system can be booted from the old kernel.
mv /stand/system /stand/system.prev
6. Move the new system file and new kernel into place, ready to be used when rebooting the system.
mv /stand/build/system /stand/system
kmupdate /stand/build/vmunix_test
NOTE: The kmupdate command will move the /stand/vmunix kernel to /stand/vmunix.prev and the newly created kernel to /stand/vmunix as part of the shutdown process.
7. Reboot the system off the new kernel.
shutdown -r
More information is available in the HP-UX System Administration Tasks manual. man manuals will give you ordering information and part numbers.
Most HP documentation is avaialable online at: http://www.docs.hp.com
I Forgot the Root Password
Originally prepared by Peggy Bruehl
The following info was collected from a variety of sources including HP-UX Manuals, and the hpux-admin mailing list.
If you have forgotten the root password on you HP Workstation, you must go through the following steps:
Ask all other users to log off the workstation.
Type the command sync four times to clear the buffer cache.
If you have installed sudo, or if you have enabled a user other than root to reboot the machine, reboot your workstation.
If you can not reboot the machine, press the reset button to force a reboot. Don't press the reset button unless you can't get the machine to reboot any other way.
During the reboot, press the ESC key to interrupt the reboot.
This will bring you to the BOOT_ADMIN prompt. From here, boot to the ISL with the command boot scsi.X.0 isl where scsi.X.0 is the SCSI address of your internal disk drive. (To find that address, use the path command at the BOOT_ADMIN prompt.)
Now you are at the ISL prompt. Boot up into single user mode with the command hpux -is (or if you are still running 9.X use the command hpux -is boot disk(scsi.X;0)/hp-ux, where again scsi.X.0 is the SCSI address of your internal disk drive.)
After the machine has come up in single user mode, you can try to set the root password by running the passwd command. If the program will run, you can enter the new password now. Reboot again (command reboot) and you are done.
If the passwd program will not run in the single user mode, manually edit the /etc/passwd file (be careful!) and take out the root password (second field), leaving the 2 colons side by side.
Now, quickly reboot the machine (reboot) and log in as root. No password is required. Immediately run the passwd command and set a password for root.
It's important to minimize the time between removing the root password from the /etc/passwd file and resetting the password with the passwd command.
During this time, your system is wide open.
C'est Quoi le LOADAVG ???
The general concensus was that the load average was for all CPUs.
Basically that is the average number of processes waiting for te
entire system (independent of the number of CPUs in the system).
As a rule of thumb you could consider a load of 1 on a single CPU
server the same as a load of 4 on a 4 CPU server. (euhh, à vérifier :) )
Also it was pointed out that the load average will mean different
things depening on what kind of work the server is doing.
SSH: Authentication with PublicKeys
publiques.
Les avantages tirés sont pluriel:
- Evite la propagation des mots de passe ( celui de root en particulier ),
- Evite l'utilisation d'un mot de passe trop simple, souvent utilisé pour ne pas l'oublier, et car les connexions sont nombreuses dans une journée,
- Ajoute une granularité dans la mise en place de la sécurité,
- Facilite le travail quotidien, par des connexions plus rapides.
Création des paires de clef privée/publiques cliente.
Les clef sont crée avec la commande `ssh-keygen', il vous sera demander un nom
de fichier, acceptez celui par défaut, puis une pass-phrase (Le mot de passe),
veillez à en choisir un assé long, une phrase serait l'idéal.
$ ssh-keygen -t rsa1 # SSH1
$ ssh-keygen -t rsa # SSH2
$ ssh-keygen -t dsa # SSH2
L'agent ssh
Maintenant pour éviter d'avoir à taper notre passphrase à chaque connexion,
nous allons utiliser la commande `ssh-agent'. Grâce à lui, nous n'aurons qu'à
taper notre passphrase qu'une fois au début de la journée:
$ eval $(ssh-agent)
Agent pid 2592
puis il nous faut ajouter nos clef.
Rem: si vous avez choisi la même passphrase pour toutes les trois clef, elle
ne vous sera demandée qu'une seulle fois:
$ ssh-add
Enter passphrase for ~/.ssh/id_rsa:
Identity added: ~/.ssh/id_rsa (~/.ssh/id_rsa)
Identity added: ~/.ssh/id_dsa (~/.ssh/id_dsa)
Identity added: ~/.ssh/identity (Philippe@MyHost)
On peut verifier qu'elles ont bien été prises en compte:
$ ssh-add -l
2048 9a:08:b9:b8:e6:25:bd:6c:4e:8c:25:13:2e:36:62:97 Philippe@MyHost (RSA1)
2048 5b:7f:cd:96:2c:f4:41:66:1a:83:4b:ff:ad:89:85:42 ~/.ssh/id_rsa (RSA)
2048 9a:e0:e3:af:b8:65:a1:c6:06:2c:80:8e:8a:1a:c9:30 ~/.ssh/id_dsa (DSA)
Coté client c'est Fait.
Coté serveur
passons sur l'installation du serveur ssh, et concentrons nous sur le
spécifique pour accepter l'Authentification par Clef publiques.
La configuration du serveur:
Les options suivante doivent être présentes dans le fichier de conf :
/opt/ssh/etc/sshd_config:
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
StrictModes no # Si les droits sur le $HOME ne sont pas 0700
puis pour recharger la config :
$ kill -1 $(cat /var/run/sshd.pid)
Ajout des clef.
Pour que la connexion soit possible, il nous faut rajouter la(les) clef
publique dans le fichier d'authorization:
Après avoir copié sur le serveur la clef publique (DSA):
$ cat id_dsa.pub >>$HOME/.ssh/authorized_keys
Test de connexion
$ ssh unix@support
MyHost [HP Release B.11.00]
Last successful login for unix: Tue Sep 20 15:12:54 MET-1METDST 2005 on pts/43
Last unsuccessful login for unix: Tue Sep 20 09:58:07 MET-1METDST 2005 on pts/tp
Last login: Mon Aug 29 20:19:36 2005 from otherhost
You have mail.
Dans les logs:
Sep 20 15:17:32 myhost sshd[24103]: Accepted publickey for unix from 192.168.1.2 port 3546 ssh2
Attacher un fichier Image ISO
$ mount -F cdfs -o cdcase
ou
$ mount -F cdfs
Attacher un fichier Image ISO:
$ nohup /usr/sbin/pfs_mountd&
$ nohup /usr/sbin/pfsd&
$ /usr/sbin/pfs_mount -t iso9660 -x unix /images/cd.iso /mnt
ou
$ /usr/sbin/pfs_mount -t iso9660 /images/cd.iso /mnt