Thursday, August 2, 2007

Debug Checkpoint

For enabling somes debug:

On the Management server run this command:

fw debug fwm on TDERROR_ALL_ALL=3

and install the policy, in the install window you will see detailed installation messages, read the last part to see the reason for failing to install and at what stage it happened. To turn off debug use:

fw debug fwm off TDERROR_ALL_ALL=0

Run the following debug command on the module console:

fw debug fwd on TDERROR_ALL_ALL=3

fw fetch ip_of_management

To turn off debugging run the command:
fw debug fwd off TDERROR_ALL_ALL=0

Send the cpd.elg file from firewall and fwm.elg file from mgmt to the support.
cpd.elg dile is located under $CPDIR/log on the firewall and mgmt station $FWDIR/log where the fwm.elg

Monday, July 30, 2007

Linux Disc Duplication

Linux System Duplication

Andrew McGill, ledge.co.za

Revision 0.3; $Id: systemduplication.sgml,v 1.10 2006/11/16 07:58:08 andrewm Exp $

Step by step instructions for duplicating a Linux system by copying the files from one hard disk to another.

1. Introduction

You may need to duplicate your Linux system onto another hard disk for any number of reasons, including:

You have just replaced your hard disk with a newer, bigger or more reliable one
You have a new computer
You tried it with Ghost, and it messed up. You would like to mess it up yourself.
You want to change the filesystem type you are using (e.g. reiserfs to ext3fs)

1.1 Assumptions

The following assumptions have been used in this document to simpify things (for the author, and not so much for the reader):

The original, working system resides on a single IDE disk (e.g. hda)
A second disk is available for copying the system to (e.g. hdc)
You can type commands fairly accurately (no dyslexia)
You can think and adapt if your system is a little different
You want to duplicate your system

1.2 Introduction to the method

Do some research (mount; fdisk -p /dev/hda)
Set up second system's drive on /dev/hdc
Create similar partitions on the new disk hdc (fdisk /dev/hdc)
Format the new partitions (mke2fs / mkreiserfs / mkswap /dev/hdc99)
Mount the new disk on /mnt (mount /dev/hdc3 /mnt) and create mount directories in /mnt and mount the new file systems there
Copy the files (cp -vax /. /mnt ... or something similar) (don't try cp -vax /* /mnt - it's not the same)
Shutdown the system
Install the hard disk (hdc) in a new system (it won't work yet)
Boot the new system using a rescue disk (or something)
Run lilo, reboot and test

1.3 Disclaimer

You will destroy your data. Don't blame me.

2. Research

Short version: Make notes of the partitions on your existing disk

Before you can copy a system, you need to know how big the various partitions are. Write down the output of one of the commands below. (fdisk is more useful if your new disk is the same as the old, and df is more useful at other times). The output of grep will show where your partitions should be mounted.

fdisk -p /dev/hda
df -hl
mount
grep hd /etc/fstab

You may have a disk with SCSI or SATA drives. In this case the drives are named /dev/sda, /dev/sdb etc, and the partitions are named /dev/sda1, /dev/sda2, /dev/sda3, etc.

On my system with a 12G drive, the output looks like this:

tonto:~ # fdisk -l /dev/hda

Disk /dev/hda: 255 heads, 63 sectors, 1467 cylinders
Units = cylinders of 16065 * 512 bytes

  Device Boot Start   End   Blocks   Id  System
/dev/hda1   *      1   255  2048256    c  Win95 FAT32
/dev/hda2        256   264    72292+  82  Linux swap
/dev/hda3        265   776  4112640   83  Linux
/dev/hda4        777  1467  5550457+   5  Extended
/dev/hda5        777   777     8001   83  Linux
/dev/hda6        778  1467  5542393+  83  Linux

tonto:~ # df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/hda3             3.9G  3.7G  262M  94% /
/dev/hda5             7.6M  5.7M  1.5M  79% /boot
/dev/hda6             5.3G  4.7G  700M  88% /data
shmfs                  58M     0   57M   0% /dev/shm
/dev/hda1             1.9G  1.6G  399M  80% /windows/C

tonto:~ # mount

/dev/hda3 on / type reiserfs (rw)
proc on /proc type proc (rw)
devpts on /dev/pts type devpts (rw,mode=0620,gid=5)
/dev/hda5 on /boot type ext2 (rw)
/dev/hda6 on /data type reiserfs (rw)
shmfs on /dev/shm type shm (rw)
usbdevfs on /proc/bus/usb type usbdevfs (rw)
/dev/hda1 on /windows/C type vfat (rw,noexec)

tonto:~ # grep hd /etc/fstab

/dev/hda1       /windows/C      vfat    noauto,user 0 0
/dev/hda5       /boot   ext2    defaults 1 2
/dev/hda2       swap    swap    defaults 0 2
/dev/hda3       /       reiserfs        defaults 1 1
/dev/hda6       /data   reiserfs        defaults 1 1

(it's a wonderfully bad example, since it includes a Windows filesystem). The thing to take note of is the size of the partitions (how many megabytes M or gigabytes G) and their locations. You will be creating identical partitions on your new disk.

3. Playing with hardware I

Short version: Plug in new hard disk into old machine

This howto works on the assumption that your system is configured something like the following: (or that you are smart enough to figure out what to do)

Primary IDE channel:   Master : /dev/hda    Original system
                      Slave  : /dev/hdb    CDROM or unused
Secondary IDE channel: Master : /dev/hdc    Duplicate system
                      Slave  : /dev/hdd    Unused

If you plug the duplicate hard disk into /dev/hdb instead of /dev/hdc, then you will need to set the jumpers on the hard disk for it to act as a "Slave" and not as a "Master". Copying data between disks on separate interfaces could make things work a little faster though.

4. Create similar partitions

Short version: fdisk /dev/hdc; (d)elete existing partitions and make (n)ew paritions using (t)ype 82 and 83.

Fdisk is a tool that edits the first part of the disk, which is called the partition table. This determines how the space on the disk is allocated.

The resources for using fdisk are the fdisk man page, and the output of the help command when you run fdisk:

man fdisk
fdisk /dev/hdc
Command (m for help): m

Here's the procedure:

Make sure you are using the correct disk (/dev/hdc, not /dev/hda)
```
fdisk /dev/hdc
```
Test how to escape - press Ctrl+C to stop fiddling the partition table.
Delete the existing partitions
```
p               # Print the existing partition table
d               # Delete a partition
```
You may have to delete the `logical' partitions before you delete the extended partition

Create new partitions of the correct sizes. Use the same numbers as before. To create partitions with a number greater than 4, create an extended partition, and then create additional "logical" partitions.

n               # new partition
Command (m for help): n
Command action
  l   logical (5 or over)
  p   primary partition (1-4)
p               # primary partition
Partition number (1-4): 1
First cylinder (1-1467, default 1): 1
Last cylinder or +size or +sizeM or +sizeK
  (1-255, default 255): 255

Set the type of the new partitions you have created. For Linux partitions, you will want to set the type to Linux (83) for the data partitions, and to Linux swap (82) for the swap partition(s).
```
Command (m for help): t
Partition number (1-6): 1
Hex code (type L to list codes): 83
Changed system type of partition 1 to 83 (Linux)
```
Have a look at the new partition table (it should look something like the one on the original disk)
```
p
```
If you are happy with what you see, write it to the disk:
```
w
```
If fdisk complains that it cannot convince the kernel to reload the new partition table, you will have to reboot the system. This is normally a bad sign though, because there is no reason you will see this on an unused disk:
```
Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error
16: Device or resource busy.  The kernel still uses the
old table.  The new table will be used at the next reboot.

Syncing disks.
```
If you inadvertently overwrote your original system's partition table, you should be able to recover by using the tool gpart (guess partitions) which is found on most rescue disks. Alternatively you can simply re-enter the same partition information as you had previously. Note that some systems have a menu driven program called cfdisk. If you like menu driven programs, you can give it a try, but don't blame me. When all is done, if it is done correctly, then these commands should produce similar output:
```
fdisk -p /dev/hda
fdisk -p /dev/hdc
```

5. Format the new partitions

Short version: mke2fs or mkreiserfs and mkswap

If the output of

grep hd /etc/fdtab

looks like this:

/dev/hda1       /windows/C      vfat    noauto,user 0 0
/dev/hda5       /boot   ext2    defaults 1 2
/dev/hda2       swap    swap    defaults 0 2
/dev/hda3       /       reiserfs        defaults 1 1
/dev/hda6       /data   reiserfs        defaults 1 1

Then these are the commands that you will use to `format' the new partitions: There is an IMPORTANT change here! All of the partitions are being created on the NEW drive /dev/hdc, not on the old drive. Don't get it wrong, or you will delete the system you are trying to duplicate.

mkfs.ext2 /dev/hdc4
mkswap /dev/hdc2
mkfs.reiserfs /dev/hdc3
mkfs.reiserfs /dev/hdc6

There is also mkfs.ext3 which makes ext3 format filesystems.

We won't need the Windows partion on the new system :) ... but if we did for some reason, it would be safer to get Windows to do it with its own format command.

6. Mount partitions

Mount the root partition of the new system on the /mnt point:

mount /dev/hdc3 /mnt

Create directories in this system for each of the mount points it will use. On my system, this means three directories (although you probably won't have all of these)

mkdir -p /mnt/boot
mkdir -p /mnt/windows/C
mkdir -p /mnt/data

Now mount the partitions on the directory mount points you have made:

mount /dev/hdc5 /mnt/boot
mount /dev/hdc3 /mnt/
mount /dev/hdc6 /mnt/data

Check your work. The output of `mount' should show similar entries for /dev/hda (point points based at /) and /dev/hdc (based at /mnt/).

7. Copy files

For each partition, copy all the files (see GOTCHA in endnotes). The copy command make exact(ish) archive (-a) copies, has a handy verbose mode (-v), and a `don't cross filesystems' option (-x), which we will use. Copy each of the partitions from the old system to the new system:

cp -vax /boot/.  /mnt/boot
cp -vax /. /mnt
cp -vax /data/. /mnt/data

Alternatively, you can use tar to do the same thing. This is a better idea if you have sparse files (but if you are reading this howto, you might not know what those are...)

cd /
tar clS / /data /boot | tar xv -C /mnt

You have to specify each mount point, since the `l' option above tells tar not to cross between file-systems (similar to the `-x' option in cp).

Did I mention that if you have a database server or a mail server running you should stop it during the time that you copy its files? If you fail to do this on a relatively busy server, you may copy files which are in a particularly nonsensical state which they pass though during updates.

To be (relatively) sure that the data has been copied to the disk:

sync

That's it. Well, almost.

7.1 If you changed device names and file systems ...

You're one of those people who is doing this whole thing because you're migrating from ext3 to jfs (crazy!), from SCSI to IDE, and now suddenly your system doesn't boot because of kernel panics or something similar.

You need to edit files:

vi /mnt/etc/fstab -- edit the filesystem table that says which devices should be put where.
vi /mnt/etc/lilo -- if your system is using LILO to boot, then make sure that the line root=/dev/sda8 points to the device your main partition (/.) is on. If you've changed filesystem types, then reiserfs may change to ext2 and jfs so that the device names correspond again with the partition types they contain. After changing this file, run chroot /mnt and lilo again as described above.
vi /mnt/boot/grub/menu.lst -- if you're using GRUB as your boot loader, then this is where you need to change your device names.

If you're a little in the dark about vi, here's a three point tutorial:

Press i to insert, and Escape when you're finished inserting.
Type ZZ (capitals) to save and exit, or ZQ to exit without saving.
If in doubt, quit vi and run the command vimtutor to learn how to do it.

7.2 If you changed your disk controller ...

If you are using a different disk controller on the target system (e.g. sata_nv to piix), for most distributions, you will have to make a new initial root disk, using the mkinitrd command. If you need to do this and you don't do this, you will get a kernel panic "cannot mount root filesystem".

You need to:

Find out which module(s) the disk requires
Tell mkinitrd to include it (or them)
Run mkinitrd on the target system to make a new initrd file for booting.

To find out which module to use, run lspci and lsmod. As the kernel becomes more and more modular, it becomes harder to know which is your disk controller module. You can use modinfo piix to see what a module says about itself:

modinfo piix
 filename:       /lib/modules/2.6.15-23-386/kernel/drivers/ide/pci/piix.ko
 author:         Andre Hedrick, Andrzej Krzysztofowicz
 description:    PCI driver module for Intel PIIX IDE
 license:        GPL
 vermagic:       2.6.15-23-386 preempt 486 gcc-4.0

If you don't know, guess. It can't hurt that much.

Now tell mkinitrd to include the module:

Debian/Ubuntu: vi /etc/mkinitrd/modules, then run update-initrd.
SuSE: vi /etc/sysconfig/kernel, then run mkinitrd.
Redhat ... erk ... suggestions welcome

8. Playing with hardware II

Now you have to get the new system to be bootable.

8.1 Method 1 (easy) (using rescue disk)

Shutdown the original system.
Remove the duplicate hard disk.
Put the duplicate disk in the new system.
Boot up the duplicate system using the rescue disk or rescue boot option provided by your Linux distribution. This should dump you at a shell prompt.
Mount the root partition:
```
mount /dev/hda3 /mnt
```
Enter the new system, mount additional filesystems (e.g. /boot), and run lilo to make the system bootable.
```
chroot /mnt
mount -a
lilo
```
If you are using the GRUB boot loader, then instead of lilo, you type grub-install /dev/hda to install GRUB on the MBR.
On some distributions, grub-install is broken. For these you have to ...
```
grub
 root (hd0,0)     # assuming /boot is /dev/hda1
 setup (hd0)
 quit
```
Now you can exit and shutdown:
```
umount -a
sync
exit
umount /mnt
reboot
```

Remove the disk and reboot. The system should boot as a duplicate.

8.2 Method 2 (best for GRUB) (hard, but you don't need a rescue disk)

If your system boots with GRUB, you can set up the second disk to be ready to boot when it becomes the first disk:

Boot up the original system with the duplicate hard disk in (probably you are here already)
Chroot into the new system.
Lie to GRUB about where its hard disks are
Install GRUB (on the second disk)
Tell GRUB the truth again for posterity

Here's the detail:

Mount the duplicated root partition:
```
mount /dev/hdc3 /mnt
```
Chroot into the new system, mount additional filesystems (e.g. /boot):
```
chroot /mnt
mount -a
```
Now edit /boot/grub/device.map, and tell it that the first disk is your duplicate disk (/dev/hdc):
```
cd /boot/grub
cp device.map device.map.foo
vi device.map.foo
```
Change the contents of device.map from this ...
```
(hd0)   /dev/hda
```
... to this...
```
(hd0)   /dev/hdc
```
Now, tell GRUB to install itself. GRUB's device naming is funny, but you have to give the partition number-1. If your duplicated root partition is /dev/hdc7, then the name to give GRUB is (hd0,6). Here's how you run grub and get it to install: you start GRUB, using the device map file that says what the BIOS drive number will be after we swap the disks ...
```
grub --device-map=device-map.foo
root (hd0,6)
setup (hd0)
quit
```

I think that's it. Now swop the disks, and boot up the duplicate system.

8.3 Method 3 (best for LILO) (hard, but you don't need a rescue disk)

If your system boots with LILO, you can set up the second disk to be ready to boot when it becomes the first disk:

Boot up the original system with the duplicate hard disk in (probably you are here already)
Chroot into the new system.
Lie to LILO about where its hard disks are
Install LILO (on the second disk)
Tell LILO the truth again for posterity

Here's the detail:

Mount the duplicated root partition:
```
mount /dev/hdc3 /mnt
```
Chroot into the new system, mount additional filesystems (e.g. /boot):
```
chroot /mnt
mount -a
```
Now edit /etc/lilo.conf, and tell it that the first disk is your duplicate disk (/dev/hdc). You need to add this data:
```
disk=/dev/hdc
 bios=0x80
disk=/dev/hda
 bios=0x80
```
Now, tell LILO to install itself on the new hard disk.
```
lilo -b /dev/hdc
```

I think that's it. Now swop the disks, and boot up the duplicate system. You may want to remove the modifications from lilo.conf on the new disk, but you could happily leave them there too.

8.4 Method 4 (easier, but more likely to fail) (actually, 100% likely)

This method involves booting up off a floppy disk. The only problem is that you cannot use an initial root disk (initrd), which may make scsi and reiserfs and ext3 systems fail. Actually, it's not very likely to work at all Actually, it's not very likely to work at all. It won't work. Do this if you're desparate.

Create a boot disk containing the Linux kernel:

dd if=/boot/vmlinuz of=/dev/fd0 bs=18k

Set the root partition

rdev /dev/fd0 /dev/hda3

Shutdown the original system.
Remove the duplicate hard disk.
Put the duplicate disk in the new system.
Boot up the duplicate system using the kernel disk you made.
It should boot as a duplicate of the original system.
Login as root and install lilo:
```
lilo
```

The system should now be bootable. If it is not, you can repeat this step.

9. History

Version 0.1: Thanks to Brett Geer for pointing out that cp -vax /* /mnt is wrong. That was not pretty.

Version 0.2: Added some GRUB data ... and a bit of fstab and menu.lst notes.

Did I mention you will destroy your data?

Someone from Spain says there's a "mistake mounting partitions", but didn't elaborate. So be careful there.

Gotcha: Newer systems may mount a temporary filesystem over /dev for devfs or udev. This causes cp -a to be incomplete, and the result is an unbootable system (missing /dev/console). To avoid this, the root filesystem of the source must be remounted somewhere where the real contents of /dev are not hidden. That's a TODO.

Tuesday, June 26, 2007

Oracle: Making system view

After recently creating a database manually, you must run somme scripts, there is the listing:

A must need: Creating the Data Dictionary Scripts

Script Name Needed For Description

Script Name	Needed For	Description
`catalog.sql`	All databases	Creates the data dictionary and public synonyms for many of its views Grants `PUBLIC` access to the synonyms
`catproc.sql`	All databases	Runs all scripts required for, or used with PL/SQL
`catclust.sql`	Real Application Clusters	Creates Real Application Clusters data dictionary views

catalog.sql

All databases

Creates the data dictionary and public synonyms for many of its views

Grants PUBLIC access to the synonyms

catproc.sql

All databases

Runs all scripts required for, or used with PL/SQL

catclust.sql

Real Application Clusters

Creates Real Application Clusters data dictionary views

An optionnal need: Additional Data Dictionary Structures

`catblock.sql`	Performance management	`SYS`	Creates views that can dynamically display lock dependency graphs
`catexp7.sql`	Exporting data to Oracle7	`SYS`	Creates the dictionary views needed for the Oracle7 Export utility to export data from the Oracle Database in Oracle7 Export file format
`caths.sql`	Heterogeneous Services	`SYS`	Installs packages for administering heterogeneous services
`catio.sql`	Performance management	`SYS`	Allows I/O to be traced on a table-by-table basis
`catoctk.sql`	Security	`SYS`	Creates the Oracle Cryptographic Toolkit package
`catqueue.sql`	Advanced Queuing		Creates the dictionary objects required for Advanced Queuing
`catrep.sql`	Oracle Replication	`SYS`	Runs all SQL scripts for enabling database replication
`catrman.sql`	Recovery Manager	`RMAN` or any user with `GRANT_RECOVERY_CATALOG_OWNER` role	Creates recovery manager tables and views (schema) to establish an external recovery catalog for the backup, restore, and recovery functionality provided by the Recovery Manager (RMAN) utility
`dbmsiotc.sql`	Storage management	Any user	Analyzes chained rows in index-organized tables
`dbmspool.sql`	Performance management	`SYS` or `SYSDBA`	Enables DBA to lock PL/SQL packages, SQL statements, and triggers into the shared pool
`userlock.sql`	Concurrency control	`SYS` or `SYSDBA`	Provides a facility for user-named locks that can be used in a local or clustered environment to aid in sequencing application actions
`utlbstat.sql` and `utlestat.sql`	Performance monitoring	`SYS`	Respectively start and stop collecting performance tuning statistics
`utlchn1.sql`	Storage management	Any user	For use with the Oracle Database. Creates tables for storing the output of the `ANALYZE` command with the `CHAINED ROWS` option. Can handle both physical and logical rowids.
`utlconst.sql`	Year 2000 compliance	Any user	Provides functions to validate that `CHECK` constraints on date columns are year 2000 compliant
`utldtree.sql`	Metadata management	Any user	Creates tables and views that show dependencies between objects
`utlexpt1.sql`	Constraints	Any user	For use with the Oracle Database. Creates the default table (`EXCEPTIONS`) for storing exceptions from enabling constraints. Can handle both physical and logical rowids.
`utlip.sql`	PL/SQL	`SYS`	Used primarily for upgrade and downgrade operations. It invalidates all existing PL/SQL modules by altering certain dictionary tables so that subsequent recompilations will occur in the format required by the database. It also reloads the packages `STANDARD` and `DBMS_STANDARD`, which are necessary for any PL/SQL compilations.
`utlirp.sql`	PL/SQL	`SYS`	Used to change from 32-bit to 64-bit word size or vice versa. This script recompiles existing PL/SQL modules in the format required by the new database. It first alters some data dictionary tables. Then it reloads the packages `STANDARD` and `DBMS_STANDARD`, which are necessary for using PL/SQL. Finally, it triggers a recompilation of all PL/SQL modules, such as packages, procedures, and types.
`utllockt.sql`	Performance monitoring	`SYS` or `SYSDBA`	Displays a lock wait-for graph, in tree structure format
`utlpwdmg.sql`	Security	`SYS` or `SYSDBA`	Creates PL/SQL functions for default password complexity verification. Sets the default password profile parameters and enables password management features.
`utlrp.sql`	PL/SQL	`SYS`	Recompiles all existing PL/SQL modules that were previously in an `INVALID` state, such as packages, procedures, and types.
`utlsampl.sql`	Examples	`SYS` or any user with DBA role	Creates sample tables, such as `emp` and `dept`, and users, such as `scott`
`utlscln.sql`	Oracle Replication	Any user	Copies a snapshot schema from another snapshot site
`utltkprf.sql`	Performance management	`SYS`	Creates the TKPROFER role to allow the TKPROF profiling utility to be run by non-DBA users
`utlvalid.sql`	Partitioned tables	Any user	Creates tables required for storing output of `ANALYZE TABLE ...VALIDATE STRUCTURE` of a partitioned table
`utlxplan.sql`	Performance management	Any user	Creates the table `PLAN_TABLE`, which holds output from the `EXPLAIN PLAN` statement

and the no-scripts, used to remove dictionary information for various optional services or components.

The NO Scripts:

`catnoadt.sql`	Objects	`SYS`	Drops views and synonyms on dictionary metadata that relate to object types
`catnoaud.sql`	Security	`SYS`	Drops views and synonyms on auditing metadata
`catnohs.sql`	Heterogeneous Services	`SYS`	Removes Heterogeneous Services dictionary metadata
`catnoprt.sql`	Partitioning	`SYS`	Drops views and synonyms on dictionary metadata that relate to partitioned tables and indexes
`catnoque.sql`	Advanced Queuing	`SYS`	Removes Advanced Queuing dictionary metadata
`catnormn.sql`	Recovery Manager	Owner of recovery catalog	Removes recovery catalog schema
`catnosvm.sql`	Server Manager	`SYS`	Removes Oracle7 Server Manager views and synonyms
`catnsnmp.sql`	Distributed management	`SYS`	Drops the DBSNMP user and SNMPAGENT role

The upgrades scripts:

`catdwgrd.sql`	Downgrading	Provides a direct downgrade path from the new Oracle Database 10g release
`catupgrd.sql`	Upgrading	Provides a direct upgrade path to the new Oracle Database 10g release
`utlu102i.SQL`	Pre-Upgrade Information	Analyzes the database to be upgraded, detailing requirements and issues for the upgrade to release 10.2
`utlu102s.SQL`	Post-Upgrade Status	Displays the component upgrade status after an upgrade to release 10.2

The Java Script are useful only if the JServer option is installed.

`initjvm.sql`	Initializes JServer by installing core Java class libraries and Oracle-specific Java classes
`rmjvm.sql`	Removes all elements of the JServer
`catjava.sql`	Installs Java-related packages and classes

Thursday, April 26, 2007

Suppression d'un fichier avec des caractères spéciaux

Comment supprimer un fichier en ligne de commande qui contient des caractères spéciaux ?

Ci dessous plusieurs solutions, une interactive puis une autre avec les inodes.

Exemple:

$ ll ftp*
-rw-r--r-- 1 root sys 0 Apr 26 10:13 ftp.txt
-rw-r--r-- 1 root sys 0 Apr 26 10:13 ftp??

$ rm ftp^A^?\?
rm: cannot lstat `ftp\001\177?': No such file or directory
[Exit 1 ]

-1- Suppression Interactive

Avec un rm -i * on force la demande de suppression:

$ rm -i ftp*
rm: remove regular empty file `ftp.txt'? n
rm: remove regular empty file `ftp\177?'? y

-2- Avec le listing des inodes

$ ll -i ftp*
206 -rw-r--r-- 1 root sys 0 Apr 26 10:13 ftp.txt
205 -rw-r--r-- 1 root sys 0 Apr 26 10:13 ftp??

$ find . -xdev -type f -inum 205 -ls
205 0 -rw-r--r-- 1 root sys 0 Apr 26 10:13 ./ftp\177?

On force la suppression du fichier qui a l'inode numéro 205

$ find . -xdev -type f -inum 205 -exec rm -f {} \;

Wednesday, April 18, 2007

HPUX: Tips Gestion des Packages

Installer un package en ligne

swinstall -v -x allow_multiple_versions=true -x verbose=1 -x mount_all_filesystems=false -s "$depot" "$name"

ou $depot => xpm-3.4k-hppa-11.00.depot
et $name => xpm

Enlever un package récalcitrant

- swremove to remove package in swlist's host system
- stop/start of swagentd
- enforce_dependencies=false in swremove option while removing from depot.

Lister les programmes installé: swlist

Liste des produits:
$ swlist -l product

Liste des fileset:
$ swlist -l fileset

Liste des depot:
$ swlist -l depot
$ swlist -s mmstyy00:/

List all products with revision and description for each:
$ swlist all product | more

List all filesets which have a state other than configured:
$ swlist all fileset a state | grep -v -e '^#' -e configured

List all patches in the depot /var/MyDepot on the system grendel:
$ swlist -d -l product *,c=patch @ grendel:/var/MyDepot

List the filesets modified by installed patch PHSS_8675
$ swlist -a ancestor PHSS_8675

List all of the files delivered within patch PHCO_12140 after downloading from the ITRC:
$ swlist -d -l file @ /tmp/PHCO_12140.depot

List all the files delivered within product:
$ swlist -l file HP-APA-KRN

List all patches that have modified the LVM product
$ swlist -l patch LVM

Display the documentation for all patches containing critical functionality
$ swlist -a readme -l product *,c=critical

List all category tags defined in the depot /var/MyDepot on the system grendel
$ swlist -d -l category @ grendel:/var/MyDepot

Lire le Readme d'un package

swlist -s mmsdyy00:/SD_CDROM -a readme J5316AA

Commit patches

Efface la sauvegarde faite dans "/var/adm/sw/save/"
$ swmodify -x patch_commit=true '*.*'

Création

Créer un .depot

$ swpackage -x target_type=tape -s \* @ /tmp/isee_customise.depot
$ swpackage -x target_type=tape -s NomPackage @ /tmp/NomPackage.depot

Enregistrer le depot

$ swreg -l depot

*Supprimer l'accés distant
$ swreg -u -l depot

Préparation

$ swcopy -x enforce_dependencies=false -s / ISEEPlatform @
$ swask -s ISEE-Chorus

Résultat dans: /catalog/ISEE-Chorus/pfile/response

ou encore:
# Depot=MCPS-SHC
$ swcopy -s MCPS-SHC @
$ swask -s MCPS-SHC

Install

swinstall -s mmstyy00:/

Procédure Complete

# Depot=MCPS-SHC
$ swacl -l root -M user:root@:a
$ swcopy -s MCPS-SHC @
$ swinstall -s MCPS-SHC
$ swask -s MCPS-SHC
$ swinstall -s MCPS-SHC @ hostA hostB

Gestion des droits

- Pour autoriser l'utilisateur marie à ajouter de nouveaux produits au dépôt :
$ swacl -l depot -M user:marie:a [@ hôte:dépôt]

- Pour autoriser l'utilisateur marie à modifier les produits existants d'un dépôt :
$ swacl -l product -M user:marie:a \* [@ hôte]

- Pour modifier le modèle de telle sorte que l'utilisateur marie puisse modifier les nouveaux produits créés par d'autres dans le dépôt :
$ swacl -l global_product_template -M user:marie:a [@ hôte]

Pour authoriser un utilisateur distant à gérer un depot:

# Exemple: user=unix host=mmsdyy00 depot=/mkenv/sw-depot
# A executer sur mmstyy00

$ swacl -l depot -M user:unix@mmsdyy00:a @ /mkenv/sw-depot
$ swacl -l depot -M user:root@mmsdyy00:a @ /mkenv/sw-depot
$ swacl -l depot -M host:mmsdyy00:a @ /mkenv/sw-depot

$ swacl -l depot -M host:mmsdyy00:a
$ swacl -l product -M host:mmsdyy00:a \*
$ swacl -l global_product_template -M host:mmsdyy00:a

Lister les droits d'un dépot:

$ swacl -l depot @ /mkenv/sw-depot

HPUX: LVM quick reference guide

I) How to create a Volume Group (VG).

Note The following example is using the disk c1t6d0, the volume
group vg01 and the logical volume lvhome

1) Prepare the disk
pvcreate /dev/rdsk/c1t6d0

Note if the disk was previously used in another VG use the
following command instead:

pvcreate -f /dev/rdsk/c1t6d0

2) Create the Volume Group (VG):
a) mknod /dev/vg01/group c 64 0x010000

Note: the group number (last parameter) is in hexadecimal and
should be different for each volume group. For vg02, that number
would be 0x020000. The default limit is 10 volume groups as set by
the kernel parameter maxvgs.

b) vgcreate /dev/vg01 /dev/dsk/c1d0s2

Note: When a volume group is created the maximum physical
extents per volume (max_pe parameter) will be set to the max_pe
of the largest physical volume (PV) or 1016, which ever is
greater, if no max_pe is specified. The effect of not setting
the max_pe parameter would be that any PV added to the volume
group in the future regardless of there size will be limited
to the volume groug creation value of max_pe. Therefore,
consider increasing the max_pe to accommodate PV's that may
likely be larger than the largest PV used to create the Volume
Group. The formula to use to determine the value is:

physical_extent_size * max_pe = size_of_the_disk.

The default value for physical_extent_size is 4M and the maximum
value for max_pe is 65535 (example for 18 gig disk use a value
4608 for max_pe: 4M * 4608 = 18 gig).
There is also a default value of a maximum of 16 disks per volume
group. The following is an example of the creation of a volume
group modifying these two parameters (max_pe = 4608, maximum
number of disk = 24):

vgcreate -e 4608 -p 24 /dev/vg01 /dev/dsk/c1d0s2

II) How to create a Logical Volume (LV) and mount the filesystem.
1) Create the Logical Volume (LV)
lvcreate -L 120 -n lvhome /dev/vg01
Note: this will create a logical volume of 120 meg.
2) Create the filesystem
newfs -F vxfs /dev/vg01/rlvhome
Note: to create an hfs filesystem change vxfs to
hfs in the previous command.
3) Mount the Logical Volume:
a) mkdir /home
b) mount /dev/vg01/lvhome /home

III) How to add a disk to a Volume Group
Note The following examples is using the disk c1t6d0 and the volume
group vg01

1) Prepare the disk
pvcreate /dev/rdsk/c1t6d0

Note if the disk was previously used in another VG use the
following command instead:

pvcreate -f /dev/rdsk/c1t6d0

Note: Use caution when using pvcreate -f as this will
overwrite the existing volume group information on the disk.

2) Add the disk to the Volume Group
vgextend /dev/vg01 /dev/dsk/c1t6d0

IV) How to increase the size of a logical volume without online JFS
(advanced JFS).
Note: the following example is using the volume group vg01 and the
logical volume lvhome

Note: Increasing the root filesystem (/) is not feasible

1) lvextend -L 240 /dev/vg01/lvhome
The new total size will be 240M.
2) umount /home
Note: If the filesystem is in use, it is impossible to unmount it.
Therefore stop all the processes (applications) that use the
filesystem then unmount it.
Processes that use /usr and /var cannot be all stopped,
the only solution is to reboot in single user mode.
3) extendfs -F vxfs /dev/vg01/rlvhome
4) mount /dev/vg01/lvhome /home

V) How to remove a Logical Volume
Note: the following example is using the volume group vg01 and the
logical volume lvhome
1) Backup all user data
2) Umount the filesystem
umount /home
3) remove the Logical volume
lvremove /dev/vg01/lvhome

VI) How to reduce the size of a logical volume without online JFS (advanced JFS)
Note: the following example is using the volume group vg01 and the
logical volume lvhome
1) Backup all user data
2) Umount the filesystem
umount /home
3) Reduce the size
lvreduce -L 60 /dev/vg01/lvhome
Note: the new total size will be 60M.
4) Re-create the filesystem
newfs -F vxfs /dev/vg01/rlvhome
Note: to create an hfs filesystem change vxfs by
hfs in the previous command.
5) Mount the Logical Volume:
mount /dev/vg01/lvhome /home
6) Restore the user data

VII) How to remove a disk from a volume group
Note: the following example is using the disk c1t6d0 and the
volume group vg01

1) Make sure that the disk is not in use:
pvdisplay /dev/dsk/c1t6d0
Look at line starting with Allocated PE the number at the end
of the line should be 0. If it is not the disk is still in use.
2) Remove the disk
vgreduce /dev/vg01 /dev/dsk/c1t6d0

VIII) How to remove a volume group
Note: the following example is using the volume group vg01 and the
logical volume lvhome

1) Backup all user data
2) Find the name of all logical volume in this volume group
vgdisplay -v /dev/vg01
3) unmount all logical volumes
Note: repeat the following command for each logical command
umount /dev/vg01/lvhome
4) Remove the volume group:
vgexport /dev/vg01
Note: using vgexport to remove a volume group is easier
and faster than using the vgreduce on each physical volume
except the last one, followed by a vgremove. The other
advantage is that the /dev/vg01 directory is also removed.

IX) How to increase the primary swap

Note: Because of the contiguous allocation policy, create a bigger
logical volume and modify the Boot Data Reserved Area (BDRA) to make it
primary.

1) lvcreate -C y -L 240 /dev/vg00
The name of this new logical volume will be displayed on the
screen, note it, it will be needed later. (let say it
is /dev/vg00/lvol8)
Note: This new logical volume has to be in vg00
2) lvlnboot -v /dev/vg00
This will display the current root and swap volumes
Note: lvol2 is the default primary swap.
3) lvlnboot -s /dev/vg00/lvol8 /dev/vg00
Note: use the logical volume name from step 1
4) lvlnboot -R /dev/vg00
Recover any missing links to all of the logical volumes specified
in the BDRA and update the BDRA of each bootable physical volume in
the volume group
5) reboot the system

X) How to create a secondary boot disk
Note: This will create an identical copy of the current vg00. The
new volume group needs to as big as vg00. This will also be a static
version of the primary boot disk which could be use in case of
problem.

Note: The following example is using the disk c1t6d0 and the
volume group vg01

1) Initialize the disk and make it bootable
pvcreate -B /dev/rdsk/c1t6d0
Note: the -B parameter tells pvcreate that this will be a bootable
disk.
mkboot /dev/dsk/c1t6d0
mkboot -a "hpux" /dev/rdsk/c1t6d0
2) Create the volume group
mkdir /dev/vg01
mknod /dev/vg01/group c 64 0x010000
vgcreate /dev/vg01 /dev/dsk/c1t6d0
3) Find the size of each logical volume in vg00
vgdisplay -v /dev/vg00 | more
look at LV Size (Mbytes) for each logical volume and note it.
Note: this example will use these value:
lvol1 84M
lvol2 256M
lvol3 140M
lvol4 500M
lvol5 64M
lvol6 20M
lvol7 500M
lvol8 500M

Note: The size of the new logical volumes needs to be exactly the
same as the size of the logical volumes on the primary root disk.
4) Create the first 3 logical volumes contiguous (needed by the system)
lvol1:
lvcreate -L 84 -C y -r n /dev/vg01
lvol2:
lvcreate -L 256 -C y -r n /dev/vg01
lvol3:
lvcreate -L 140 -C y -r n /dev/vg01
5) Now create the other logical volumes
lvol4:
lvcreate -L 500 /dev/vg01
lvol5:
lvcreate -L 64 /dev/vg01
lvol6:
lvcreate -L 20 /dev/vg01
lvol7:
lvcreate -L 500 /dev/vg01
lvol8:
lvcreate -L 500 /dev/vg01
6) Copy each logical volume except the swap which is usually lvol2.
dd if=/dev/vg00/rlvol1 of=/dev/vg01/rlvol1 bs=1024k
dd if=/dev/vg00/rlvol3 of=/dev/vg01/rlvol3 bs=1024k
dd if=/dev/vg00/rlvol4 of=/dev/vg01/rlvol4 bs=1024k
dd if=/dev/vg00/rlvol5 of=/dev/vg01/rlvol5 bs=1024k
dd if=/dev/vg00/rlvol6 of=/dev/vg01/rlvol6 bs=1024k
dd if=/dev/vg00/rlvol7 of=/dev/vg01/rlvol7 bs=1024k
dd if=/dev/vg00/rlvol8 of=/dev/vg01/rlvol8 bs=1024k
7) Verify the integrity of all the new volume except swap.
Note: The following lines are base on a system with vxfs
filesystems except for /stand (lvol1) which needs to be hfs.
fsck -F hfs /dev/vg01/rlvol1
fsck -F vxfs /dev/vg01/rlvol3
fsck -F vxfs /dev/vg01/rlvol4
fsck -F vxfs /dev/vg01/rlvol5
fsck -F vxfs /dev/vg01/rlvol6
fsck -F vxfs /dev/vg01/rlvol7
fsck -F vxfs /dev/vg01/rlvol8
8) Now configure the Boot Data Reserved Area (BDRA)
Note: The following commands assume that /stand is lvol1,
swap is lvol2 and / is lvol3
lvlnboot -b /dev/vg01/lvol1 /dev/vg01
lvlnboot -r /dev/vg01/lvol3 /dev/vg01
lvlnboot -s /dev/vg01/lvol2 /dev/vg01
lvlnboot -d /dev/vg01/lvol2 /dev/vg01
9) Modify the fstab file on the new disk.
a) If /tmp_mnt doesn't exist create it
mkdir /tmp_mnt
b) Mount the new root filesystem on /tmp_mnt
mount /dev/vg01/lvol3 /tmp_mnt
c) change to etc directory on the new disk.
cd /tmp/etc
d) Modify all occurence of vg00 in the fstab for vg01
sed "s/vg00/vg01/" fstab > fstab.out
mv fstab fstab.BAK
mv fstab.out fstab
e) Unmount the new root filesystem
cd /
umount /tmp_mnt

XI) How to mirror a logical volume
Note: Data mirroring is provided by an additionnal purchasable
software product called MirrorDisk/UX.

Note: the following example is using the volume group vg01 and the
logical volume lvhome

To add a mirror to an existing logical volume:
lvextend -m 1 /dev/vg01/lvhome

This will add 1 mirror (2 copies of the filesystem).
To add 2 mirrors (3 copies of the filesystem) use -m 2 instead.

To create a new logical volume of 200M with 1 mirror:
lvcreate -m 1 -L 200 /dev/vg01

XII) How to unmirror a logical volume
Note: the following example is using the volume group vg01 and the
logical volume lvhome

lvreduce -m 0 /dev/vg01/lvhome

XIII) How to create a mirrored boot disk

Note the following example is using the disk c1t6d0 as the
mirrored boot disk and c0t6d0 as the boot disk.

1) Initialize the disk and make it bootable
pvcreate -B /dev/rdsk/c1t6d0
Note: the -B parameter tell pvcreate that this will be a
bootable disk.
2) Add the physical volume to the volume group
vgextend /dev/vg01 /dev/dsk/c1t6d0
3) Use mkboot to place the boot utilities in the boot area and add
the AUTO file.
mkboot /dev/dsk/c1t6d0
mkboot -a "hpux -lq" /dev/rdsk/c1t6d0
4) Use mkboot to update the AUTO file on the primary boot
disk.
mkboot -a "hpux -lq" /dev/rdsk/c0t6d0
5) Mirror the stand, root and swap logical volumes
lvextend -m 1 /dev/vg00/lvol1
lvextend -m 1 /dev/vg00/lvol2
lvextend -m 1 /dev/vg00/lvol3
Note: LVM will resynchronize the new mirror copies. This step will
takes several minutes

Repeat the lvextend for all other logical volumes on the boot
mirror.
6) Modify your alternate boot path to point to the mirror copy of the
boot disk.
setboot -a 8/8.6.0 # Use the Hardware path for your new
boot disk.

XIV) How to mirror a logical volume on a specific physical volume

Note: the following example, is using the disk c1t6d0 for the
primary copy, c2t6d0 for the mirror copy, the volume group vg01,
the logical volume lvhome and the size will be 200M

lvcreate -n lvhome /dev/vg01
lvextend -L 200 /dev/vg01/lvhome /dev/dsk/c1t6d0
lvextend -m 1 /dev/vg01/lvhome /dev/dsk/c2t6d0

XV) How to create a Physical Volume Group (PVG)
create a file named /etc/lvmpvg with the following syntax:
VG vg_name
PVG pvg_name
pv_path
...
PVG pvg_name
pv_path
...
VG vg_name
PVG pvg_name
pv_path
...

For example, to use two PVGs in vg01 with c1t6d0 and c2t6d0
in one PVG (PVG0), c3t6d0 and c4t6d0 in the other PVG (PVG1) the
contents of the file (/etc/lvmpvg) should be:

VG /dev/vg01
PVG PVG0
/dev/dsk/c1t6d0
/dev/dsk/c2t6d0
PVG PVG1
/dev/dsk/c3t6d0
/dev/dsk/c4t6d0

XVI) How to use PVG to mirror logical volumes on specific physical volumes.

Note: in the following text, the volume group will be vg01 and the
logical volume will be name lvhome

After creating the /etc/lvmpvg file as describe above, each copy
of your mirror could be force on different PVG. To achieve this if
the logical volume is already created but not mirrored yet, use the
following command:
lvchange -s g /dev/vg01/lvhome
lvextend -m 1 /dev/vg01/lvhome
If the logical volume is not created yet:
lvcreate -s g -m 1 -n lvhome -L 200 /dev/vg01

Index:
Regular tasks
I) How to create a Volume Group (VG).
II) How to create a Logical Volume (LV) and mount the filesystem.
III) How to add a disk to a Volume Group
IV) How to increase the size of a logical volume without OnlineJFS
(advanced JFS)
V) How to remove a Logical Volume
VI) How to reduce the size of a logical volume without OnlineJFS
(advanced JFS)
VII) How to remove a disk from a volume group
VIII) How to remove a volume group
IX) How to increase the primary swap
X) How to create a secondary boot disk
LVM Mirroring
XI) How to mirror a logical volume
XII) How to unmirror a logical volume
XIII) How to create a mirrored boot disk
XIV) How to mirror a logical volume on a specific physical volume
Physical Volume Group
XV) How to create a Physical Volume Group (PVG)
XVI) How to use PVG to mirror logical volumes on specific physical
volumes.

HPUX: build a kernel via the command line

Sometimes it is necessary to build a kernel via the command line instead of using SAM. This document will provide the instructions to do that.

CONFIGURATION: Operating System - HP-UX Version - 10.X, 11.X Hardware System - HP 9000 Series - N/A RESOLUTION 10.X:

1. Change directories to /stand/build.
cd /stand/build

2. Create a new system file from the running kernel.
/usr/lbin/sysadm/system_prep -s /stand/build/system

3. Update the system file with the planned changes using
vi /stand/build/system or kmtune(1m).
Example setting nproc tunable to 400:
kmtune -s nproc=400 -S /stand/build/system

4. Build the new kernel.
/usr/sbin/mk_kernel -s /stand/build/system

5. Move the old system and vmunix files so if anything goes wrong, the system can be booted from the old kernel.
mv /stand/system /stand/system.prev
mv /stand/build/system /stand/system
mv /stand/vmunix /stand/vmunix.prev
mv /stand/build/vmunix_test /stand/vmunix

6. Reboot the system off the new kernel.
shutdown -r

11.X:

1. Change directories to /stand/build.
cd /stand/build

2. Create a new system file from the running kernel.
/usr/lbin/sysadm/system_prep -s /stand/build/system

3. Edit the kernel with the planned changes.
vi /stand/build/system

4. Build the new kernel.
/usr/sbin/mk_kernel -s /stand/build/system

5. Move the old system and vmunix files so if anything goes wrong, the system can be booted from the old kernel.
mv /stand/system /stand/system.prev

6. Move the new system file and new kernel into place, ready to be used when rebooting the system.
mv /stand/build/system /stand/system
kmupdate /stand/build/vmunix_test

NOTE: The kmupdate command will move the /stand/vmunix kernel to /stand/vmunix.prev and the newly created kernel to /stand/vmunix as part of the shutdown process.

7. Reboot the system off the new kernel.
shutdown -r

More information is available in the HP-UX System Administration Tasks manual. man manuals will give you ordering information and part numbers.

Most HP documentation is avaialable online at: http://www.docs.hp.com

I Forgot the Root Password

I Forgot the Root Password

Originally prepared by Peggy Bruehl

The following info was collected from a variety of sources including HP-UX Manuals, and the hpux-admin mailing list.

If you have forgotten the root password on you HP Workstation, you must go through the following steps:

Ask all other users to log off the workstation.
Type the command sync four times to clear the buffer cache.
If you have installed sudo, or if you have enabled a user other than root to reboot the machine, reboot your workstation.

If you can not reboot the machine, press the reset button to force a reboot. Don't press the reset button unless you can't get the machine to reboot any other way.

During the reboot, press the ESC key to interrupt the reboot.

This will bring you to the BOOT_ADMIN prompt. From here, boot to the ISL with the command boot scsi.X.0 isl where scsi.X.0 is the SCSI address of your internal disk drive. (To find that address, use the path command at the BOOT_ADMIN prompt.)

Now you are at the ISL prompt. Boot up into single user mode with the command hpux -is (or if you are still running 9.X use the command hpux -is boot disk(scsi.X;0)/hp-ux, where again scsi.X.0 is the SCSI address of your internal disk drive.)

After the machine has come up in single user mode, you can try to set the root password by running the passwd command. If the program will run, you can enter the new password now. Reboot again (command reboot) and you are done.

If the passwd program will not run in the single user mode, manually edit the /etc/passwd file (be careful!) and take out the root password (second field), leaving the 2 colons side by side.

Now, quickly reboot the machine (reboot) and log in as root. No password is required. Immediately run the passwd command and set a password for root.

It's important to minimize the time between removing the root password from the /etc/passwd file and resetting the password with the passwd command.

During this time, your system is wide open.

C'est Quoi le LOADAVG ???

C'est Quoi le LOADAVG ???

The general concensus was that the load average was for all CPUs.
Basically that is the average number of processes waiting for te
entire system (independent of the number of CPUs in the system).

As a rule of thumb you could consider a load of 1 on a single CPU
server the same as a load of 4 on a 4 CPU server. (euhh, à vérifier :) )

Also it was pointed out that the load average will mean different
things depening on what kind of work the server is doing.

SSH: Authentication with PublicKeys

Ce document explique les différentes étapes pour mettre en place l'authentification par clef
publiques.

Les avantages tirés sont pluriel:

Evite la propagation des mots de passe ( celui de root en particulier ),
Evite l'utilisation d'un mot de passe trop simple, souvent utilisé pour ne pas l'oublier, et car les connexions sont nombreuses dans une journée,
Ajoute une granularité dans la mise en place de la sécurité,
Facilite le travail quotidien, par des connexions plus rapides.

Coté client
Création des paires de clef privée/publiques cliente.

Les clef sont crée avec la commande `ssh-keygen', il vous sera demander un nom
de fichier, acceptez celui par défaut, puis une pass-phrase (Le mot de passe),
veillez à en choisir un assé long, une phrase serait l'idéal.

$ ssh-keygen -t rsa1 # SSH1
$ ssh-keygen -t rsa # SSH2
$ ssh-keygen -t dsa # SSH2

L'agent ssh

Maintenant pour éviter d'avoir à taper notre passphrase à chaque connexion,
nous allons utiliser la commande `ssh-agent'. Grâce à lui, nous n'aurons qu'à
taper notre passphrase qu'une fois au début de la journée:

$ eval $(ssh-agent)
Agent pid 2592

puis il nous faut ajouter nos clef.
Rem: si vous avez choisi la même passphrase pour toutes les trois clef, elle
ne vous sera demandée qu'une seulle fois:

$ ssh-add
Enter passphrase for ~/.ssh/id_rsa:
Identity added: ~/.ssh/id_rsa (~/.ssh/id_rsa)
Identity added: ~/.ssh/id_dsa (~/.ssh/id_dsa)
Identity added: ~/.ssh/identity (Philippe@MyHost)

On peut verifier qu'elles ont bien été prises en compte:

$ ssh-add -l
2048 9a:08:b9:b8:e6:25:bd:6c:4e:8c:25:13:2e:36:62:97 Philippe@MyHost (RSA1)
2048 5b:7f:cd:96:2c:f4:41:66:1a:83:4b:ff:ad:89:85:42 ~/.ssh/id_rsa (RSA)
2048 9a:e0:e3:af:b8:65:a1:c6:06:2c:80:8e:8a:1a:c9:30 ~/.ssh/id_dsa (DSA)

Coté client c'est Fait.

Coté serveur

passons sur l'installation du serveur ssh, et concentrons nous sur le
spécifique pour accepter l'Authentification par Clef publiques.

La configuration du serveur:

Les options suivante doivent être présentes dans le fichier de conf :

/opt/ssh/etc/sshd_config:

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

StrictModes no # Si les droits sur le $HOME ne sont pas 0700

puis pour recharger la config :

$ kill -1 $(cat /var/run/sshd.pid)

Ajout des clef.

Pour que la connexion soit possible, il nous faut rajouter la(les) clef
publique dans le fichier d'authorization:

Après avoir copié sur le serveur la clef publique (DSA):

$ cat id_dsa.pub >>$HOME/.ssh/authorized_keys

Test de connexion

$ ssh unix@support
MyHost [HP Release B.11.00]
Last successful login for unix: Tue Sep 20 15:12:54 MET-1METDST 2005 on pts/43
Last unsuccessful login for unix: Tue Sep 20 09:58:07 MET-1METDST 2005 on pts/tp
Last login: Mon Aug 29 20:19:36 2005 from otherhost
You have mail.

Dans les logs:

Sep 20 15:17:32 myhost sshd[24103]: Accepted publickey for unix from 192.168.1.2 port 3546 ssh2

Attacher un fichier Image ISO

Pour monter un CD:
$ mount -F cdfs -o cdcase
ou
$ mount -F cdfs

Attacher un fichier Image ISO:
$ nohup /usr/sbin/pfs_mountd&
$ nohup /usr/sbin/pfsd&
$ /usr/sbin/pfs_mount -t iso9660 -x unix /images/cd.iso /mnt
ou
$ /usr/sbin/pfs_mount -t iso9660 /images/cd.iso /mnt