May 2007 Archives

Get rid of the patch!

patchrm 113273-13 

From a cluser node:

scconf -a -T node=node01 

On the node to be uninstalled:

reboot -- -x 

Uninstall:

scinstall -r 

On node01:

 scinstall -ik \ -C cluster01 \ -F \ -T node=node01,node=node02,authtype=sys \ -A trtype=dlpi,name=ce4 -A trtype=dlpi,name=ce5 \ -B type=switch,name=switch1 -B type=switch,name=switch2 \ -m endpoint=:ce4,endpoint=switch1 \ -m endpoint=:ce5,endpoint=switch2 \ -P task=quorum,state=INIT 

On node02:

 scinstall -ik \ -C cluster01 \ -N node01 \ -A trtype=dlpi,name=ce4 -A trtype=dlpi,name=ce5 \ -m endpoint=:ce4,endpoint=switch1 \ -m endpoint=:ce5,endpoint=switch2 

Create a Failover Resource Group:

scrgadm -a -g cluster01 -h node01,node02 

Create a Logical Network Resource:

scrgadm -a -L -g cluster01 -l cluster01 

Activate the Resource Group:

scswitch -Z -g cluster01 

Create Global Devices:

scgdevs 

Create a metaset:

metaset -s cluster01 -a -h node01 node02 

Take ownership:

metaset -s cluster01 -t 

Add drives:

scdidadm -L or -l metaset -s cluster01 -a /dev/did/dsk/d10 

Add metadevices:

vi /etc/lvm/md.tab cluster01/d17 1 1 /dev/did/rdsk/d17s0 

Create metadevices:

metainit -s cluster01 -a 

Create cluster filesystems:

newfs /dev/md/cluster01/dsk/d10 

Update vfstab:

vi /etc/vfstab do not use global for mount options. this will cause both nodes to mount the filesystems 

Verify Configuration:

sccheck 

Add HA Storage Plus Resource:

scrgadm -a -j cluster01-hasp -g cluster01 -t SUNW.HAStoragePlus:2 \ -x FilesystemMountPoints="/u00/oracle,/u01,/u02,/u03,/u04, \ /u05,/u06,/u00/sct,/u11,/u12,/u13,/u14,/u15,/u16" scrgadm -c -j cluster01-hasp -y R_description="Failover data \ service resource for SUNW.HAStoragePlus:2" 

Enable HA Storage Plus Resource:

scswitch -e -j cluster01-hasp scswitch -e -M -j cluster01-hasp 

Add Oracle Listener Resource:

scrgadm -a -j cluster01-oracle-listener -g cluster01 \ -t SUNW.oracle_listener:5 -x ORACLE_HOME="/u00/oracle/product/10.2.0/Db_1" \ -x Listener_name="LISTENER_PROD" scrgadm -c -j cluster01-oracle-listener -y R_description="Failover data \ service resource for SUNW.oracle_listener:5" 

Enable Oracle Listen Resource:

scswitch -e -j cluster01-oracle-listener scswitch -e -M -j cluster01-oracle-listener 

Test it out, switch active node to node02!

scswitch -z -g cluster01 -h node02 

Users were unable to unlock their screen saver. The following was added to pam.conf.

dtsession auth sufficient pam_ldap.so.1 use_first_pass 

mount -o ro,loop=/dev/loop0 /path/to/file.iso /mnt 

Note: You can use /dev/loop1 or /dev/loop2 etc if you need more loop devices

 nbu-client # /usr/openv/netbackup/bin : ./bpclntcmd -self current domain = sub.domain.com NIS does not seem to be running: (10) can't communicate with ypbind gethostname() returned: nbu-client host nbu-client: nbu-client at 192.168.1.10 (0x966c04d8) checkhname: aliases: or getent hosts `hostname` nbu-client # /usr/openv/netbackup/bin : ./bpclntcmd -server nbu-master-server host nbu-master-server: nbu-master-server at 10.0.0.10 (0x966c0438) checkhname: aliases: 

Some previous Solaris 10 kernel parameters are now handled by Solaris Resource Control. Solaris 10 Kernel Parameters

# Oracle /etc/system kernel configuration
* oracle START 
set shmsys:shminfo_shmmax=0xffffffffffffffff 
set shmsys:shminfo_shmmin=1 
set shmsys:shminfo_shmmni=200 
set shmsys:shminfo_shmseg=200 
set semsys:seminfo_semmap=1024 
set semsys:seminfo_semmni=2048 
set semsys:seminfo_semmns=2048 
set semsys:seminfo_semmnu=2048 
set semsys:seminfo_semume=200 
set semsys:seminfo_semmsl=2048 

forceload: sys/shmsys 
forceload: sys/semsys 
forceload: sys/msgsys 

* bset semsys:seminfo_semopm=100 
* bset semsys:seminfo_semvmx=32767 
* oracle END 

msgmni 
- set msgsys:msginfo_msgmni=3774 
number of queue identifiers msgmax 
- set msgsys:msginfo_msgmax=4096
maximum message size msgmnb 
- set msgsys:msginfo_msgmnb=360000
 - maximum number of bytes on the message queue msgtql 
- set msgsys:msginfo_msgtql=2500 
- number of message headers shmmni 
- set shmsys:shminfo_shmmni=100 
- maximum number of shared memory segments in the entire system shmseg
 - set shmsys:shminfo_shmseg=10 
- maximum number of shared memory segments one process can attach semmnu 
- set semsys:seminfo_semmnu=1042 

- number of semaphore undo structures semopm 
- set semsys:seminfo_semopm=12 
- maximum number of operations for each semopm call semume 
- set semsys:seminfo_semume=42 
- maximum number of IPC semaphores that a given process can have undo operations pending on semaem 
- set semsys:seminfo_semaem=16384 - maximum amount a semaphore value can be changed by a semaphore undo operation rlim_fd_max 
- set rlim_fd_max=4117 
- hard limit on file descriptors that a single process can have open rlim_fd_cur
 - set rlim_fd_cur=1024 
- soft limit of open files semmsl 
- set semsys:seminfo_semmsl=256 
- minimum recommended value for initial installation only shmmin
 - set shmsys:shminfo_shmmin=1 
- minimum allowable size of a single shared memory segment shmmax 
- set shmsys:shminfo_shmmax=4294967295 

- maximum allowable size of one shared memory segment (4 GB = 4294967295) semmni
- set semsys:seminfo_semmni=554 - maximum number of semaphore sets in the entire system 

Replaced by resource control in solaris 10

semmni - semsys:seminfo_semmni - project.max-sem-ids 
semmsl - semsys:seminfo_semmsl - project.max-sem-nsems 
shmmax - shmsys:shminfo_shmmax - project.max-shm-memory 
shmmni - shmsys:shminfo_shmmni - project.max-shm-ids 

Adding the parameters to Resource Control

id -p oracle uid=301(oracle) gid=301(dba) projid=3(default) 
projadd oracle 
echo "oracle::::project=oracle" >> /etc/user_attr 
id -p oracle uid=301(oracle) gid=301(dba) projid=100(oracle) 

prctl -n project.max-shm-memory -i project oracle project: 100: oracle NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT project.max-shm-memory privileged 1.17TB - deny - system 16.0EB max deny - 

prctl -n project.max-shm-memory -v 4gb -r -i project oracle 

projmod -s -K "project.max-shm-memory=(priv,4gb,deny)" oracle 
prctl -n project.max-shm-memory -i project oracle project: 100: oracle NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT project.max-shm-memory privileged 4.00GB - deny - system 16.0EB max deny - 
prctl -n project.max-sem-ids -i project oracle project: 100: oracle NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT project.max-sem-ids privileged 128 - deny - system 16.8M max deny - prctl -n project.max-sem-ids -v 1108 -r -i project oracle 
projmod -s -K "project.max-sem-ids=(priv,1108,deny)" oracle 
prctl -n project.max-sem-ids -i project oracle project: 100: oracle NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT project.max-sem-ids privileged 1.11K - deny - system 16.8M max deny - 

Adding the parameters to /etc/system

cp /etc/system /etc/system.pre.oracle.cs 
echo "set msgsys:msginfo_msgmni=7548" >> /etc/system 
echo "set msgsys:msginfo_msgmax=8192" >> /etc/system 
echo "set msgsys:msginfo_msgmnb=720000" >> /etc/system 
echo "set msgsys:msginfo_msgtql=5000" >> /etc/system 
echo "set shmsys:shminfo_shmseg=34" >> /etc/system 
echo "set semsys:seminfo_semmnu=2084" >> /etc/system 
echo "set semsys:seminfo_semopm=24" >> /etc/system 
echo "set semsys:seminfo_semume=84" >> /etc/system 
echo "set semsys:seminfo_semaem=32768" >> /etc/system 
echo "set rlim_fd_max=8234" >> /etc/system 
echo "init 6" 

 #!/usr/bin/perl open (FILE, $ARGV[0]) or die "Error: Cannot open file.\n"; @line = ; close FILE; foreach (@line) { chomp; print "echo \"" . "------------------" . "\"" . "\n"; print "echo \"" . "started - `date`" . "\"" . "\n"; print "echo \"" . $_ . "\"" . "\n"; print $_ . "\n"; print "echo \"" . "finished - `date`" . "\"" . "\n"; print "\n"; } 

niutil -list . /exports niutil -createprop . 160 "opts" "maproot=root", "network=X.X.X.0,192.168.2.0", "mask=255.255.255.0" niutil -deleteprop . 160 "opts" ro niutil -deleteprop / 160 "opts" ro nidump -r /exports . 

EXPRESSION FUNCTION /abc/ Matches abc anywhere within the string /^abc/ Matches abc at the beginning of the string /abc$/ Matches abc at the end of the string /a|b/ Matches either a or b /ab{m,n}c/ Matches an a followed by m-n b's, followed by c, where m,n are nonnegative integers, m>n. If the second number is omitted, such as /ab {m,}c/, the expression will match m or more b's. /ab*c/ Matches an a followed by zero or more b's, followed by c. /ab+c/ Matches an a followed by one or more b's followed by c. /ab?c/ Matches an a followed by an optional b followed by c. In Perl 5, the expression: /ab*?c/matches an a followed by as few b's as possible. /./ Matches any single character except a newline (\n) /a..d / matches a a followed by any two characters, followed by d. /[abc]/ Matches any one of a or b or c. A pattern of /[abc]+/ matches strings such as abcab, acbc, abbac, and so on. /\d/ Matches a digit. Multipliers can be used. (/\d+/ matches one or more digits.) /\w/ Matches a character classified as a word. /\s/ Matches a character classified as whitespace. /\b/ Matches a word boundary or a backspace. /cde\b/ matches cde, but not cdef. However, \b matches a backspace character inside a class. that is, [\b]. /[^abc]/ Matches a character that is not in the class. /[^abc ]+/ will match a string such as defg. /\D/ Matches a character that is not a digit. /\W/ Matches a character that is not a word. /\S/ Matches a character that is not whitespace. /\B/ Requires that there is no word boundary. /perl\B/ matches perl, but not perl script. /\*/ Matches the * character. Use the \ character to escape characters that have significance in a regular expression. /(abc)/ Matches abc anywhere within the string, but the parentheses act as memory, storing abc in the variable $1. /abc/i Ignores case. Matches either abc, Abc, ABc, and so on. 

#!/usr/bin/perl @Servers = ( '10.0.X.X', '10.0.X.X' ); $port = "443"; #Flat File Option #open FILE, "serverlist"; #@Servers = ; foreach $server (@Servers) { $socket = IO::Socket::INET->new( PeerAddr => $server, PeerPort => $port, Timeout => 2, Proto => 'tcp'); if ($socket) { print "$server is listening on port $port\n"; } else { print "$server is NOT listening on port $port\n"; } } close FILE; 

Initialize LDAP:

ldapclient manual \ -a credentialLevel=anonymous \ -a authenticationMethod=simple \ -a defaultSearchBase=dc=your,dc=site \ -a serviceSearchDescriptor=passwd:cn=users,dc=your,dc=site \ -a serviceSearchDescriptor=group:cn=groups,dc=your,dc=site \ -a defaultServerList=LDAPSERVER \ -a domainName=yoursite \ -a proxyDN=uid=root,cn=users,dc=your,dc=site \ -a proxyPassword=yoursite 

Add the following entries to /etc/pam.conf for SSH authentication:

# ssh sshd auth requisite pam_authtok_get.so.1 sshd auth required pam_dhkeys.so.1 sshd auth sufficient pam_unix_auth.so.1 sshd auth required pam_ldap.so.1 try_first_pass sshd account required pam_unix_account.so.1 

Don't forget to update /etc/nsswitch.conf to reference the correct databases.

Device files are characterized by their major and minor numbers , which allow the kernel to determine which device driver to use to access the device (via the major number), as well as its specific method of access (via the minor number).

Major and minor numbers appear in place of the file size in long directory listings. For example, consider these device files related to the mouse from a Linux system:

$ cd /dev; ls -l *mouse 
crw-rw-r-- 1 root root 10, 10 Jan 19 03:36 adbmouse 
crw-rw-r-- 1 root root 10, 4 Jan 19 03:35 amigamouse 
crw-rw-r-- 1 root root 10, 5 Jan 19 03:35 atarimouse 
crw-rw-r-- 1 root root 10, 8 Jan 19 03:35 smouse 
crw-rw-r-- 1 root root 10, 6 Jan 19 03:35 sunmouse 
crw-rw-r-- 1 root root 13, 32 Jan 19 03:36 usbmouse 

The major number for all but the last special file is 10; only the minor number differs for these devices. Thus, all of these mouse device variations are handled by the same device driver, and the minor number indicates the variation within that general family. The final item, corresponding to a USB mouse, has a different major number, indicating that a different device driver is used.

Device files are created with the mknod command, and it takes the desired device name and major and minor numbers as its arguments. Many systems provide a script named MAKEDEV (located in /dev), which is an easy-to-use interface to mknod.

* From O'Reilly Essentail System Administration - 3rd Edition

AIX 
lscfg - List all devices 
lscfg -v -l device - Device Detail 
lsdev -C -s scsi - List all SCSI IDs 
FreeBSD 
dmesg - Boot messages identify all devices 
HP-UX 
ioscan -f -n - Detailed device listing. 
ioscan -f -n -C disk - Limit to device class. 
Linux 
dmesg - Boot messages identify all devices 
lsdev - List major devices 
scsiinfo -l - List SCSI devices 
lspci - List PCI devices 
Solaris 
getdev - List devices 
getdev type=disk - Limit device class 
devattr -v device - Device detail 
Tru64 
dsfmgr -s - List devices 

* From O'Reilly Essentail System Administration - 3rd Edition

Option - Meaning: 
-atime n - File was accessed exactly n days ago 
-mtime n - File was last modified exactly n days go 
-newer file - File was modified more recently than file was 
-size n - File is n 512-byte blocks long (rounded up to next block) 
-type c - Specifies the file type: f=plain file, d=directory etc 
-fstype typ - Specifies filesystem type 
-name nam - File filename is nam 
-perm p - The file's access mode is p 
-user usr - The file's owner is usr 
-group grp - The file's group owner is grp 
-nouser - The file's owner is not listed in the password file 
-nogroup - The file's group owner is not listed in the group file 
-print - Display pathname of matching file. 
-ls - Display long directory listing for matching file 
-exec cmd - Execute command on file 
-ok cmd - Prompt before executing command on file 
-xdev - Restrict the search to the fileystem on the starting directory (typically used to bypass mounted remote filesystems)
 -prune - Don't descend into directories encountered. 

Examples: 
The command below displays a long directory listing for all files under /chem larger than 1 MB (2048 512-byte blocks) that haven't been modified in a month: 
find /chem -size +2048 -mtime +30 -exec ls -l {} \; 

To search for files not modified in a month or not accessed in three months, use this command: 
find /chem -size +2048 \( -mtime +30 -o -atime +120 \) -ls 

Automatically delete old junk files on the system: 
find / \( -name a.out -o -name core -o -name '*~'\ 
 -o -name '.*~' -o -name '#*#' \) -type f -atime +14 \ 
 -exec rm -f {} \; -o -fstype nfs -prune 

Lists all files that have setuid or setgid access set: 
find / -type f \( -perm -2000 -o -perm -4000 \) -print 

Changes the ownership of all the files under user chavez's home directory to user chavez and group physics: 
find /home/chavez -exec chown chavez {} \; \ -exec chgrp physics {} \; 

Gathers all C source files anywhere under /chem into the directory /chem1/src: 
find /chem -name '*.c' -exec mv {} /chem1/src \; 

Command runs the script prettify on every C source file under /chem: 
find /chem -name '*.c' -exec /usr/local/bin/prettify {} \; 

Find hidden files

find . -name \.\*

* Some from O'Reilly Essentail System Administration - 3rd Edition 

List installed packages 
AIX: 
lslpp -l all 
FreeBSD: 
pkg_info -a -I 
HP-UX: swlist 
Linux: rpm -q -a or rpm -qa 
Solaris: pkginfo 
Tru64: setld -i 

Describe package 
FreeBSD: pkgi_info 
HP-UX: swlist -v 
Linux: rpm -q -i or rpm -qi 
Solaris: pkgcheck -l 
Tru64: setld -i 

List prerequisites: AIX: lslpp -p Linux: rpm -q --requires Show file's original package: AIX: lslpp -w Linux: rpm -q --whatprovides Solaris: pkgchk -l p Install package: AIX: installp -acX FreeBSD: pkg_add HP-UX: swinstall Linux: rpm -i Solaris: pkgadd Tru64: setld -l Preview installation: AIX: installp -p FreeBSD: pkg_add -n HP-UX: swinstall -p Linux: rpm -i --test Verify package: AIX: installp -a -v Linux: rpm -V Solaris: pkgchk Tru64: fverify Remove package: AIX: installp -u FreeBSD: pkg_delete HP-UX: swremove Linux: rpm -e Solaris: pkgrm Tru64: setld -d 

* From O'Reilly Essentail System Administration - 3rd Edition

Character Files
- corresponding to haracter-based or raw device access
- character special files are used for unbuffered data transfers to and from a device
- example: a terminal
- example, disk: /dev/rdsk/c0t0d0s0


Block Files
- corresponding to block I/O device access
- block special files are used when data is transferred in fixed-size chunks known as blocks
- example: most file I/O
- example, disk: /dev/dsk/c0t0d0s0

* From O'Reilly Essentail System Administration - 3rd Edition

Linux (Red Hat) - /etc/man.config Linux (Novell / SuSE) - /etc/manpath.config Solaris - /usr/share/man/man.cf 

Once again, I have been tasked to install Perl modules for our developers. The only part I keep forgetting is how to list the modules that are installed. Here's the snippet of code to do so:

# Checking perlocal.pod for modules currently install in this system # To check the modules for another distribution on the box, perl -V # and check the @INC path use ExtUtils::Installed; my $instmod = ExtUtils::Installed->new(); foreach my $module ($instmod->modules()) { my $version = $instmod->version($module) || "???"; print "$module -- $version\n"; } 

cdrecord -v -pad speed=1 dev=0,0,0 src.iso 

DATE=`date +%Y-%m-%d` 

BACKUPDIR=$HOME/.mysql-backup 
USERNAME=CHANGE 
PASSWORD=CHANGE 
DATABASE=CHANGE 

if [ ! -d $BACKUPDIR/$DATABASE ]; then
   mkdir $BACKUPDIR/$DATABASE 
fi 

mysqldump --user=$USERNAME \ 
          --password=$PASSWORD $DATABASE > \ 
          $BACKUPDIR/$DATABASE/$DATE.dump bzip2 -9 $BACKUPDIR/$DATABASE/$DATE.dump 

Facility - Description - Daemon Names
init - First created process - init
syslog - System status/error message logging - syslogd
email - Mail message transport - sendmail
printing - Print spooler - lpd, lpsched, qdaemon, rlpdaemon
cron - Periodic process execution - crond
tty - Terminal support. - getty (and similar)
sync - Disk buffer flushing - update, syncd, syncher, fsflush, bdflush, kupdated
paging and swapping - Daemons to support virtual memory management - pagedaemon, vhand, kpiod, pageout, swapper, kswapd, kreclaimd
inetd - Master TCP/IP daemon, responsible for starting many others on demand: telnetd, ftpd, rshd, imapd, pop3d, fingerd, rwhod (see /etc/inetd.conf for a full list) - inetd
name resolution - DNS server process - named
routing - Routing daemon - routed, gated
DHCP - Dynamic network client configuration - dhcpd, dhcpsd
RPC - Remote procedure call facility network port-to-service mapper - portmap, rpcbind
NFS - Network File System: native Unix network file sharing - nfsd, rpc.mountd, rpc.nfsd, rpc.statd, rpc.lockd, nfsiod
Samba - File/print sharing with Windows systems - smbd, nmbd
WWW - HTTP server - httpd
network - time Network time synchronization - timed, ntpd

* From O'Reilly Essentail System Administration - 3rd Edition

Data structure on disk that describes and stores a file's attributes, including its physical location on disk. When a filesystem is initially created, a specific number of inodes are created. In most cases, this becomes the maximum number of files of all types, including directories, special files, and links that can exist in the filesystem.
A typical formula is one inode for every 8 KB of actual file storage. This is more than sufficient in most situations. Inodes are given unique numbers, and each distinct file has its own inode. When a new file is created, an unused inode is assigned to it.

Information stored in inodes includes the following:
- User owner and group owner IDs.
- File type (regular, directory, etc., or 0 if the inode is unused).
- Access modes (permissions).
- Most recent inode modification, data access, and data modification times. If the file'smetadata does not change, the first item will correspond to the file creation time.
- Number of hard links to the file (links are discussed later in this chapter). This is 0 if the inode is unused, and one for most regular files.
- Size of the file.
- Disk addresses of:
a. Disk locations for the data blocks that make up the file, and/or
b. Disk locations of disk blocks that hold the disk locations of the file's data blocks (indirect blocks), and/or
c. Disk locations of disk blocks that hold the disk locations of indirect blocks (double indirect blocks: two disk addresses removed from the actual data blocks)

* From O'Reilly Essentail System Administration - 3rd Edition

-rw------- 2 chavez chem 28 Mar 12 11:36 gold.dat -rw------- 2 chavez chem 28 Mar 12 11:36 hlink.dat drwx------ 2 chavez chem 512 Mar 12 11:36 old_data lrwxrwxrwx 1 chavez chem 8 Mar 12 11:37 zn.dat -> gold.dat brw-r----- 1 root system 0 Mar 2 15:02 /dev/sd0a crw-r----- 1 root system 0 Jun 12 1989 /dev/rsd0a srw-rw-rw- 1 root system 0 Mar 11 08:19 /dev/log prw------- 1 root system 0 Mar 11 08:32 /usr/lib/cron/FIFO 

- - Plain file (hard link)
d - Directory
l - Symbolic link
b - Block special file
c - Character special file
s - Socket
p - Named pipe

* From O'Reilly Essentail System Administration - 3rd Edition

Named pipes are pipes opened by applications for interprocess communication (they are "named" in the sense that applications refer to them by their pathname). They are a System V feature that has migrated to all versions of Unix. Named pipes often reside in the /dev directory. They are also known as FIFOs (for "first-in, first-out")

* From O'Reilly Essentail System Administration - 3rd Edition

A socket, whose official name is a Unix domain socket, is a special type of file used for communications between processes. A socket may be thought of as a communications end point, tied to a particular local system port, to which processes may attach.

For example, on a BSD-style system, the socket /dev/printer is used by processes to send messages to the program lpd (the line-printer spooling daemon), informing it that it has work to do.

* From O'Reilly Essentail System Administration - 3rd Edition

% ls -l -rw------- 2 chavez chem 5228 Mar 12 11:36 index -rw------- 2 chavez chem 5228 Mar 12 11:36 hlink lrwxrwxrwx 1 chavez chem 5 Mar 12 11:37 slink -> index 

# chmod 4755 uid Setuid access # chmod 2755 gid Setgid access # chmod 6755 both Setuid and setgid access: 2 highest bits on # chmod 1777 sticky Sticky bit # chmod 2745 locking File locking (note that group execute is off) # ls -ld -rwsr-sr-x 1 root chem 0 Mar 30 11:37 both -rwxr-sr-x 1 root chem 0 Mar 30 11:37 gid -rwxr-Sr-x 1 root chem 0 Mar 30 11:37 locking drwxrwxrwt 2 root chem 8192 Mar 30 11:39 sticky -rwsr-xr-x 1 root chem 0 Mar 30 11:37 uid 

t - save text mode, sticky bit
Files: Keep executable in memory after exit.Directories: Restrict deletions to each user's own files.

s - setuid bit
Files: Set process user ID on execution.

s - setgid bit
Files: Set process group ID on execution.Directories: New files inherit directory group owner.

l - file locking
Files: Set mandatory file locking on reads/writes (Solaris and Tru64 and sometimes Linux). This mode is set via the group access type and requires that group execute access is off. Displayed as S in ls -l listings.

* From O'Reilly Essentail System Administration - 3rd Edition

I recently picked up a new Apple MacBook and I must admit its a very nice laptop. I wanted to check out the performance on my laptop so the following had to be setup in root's crontab.

# Starting at 8am collect system activity records # every 20 minutes for 12 hours # 20 minutes = 1200 seconds # 12 hours with 3 samples each hour = 36 loops 0 8 * * 1-5 /usr/lib/sa/sa1 1200 36 # After the 12 hour period, # collect a system activity report 30 20 * * 1-5 /usr/lib/sa/sa2 -A 

The following RPM build was created for the EMC Control Center Agent. This agent communicates with the EMC Control Center console to guage SAN storage usage.

I already installed the EMC Control Center Agent to test the functionality. I noted the files & directories that were modified to make sure the RPM package is customized for our environment. Specifically, I customized the following files:

/etc/init.d/eccmad (oddly enough this distribution was not configured for Linux where I had to manually enable it for chkconfig so we can just type - service eccmad start) /function_tools/exec/master.ini (reflected new directory of /tools versus /function_tools) /var/emc/.eccrc (reflected new directory of /tools versus /function_tools) 

Back to the RPM building...

1. Create RPM build structure mkdir RPMBUILD/BUILDS mkdir RPMBUILD/RPMS mkdir RPMBUILD/SOURCES mkdir RPMBUILD/SPEC mkdir RPMBUILD/tmp 2. Create the customized directory structure mkdir -p RPMBUILD/SOURCES/ECC-5.2.0/etc/init.d mkdir RPMBUILD/SOURCES/ECC-5.2.0/tools mkdir -p RPMBUILD/SOURCES/ECC-5.2.0/var/emc 3. Copy over the files & directories cp /etc/init.d/eccmad RPMBUILD/SOURCES/ECC-5.2.0/etc/init.d/ cp -rp /function_tools/* RPMBUILD/SOURCES/ECC-5.2.0/tools/. cp -rp /var/emc/* RPMBUILD/SOURCES/ECC-5.2.0/var/emc/. 4. Create the spec file touch RPMBUILD/SPEC/ECC-5.2.0.spec defined a whole bunch of stuff (to be added later) 5. Build the RPM source & RPM binary (Make sure you have the rpm-build RPM installed first ;-) rpmbuild -ba RPMBUILD/SPEC/ECC-5.2.0.spec 6. Copy the new RPM binary to a http accessible directory cp -p RPMBUILD/RPMS/ECC-5.2.0-1.rpm /var/www/html/RPMs 7. Test the RPM from a new freshly kickstarted box rpm -ivh http://central/RPMs/ECC-5.2.0-1.rpm 

The following LVM setup was configured on a HP DL585 series server. The server is running Red Hat Enterprise Linux AS 4.

The end-user is expecting 3 mount points with 40GB dedicated to each mount point. The decision to use LVM was due to the possibility of needing to extend the space in the future. If this is the case, there are two more slots available for disks.

The DL585 is capable of handling hardware RAID.

1. Setup a new partition on a hardware mirrored disk 

fdisk /dev/cciss/c0d1 
n for new parition and hit enter for the defaults 
t to change the type to 8e (Linux LVM) 
w to save 

2. Initalize parition (Could I have just initialized the entire disk??? hmm...) 
pvcreate /dev/cciss/c0d1p1 

3. Display Volumes (Actually just checking to see it was intialized and no volumes existt) 
vgdisplay 

4. Create a Volume Group 
vgcreate volgrp02 /dev/cciss/c0d1p1 

5. Display Volumes (Now, we should see some volumes) 
vgdisplay 

6. Create Logical Volumes in a Volume Group (Notice 41000 for 40GB) 
lvcreate -L41000 -nusr2 volgrp02 
lvcreate -L41000 -nmqm volgrp02 
lvcreate -L41000 -nmqmlog volgrp02 

7. Create a EXT3 (Journaled) Filesystem on the Logical Volume 
mkfs.ext3 /dev/volgrp02/usr2 
mkfs.ext3 /dev/volgrp02/mqm 
mkfs.ext3 /dev/volgrp02/mqmlog 

8. Create the directories for the the EXT3 Filesystem 
mkdir /var/mqm mkdir /var/mqm/log mkdir /usr2 

9. Add the device, mount point, file system and options to the fstab 
echo "/dev/volgrp02/usr2 /usr2 ext3 defaults 1 2" >> /etc/fstab 
echo "/dev/volgrp02/mqm /var/mqm ext3 defaults 1 2" >> /etc/fstab 
echo "/dev/volgrp02/mqmlog /var/mqm/log ext3 defaults 1 2" >> /etc/fstab 

10. Mount the mount points mount -a 

Here are some quick links for LVM:



Expanding Linux Partitions with LVM - Fedora Wiki



Red Hat Logical Volume Manager - Red Hat Documention Site

growisofs -Z /dev/hda=image.iso

Utilize RPMForge to keep your Linux box up to date :)

As indicated on the www.rpmforge.net website... "The RPMforge.net project is an independent community-driven project to provide the infrastructure and tools to allow users, developers and packagers to meet and work together to provide and improve RPM packages."

For RHEL4:

rpm -ivh http://apt.sw.be/redhat/el4/en/i386/RPMS.dag/rpmforge-release-0.2-2.2.el4.rf.i386.rpm or rpm -ivh http://ftp.belnet.be/packages/dries.ulyssis.org/redhat/el4/en/i386/RPMS.dries/rpmforge-release-0.2-2.2.el4.rf.i386.rpm echo "yum rpmforge http://apt.sw.be/redhat/el4/en/i386/dag/" >> /etc/sysconfig/rhn/sources 

Mounting AFP:

mount_afp afp://10.0.X.X/share /Volumes/share 

Mounting CIFS:

mount_smbfs -I 10.0.X.X //USERNAME@10.0.X.X/share /Volumes/share 

Mounting NFS:

mount_nfs 10.0.X.X/share /Volumes/share /pre>

Lately, I have been more interested in writing scripts using Perl rather than bash.

 #!/usr/bin/perl #file $file = "/tmp/list"; open(FILE, $file) or die "can't open $file: $!\n"; @list = ; close FILE; #via command @list = `ls /thatdirectory`; foreach (@list) { print "do something with" . $_ . "\n"; } 

I decided to use the Apple iTunes "organize my music" option for my mp3 collction. The down side to this snazzy feature is my mp3s are now sorted in several different folders. On my Mac, I ran the find utility to quickly move all my mp3s from the iTunes Library folder to a new directory I called sorted.

find . -name *.mp3 -exec mv {} sorted/. \; 

I decided to see if I could also run GNU find on Windows. What do you know... I can. I downloaded the GNU find tool from http://gnuwin32.sourceforge.net.

Z:\Music>"c:\Program Files\GnuWin32\bin\find.exe" . -name *.mp3 -exec "c:\ rogram Files\GnuWin32\bin\mv.exe" {} sorted\. ; 

Now all my music is in a folder called sorted.

I finally got my Blackberry 8703 to sync with my Parallels Virtual Machine. My Parallels VM is running Windows XP Professional. As superuser, I did the following...

mkdir /System/Library/Extensions.off cd /System/Library/Extensions mv IOBluetooth* /System/Library/Extensions.off reboot 

After my Mac rebooted, I started up my Parallels VM. I installed the AppleBluetoothInstaller.exe from Apple. From there, I selected the Apple - Wireless device from the USB menu. Configured my RIM Desktop Manager to use bluetooth and I was set!

#!/usr/bin/perl
foreach $_ (`df -h | grep -v Filesystem | grep -v devices | grep -v proc | grep -v mnttab | grep -v "fd"`) {
 ( $device, $size, $used, $free, $percent, $mount) = split(/\s+/); 
 #chop($percent); 
 print "$mount $percent\n"; 
} 

# INSTALL EVERYTHING for EL3 # set /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 ONBOOT=yes BOOTPROTO=static HWADDR=... TYPE=Ethernet # Remove mysql packages rpm -e --nodeps mysql-3.23.58-1 rpm -e --nodeps mysql-bench-3.23.58-1 rpm -e --nodeps mysql-devel-3.23.58-1 # Our environment SNORT_PROJECT_HOMEDIR=/root/snort_project # Remove dirs rm -rf ${SNORT_PROJECT_HOMEDIR} # Create our directories mkdir -p ${SNORT_PROJECT_HOMEDIR} # Go to our download area cd $SNORT_PROJECT_HOMEDIR wget http://snort/MySQL-3.23.58-1.i386.rpm rpm -ivh MySQL-3.23.58-1.i386.rpm wget http://snort/MySQL-client-3.23.58-1.i386.rpm rpm -ivh MySQL-client-3.23.58-1.i386.rpm wget http://snort/MySQL-shared-3.23.58-1.i386.rpm rpm -ivh MySQL-shared-3.23.58-1.i386.rpm wget http://snort/MySQL-devel-3.23.58-1.i386.rpm rpm -ivh MySQL-devel-3.23.58-1.i386.rpm # Set MySQL root password /usr/bin/mysqladmin -u root password 'SET' /usr/bin/mysqladmin -u root -h HOSTNAME password 'SET' # Install SNORT dependencies rpm -e --nodeps libpcap-0.7.2-7 wget http://snort/libpcap-0.8.3-7.i386.rpm rpm -ivh libpcap-0.8.3-7.i386.rpm wget http://snort/php-acid-0.9.6b22-1.dag.rhel3.noarch.rpm rpm -ivh php-acid-0.9.6b22-1.dag.rhel3.noarch.rpm wget http://snort/php-adodb-4.22-1.rhel3.dag.noarch.rpm rpm -ivh php-adodb-4.22-1.rhel3.dag.noarch.rpm wget http://snort/php-jpgraph-1.14-1.rhel3.dag.noarch.rpm rpm -ivh php-jpgraph-1.14-1.rhel3.dag.noarch.rpm # Install SNORT wget http://snort/snort-2.3.3-1.i386.rpm rpm -ivh snort-2.3.3-1.i386.rpm wget http://snort/snort-mysql-2.3.3-1.i386.rpm rpm -ivh snort-mysql-2.3.3-1.i386.rpm # Install oinkmaster for rules updates # we'll need a id # from the snort.org site cd $SNORT_PROJECT_HOMEDIR wget http://snort/oinkmaster-1.2.tar.gz cd /opt gtar xvfz ${SNORT_PROJECT_HOMEDIR}/oinkmaster-1.2.tar.gz ln -s oinkmaster-1.2 oinkmaster cp /opt/oinkmaster/oinkmaster.conf /etc/. mkdir /etc/snort/rules.backup echo "sleeping for 60 seconds so you can" echo "modify the # url = http://www.snort.org/pub-bin/oinkmaster.cgi//snortrules-snapshot-2.3.tar.gz" echo "statement inside /etc/oinkmaster.conf, you need to set the oinkcode" /opt/oinkmaster/oinkmaster.pl -b /etc/snort/rules.backup -o /etc/snort/rules # Install logsnorter cd $SNORT_PROJECT_HOMEDIR wget http://snort/logsnorter-0.2.tar.gz cd /opt mkdir logsnorter-0.2 ln -s logsnorter-0.2 logsnorter cd logsnorter gtar xvfz ${SNORT_PROJECT_HOMEDIR}/logsnorter-0.2.tar.gz mv logsnorter-0.2 logsnorter chmod 755 logsnorter chown root:root logsnorter # Create the MySQL snort dbs and schema cd $SNORT_PROJECT_HOMEDIR wget http://snort/snort-2.3.3.tar.gz gtar xvfz snort-2.3.3.tar.gz cd snort-2.3.3/schemas mysqladmin -uroot -pSET create snort_log mysql -uroot -pSET < create_mysql snort_log mysqladmin -uroot -pSET create snort_archive mysql -uroot -pSET < create_mysql snort_archive # Configure snort.conf echo "Update HOME_NET in /etc/snort.conf" echo "Insert the following into /etc/snort.conf" echo "#insert - begin" echo "output database: log, mysql, user=root password=SET dbname=snort_log host=localhost" echo "output database: log, mysql, user=root password=SET dbname=snort_archive host=localhost" echo "#insert - finish" # Configure /var/www/acid/acid_conf.php echo "Update alert_password and archive_password in /etc/snort.conf" echo "Update DBlib_path" echo "Update ChartLib_path" # Make changes to /etc/rc.d/init.d/snort echo "Comment out . /etc/sysconfig/snort in /etc/rc.d/init.d/snort" echo "Change INTERFACE="-i eth0 to INTERFACE="-i eth1" # Enable services chkconfig httpd on chkconfig mysql on # Start services service httpd start service snortd start # Setup usernames for acid htpasswd /var/www/acid-users usnetwork # Setup links cd /var/www/html ln -s /var/www/acid acid # Web browser echo "Goto http:///acid/acid_main.php and click on Setup page" echo "Click on Create ACID AG" ### NEED TO SETUP # LOGSNORT 

Swatch Config file for Cisco Switches

 # Ignore the following # Usually a hub ignore /10\.5\.15\.15.*%LINK-4-ERROR.*FastEthernet0\/45/ ignore /c35h-100-4-3.*%LINK-4-ERROR.*FastEthernet0\/40/ ignore /c35h-100-4-1.*%LINK-4-ERROR.*FastEthernet0\/19/ watchfor /is experiencing errors/ echo mail sysadmin1@company.com:sysadmin2@company.com,subject=switch is experiencing interface errors throttle 00:10 

Swatch Startup file for Cisco Switches

 #!/sbin/sh #ident "@(#)swatch_switch 1.6 04/12/14 XXX" case "$1" in 'start') if [ -f /etc/swatch_switch_messages.conf ]; then echo 'swatch for switch_messages starting.' /usr/local/bin/swatch --config-file=/etc/swatch_switch_messages.conf \ --tail-file=/usr/local/logs/messages --use-cpan-file-tail \ --pid-file=/var/run/swatch_switch_messages.pid & fi ;; 'stop') /usr/bin/kill -TERM `/usr/bin/cat /var/run/swatch_switch_messages.pid` ;; *) echo "Usage: $0 { start | stop }" exit 1 ;; esac exit 0 

Swatch Config file for Cisco PIX

 watchfor /LEAVING ALLOW mode/ echo mail securitygroup@company.com:ops@company.com,subject=PIX is LEAVING ALLOW mode... app up. throttle 00:10 watchfor /ENTERING ALLOW mode/ echo mail securitygroup@company.com:ops@company.com,subject=PIX is ENTERING ALLOW mode... app down. throttle 00:10 watchfor /Switching to ACTIVE/ echo mail securitygroup@company.com:ops@company.com,subject=PIX has failed over. throttle 00:10 

Swatch Startup Script for Cisco PIX

 #!/sbin/sh #ident "@(#)swatch_network 1.6 94/12/14 XXX" case "$1" in 'start') if [ -f /etc/swatch_network_pix.conf ]; then echo 'swatch for pix starting.' /usr/local/bin/swatch --config-file=/etc/swatch_network_pix.conf \ --tail-file=/usr/local/logs/pix --use-cpan-file-tail \ --pid-file=/var/run/swatch_pix.pid & fi ;; 'stop') /usr/bin/kill -TERM `/usr/bin/cat /var/run/swatch_pix.pid` ;; *) echo "Usage: $0 { start | stop }" exit 1 ;; esac exit 0 

http://www.geocities.com/fryxar/

#!/usr/bin/perl # watch_dns: # A program to watch for inbound DNS queries, and print the # source, destination, and requested domain name of the queries. # You'll need to fill this in with your actual IP address # (If we didn't restrict the destination IP address, we'd # catch all our outbound queries too.) my $MY_IP_ADDRESS='10.0.0.30'; # The unprivileged uid/gid under which we should run. my $UNPRIV="200"; # No changes required hereafter use Net::Pcap; use FileHandle; use strict; use English; # for example purposes only - I prefer obfuscated code. STDOUT->autoflush(1); while ( 1 ) { my $pid = fork(); if ( ! defined $pid ) { die "Unable to fork. Yikes." }; if ( $pid ) { # Parent process (running as root) will wait for # child. If child exits, we'll create another one. wait(); sleep(1); # To keep us from respawning too fast if necessary. } else { print "Child starting\n"; # Child process will do actual sniffing. # First, create our packet capturing device my($pcap_t) = create_pcap(); unless ( $pcap_t ) { die "Unable to create pcap"; } # Let's stop running as root. Since we already # have our pcap descriptor, we can still use it. $EGID="$UNPRIV $UNPRIV"; # setgid and setgroups() $GID=$UNPRIV; $UID=$UNPRIV; $EUID=$UNPRIV; # Capture packets forever. Net::Pcap::loop($pcap_t, -1, \&process_pkt, 0); # Technically, we shouldn't get here since the loop # is infinite (-1), but just in case, close and exit. Net::Pcap::close($pcap_t); exit 1; } } sub create_pcap { my $promisc = 0; # We're only looking for packets destined to us, # so no need for promiscuous mode. my $snaplen = 135; # Allows a max of 80 characters in the domain name my $to_ms = 0; # timeout my $opt=1; # Sure, optimisation is good... my($err,$net,$mask,$dev,$filter_t); my $filter = "udp dst port 53 and dst host $MY_IP_ADDRESS"; # Look up an appropriate device (eth0 usually) $dev = Net::Pcap::lookupdev(\$err); $dev or die "Net::Pcap::lookupdev failed. Error was $err"; if ( (Net::Pcap::lookupnet($dev, \$net, \$mask, \$err) ) == -1 ) { die "Net::Pcap::lookupnet failed. Error was $err"; } # Actually open up our descriptor my $pcap_t = Net::Pcap::open_live($dev, $snaplen, $promisc, $to_ms, \$err); $pcap_t || die "Can't create packet descriptor. Error was $err"; if ( Net::Pcap::compile($pcap_t, \$filter_t, $filter, $opt, $net) == -1 ) { die "Unable to compile filter string '$filter'\n"; } # Make sure our sniffer only captures those bytes we want in # our filter. Net::Pcap::setfilter($pcap_t, $filter_t); # Return our pcap descriptor $pcap_t; } # Routine to process the packet -- called by Net::Pcap::loop() # every time an appropriate packet is snagged. sub process_pkt { my($user_data, $hdr, $pkt) = @_; my($src_ip) = 26; # start of the source IP in the packet my($dst_ip) = 30; # start of the dest IP in the packet my($domain_start) = 55; # start of the domain in the packet my($data); # extract the source IP addr into dotted quad form. my($source) = sprintf("%d.%d.%d.%d", ord( substr($pkt, $src_ip, 1) ), ord( substr($pkt, $src_ip+1, 1) ), ord( substr($pkt, $src_ip+2, 1) ), ord( substr($pkt, $src_ip+3, 1) )); # extract the destination IP addr into dotted quad form. my($destination) = sprintf("%d.%d.%d.%d", ord( substr($pkt, $dst_ip, 1) ), ord( substr($pkt, $dst_ip+1, 1) ), ord( substr($pkt, $dst_ip+2, 1) ), ord( substr($pkt, $dst_ip+3, 1) )); $data = substr($pkt, $domain_start); $data =~ s/\00.*//g; # strip off everything after the domain $data =~ s/[^-a-zA-Z0-9]/./g; # change the domain component separators # back int to dots. print "$source -> $destination: $data\n" if ( $source and $destination and $data); } 

# Display all clients 
BPCLCLIENTS=/usr/openv/netbackup/bin/admincmd/bpclclients 
${BPCLCLIENTS} 

# Display Filesystem Backup Coverage 
BPCLCLIENTS=/usr/openv/netbackup/bin/admincmd/bpclclients 
BPCOVERAGE=/usr/openv/netbackup/bin/admincmd/bpcoverage 
for client in `${BPCLCLIENTS} | grep -v   \
        | grep -v  | grep -v  | awk '{print $3}' | \ 
        sed -e 's/Client//g' | sed -e 's/--------------//g'` 
do 
${BPCOVERAGE} -c ${client} 
done 

# Display Files that were Backed Up Today on All Hosts 
NBU_TODAY="`date '+%m/%d/%Y'`" 
DATE1="`echo ${NBU_TODAY} | cut -d"/" -f1`" 
DATE2="`echo ${NBU_TODAY} | cut -d"/" -f2`" 
DATE3="`echo ${NBU_TODAY} | cut -d"/" -f3`" (( DATE2 = DATE2 - 1 )) 
NBU_NOW="${DATE1}/${DATE2}/${DATE3}" 
BPCLCLIENTS=/usr/openv/netbackup/bin/admincmd/bpclclients 
BPFLIST=/usr/openv/netbackup/bin/admincmd/bpflist 

#example: bpflist -l -client nbuclient -d 09/13/2004 00:00:00 -option GET_ALL_FILES 
for CLIENT in `${BPCLCLIENTS} | awk '{print $3}' | \ sed -e 's/Client//g'  \
        | sed -e 's/--------------//g'` 
do 
echo "-----------------------------------------------------------" 
echo "Backed up from ${CLIENT} on ${NBU_NOW} - Start" 
echo "-----------------------------------------------------------" 
${BPFLIST} -l -client ${CLIENT} -d ${NBU_NOW} 00:00:00 \ 
        -option GET_ALL_FILES | \ 
        awk '{print $10}' 
echo "-----------------------------------------------------------" 
echo "Backed up from ${CLIENT} on ${NBU_NOW} - Finish" 
echo "-----------------------------------------------------------" 
done 

# Display Files that were Backed up Today on Single Host 
NBU_TODAY="`date '+%m/%d/%Y'`" 
DATE1="`echo ${NBU_TODAY} | cut -d"/" -f1`" 
DATE2="`echo ${NBU_TODAY} | cut -d"/" -f2`" 
DATE3="`echo ${NBU_TODAY} | cut -d"/" -f3`" (( DATE2 = DATE2 - 1 )) 
NBU_NOW="${DATE1}/${DATE2}/${DATE3}" 
BPFLIST=/usr/openv/netbackup/bin/admincmd/bpflist 
CLIENT=${1} 

#example: bpflist -l -client nbuclient -d 09/13/2004 00:00:00 -option GET_ALL_FILES 
echo "-----------------------------------------------------------" 
echo "Backed up from ${CLIENT} on ${NBU_NOW} - Start" 
echo "-----------------------------------------------------------" 
${BPFLIST} -l -client ${CLIENT} -d ${NBU_NOW} 00:00:00 \ 
        -option GET_ALL_FILES | \ 
        awk '{print $10}' 
echo "-----------------------------------------------------------" 
echo "Backed up from ${CLIENT} on ${NBU_NOW} - Finish" 
echo "-----------------------------------------------------------" 

# Display Classes / Policies 
BPCLLIST=/usr/openv/netbackup/bin/admincmd/bpcllist 
${BPCLLIST} -allclasses -U 

# Today's Upcoming Backup Schedule 
EMAIL_ADDRESS=sysadmin@company.com 
NBU_TODAY="`date '+%m/%d/%Y'`" 
mail $EMAIL_ADDRESS << EOF
From:$EMAIL_SENDER@$HOST_NAME 
To: $EMAIL_ADDRESS 
Subject: Scheduled Backups for $HOST_NAME 
`/usr/openv/netbackup/bin/admincmd/bpschedreq -predict ${NBU_TODAY}` 
EOF 

# What's the current status of NBU
EMAIL_ADDRESS=sysadmin@company.com 
mail $EMAIL_ADDRESS << EOF
From:$EMAIL_SENDER@$HOST_NAME
To: $EMAIL_ADDRESS
Subject: Netbackup Status on $HOST_NAME summary
`/usr/openv/netbackup/bin/admincmd/bpdbjobs -summary` jobs 
`/usr/openv/netbackup/bin/admincmd/bpdbjobs -header -report` drives
`/usr/openv/volmgr/bin/vmoprcmd` 
EOF 

#!/bin/ksh # Globals EMAIL_SENDER=$LOGNAME EMAIL_ADDRESS=sysadmin@company.com HOST_NAME=`uname -n` # Specific from mon.fs.dat.host1a: /global 4 from mon.fs.dat.host1b: /backup 80 # mon_fs - credit goes to solaris bigadmin scripts while read -r FS MAXCAP do CAPACITY=`df -k $FS | grep -v avail | awk {'print $5'} | awk -F% {'print $1'}` if test $CAPACITY -gt $MAXCAP; then mail $EMAIL_ADDRESS << $DIR_MON_FS/mon_fs.dat.$HOST_NAME exit 0 

Mirror your router's switch port to a Linux box. Then use IPFM/IP-FlowMeter (http://robert.cheramy.net/ipfm) and BW-IPFM (http://bw.intellos.net) for daily bandwidth reports.

Setup your cron job:

 

01 16 * * * root /opt/bw-ipfm/bw-ipfm.pl -d -f total | mail -s "8AM - 4PM Bandwidth Report" bw-ipfw@localhost 

01 00 * * * root /opt/bw-ipfm/bw-ipfm.pl -d -f total | mail -s "4PM - 12AM Bandwidth Report" bw-ipfw@localhost 

01 08 * * * root /opt/bw-ipfm/bw-ipfm.pl -d -f total | mail -s "12AM - 8AM Bandwidth Report" bw-ipfw@localhost 

Setup your ipfm.conf file:

 

# Global variables 

DEVICE eth1 LOG 10.0.0.0/255.0.0.0 LOG 192.168.0.0/255.255.0.0 

FILENAME "/var/log/ipfm/%y/%m/%d/%H:%M:%S" 

DUMP EVERY 1 hour AFTER 00 minutes 00 seconds 

CLEAR EVERY 1 hour AFTER 00 minutes 00 seconds

SORT TOTAL NEWLOG 

Other Perl code:

 

#!/usr/bin/perl open (FILE,"./bwtest.txt"); 

my @output = ; 

my $header = $output[0]; 

my $total = $output[$#output]; 


#$print "$header\n"; 

#print "$total\n"; 

my $i; 

print "\n"; 

print"\n"; 

print"\n"; 

print"
$header
\n"; 

print"
"; 

print""; 

print "\n"; 
for ($i=3; $i < $#output-1 ;$i++){ 

my ($ip, $in,$out,$tot) = split /\s+/,$output[$i]; 

print << "EOF" 






EOF } 
my ($ip, $in,$out,$tot) = split /\s+/,$output[$#output]; 

print "
\n"; 

print "
IP
IN
OUT
TOTAL

 
$ip 
 
$in 
 
$out
 
$tot
 
 

$ip
$in
$out
$tot
\n"; 

print "\n"; 

print "\n"; 

#!/bin/ksh # # check the state of the battery for A1000 OSA_DIR=/usr/lib/osa echo "detecting raid devices..." ${OSA_DIR}/bin/lad echo "checking the age of battery..." ${OSA_DIR}/bin/lad | awk '{print $1}' > /tmp/lad for LAD in `cat /tmp/lad` do ${OSA_DIR}/bin/raidutil -c ${LAD} -B done 

 #!/usr/bin/perl open (FILE,$ARGV[0]) or die "Cannot open file $ARGV[0]$!\n"; $/="!\n"; while (){ if (/interface/){ if (/description/){ # print; } else{ &parseRecord($_) } } else { # print; } } sub parseRecord{ my $rec = shift; my @recs = split '\n', $rec; foreach $record (@recs){ if ($record =~ /interface/){ my ($key,@val) = split / /, $record ; print "$record\n"; print " description @val\n"; } # else{ # print "$record\n"; # } } } 

# Kickstart Post-Configuration for RHEL3 

echo "Disabling SSH root logins..." 

sed -e 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config > /etc/ssh/sshd_config.new 

mv /etc/ssh/sshd_config /etc/ssh/sshd_config.orig 

mv /etc/ssh/sshd_config.new /etc/ssh/sshd_config 


echo "Adding Sysadmin SMTP address to /etc/aliases..."

echo "root: sysadmingroup@company.com" > /etc/aliases newaliases 

echo "Adding SMTP server to /etc/mail/sendmail.cf..." 

sed -e 's/DS/DSsmtp.company.com' /etc/mail/sendmail.cf > /etc/mail/sendmail.cf.new 

mv /etc/mail/sendmail.cf /etc/mail/sendmail.cf.orig 

mv /etc/mail/sendmail.cf.new /etc/mail/sendmail.cf 

echo "Enable updatedb..." 

sed -e 's/DAILY_UPDATE=no/DAILY_UPDATE=yes/' /etc/updatedb.conf > /etc/updatedb.conf.new 

mv /etc/updatedb.conf /etc/updatedb.conf.orig 

mv /etc/updatedb.conf.new /etc/updatedb.conf 

echo "Enable apache..." 

chkconfig httpd on