FILE PERMISSIONS in Linux

In Linux we talk about "users" and "groups" I´m sure know about this.
They have different permissions regarding access to files. There is a clever way to see how permissions are set.

Remember the command "ls" it gave a list of all files in the directory you´re in, "ls -a" even did show all the hidden files as well.
CODE
$ ls -l


( Will give you the files in "long" format, try: )


CODE
$ ls -l /etc/gnome/gnomerc



This is what you will get:


QUOTE (Text @ Screen)
-rwxr-xr-x 1 root root 484 Feb 25 14:08 /etc/gnome/gnomerc



This does look a bit complicated but it really isn´t. The first 10 characters are built up like this:

- rwx r-x r-x

The first one tells you whether it is a file ( - ) a directory ( d ) or a link ( l )
The next three are for the "user" 'r'ead 'w'rite and e'x'ecute. The next three for the "group" and the last three for all "others"

The next 1 stands for the number of links to the file. The owner. The group. The size in bytes. The date and time of the last modification to the file. And the name of the file.


CODE
$ ls -al /home/deadmix


Will give a long list of all the files in your home directory and their permissions.
The list is even to long for your screen:
"ls -al /home/deadmix >permissions"
Places a textfile called permissions in your home directory, do print it out for further inspection, there is a lot to learn there.

Read more!

Ctrl+C ( Stop Processing Command )

Imagine you just typed in a command and hit the Enter-key . . . and
suddenly you realized it was the wrong command and it is copying the full
hda8 partition into a plugins directory . . . how do we stop the command
from processing ??

Crtl+C

And the command will stop its insane work instantly . . . . sure a bunch
of files will already have been copied, but you do not have to wait the
full 15 minutes until it has finished.

Any command given in the terminal can be stopped like this, a search for
rootkits, a virus scan, updatedb . .you name it, all things that take
long enough to give you time to think . . and say "Ouch ! I did it
wrong, I have to stop this !"

Read more!

TAB COMPLETION

This has been in The Tips before, but got lost at the end part of another tip: ¨searching¨ . . Just because it´s such a handy feature of the commandline and because many members are struggling to get the commands typed correctly . . . here it is again:
The Tab key autocompletes on the commandline, you type a few characters and press the Tab key and the command or the name of the file will be completed:
Try this, "cd /u" and press tab now add an "s" and press tab, give an "h" and press tab, now we have got "cd /usr/share/" OK lets go on, type a "f" "o" "n" tab "t" tab "d" tab. <> Now we are in /usr/share/fonts/ttf/decoratives. "ls" will give you a list of all the fancy ttf fonts on your system.

So next time you have to type a long command like this:


CODE
# cp synthesis.hdlist.update_source.cz /var/lib/urpmi/synthesis.hdlist.update_source.cz


You type:


CODE
# cp sy ( tab ) ( space ) /v ( tab ) li ( tab) u ( tab ) sy ( tab )



And you will see that the full command is on your screen ( This command works only if the file "synthesis.hdlist.update_source.cz" is in your /home direcotry )


More on the Tab key and commands:

If you don´t remember exactly how a command was written, type in the first character or two and hit the tab, you will get a list of all the commands that start with that character(s).

If you wish to know what a certain command does ( ex: mkmanifest ), type:


CODE
$ whatis mkmanifest


This is what you get back to the screen :


QUOTE (Text @ Screen)
mkmanifest (1) - makes list of file names and their DOS 8+3 equivalent


All Linux commands and their descriptions can be found at O'Reilly

Read more!

BASH SCRIPT

Keeping it simple: You know by now that "rm" removes a file, permanently !
Wouldn't it be nice if we could move it to the recycle bin with a simple command instead ?

We're gonna make that command and call it: "del"
( YES ! making our own commands ! )

First a little script:


CODE
$ vi /usr/bin/del


"i"
Here is the text for the script:


QUOTE (Text @ Script)

#!/bin/bash
mv $1 ~/Desktop/Trash
#End script



<>
"ZZ"

Make it executable


CODE
# chmod 0775 /usr/bin/del



Now if we do


CODE
$ del tessst


( It will execute the script and do the same as: )


CODE
$ mv tessst /home/bruno/Desktop/Trash



Sure this was a very short example, a 3 line script, it only holds one command, but you could put as many lines in the script as you want and execute it with a four letter word.
If there are more commands in the script it will execute them in the order that they are noted down.

Because /usr/bin is in your "path" you only have to type "del" to execute it.

If you have to do complicated commands in a certain order on a regular basis, make a little bash script, put it in your "path" and give it a name that's easy to remember.

Next time we'll make a simple backup script, to backup and gzip the contents of your /home directory.

Read more!

BASH HISTORY

As we are doing more and more commands at the bash-prompt it's time to learn a neat little trick:

As you are at an empty prompt press the "arrow-up" key and you will see the previous command you typed in !
Press again, and again, and again, see all the commands that were stored in the "bash-history"

As current user you will only see the commands you typed in, as root you will see the commands you typed in as root.

More fun, type in:


CODE
$ history


And you'll get a full numbered list of all stored commands


CODE
$ !8


Will get you number 8 of that list


CODE
$ !v


And you will get the last command that started with v


Ctrl+R will let you do a search in the history


Bash history won't be lost at reboot or shutdown, clever isn't it ?

Read more!

BASH in Linux

There are several shells available in Linux, the default shell is the Bourne Again SHell ---a pun on the name of Steve Bourne, who was author of the traditional Unix shell, the Bourne shell.
A shell is a program that takes commands from the user and passes them on to the kernel for processing.

Like all the other shells in Linux, the Bash shell is not only a great tool for the command line, but also a scripting language.
Shell scripting allows you to automate tasks that in a normal way would need typing in a lot of commands.
FYI: Some other shells are: the C shell, or Korn shell (the default on IBM's AIX operating system); the ASH shell ( ash is useful for testing scripts to be sh-compliant ), the TCSH shell ( completely compatible version of the Berkeley Unix C shell ) and the new ZSH shell ( ZSH most closely resembles KSH but includes many enhancements ).

As you open a terminal/console you actually open a shell and you are presented with a bash prompt. A Bash prompt typically ends with a $ to show you´re logged in as a normal user ( Only in SuSE it ends with > for the user ). A Bash prompt ending with # shows that we are logged in as root ( Same in SuSE this time ).

Read more!

VI AND EMACS

All configuration files in Linux are written in plain English, easy to read and to adapt. We use a text-editor to write or make changes to those files.
The two most popular, powerful and “difficult” editors that you will find in every distro are Vi and Emacs. They both have “syntax-highlighting” to make writing code easy.

NOTE: Vi and Emacs fans fight bitter religious wars over which is better.

Vi

There are hundreds of commands for Vi, we will only touch the absolute minimum.


CODE
$ vi tessst


Will open the file tessst in located in your /home, if the file does not exist it will create one.
Vi has 3 modes: a command mode, an insert mode and an ex mode.
When you start Vi it starts in command mode. So we first have to type an "i" to put it in insert mode. Now you can type “the quick brown fox etc.”
After inserting the text we go back to command mode <> and save the file with ZZ. Thats all we have to know for the beginning.: "i" for insert <> for command, ZZ for saving the file.

Some more commands for Vi: ( less important )
i = insert text before the cursor
a = insert text after the cursor
: = switch to ex mode
$ = go to last place on the line
^ = go to first place on the line
w = next word
b = previous word
G = last line of the file
20G = go to line no 20
y = copy ( y3w = copy 3 words ) ( y3j = copy 4 lines )
p = paste
d = cut
x = delete character under the cursor




Emacs

Emacs is made easy because these days it has a GUI in modern distro's, but we will use the keyboard because it has more speed.


CODE
$ emacs ssset


Will open or create the file ssset in your /home
OK type away: “ the quick brown etc”.
Now to save the file do: Ctrl+x, Ctrl+c, y
Well I said we were going to keep it simple !

Leave the tessst and ssset files in your /home, in the next section we can do some exercises with them.

Read more!

THE CONSOLE / TERMINAL

All the tasks we do on the commandline are done in a "dos-window", in Linux we call it a "Shell", "Console" or "Terminal" ( the name depends on the distro you use, Terminal is used in RedHat, Console in Mandrake ).
As you start up a Console ( look in your menu ) you will be presented with a “prompt“, this prompt will end with a $, this means that you are logged in as a normal user.

Once you type "su" and give your root password the $ will change in a #, indicating that you are root.
Ctrl+d will log you out as root and bring you back to $, if you do a Ctrl+d again the console will close.

( A normal prompt will look like: [localhost@localdomain:~]$ Not very spectecular, but later in The Tips we will start tweaking your prompt into something fancy, but the $ and # will always stay the same )

For nearly every program or command there are “man”-ual pages stored on your computer. You can read them by typing "man man", this will give you the man pages for the command man. "man cp" will give you the man pages for the command cp. The spacebar lets you scroll the page. With "q" you close the man pages !
More info than the man pages can often be found by typing "--help" after the command. See "cp --help" gives a different result then "man cp".

Read more!

Disable Ping (ICMP) Responses With Linux

This is a kernel parameter that you can set with /etc/sysctl.conf by adding two lines:

# tail -n 2 /etc/sysctl.conf
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_echo_ignore_all = 1

Apply the changes by using the sysctl -p command:

# sysctl -p
.
.
.
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_echo_ignore_all = 1
#

There are various security reasons why you would want to do this. There are also some administration reasons why you shouldn't do this.

Read more!

Upgrading Linux Kernel on Gentoo Sparc64

We had a troublesome upgrade of our Gentoo Sparc64 box. After emerge world the system wouldn't boot because the boot files were changed without re-running SILO. We fixed this in this article. Anyway, even though we went through this trouble, it appears that the emerge downloaded the 2.4.31 sources, messed with our boot files, but we were still running on 2.4.27.
srv-1 linux # uname -a
Linux srv-1 2.4.27-sparc #1 SMP Fri Jul 18 08:43:34 PST 2008 sparc64
sun4u TI UltraSparc II (BlackBird) GNU/Linux
srv-1 linux #

We decided to recompile the kernel and call it something different. We'll see if emerge will mess with that next time around. Here is how we upgraded our kernel:

srv-1 src # ls
linux linux-2.4.27-sparc linux
srv-1 src # rm linux
srv-1 src # ln -s linux linux
srv-1 src # cd linux

Note that the whole linking of linux to the kernel source tree is dated and not used, supposedly, but we didn't do this originally, it was part of the Gentoo install. Perhaps it still isn't needed, but we aren't willing to change something that mostly works. Let's continue on with copying the old .config file:

srv-1 linux # cp ../linux-2.4.27-sparc/.config ./
srv-1 linux # make oldconfig
rm -f include/asm
( cd include ; ln -sf asm-sparc64 asm)
/bin/sh scripts/Configure -d arch/sparc64/config.in
#
# Using defaults found in .config
.
.
.
* Grsecurity
*
Grsecurity (CONFIG_GRKERNSEC) [N/y/?]
*** End of Linux kernel configuration.
*** Check the top-level Makefile for additional configuration.
*** Next, you must run 'make dep'.

Time to compile:

srv-1 linux # make dep && make clean vmlinux image modules modules_install
.
.
.
make[1]: Leaving directory `/usr/src/linux-2.4.31-sparc/arch/sparc64/math-emu'
cd /lib/modules/2.4.31-sparc; \
mkdir -p pcmcia; \
find kernel -path '*/pcmcia/*' -name '*.o' xargs -i -r ln -sf ../{} pcmcia
if [ -r System.map ]; then /sbin/depmod -ae -F System.map 2.4.31-sparc; fi
srv-1 linux-2.4.31-sparc #

Let's install the kernel and reboot:

srv-1 linux-2.4.31-sparc # cp arch/sparc64/boot/image /boot/sparckernel-2.4.31
srv-1 linux-2.4.31-sparc # cp System.map /boot
srv-1 linux-2.4.31-sparc # vi /etc/silo.conf
srv-1 linux-2.4.31-sparc # silo
/etc/silo.conf appears to be valid
srv-1 linux-2.4.31-sparc #

Let's reboot. [screen gets wavy... flash forward]:
srv-1 ~ # uname -a
Linux srv-1 2.4.31-sparc #1 SMP Sun Jul 19 06:05:28 PDT 2008 sparc64 sun4u
TI UltraSparc II (BlackBird) GNU/Linux
srv-1 ~ #
srv-1 ~ # cat /etc/silo.conf
partition = 1
timeout = 150
default=Gentoo
root = /dev/sda1
image = /boot/sparckernel-2.4.31
label = Gentoo
root = /dev/sda1
read-only
other = /sbus@1f,0/SUNW,fas@e,8800000/sd@9,0;1
label = solaris

All is good.

Read more!

Sprogram Terminated Error after Gentoo Emerge

When we rebooted we got an error at the console when trying to boot that just said Sprogram terminated. It turns out that this was caused by an error with the SILO boot records. See this article for more information on installing SILO. To get our system to boot correctly again, we simply booted our root partition with install-sparc64-minimal-2005.1.iso available here and re-ran silo.

# silo
/etc/silo.conf appears to be valid
# ls -l /boot
total 4052
-rw-r--r-- 1 root root 560753 Dec 31 2004 System.map
lrwxrwxrwx 1 root root 1 Dec 31 2004 boot -> .
-rw-r--r-- 1 root root 1024 Sep 3 06:53 fd.b
-rw-r--r-- 1 root root 512 Sep 3 06:53 first.b
-rw-r--r-- 1 root root 1024 Sep 3 06:53 generic.b
-rw-r--r-- 1 root root 816 Sep 3 06:53 ieee32.b
-rw-r--r-- 1 root root 7192 Sep 3 06:53 isofs.b
-rwxr-xr-x 1 root root 3441776 Dec 31 2004 kernel-2.4.27
-rw-r--r-- 1 root root 7680 Dec 31 2004 old.b
-rw-r--r-- 1 root root 64512 Sep 4 05:48 second.b
-rw-r--r-- 1 root root 62398 Sep 3 06:53 silotftp.b
-rw-r--r-- 1 root root 512 Sep 3 06:53 ultra.b
# date
Sun Sep 4 05:49:19 PDT 2005
velasca src #

You can see that the second.b record was changed when we re-ran SILO. Also, you can see that the upgrade yesterday did touch some of the other boot records. We have never seen Gentoo mess with these records on our other boxes, but we usually run a custom kernel and don't let Gentoo emerge those. Anyway, do be aware of this behavior.

Read more!

Getting Silo Installed

It turns out that Silo is not in the distfiles. We will investigate this some other time if we get bored, but *the only* piece that didn't come on the Universal LiveCD was Silo. We figured we could transfer it by putting it on a diskette formatted with ext2 on Agatha's workstation and using sneaker net to transfer to the SPARC.
root@mach-1 usr-1 # mkfs /dev/fd0
mke2fs 1.35 (28-Feb-2004)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
184 inodes, 1440 blocks
72 blocks (5.00%) reserved for the super user
First data block=1
1 block group
8192 blocks per group, 8192 fragments per group
184 inodes per group
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 38 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
root@mach-1 usr-1 #
root@mach-1 usr-1 # ls silo*
silo-1.4.8.tar.gz
root@mach-1 usr-1 # mount -t ext2 /dev/fd0 /mnt
root@mach-1 usr-1 # cp silo* /mnt
root@mach-1 usr-1 # umount /mnt
root@mach-1 usr-1 #
livecd / # mount -t ext2 /dev/fd0 /mnt/floppy
OOPS: Bogus kernel PC [0000000000000080] in fault handler
[0000000000408cc8] [000000000040eb40] [000000000041a504] [00000000006b4694] [000
0000000404678] [0000000000000000]
Unable to handle kernel NULL pointer dereference
tsk->{mm,active_mm}->context = 00000000000007a2
tsk->{mm,active_mm}->pgd = fffff8001fe7b000
\/ ____ \/
"@'/ .. \`@"
/_ \__/ _\
\__U_/

Hummm... that didn't work. Nice core dump ASCII though. If we get bored (again), maybe we will dig into this problem. We really just want to get the OS booted, though. Let's try using the raw device and tar:

root@mach-1 usr-1 # tar -cf /dev/fd0 silo-1.4.8.tar.gz
root@mach-1 usr-1 # tar -tf /dev/fd0
silo-1.4.8.tar.gz
root@mach-1 usr-1 #
livecd root # tar -xf /dev/fd0
OOPS: Bogus kernel PC [0000000000000080] in fault handler
[0000000000408cc8] [000000000040eb40] [000000000041a504] [00000000006b4694] [00
Unable to handle kernel NULL pointer dereference
tsk->{mm,active_mm}->context = 00000000000004cb
tsk->{mm,active_mm}->pgd = fffff8001fe7b000
\/ ____ \/
"@'/ .. \`@"
/_ \__/ _\
\__U_/
swapper(0): Oops

Well... sheesh... It looks like we need to set up the network and sshd to transfer the silo source:

livecd root # net-setup eth0
livecd root # ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:20:9A:E6:79
inet addr:10.50.100.49 Bcast:10.50.100.255 Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:13 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1344 (1.3 Kb) TX bytes:1830 (1.7 Kb)
Interrupt:96
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
livecd root #
livecd root # passwd
New UNIX password:
Retype new UNIX password:
passwd: password updated successfully
livecd root #
livecd root # /etc/init.d/sshd start
* Generating Hostkey...
.
.
.
* Starting sshd... [ ok ]
livecd root #
usr-1@mach-1 usr-1 $ ssh root@srv-1
Please report any bugs you find to http://bugs.gentoo.org. Be sure to include
detailed information about how to reproduce the bug you are reporting. Thanks
for using Gentoo Linux!
Stage tarball(s), distfiles and packages can be found in /mnt/cdrom/.
livecd root #

Go back into the new system environment and compile/install Silo:

livecd / # mount /dev/sda1 /mnt/gentoo
livecd / # mount -t proc none /mnt/gentoo/proc
livecd / # chroot /mnt/gentoo /bin/bash
livecd / # env-update; source /etc/profile
>>> Regenerating /etc/ld.so.cache...
* Caching service dependencies...
livecd / #
livecd / # emerge silo
Calculating dependencies ...done!
>>> emerge (1 of 1) sys-boot/silo-1.4.8 to /
>>> Downloading http://gentoo.osuosl.org/distfiles/silo-1.4.8.tar.gz
--11:03:04-- http://gentoo.osuosl.org/distfiles/silo-1.4.8.tar.gz
=> `/usr/portage/distfiles/silo-1.4.8.tar.gz'
Resolving gentoo.osuosl.org... failed: Temporary failure in name resolution.
>>> Downloading http://distro.ibiblio.org/pub/Linux/distributions/gentoo/
distfiles/silo-1.4.8.tar.gz
--11:03:04-- http://distro.ibiblio.org/pub/Linux/distributions/gentoo/
distfiles/silo-1.4.8.tar.gz
=> `/usr/portage/distfiles/silo-1.4.8.tar.gz'
Resolving distro.ibiblio.org... failed: Temporary failure in name resolution.
>>> Downloading http://www.sparc-boot.org/pub/silo/silo-1.4.8.tar.gz
--11:03:04-- http://www.sparc-boot.org/pub/silo/silo-1.4.8.tar.gz
=> `/usr/portage/distfiles/silo-1.4.8.tar.gz'
Resolving www.sparc-boot.org... failed: Temporary failure in name resolution.
!!! Couldn't download silo-1.4.8.tar.gz. Aborting.

Doh! Have to set up name resolution:

livecd / # nano /etc/resolv.conf
livecd / # cat /etc/resolv.conf
domain signalq.com
nameserver 199.181.164.2
nameserver 199.181.164.1
livecd / #
livecd / # emerge silo
Calculating dependencies ...done!
>>> emerge (1 of 1) sys-boot/silo-1.4.8 to /
.
.
.
>>> /boot/isofs.b
* NOTE: If this is an upgrade to an existing SILO install,
* you will need to re-run silo as the /boot/second.b
* file has changed, else the system will fail to load
* SILO at the next boot.
>>> Regenerating /etc/ld.so.cache...
* Caching service dependencies...
>>> sys-boot/silo-1.4.8 merged.
>>> Recording sys-boot/silo in "world" favorites file...
>>> clean: No packages selected for removal.
>>> Auto-cleaning packages ...
>>> No outdated packages were found on your system.
* GNU info directory index is up-to-date.
livecd / #
livecd / # rm /etc/silo.conf
livecd / # nano /etc/silo.conf
livecd / # cat /etc/silo.conf
partition = 1
root = /dev/sda1
timeout = 150
image = /boot/kernel-2.4.27
label = Gentoo
livecd / #
livecd / # silo
/etc/silo.conf appears to be valid

OK. Let's reboot:

livecd / #
livecd / # reboot
INIT: Switching to runlevel: 6
INIT: Sending processes the TERM signal
livecd / #
Rebooting with command: boot

Read more!

Rebuilding the RPM Database

Be very careful messing with your RPM database. You can cause serious system failure if you mess up your RPM packages. One trick that works for us is to rebuild the RPM database.

root@www root]# cd /var/lib/rpm/
[root@www rpm]# ls
Basenames __db.003 Installtid Provideversion Sha1header
Conflictname Dirnames Name Pubkeys Sigmd5
__db.001 Filemd5s Packages Requirename Triggername
__db.002 Group Providename Requireversion
[root@www rpm]# rm __db*
rm: remove regular file `__db.001'? y
rm: remove regular file `__db.002'? y
rm: remove regular file `__db.003'? y
[root@www rpm]# rpm --rebuilddb
[root@www rpm]#

A corrupted RPM database can cause problems with up2date locking up.

Read more!

Forcing Installs with Up2date

If you have trouble with dependencies running up2date, the Red Hat update system, you can force download and installs by downloading the packages regardless of dependencies and then forcing the install. Be careful when you do this, or course. The system is there to make sure you install the correct packages, so if up2date tells you you need a dependency, you may very well need it. We ran into an interesting problem with a gcc upgrade.

We solved it by downloading the package and then forcing the install with the nodeps option:

[root@srv-6 up2date]# up2date --get gcc --tmpdir=/root/
Fetching all package list for channel: rhel-i386-es-3...
########################################
Fetching all package list for channel: rhel-i386-es-3-extras...
########################################
Fetching package list for channel: rhel-i386-es-3...
########################################
Fetching package list for channel: rhel-i386-es-3-extras...
########################################
gcc-3.2.3-53.i386.rpm...
########################################
[root@srv-6 up2date]#

Now let's force the install with nodeps:

[root@srv-6 root]# rpm -Fvh gcc*.rpm --nodeps
Preparing... ########################################### [100%]
1:gcc ########################################### [100%]
[root@srv-6 root]#

Read more!

Crontab Locations on Red Hat, Fedora, and CentOS

On Red Hat/Fedora/CentOS, you can't simply look at that output of crontab -l to see what is scheduled to run as root, even if you are running as root. For instance:

# crontab -l
0 0 * * * /bin/some/command
# cat /var/spool/cron/root
0 0 * * * /bin/some/command
#

There can be another system crontab located in /etc/crontab:

# cat /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly
25 3 * * * root up2date -u

This file is checked *in addition* to the /var/spool/cron directory. Crond also checks /etc/cron.d. Seems kind of messy to us that root doesn't simply store all of this in the location referenced by crontab -l. True, we could change it, but then the updates to the Red Hat jobs we have running woudn't work right. I suppose this is the reason for the more complicated configuration. Notice the nightly up2date task on this box. Be careful about running the daily up2date on some systems. We have seen it lock up some servers and prefer to do it manually. Really, do you want your important systems patching themselves? What if up2date patched the major system libraries, glibc or something? Yow!! Or what if a patch to Apache caused a slightly different interprettation of your httpd.conf file... it could happen. Anyway... beware.

Read more!

Listing and Counting Processes with a Certain Name

The -C option can be used with ps to display certain processes:
$ ps -C httpd
PID TTY TIME CMD
726 ? 00:00:00 httpd
732 ? 00:00:00 httpd
6064 ? 00:00:00 httpd
19452 ? 00:00:00 httpd
21047 ? 00:00:00 httpd
21048 ? 00:00:00 httpd
21049 ? 00:00:00 httpd
21060 ? 00:00:00 httpd
30127 ? 00:00:00 httpd
31629 ? 00:00:00 httpd
32380 ? 00:00:00 httpd
32381 ? 00:00:00 httpd
32620 ? 00:00:00 httpd
532 ? 00:00:00 httpd
533 ? 00:00:00 httpd
544 ? 00:00:00 httpd
1699 ? 00:00:00 httpd
1774 ? 00:00:00 httpd
2686 ? 00:00:00 httpd
3427 ? 00:00:00 httpd
3429 ? 00:00:00 httpd
3430 ? 00:00:00 httpd
12571 ? 00:00:00 httpd
12573 ? 00:00:00 httpd
12574 ? 00:00:00 httpd
$

Run this through wc to count the processes:

$ ps -C httpd h wc -l
24
$

The h option doesn't print the header, so the count is correct. The -l option for wc just prints the number of lines. Add this line to your .bashrc file to get an alias to count these processes:

alias ch="ps -C httpd h wc -l";

and you can then just type ch to count the httpd processes.

Read more!

Using Yum To Install Dependencies

Always reluctant to try something new when we are comfortable with the tools we currently use, we haven't used yum before. We had a problem with installing the net-snmp-devel package with up2date because of some dependencies. We were able to use yum to quickly install the package we needed along with the dependencies on our CentOS 4 server
root@srv-1 snmp]# yum install net-snmp-devel
Setting up Install Process
Setting up repositories
update 100% ========================= 951 B 00:00
base 100% ========================= 1.1 kB 00:00
addons 100% ========================= 951 B 00:00
extras 100% ========================= 1.1 kB 00:00
Reading repository metadata in from local files
primary.xml.gz 100% ========================= 17 kB 00:00
update : ################################################## 50/50
Added 50 new packages, deleted 0 old in 1.03 seconds
primary.xml.gz 100% ========================= 502 kB 00:02
base : ################################################## 1434/1434
Added 1434 new packages, deleted 0 old in 23.38 seconds
primary.xml.gz 100% ========================= 157 B 00:00
Added 0 new packages, deleted 0 old in 0.01 seconds
primary.xml.gz 100% ========================= 9.3 kB 00:00
extras : ################################################## 33/33
Added 33 new packages, deleted 0 old in 0.52 seconds
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for net-snmp-devel to pack into transaction set.
net-snmp-devel-5.1.2-11.E 100% ========================= 47 kB 00:00
---> Package net-snmp-devel.i386 0:5.1.2-11.EL4.6 set to be updated
--> Running transaction check
--> Processing Dependency: beecrypt-devel for package: net-snmp-devel
--> Processing Dependency: elfutils-devel for package: net-snmp-devel
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for beecrypt-devel to pack into transaction set.
beecrypt-devel-3.1.0-6.i3 100% ========================= 47 kB 00:00
---> Package beecrypt-devel.i386 0:3.1.0-6 set to be updated
---> Downloading header for elfutils-devel to pack into transaction set.
elfutils-devel-0.97-5.i38 100% ========================= 6.7 kB 00:00
---> Package elfutils-devel.i386 0:0.97-5 set to be updated
--> Running transaction check
--> Processing Dependency: elfutils-libelf-devel = 0.97-5 for package: elfutils-devel
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for elfutils-libelf-devel to pack into transaction set.
elfutils-libelf-devel-0.9 100% ========================= 6.9 kB 00:00
---> Package elfutils-libelf-devel.i386 0:0.97-5 set to be updated
--> Running transaction check
Dependencies Resolved
=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
net-snmp-devel i386 5.1.2-11.EL4.6 base 229 k
Installing for dependencies:
beecrypt-devel i386 3.1.0-6 base 358 k
elfutils-devel i386 0.97-5 base 13 k
elfutils-libelf-devel i386 0.97-5 base 50 k
Transaction Summary
=============================================================================
Install 4 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 650 k
Is this ok [y/N]: y
Downloading Packages:
(1/4): elfutils-libelf-de 100% ========================= 50 kB 00:00
(2/4): beecrypt-devel-3.1 100% ========================= 358 kB 00:02
(3/4): net-snmp-devel-5.1 100% ========================= 229 kB 00:00
(4/4): elfutils-devel-0.9 100% ========================= 13 kB 00:00
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: beecrypt-devel ######################### [1/4]
Installing: elfutils-libelf-devel ######################### [2/4]
Installing: elfutils-devel ######################### [3/4]
Installing: net-snmp-devel ######################### [4/4]
Installed: net-snmp-devel.i386 0:5.1.2-11.EL4.6
Dependency Installed: beecrypt-devel.i386 0:3.1.0-6 elfutils-devel.i386
0:0.97-5 elfutils-libelf-devel.i386 0:0.97-5
Complete!
[root@srv-1 snmp]#

Pretty easy to do.

Read more!

Embedding Text in Find Output

For exemple We recently did a migration of large files to another server, and needed to create a bunch of redirect commands to point at the new location. This turned out to be quite easy with find. First, we need to find the files over 570K:

find . -size +570k -printf '%k %p\n'

The quotes after printf include both text and variables. %k is the size in K, and %p is the relative path of the file. The output looks like this:

1484 ./files/bigfile.exe
4148 ./files/biggerfile.exe
.
.
.


To copy these files into a single folder:

find . -size +570k -exec cp {} /placetostore/files/ \;

To create redirect statements suitable for httpd.conf:

find * -size +570k -printf 'Redirect permanent /%p http://new.example.com/%f\n'

The output looks something like this:

Redirect permanent /files/bigfile.exe http://new.example.com/bigfile.exe

The cool thing we didn't know was that you could embed text in the output of find. This made our job quite easy in this case, even easier than Perl!

Read more!

LVM Support for the Linux 2.4 Kernel - Compiling and Configuring LVM

Now that the device mapper is all happy (see this article), let's install the LVM software. Grab the source from here. Extract, configure, compile, and install:

sv-1# tar -xzf LVM2.2.01.15.tgz
sv-1# cd LVM2.2.01.15
sv-1# ./configure --prefix=/usr
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking target system type... i686-pc-linux-gnu
checking for gawk... gawk

.
.
.
config.status: creating test/format1/Makefile
config.status: creating test/regex/Makefile
config.status: creating test/filters/Makefile
sv-1#
sv-1# make
make -C doc
make -C include
make[1]: Entering directory `/usr/src/LVM2.2.01.15/include'
find . -maxdepth 1 -type l -exec rm -f \{\} \;
for i in `cat .symlinks`; do ln -s $i ; done
make[1]: Entering directory `/usr/src/LVM2.2.01.15/doc'
make[1]: Nothing to be done for `all'.
.
.
.
gcc -o lvm dumpconfig.o formats.o lvchange.o lvconvert.o lvcreate.o lvdisplay.o
lvextend.o lvmchange.o lvmcmdline.o lvmdiskscan.o lvreduce.o lvremove.o
lvrename.o lvresize.o lvscan.o polldaemon.o pvchange.o pvcreate.o pvdisplay.o
pvmove.o pvremove.o pvscan.o reporter.o segtypes.o toollib.o vgcfgbackup.o
vgcfgrestore.o vgchange.o vgck.o vgcreate.o vgconvert.o vgdisplay.o vgexport.o
vgextend.o vgimport.o vgmerge.o vgmknodes.o vgreduce.o vgremove.o vgrename.o
vgscan.o vgsplit.o lvm.o -Wl,--export-dynamic -L../lib -L/usr/lib -llvm
-ldevmapper -ldl -rdynamic
make[1]: Leaving directory `/usr/src/LVM2.2.01.15/tools'
sv-1#
sv-1# make install
make -C doc
make -C include
make[1]: Entering directory `/usr/src/LVM2.2.01.15/include'
make -C daemons install
make[1]: Entering directory `/usr/src/LVM2.2.01.15/daemons'
.
.
.
make[1]: Leaving directory `/usr/src/LVM2.2.01.15/daemons'
make[1]: Leaving directory `/usr/src/LVM2.2.01.15/man'
sv-1#

Set up the partitions as type Linux LVM using fdisk:

Hex code (type L to list codes): 8e
Changed system type of partition 4 to 8e (Linux LVM)
Command (m for help): p
Disk /dev/hda: 250.0 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/hda1 1 62 497983+ 83 Linux
/dev/hda2 63 124 498015 82 Linux swap
/dev/hda3 125 1341 9775552+ 83 Linux
/dev/hda4 1342 30401 233424450 8e Linux LVM
Command (m for help):w
.
.
.

Run lvmdiskscan to see what disks are available:

sv-1# lvmdiskscan
/dev/hda1 [ 486.31 MB]
/dev/hda2 [ 486.34 MB]
/dev/hda3 [ 9.32 GB]
/dev/hda4 [ 222.61 GB]
0 disks
4 partitions
0 LVM physical volume whole disks
0 LVM physical volumes

Create a physical volume and volume group:

sv-1# pvcreate /dev/hda4
Physical volume "/dev/hda4" successfully created
sv-1# vgcreate volgroup /dev/hda4
Volume group "volgroup" successfully created
sv-1# vgdisplay
--- Volume group ---
VG Name volgroup
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 1
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 0
Open LV 0
Max PV 0
Cur PV 1
Act PV 1
VG Size 222.61 GB
PE Size 4.00 MB
Total PE 56988
Alloc PE / Size 0 / 0
Free PE / Size 56988 / 222.61 GB
VG UUID qauL7L-rO53-5EBU-6jgj-49CN-xJwL-sun5C0


Create a logical volume:

sv-1# lvcreate -L200G -nlogicalvol volgroup
Rounding up size to full physical extent 200 GB
Logical volume "logicalvol" created

This is how the block device looks:

sv-1# ls -l /dev/volgroup/logicalvol
lrwxrwxrwx 1 root root 31 Jun 24 17:56
/dev/volgroup/logicalvol -> /dev/mapper/volgroup-logicalvol
sv-1#

Read more!

LVM Support for the Linux 2.4 Kernel - Device Mapper

We decided to build a very small box to serve up an iSCSI target using LVM for the storage device. We used the root filesystem from here, which means that we are starting from a very basic system. We are using version 2.4.32 of the Linux kernel. Do consider Openfiler if you have more sophisticated needs. On the other hand, keeping things small, tight, and as independent as possible.

Anyway, we have upgraded the LVM on Red Hat systems before here, and many of the steps of the same; however, there are some differences since LVM didn't exist before we started installing. Two components are needed: device mapper, and the LVM software. Grab device-mapper.1.02.07 from here.

Patch the kernel source tree:

sv-1# tar -xzf device-mapper.1.02.07.tgz
sv-1# patch -p1 < /usr/src/device-mapper.1.02.07/patches/linux-2.4.28-pre4-devmapper-ioctl.patch patching file Documentation/Configure.help Hunk #1 succeeded at 1965 (offset -6 lines). patching file MAINTAINERS Hunk #1 succeeded at 581 (offset -4 lines). patching file arch/mips64/kernel/ioctl32.c . . . patching file mm/mempool.c patching file mm/vmalloc.c sv-1#

Device mapper support will now show up:
sv-1# make menuconfig
Linux Kernel v2.4.32 Configuration
Multi-device support (RAID and LVM)
[*] Multiple devices driver support (RAID and LVM)
RAID support
* Logical volume manager (LVM) support
* Device-mapper support (NEW)
Mirror (RAID-1) support

Rebuild the kernel:

make dep clean bzImage

Configure your boot loader and reboot for grins. Compile and install the device-mapper software:

sv-1# cd device-mapper.1.02.07
sv-1# ./configure
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking target system type... i686-pc-linux-gnu
checking for gawk... gawk
.
.
.
config.status: creating kernel/Makefile
config.status: creating man/Makefile
config.status: creating po/Makefile
config.status: creating include/configure.h
sv-1# make
make -C include
make[1]: Entering directory `/usr/src/device-mapper.1.02.07/include'
find . -maxdepth 2 -type l -exec rm -f \{\} \;
for i in `cat .symlinks`; do ln -s $i ; done
touch .symlinks_created
ln -s ../../kernel/ioctl/dm-ioctl.h linux
.
.
.
ted-externs -Winline -O2 dmsetup.c -o dmsetup.o
gcc -o dmsetup dmsetup.o -L../lib/ioctl \
-L../lib/ioctl -L/lib -ldevmapper
make[1]: Leaving directory `/usr/src/device-mapper.1.02.07/dmsetup'
sv-1#
sv-1# make install
make -C include
make[1]: Entering directory `/usr/src/device-mapper.1.02.07/include'
make[1]: Nothing to be done for `all'.
.
.
.
/usr/bin/install -c -D -o root -g root -m 555 dmsetup /sbin/dmsetup
make[1]: Leaving directory `/usr/src/device-mapper.1.02.07/dmsetup'
sv-1# ls /lib/libdev*
/lib/libdevmapper.so /lib/libdevmapper.so.1.02
sv-1#

See Compiling and Configuring LVM for the rest of the LVM installation.

Read more!