SysAdmin Blog, TechTips and Reviews

An (ex) System Administrator's Blog



Archives Posts

How To Detach Mirror in Solaris – Script

April 13th, 2012 by elizar

How to detach mirror disks in Solaris? Assuming we us SVM, we normally do this like this, manually:

metastat -c d0 (verify disk components)
eeprom bood-device (further verify the boot disk)
synch;
metadetach rootdev detachdevice

or put it a script for repetitive use and to avoice typo mistakes:


cat detach_mirror.ksh
#!/bin/ksh

rootdev=`df -k /|tail -1|awk '{print $1}'|cut -d"/" -f5`
bootdisk=`eeprom boot-device|cut -d"=" -f2|awk '{print $1}'`

if [[ $bootdisk = "disk" || $bootdisk = "disk0" ]]; then
detachdev=`metastat -p $rootdev|tail -2|grep -v "t0d0"|awk '{print $1}'`
elif [[ $bootdisk = "disk1" ]]; then
detachdev=`metastat -p $rootdev|tail -2|grep -v "t1d0"|awk '{print $1}'`
elif [[ $bootdisk = "disk2" ]]; then
detachdev=`metastat -p $rootdev|tail -2|grep -v "t2d0"|awk '{print $1}'`
else
echo "Unknown disk to detach"
exit
fi

echo "boot-disk is $bootdisk"
echo "root device is $rootdev"
echo "\nmetastat -p $rootdev"
metastat -p $rootdev

echo "\ncommands:"
echo "sync; metadetach $rootdev $detachdev"
echo "sleep 10"

detachdiskname=`metastat -p $detachdev|awk '{print $NF}'`
echo "mkdir /a"
echo "mount /dev/dsk/$detachdiskname /a"
echo "cp -p /a/etc/vfstab /a/etc/vfstab.md"

#echo awk '$1=="/dev/md/dsk/'$rootdev'" {print "/dev/dsk/'$detachdiskname'\t/dev/rdsk/'$detachdiskname'\t"$3"\t"$4"\t"$5"\t"$6"\t"$7; next} {print}' /etc/vfstab
echo "awk '\$1==\"/dev/md/dsk/$rootdev\" {print \"/dev/dsk/$detachdiskname\\\t/dev/rdsk/$detachdiskname\\\t\"\$3\"\\\t\"\$4\"\\\t\"\$5\"\\\t\"\$6\"\\\t\"\$7; next} {print}' /etc/vfstab" \> /a/etc/vfstab
echo "egrep -v \"rootdev.*md|MDD root info\" /etc/system > /a/etc/system"

echo "\ncd /"
echo "umount /a"
echo "rmdir /a"

Filed under Script, Solaris having No Comments »

Archives Posts

Mounting Remote Filesystem To Local Solaris UNIX Box – NFS

March 27th, 2012 by elizar

Quick post on NFS and sharing filesystem from one server to another.

Key files and commands for this activity:

  • /etc/dfs/dfstab
  • share (command)
  • shareall

The only problem I got in following the below instruction is Permission denied on the shared directory/filesystem from the remote Solaris server.

Temporary fix chmod to 777.. check for security later :)

To be able to share a remote filesystem you have to share the remote filesystem.

To share the remote filesystem you need to modify
the /etc/dfs/dfstab file with

share -F nfs -o rw /var/tmp/oracle

also modify the /etc/dfs/sharetab with

/var/tmp/oracle nfs rw

then issue
shareall

make sure nfs daemon are running of the server
you could check by isseing

ps -ef | grep nfs

if it is not running you could start nfsd by issuing /etc/init.d/nfs.server start

svcadm enable nfs

on the client side, that is the side with no disk space
you need to mount the remote filesystem you could do this by issuing

mount (remote server):/usr/local /mount_point

Note:
/var/tmp/oracle will be the filesytem you intend to share eg / /usr/local, /var, /export/home

so if you intend to share /usr/local your /etc/dfs/dfstab will look like

share -F nfs -o rw /usr/local

and /etc/dfs/sharetab will look like

/usr/local nfs rw

Filed under Commands, Solaris 10 having No Comments »

Archives Posts

How Do you Find and Replace Expressions in VI Editor

February 29th, 2012 by elizar

One and for all, let’s do this again.. how do you do the find and replace function of the Vi editor? I keep on coming back to Google for the syntax but at least I know that there is an ‘s’ in the beginning of the command and a ‘g’ at the end (for Global search). :)

Anyway, a little background before i copy paste the information here. I first taught myself how to use Vi during my ‘first’ job as a systems engineer in NEC TNCSi. Actually, my UNix foundation was all from NEC. Not that they train me how to be a unix admin, but I learned and taught myself how to do it. I read books that were lying around there and build samba servers, qmail and email servers and stuff until I got the ropes, the ins and outs of the UNix environment (Actually, I was using Linux – Redhat).

How Do You Find and Replace Text in Vi?

To perform a global search and replace in vi, use the search and replace command in command mode:

:%s/search_string/replacement_string/g

The % is a shortcut that tells vi to search all lines of the file for search_string and change it to replacement_string. The global ( g ) flag at the end of the command tells vi to continue searching for other occurrences of search_string . To confirm each replacement, add the confirm ( c ) flag after the global flag.

For this latest usage, i need to change the shell for all the users who are using /bin/ksh to a safeword sid shell.

remember to use the ‘slash’ character if you are filtering actually backslash.. You do not want to misinterpret the ‘/’ character by vi.

so, that’s

:%s/\/bin\/ksh/\/bin\/sid/g

Filed under Commands, Linux, Solaris, Unix having No Comments »

Archives Posts

(ufsrestore) Make Bootable – Recovering the Root or /usr File System

January 17th, 2012 by elizar

This is some kind of a followup from the first post about ufsdump – how to backup solaris filesystem

1. Replace and partition the disk if it has failed.

2. Because the system cannot be booted from the boot disk, boot from the CD-ROM and re-create the failed file system by issuing the newfs command:

newfs /dev/rdsk/

is the name of the raw disk partition that contains the corrupted file system.

3. Check the new file system by using fsck:

fsck /dev/rdsk/

4. Mount the new file system on a temporary mount point:

mount /dev/dsk//mnt

5. Change to the /mnt directory:

cd /mnt

6. Write protect the tapes so that you don’t accidentally overwrite them.

7. Load the tape and issue the following command:

ufsrestore rf /dev/rmt/0

The entire content of the tape is restored to the file system. All permissions, ownerships, and dates remain as they were when the last incremental tape was created.

8. Verify that the file system is restored:

ls

9. Remove the restoresymtable file that is created and used by ufsrestore to checkpoint the restoration:

rm restoresymtable

10. Change to the root (/) directory:

cd /

11. Unmount the newly created file system:

umount /mnt

12. Check the new file system with fsck:

fsck /dev/rdsk/

The restored file system is checked for consistency.

13. If you are recovering the root (/) file system, create the boot blocks on the root partition by using the installboot command:

installboot /usr/platform/’uname-I’/lib/fs/ufs/bootblk\
/dev/rdsk/

The installboot command installs the boot blocks onto the boot disk. Without the boot blocks, the disk cannot boot.

14. Insert a new tape into the tape drive and back up the new file system:

ufsdump 0uf /dev/rmt/n /dev/rdsk/

A level 0 backup is performed. You should immediately make a backup of a newly created file system because ufsrestore repositions the files and changes the inode allocation.

15. Reboot the system with a reconfiguration reboot:

# shutdown -y -g0 -i0
ok boot -r

The system is rebooted.

Extra Notes on UFSrestore

When you restore files in a directory other than the root directory of the file system, ufsrestore re-creates the file hierarchy in the current directory. For example, if you restore to /home files that were backed up from /users/bcalkins/files, the files are restored in the directory /home/users/bcalkins/files.

When you restore individual files and directories, it’s a good idea to restore them to a temporary directory such as /var/tmp. After you verify that you’ve retrieved the correct files, you can move them to their proper locations. You can restore individual files and directories to their original locations; however, if you do so, you should be sure that you do not overwrite newer files with older versions from the backup tape.

You should not forget to make regular backups of your operating system. Losing all the customization you dosuch as adding user accounts, setting up printers, and installing application softwarewould be disastrous. Whenever you make modifications that affect the root (/),/usr, /opt, or other operating system directories, you should bring down the system into single-user mode and perform a level 0 dump.

Filed under Solaris, Solaris 10 having No Comments »

Archives Posts

How to Stop syslog Messages to Write Console on Solaris

January 15th, 2011 by elizar

How to Stop syslog Messages to Write Console on Solaris

you can edit the entries in the /etc/syslog.conf to direct to another file eg /var/log/syslog instead of /dev/console. After that, issue kill -HUP to “reinitialize” the config

or if you want to stop syslog process/daemon in Solaris 10, (not /etc/init.d/syslog stop)

it should be

svcadm disable svc:/system/system-log:default

svcadm disable svc:/system/system-log:default turned syslog off you need to also run svcadm enable svc:/system/system-log:default to turn it back on, after you made the right changes to /etc/syslog.conf so it does what you want. You can probably just comment out the line as it is also logged to file in /var/adm/messages.log

Turning syslog off is not a good idea.

That’s is How to Stop syslog Messages to Write Console on Solaris.

Filed under Solaris, Solaris 10 having No Comments »

Archives Posts

How To Run or Execute Explorer in Solaris

January 12th, 2011 by elizar

Here’s the common way to run explorer..

first time run this:

# /opt/SUNWexplo/bin/explorer -g

from then on, run this;

# /opt/SUNWexplo/bin/explorer

there are many options to explorer for certain things, but just by itself should get you most of what you need.

just want to repeat that for retention:

You can run /opt/SUNWexplo/bin/explorer. The first time you need to input some info (or just press enter). You’ll find the ouput in /opt/SUNWexplo/output.

Explorer download and installation:

http://docs.sun.com/app/docs/doc/819-6614/6n8k8pjc5?l=en&a=view

Filed under Solaris having No Comments »

Archives Posts

Solaris Kernel Patching Recommended Patch

April 27th, 2010 by elizar

Here’s another Kernel patching of Solaris. I know there are tons of this type of post in the internet but another reference for the one who needs it, is I guess ok.

To be honest, this is the steps that really made me understood the steps and procedure and the concept behind the 10_Recommended patch for solaris kernel.

Read the rest of this entry »

Archives Posts

KSH Script Basics | Special Shell Variables

April 23rd, 2010 by elizar

Just deleted tons of stale, unsused user accounts. Here are some KSH shell basics and special shell variable. I need to Google them up myself to get reminded that ‘$?’ is the output variable for script execution. That is, it’s 0 for successful execution and 1 if there is any error.

Read the rest of this entry »

Archives Posts

SSH Tectia: Setup Public-Key Authentication

April 5th, 2010 by elizar

A quick post on how to setup a public-key authentication on an SSH client server, product by SSH Tectia.

Summary: User instruction on how to setup public-key authentication.

In setting up the ssh public-key authentication between servers, local and remote, we have to generate the key pairs and transfer it to the remote/server.

Client Side

The publickey authentication method is enabled by the SSHtectia package by default. A functional ID’s key pair can be generated using the ‘generate_keys’ script (may be located in /export/opt/SSHtectia//util/ or depending on your installation). That script, ‘generate_keys’, is use to generate user key pairs: id_dsa_2048_a and id_dsa_2048_a.pub (default names) in the centralized key location:

/etc/opt/SSHtectia/keys/

The script also creates an ‘identification’ file in /etc/opt/SSHtectial/keys/ that contains the name of the private keys:

# more identification
# SSH Tectia private key
IdKey /etc/opt/SSHtectia/keys/%U/id_dsa_2048_a

# OpenSSH private key
IdKey /etc/opt/SSHtectia/keys/%U/id_dsa

Don’t forget to substitute the private key filename for ‘id_dsa_2048_a’ or ‘id_dsa’ if you are using a different naming convention. If several key pairs are used, list private keys on a separate lines.

Server Side

The publickey authentication method is enabled for functional IDs ONLY by the SSHtectia package (how do we know if an account is such?).

Copy the public key file (i.e. id_dsa_2048_a.pub) to the server, to the centralized key location. You can use sftp, copy paste or any other method to do this.

Also copy the ‘authorization’ file (created by the ‘generate_keys’ script) from the cliet to the server’s centralized key location.

Test the connection.. it should work.. It worked on mine.

Filed under Solaris, Tips, tutorial having No Comments »

Archives Posts

getfacl and setfacl – Unix Access Control (acl) Tool

March 17th, 2010 by elizar

Today’s topic is all about Access List… For Unix and Unix-like system, the usual command to set the file permission is the ‘chmod’ command. However there are instances that we need more flexibility in giving access and control for files and folders. Get it? Access and Control? In this situation, there is a file utility built in Unix called ‘getfacl‘ and ‘setfacl‘.


getfacl
is a file utility for viewing the access control list information associated with a file or directory.

For a memory aid, you can think of ‘getfacl’ as “Get File ACL“.. ACL being Access Control List.

Access control lists are extended attributes added to most major file systems in the 2.6 kernel to improve ability to control the access of files. They allow permissions to be set for individual groups and users and not just the owning user, owning group, and all other users.

setfacl is a command that allows you to set the Access Control List information for a file or directory.

Access control lists are extended attributes added to most major file systems in the 2.6 kernel to improve ability to control the access of files. They allow permissions to be set for individual groups and users and not just the owning user, owning group, and all other users.

You can read man pages for both getfacl and setfacl for more information.

getfacl and setfacl example….

Here’s an example of using the basic funtion of getfacl and setfacl

# getfacl

#setfacl

setfacl -m default:user::rwx,default:group::r-x,default:other:r-x,default:mask:rwx /u06/OneSource/datapump_dbdump

setfacl -m default:user:rcodapp1:r-x,default:group:r-x,default:other:—,default:mas:rwx /u06/OneSouce/datapump_dbdump

« Previous Entries

I was here...