To get Fastest apt-get repos in Debian

apt-get update
apt-get install apt-spy
apt-spy update
apt-spy -d unstable -s IN

Inactivity Time Out for Login shells

The following instructions were not practical for system which run Xwindows

To implement a 15-minute idle time-out for the default /bin/bash shell, create a new file tmout.sh in the directory /etc/profile.d with the following lines:

TMOUT=900
readonly TMOUT
export TMOUT

Run the following command to set time out as 15min

# set -r tmout 15

Find useful useful unix command

1. To find all the .conf file in / and copy it to /backup

# find . -name '*.conf' -print -exec cp '{}' ~/backup \;

No need to explain the options above except -print and exec.

-print - It is allways true and has a side effect of printing.

{} - This will replace the name of the file found.

\; - Means end of the line

---------------------------------------------------------------------------------------------------------

2. To find all the .txt files with odd characters( Contain upper and lowe case and numbers)

# find . -name '*.txt' -print0 | xargs -i -0 mv '{}' ~/backup

-print tell find to use null character insted of white space.

----------------------------------------------------------------------------------------------------------
3. To find all the files across the symbolic links

# find . -follow -name '*.txt' -print0 | xargs -i -0 mv '{}' ~/backup

-follow - This option help to find out the orgination of the symbolic links.

-----------------------------------------------------------------------------------------------------------

4. To find out all the.txt files case insensitively

# find . -follow -iname '*.txt' -print0 | xargs -i -0 mv '{}' ~/backup


------------------------------------------------------------------------------------------------------------

5. To find out file modified more than +90 days

# find . -name '*.txt' -mtime +90 -print


-mtime - Takes argument to specify the time frame.

--------------------------------------------------------------------------------------------------------------
6. To print out the files modified more than 7 days and less than 14 days


# find /home -mtime +7 -a -mtime -14 -print

---------------------------------------------------------------------------------------------------------------
7. To find the files with java extension

# find . -name '*java*' -print

----------------------------------------------------------------------------------------------------------------
8. To find the java files in all the directories in /

# find / -type d -name '*java*' -print

----------------------------------------------------------------------------------------------------------------
9. To find out all the block device files in /dev

# find /dev -type b -name '*' -print

----------------------------------------------------------------------------------------------------------------
10. To find out charecter special file in /dev

# find /dev -type c -name '*' -print

----------------------------------------------------------------------------------------------------------------
11. To find out all the directories in /

# find / -tyde d -name 'dev' -print

----------------------------------------------------------------------------------------------------------------
12. To find out the all the named pipes in dev directory

# find /dev -type p -name '*' -print

----------------------------------------------------------------------------------------------------------------
13. to find out all the symbolc link in /

# find / -type l -name '*' -print

----------------------------------------------------------------------------------------------------------------
14. To find all the files above 3MB

# find / +3000K -print

----------------------------------------------------------------------------------------------------------------
15. Finding Files By content

# grep -i vasanth /etc/passwd
(This can be used only when we have the vicinity of the file.)

----------------------------------------------------------------------------------------------------------------
16. To find the word vasanth from files inside /etc/

# find /etc -name '*' -exec grep -Hi vasanth '{}' \;

( Use of exec command:- When predicates are true upto that point it will execute the grep command for all the files.

'{}' is where the filename is put when executing the command
The \; indicates the end of the command
-H print if grep command find soomething

----------------------------------------------------------------------------------------------------------------



----------------------------------------------------------------------------------------------------------------
17. To find

SIMPLE SHELL SCRIPT TO BACKUP WHOLE MYSQL DATABASES AND KEEP ONLY TWO LATEST COPIES

#! /bin/bash
# Written by Vasanth.T.M, L2-Systems Engineer(*nix), Perfomix, Inc.


CKUPDATE=$(date +%d-%m-%Y)
BACKUPDIR=/mysqlbackup
DATABASES=$(mysql -u root -h localhost -pmysql -Bse 'show databases')


delete_old ()
{
echo Deleting old backup of backup of "$name"
name="$1"
find "$BACKUPDIR" -name "$name-*.sql.bz2" | sort | head -n -2 | xargs --no-run-if-empty rm -f
}

back ()
{
for GH in $DATABASES; do
echo "Creating mysql backup of $GH"
mysqldump -u root -pmysql $GH | bzip2 --compress --stdout > $BACKUPDIR/$GH-$CKUPDATE.sql.bz2
name=`basename $GH`
delete_old "$name"
done
}
back

Controlling a Windows service From Linux

To list all services in remote windows box.

# net rpc service list -I IPADDRESS -U USERNAME%PASSWORD


To start/stop services in a remote windows box.

# net rpc service stop/start SERVICENAME -I IPADDRESS -U USERNAME%PASSWORD

RSYNC

1. # rsync -ae ssh server1:/home /home/backups/server1_home_backup/

This command will download all the files/Directories from the sever1 to local /home/backups/server1_home_backup

-a = archive mode. This will preserve permissions, timestamps, etc

-e = specify which remote shell to use. In our case, we want to use ssh which follow right after “e”

2. # rsync -zave ssh --progress server1:/home /home/backups/server1_home_backup/

-z = adds zip compression.

-v = verbose

–progress = my favorite parameter when I am doing rsync manually, not so good when you have it in cron. This show progress (how_many_files_left/how_many_files_total) and speed along with some other useful data.


3. rsync --delete-after -zave ssh --progress server1:/home /home/backups/server1_home_backup/


–delete-after = this will delete files on backup server which are missing from source after ALL syncing is done. If you don’t care of having extra files on your backup server and have plenty of disk space to spare, do not use this parameter.


4. rsync --delete-after -zave ssh --progress server1:/home /home/backups/server1_home_backup/ -n

The -n (or –dry-run) parameter is great to use for testing. It will not transfer or delete any files, rather will report to you what it would have done if it was ran with out -n parameter. This way you can test it with out destroying or transfering data just to find out that is not what you wanted.

Pring Number of Files Inside a Directory

1 .for i in `find -maxdepth 1 -type d`; do echo -n $i " ";find $i|wc -l; done


2. To list the Files inside /home directory.

# for i in `find /home/ -maxdepth 1 -type d`; do echo -n $i " ";find $i|wc -l; done

3.

#!/bin/bash
for i in `find $1 -maxdepth 1 -type d`; do
echo -n $i " ";
find $i|wc -l;
done

4. ls -lR | grep -B 1 -e “^total “

MYSQL-REPLICATION

MYSQL-REPLICATION
Binary login must be enabled on master server prior to replication.
2 process will execute on the each slave server to handle replication.
1 process execute on master server per-slave server
Replication is Asynchronous which means that changes are committed to one node and then it is
propagated to N number of slaves.
Ideal for non-updating application.
REPLICATION CONFIGURATION
Master Server: 192.168.1.100
Slave Server: 192.168.1.31
Slave username: replica
Slave Password: redhat
Put the following in your master my.cnf file under [mysqld] section:
# changes made to do master
server-id = 1
relay-log = /var/lib/mysql/mysql-relay-bin
relay-log-index = /var/lib/mysql/mysql-relay-bin.index
log-error = /var/lib/mysql/mysql.err
master-info-file = /var/lib/mysql/mysql-master.info
relay-log-info-file = /var/lib/mysql/mysql-relay-log.info
datadir = /var/lib/mysql/
log-bin = /var/lib/mysql/mysql-bin
# end master
Copy the following to slave’s my.cnf under [mysqld] section:
# changes made to do slave
server-id = 2
relay-log = /var/lib/mysql/mysql-relay-bin
relay-log-index = /var/lib/mysql/mysql-relay-bin.index
log-error = /var/lib/mysql/mysql.err
master-info-file = /var/lib/mysql/mysql-master.info
relay-log-info-file = /var/lib/mysql/mysql-relay-log.info
datadir = /var/lib/mysql/
# end slave setup
Create user on master:
mysql > grant replication slave on *.* to replica@'192.168.1.100'
identified by 'redhat';
Do a dump of data to move to slave:
mysqldump -u root --all-databases --single-transaction --master-
data=1 > masterdump.sql
import dump on slave:
mysql < masterdump.sql After dump is imported go in to mysql client by typing mysql. Let us tell the slave which master to connect to and what login/password to use: mysql> CHANGE MASTER TO MASTER_HOST='192.168.1.100',
MASTER_USER='replica', MASTER_PASSWORD='redhat';
Let us start the slave:
mysql> start slave;
You can check the status of the slave by typing:
mysql> show slave status;

MYSQL COMMANDS

1. Port Used by mysql is - 3306

2. To check Mysql whether Mysql is start or stop - netstat -ntlp | grep 3306

3. To List the Database - > show databases;

4. To reveal currently logen users

> select users();

5. To list the command history

> select now ();

6. Terminal monitor mode of mysql

When we type mysql in the shell it enters in to the terminal monitor mode which means that we logged in to the database as user who is logged in to the shell.

7.  To login to the databases as a user

> mysql -u root -ppassworsd

8. Connecting from remote host.

> mysql -u user -ppassword -h remotehost


By default Mysql blocks the connection from remote host. We will get an error like given below.

ERROR 1130 (00000): Host 'virt1.example.internal' is not allowed to connect to this MySQL server

9. Tighten Privilages.


Default login credential table in mysql database permit root and anonymous login from the remote host. There are three way to secure user account

a. use 'mysqladmin' program

b. use mysql terminal monitor and set the privs.


# mysqladmin -u root -p password redhat


10. Securing boath root anonymous accounts.

Disabling anonymous access to the Database

There are two type users in mysql database

a. root

b. anonymous users

Any other user is anonymous user in the mysql database concept. In some Linux distributions anonymous users can also access the MYSQL database

To test this login to mysql database from unprivileged users shell and run the following command.

> select user();


the out shows

testuser@localhost

11 .Securing DB from anonymous access

# mysql -u root -p

> show databases;

>use mysql;

> show tables;

> select * from user;

or

> select user,host from user;

+-------+-------------------+
| user  | host              |
+-------+-------------------+
| root  | 127.0.0.1         |
| cacti | localhost         |
| root  | localhost         |
| root  | test1.example.com |
+-------+-------------------+
4 rows in set (0.05 sec)







  If you can see blank lines in the above table those accounts are anonymous accounts this where non-privileged Linux/Unix/Windows mysql substitution occurs. 


12. To view all the users with the corresponding password

> select user,host,password from user;

13. To Restrict all the anonymous access to the local host.

> set password for '@' localhost=password('abc123');


14. DELETING ANONYMOUS ACCOUNTS

> DELETE from user WHERE user = '.';

>  FLUSH PRIVILEGES;






NOTE: this command will reread the current table in mysql to determine who's is permitted to access the DBMS.


15 . Deleting the test DB from themysql

It is also suggested that you drop test database also because databases such as test act as connecting vector for malicious users.



16. USER CREATION


Senario:-

We want to create a user that user is permitted to login from any host.


> selcect user();

> show grants;

The output of the command is as follows.

+---------------------------------------------------------------------+
| Grants for root@localhost                                           |
+---------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION |
+---------------------------------------------------------------------+
1 row in set (0.00 sec)

*.* - This means that all databases and all tables


a. Creating Another Super user in mysql

> GRANT ALL PRIVILEGES ON *.* TO 'vasanth'@'%' WITH GRANT OPTION

Running the above command will create a new super user called vasanth.




> select currect_user();



+----------------+
| current_user() |
+----------------+
| vasanth@%      |
+----------------+

% - Means This user is allowded to connect from all hosts on the network.


> show grants;


B. To give permission to any user from any host

> GRANT ALL PRIVILEGES ON *.* TO ' '@'%' WITH GRANT OPTION;
> GRANT ALL PRIVILEGES ON *.* TO ' '@'%' WITH identified by 'password';


C. To drop a user run the below command

> use mysql;
> drop vasanth;


To check whether the user is deleted or not

>  select user,host,password from mysql.user;

d. To allow a user vasanth from remote machine

> grant all privileges on *.* to 'vasanth'@'192.168.1.24' identified by 'redhat';






17. PRIVILEGES SCOPES
-------------------------------------


It allow us to grant privileges to the local and remote users in the database.  

The general Hierarchy structure of DB is DB >> Tables >> Columns >> Routine levels



GLOBAL SCOPE LEVEL
----------------------------------

If you want to set privileges on the global scope level we need to interact with mysql.user which means that mysql being the database and user being the table.

To list the privilages in user table of mysql database

>use mysql;
>describe user;


DB SCOPE LEVEL ACCESS
--------------------------------------

If you want to set privileges on the DB SCOPE LEVEL we need to interact with mysql.host and mysql.db.

To list the privileges in host and db table

> use mysql;
> describe host;
>describe db;

GRANT PRVILAGES
---------------------------------


Task: Use grant command to create various users to create various privileges.


> GRANT ALL on  *.*  to  'hemanth'@'localhost' identified by 'redhat';

The above command create a user hemanth in local db with the password redhat and grant all the privileges on the all the databases.

To check whether the privilege is granted to use run the following.

> select user,host,password,Create_priv,Alter_priv  from mysql.user;

The newly created hemanth user has all privileges like root except GRANT PRIVILEGES to other users to check this run the following.

> show grants for  hemanth@localhost;

The output is
+-------------------------------------------------------------------------------------------------------------------------+
| Grants for hemanth@localhost                                                                                            |
+-------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'hemanth'@'localhost' IDENTIFIED BY PASSWORD '*84BB5DF4823DA319BBF86C99624479A198E6EEE9' |
+-------------------------------------------------------------------------------------------------------------------------+


There is no grant option


Again run the following


> show grants;

+---------------------------------------------------------------------+
| Grants for root@localhost                                           |
+---------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION |
+---------------------------------------------------------------------+
1 row in set (0.00 sec)

See the above output root to has the privilege to grant privilege to other hosts.

--------------------------


To create user called hemanth1 who can connect from any host do the steps;
> use mysql;
> GRANT ALL ON * to hemanth1 identified by 'redhat';

 Check the privileges granted to the user hemanth1

> select user,host,password,Create_priv,Alter_priv  from mysql.user;

The output is shown below.

+----------+----------------+-------------------------------------------+-------------+------------+
| user     | host           | password                                  | Create_priv | Alter_priv |
+----------+----------------+-------------------------------------------+-------------+------------
| hemanth1 | %              | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 | N           | N          |

If we use * wi9th grant command we didn't get the all privillages

To get all privileges to hemanth1 do the following

> use mysql;
>  GRANT ALL ON  *.*  to hemanth1 identified by 'redhat';
> select user,host,password,Create_priv,Alter_priv  from mysql.user;

Now hemanth1 will get  all the privillages.

--------------------------


To create a limited privileged user
as root run this.

> GRANT USAGE ON *.* to hemanth2 identified by 'redhat' ;

This user hemanth2 has no privs.

mysql> show grants;
+---------------------------------------------------------------------+
| Grants for root@localhost                                           |
+---------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION |
+---------------------------------------------------------------------+
1 row in set (0.00 sec)


To grant test db access to the hemanth2 user-

> GRANT ALL ON test.* to hemanth2 identified by 'redhat';

--------------------------------------


REVOKE PRIVILEGES
-------------------------------

Install Mysql from source with partition enabled

Install Mysql from source with partition enabled
    ------------------------------------------------
   mysql-5.5.12.tar.gz

    1) cmake . -LH
    2) cmake .
    3) make && make install
    4) cd /usr/local/mysql/
    5) chown -R mysql .
    6) chgrp -R mysql .
    7) scripts/mysql_install_db --user=mysql
    8) ./bin/mysqld_safe  &


    rename /etc/my.cnf file
    disable default mysql daemon

Openssh Reveled

 Openssh files and it's usage in LINUX
-----------------------------------------------------

1. /etc/init.d/sshd - Start script for the sshd on the system.

2. /etc/pam.d/ssh - PAM support for sshd.

3. /etc/ssh/ - This is the primary configuration directory for ssh server as well as server.

4 /etc/ssh/ssh_config - This is the primary configuration for ssh clients.

5. /etc/ssh/sshd_config - Global Configuration of ssh server.

6. /usr/bin/s  - Provide non interactivce copy between the servers.

7. /usr/bin/sftp - Provide secure file transfer protocol.

8. /usr/bin/slgin - Symlink to /usr/bin/ssh

9.  /usr/bin/ssh-agent - Provides the identity eg: Who you are, Stores private key for pki authentication. Run for each  X11 sessions and for other sessions. 

10. /usr/bin/ssh-add- Add identity  to the ssh-agent.

11. /usr/bin/ssh-copy-id - Copies identity to the remote system for PKI based logins.

12. /usr/bin/ssh-keyconverter - This convert RSA key protocol version1 key to protocol version2.

NOTE: All the cisco routers support SSH version 1 which is based on RSA version1.

13. /usr/sbin/ssh-keygen - Generates unique private key public key pairs. Thease are alos called identities. It support RSA1. RSA, DSA.

14. /usr/bin/ssh-keyscan - Scan network for ssh servers and stores key in ~/.ssh/known-hosts.





11.

MYSQL BUILDING FROM THE SCRATCH

                         MYSQL INSTALLATION
# Create mysql group and user with a particular gid and uid.
/usr/sbin/groupadd -g 525 mysql
/usr/sbin/useradd -u 525 -g 525 -s /bin/bash -d /opt/mysql mysql
# Download mysql source.
cd /opt/src
wget http://www.percona.com/mysql/community/mysql-5.1.42.tar.gz
# Copy source file to mysql home directory.
cp /opt/src/mysql-5.1.42.tar.gz /opt/mysql
/bin/chown -R mysql.mysql /opt/mysql
/bin/chmod 755 /opt/mysql
# Switch to mysql user.
su - mysql
cd /opt/mysql
# Extract the source file.
tar -zxvf /opt/mysql/mysql-5.1.42.tar.gz
cd mysql-5.1.42
# Configure mysql.
./configure --prefix=/usr/local/ --enable-thread-safe-client --with-
unix-socket-path=/var/tmp/unix.sock --with-tcp-port=3306 --with-
mysqld-user=mysql --with-openssl --with-innodb --with-docs --enable-
static --localstatedir=/var/mysql/data
# Make
/usr/bin/make
# Now as root user.
cd /opt/mysql/mysql-5.1.42
/usr/bin/make install
# Copy mysql configuration file to '/etc/my.cnf'.
cp /usr/local/share/mysql/my-medium.cnf /etc/my.cnf
# Uncomment innodb lines in the conf file.
/bin/sed -ie 's/#innodb/innodb/g' /etc/my.cnf
/bin/chown mysql.mysql /etc/my.cnf
/bin/chmod 600 /etc/my.cnf
# Copy the startup script to /etc/init.d/mysqld.
cp /usr/local/share/mysql/mysql.server /etc/init.d/mysqld
/bin/chmod 744 /etc/init.d/mysqld
# Add the lib files path to /etc/ld.so.conf.
/bin/echo /usr/local/lib/mysql/ >> /etc/ld.so.conf
/sbin/ldconfig
/sbin/chkconfig --add mysqld
/sbin/chkconfig mysqld on
# Create the mysql data directory.
/bin/mkdir /var/mysql
/bin/chown -R mysql.mysql /var/mysql
# As mysql user create initial databases.
su - mysql
/usr/local/bin/mysql_install_db
# Now as root start mysql daemon.
/sbin/service mysqld start
# Set a password for root user if required.
/usr/local/bin/mysqladmin -u root password 'passpass'

SOLARIS FILE SYSTEMS

1. To mount all the file system

# mountall

2. to unmount all the file system

# umnontall

3. To display the information about the file system that are currently mounted

# mount -v  (This infoemation is taken from /etc/mnttab)

4. To list the process that are accessing trhe system

# fuser -c

5.  Steps to unmount a file system

# umount /export/home

umount: /export/home busy

# fuser -c /export/home

/export/home: 9002o

# ps -ef | grep 9002

root 9002 8979 0 20:06:17 pts/1

0:00 cat
# fuser -c -k /export/home

/export/home: 9002o
[1]+ Killed  cat >/export/home/test

# umount /export/home





6.

REMOVING ROOT PASSWORD OF MYSQL DB

Go to mysql prompt with

# mysql -u root

> use mysql;

>Select Host,  User, Password from User;


> update user set password = '' where user = 'root' and host = 'localhost';

CONFIGURING WU-FTPD DEAMON IN SOLARIS

1. To check port 21 id listening or not.
# netstat -anP tcp | grep 21

 *.21                 *.*                0      0 49152      0 LISTENThe Output like above means that it is lis-tening in all the ip address.

2. FTPD is running and it bind to its default port 21 in Solaris by default unless you make changes to the SMF configuration. SMF controls the service configuration for FTP in Solaris.

# svcs -a | grep ftp

online         Dec_20   svc:/network/ftp:default

This means that it is currently up and online.

3. To get more information on ftp
# svcs -l ftp

The ouput will be:

fmri         svc:/network/ftp:default
name         FTP server
enabled      true
state        online
next_state   none
state_time   Wed Dec 20 00:00:54 2006
restarter    svc:/network/inetd:default


4. To  list the FTP packages installed.

# pkginfo -x | grep -i ftp

SUNWftpr                          FTP Server, (Root)
SUNWftpu                          FTP Server, (Usr)
SUNWncft                          NcFTP - client application implementing FTP
SUNWtftp                          Trivial File Transfer Server
SUNWtftpr                         Trivial File Transfer Server (Root)

5. TO LIST ALL THE INFORMATION REGARDING THE PACKAGE SUNWftpu
 
 # pkginfo -l SUNWftpu

6. TO CHECK THE INCLUDED FILEs IN THE USER PACKAGE of wuftpd.

# pkgchk -l SUNWftpu | grep -i pathname

Pathname: /usr
Pathname: /usr/sbin
Pathname: /usr/sbin/ftpaddhost
Pathname: /usr/sbin/ftpconfig
Pathname: /usr/sbin/ftpcount
Pathname: /usr/sbin/ftprestart
Pathname: /usr/sbin/ftpshut
Pathname: /usr/sbin/ftpwho
Pathname: /usr/sbin/in.ftpd
Pathname: /usr/sbin/privatepw

ftpwho - gives the connected users and process information.
ftpcount - dump classes per count.
ftpconfig - Is used to configure anonymous as well as guest ftp.
in.ftpd - This is the main daemon runs in background and bind the port 21.
/etc/ftpd - Thsi directory houses the main configuration files.

6. SUNWftpr - This includes server side configuration files.

# pkgchk -l SUNWftpr | grep -i pathname

Pathname: /etc
Pathname: /etc/ftpd
Pathname: /etc/ftpd/ftpaccess
Pathname: /etc/ftpd/ftpconversions
Pathname: /etc/ftpd/ftpgroups
Pathname: /etc/ftpd/ftphosts
Pathname: /etc/ftpd/ftpservers
Pathname: /etc/ftpd/ftpusers
Pathname: /var
Pathname: /var/svc
Pathname: /var/svc/manifest
Pathname: /var/svc/manifest/network
Pathname: /var/svc/manifest/network/ftp.xml


7. SUNWftpr - Includes server side configuration files.
/etc/ftpd

ftpaccess - Primary configuration files for wu-ftpd.
ftphosts- This allow admins to define allow | deny access to certain hosts.
ftpservers- This allow admins to define virtual hosts.
ftpusers - users listed may not access via ftp.
ftpconversations- facilitates the support for tar gz and compress support.

8. Wu-Ftpd support both type of ftp connection.
1. PORT - Active FTP
In this type of connection client make TCP:21 server control connection.
When the client executes ls results in server initiating a connection back to client back usually TCP 20 (ftp-data)

2. PASSIVE - Passive FTP
In this type of connection client connect to the TCP \ port 21 at first. After that when execute a command called ls or any other command, server open a high port and instructing the client to source connection to the server. Then the client sources a connection to the high port on the server ( data connection).

NOTE: In passive FTP connection firewall is not necessary in corporate firewall because client is sourcing the connection.

SOLARIS QUOTAS

Quota supports 2 feature they are
1. Softlimit
2.Hardlimit

Softlimit is a warning stage.

When a user exceed softlimit system will log it in to the logs and begin a timer which last for 7 days.
Suppose our softlimit is 100mb and a user exceeds beyond the timer softlimit become hardlimit.


HardLimit

Hardlimit act as a storage sealing. A user can never exceed the hardlimit.  If the user meets the hard limit system will not allocate the storage space.

File system perspective of quotas
1. BLOCKS
2. INODES

Each file may be represented by each inode and datablocks. We can define the quota based on

Quota Tools

1. edquota
2. quotacheck -used to check consistencies against current usage.
3. quotaon - Enables quotas on file system.
4. repoquota -  Display quota information.


Steps to Enable Quota support
Modify /etc/vfstab to enable quota support per file system.
Modify the mount options  columns.


Create empty quotas file in /export/home/quotas && chmod 600 /export/home/quota
 # nano /etc/vfstab
/dev/dsk/c1d0s7 /dev/rdsk/c1d0s7        /export/home    ufs     2       yes     rq

#touch /export/home/quotas && chmod 600 /export/home/quotas

TO SETUP QUOTA FOR THE USER VASANTH USING FILE LIMIT


[root@solaris1 /]# edquota vasanth

fs /export/home blocks (soft = 5000, hard = 10000) inodes (soft = 0, hard = 0)

:wq
This will set quota for the user vasanth.
TO SETUP THE SAME QUOTA POLICY FOR THE ANOTHER USERS PLEASE DO THE STEPS.

# edquota -p user1 user2 user3 user4

TO CHECK THE SUPPORTED FILE SYSTEMS IN OUR LOCAL SYSTEM

# quotacheck -va
*** Checking quotas for /dev/rdsk/c1d0s7 (/export/home)

TO CHECK THE USAGE DETAILS OF PARTICULAR USER

# quota -v vasanth
Filesystem     usage  quota  limit    timeleft  files  quota  limit    timeleft
/export/home       0   5000  10000                  0      0      0


TO ENABLE QUOTA SUPPORT ON PARTICULAR SLICE.


# quotaon -v /dev/dsk/c1dos7

TO DISABLE QUOTA SUPPORT

# quotaoff -va
This will turn off quota for all the file system

SOLARIS DISK PARTITIONING

DISK TERMINOLOGY

Disk contain the following components.

1. Tracks
2. Cylinders
3.Sectors/Blocks


Tracks
-----------
Tracks are the concentric ring on the each paltter .

Cylinder
-----------
Groups of tracks

Sectors/Blocks
----------------

512 byte block. Which is the smallest unit represented in hardisk.


Partition with Solaris is AKA slices


To display the Slices with in the harddisk.

#df -h

X86 PCS are limited to 4 primary partitions. Normally x86are divided in to 3 primary and 1 extended.

NOTE:Solaris need one fdisk Partition for it's use.

If you want to add another harddrive disk1

1. Create fdisk partion for Solaris use

2. Then Create  Slices

NOTE: Solaris uses a VTOC(VOLUME TABLE OF CONTENT) to represent the various slices with long fdisk partition on the disk. On the Sparc  Solaris uses VTOC to represent al the slices.

SLICE RULES USING VTOC
---------------------------------

1, Slices may created using VTOC on X86
2. These 10 slicers are represented by 0 to 9.
3. Slices 2,8,9 are reserved. Slice 2 is reserverd for VTOC
NOTE: VTOC Represent the disk label and occupying slice2
4. Slices 0,1,3,6,7 are avilable for use.

Root file system is slice 0.

PRINT VROC/DISKLABEL USING

# prtvtoc /dev/dsk/c0t0d0s0

C0 - Controller Number ## 1st controller
t0- Identifier for the bus orientated controller SCASI/SATA ### For IDE hardisk t0 is not present.
d0 - Represents disk number.
s0- Slice0

VTOC information contain entair diskinformation.

FORAMAT UTILITY
------------------------

1. To open the format utility

# format

2. To list the disk attached to the system

format> disk

3. To select a disk

Enter the disk Number want to select and put enter.

4. To discribe the current disk

format> Current

The output of the above command is shown below.

Current Disk = c1d0

/pci@0,0/pci-ide@1f,2/ide@1/cmdk@0,0


5, In the format menu we can get help by pressing question mark or help

6. Inside format tool there is a utilty called format. To format the a selected disk use the following steps.

format> disk

select the disk you want to format

format > format


select partition setup in the format menu.

format> partition

The above partion command will list the avilabe slices.
Select the slice number from there.

partition> 5
Then it will prompt for


Enter partition id tag : put an enter there.
Enter partition permission: put an enter there
Enter new starting cyl: Enter here a new cyl starting


This will create a slice.


Format the slice using the the utility

# newfs /dev/rdsk/c0d0s6

# mount /dev/dsk/c0d0s6 /mnt




.

Changing hostname in solaris

Change the hostname in the following files:

/etc/nodename
/etc/hostname.*interface
/etc/inet/hosts
/etc/inet/ipnodes

and rename directory under /var/crash

# cd /var/crash
# mv oldname newname

then reboot the server.

DEVICES IN SOLARIS

1. If the Solaris Fault Management system detects a problem with a device, mes-
sages about the problem can be displayed by using the following command

# fmdump

NOTE: Messages are also traditionally written to the console and to the /var/adm/messages file. If the Fault Management system takes a device offline, the message “(retired)” is displayed in the prtconf output.

2. To view the device information from shell run the following command

# prtconf

NOTE:  It also give the amount of system memory available in our system. 

3 . To display the driver being used for the corresponding devices

# prtconf -D

4. To view the more output

# prtconf -pv

NOTE: The advantage of prtconf is it can be run by any user.

####################################################

X86 based Systems
--------------------------------

In x86 based systems we can display the device information using


# /usr/X11/bin/scanpci

or

# /usr/X11/bin/scanpci  -v  ( It provide more verbose output )

####KERNEL MODULES IN SOLARIS #########################

The location of kernel modules in Solaris is as follows.

/kernel/drv (default location for most leaf-node drivers)
/kernel/misc
/usr/kernel/drv
/usr/kernel/misc
/platform/i86pc/kernel/drv
/platform/i86pc/kernel/misc

5.To check the Loaded Modules information
------------------------------------------------------------

# modinfo | grep driver name


6.To determine whether the kernel is running in 32 or 64 bit mode

# lsainfo -kv


7. To manually load a kernel module

# modload /kernel/drv/amd64/e1000g

# modinfo | grep  e1000g

8. To get more verbose driver module information

# strings /kernel/drv/amd64/e1000g | grep -i  ver

9.To check which drivers are bound to which devices

# cat  /etc/driver_aliases

NOTE: The file has the format of driver name followed by device name

SOLARIS NETWORKING

1.The NICS in the system are listed by the following command

# dladm show-dev

2. Information about links on the data-link layer is displayed by

# dladm show-link

3. You also add information to certain configurationfiles to create a persistent network configuration. The most common files are /etc/hostname.interface, where interface is the specific interface that is used on the system, and /etc/hosts.

4. To set IPADDRESS to in Solaris X86 do the following.

# ifconfig rtls0 plumb 192.168.0.20/24

5. To check the ipaddress

# ifconfig -a

6. To make the configuration persist across the reboot do the following.

# echo 192.168.0.20/24 > /etc/hostname.rtls0

Add the corresponding ipaddress and hostname to /etc/hosts

# nano /etc/hosts

192.168.0.20/24 solaris1

7. To add the defaultrouter to the system

# echo 192.168.0.1 > /etc/defaultrouter

8. To enable packet forwarding in Solaris

# svcadm enable ipv4-forwarding

9. To start Routing protocol

# svcadm enable route:default


10. Perform a reconfiguration reboot

# reboot –- -r

11, To check packet forwarding is enabled

# routeadm

12. To disable packet forwarding

# svcadm disable ipv4-forwarding

13. To perfom reconfiguration reboot

# reboot -- -r

14. To view the routing table.

# netstat -rn

15.  To add a purticular route

#  route -p add -net 10.0.5.0/24 -gateway 10.0.5.150/24

15. 

ADDING A NEWUSER IN SOLARIS

Defult home directory of normal users in Solaris is /export/home/username

Before creating the user you should create a directory in /export/home/username . Add the user using the following command.


# useradd -d /export/home/user user

The following option can be used with the useradd command.


1. -u 1003—Specifies the UID
2. -g 102—Specifies the GID of the primary group
3. -d /export/home/sandy—Specifies the home directory
4. -s /bin/ksh—Specifies the login shell
5. -m—Creates the home directory specified by the -d option
6. -k /etc/skel—Specifies the location of skeleton files, such as .profile
7. username —Specifies the user name of the account
###############################################################################################

# useradd -u 1003 -g 102 -d /export/home/user -s /usr/bin/bash -c "Vasanth" -m -k /etc/skell

#################################################################################################

UID AND GID OF USERS IN SOLARIS

1. A UID for a regular user can be between 100 and 2147483647 (except for
60001, 60002, and 65534).

2. UIDs 0–99, 60001, 60002, and 65534 are reserved for use by the Solaris OS

NOTE: avoid using UIDs over 60000 because they are not compatible with some Solaris features.

DEFAULT USER GROUP IN SOLARIS
##############################

When a new user is created he will be assigned to a primary group called staff.

NOTE: GIDs are assigned from the unused integers between 100 and 60000.

SETTING PASSWORD SECURITY POLICY IN SOLARIS

The Length of the password, Password locking after failed attempts and algoritham used to encrypt the password are define in

# /etc/security/policy.conf

By default in Solaris password length has set to 8 characters. If you set a password with 10
character long 9, 10 are simply ignored.

####### Setting better up a better password in Solaris 10 do the following. ########


# nano /etc/security/policy.conf

change the below lines and save the file


CRYPT_ALGORITHMS_DEPRECATE=__unix__
CRYPT_DEFAULT=2a




The password complexity rules, history, and password-aging defaults are specified
in the

# /etc/default/passwd

LINUX LIKE PINGING IN SOLARIS

Normally in Solaris the output of the ping command contain only one line. That is it gives the out put as given below.

-bash-3.00# ping google.com
google.com is alive


######## To Use ping just Like in Linux##########

# ping -s google.com

SETTING DNS CLIENT IN SOLARIS

# touch /etc/resol.conf

# nano /etc/resolv.conf

nameserver 192.168.1.1

save the above file


# cp /etc/nsswitch.dns /etc/nsswitch.conf

To test the above setup

# nslookup google.com

SETTING DEFAULT ROUTE IN SOLARIS

############ TO ADD A DEFAULT GATEWAY###############

# route add default 192.168.1.1


If you need to make route to be persist across the reboot

# echo 192.168.1.1 > /etc/defaultrouter

NFS SERVER SOLARIS

To enable the NFS service run the following command

# svcadm -v enable -r network/nfs/server

To share /packages directory

# share -F nfs -o rw /packages

The above command is mainly used fro temporary sharing and it will not persist on reboot. To make the share persist on the reboot do the following.

# nano /etc/dfs/dfstab

share -F nfs -o rw /packages

save the file

To mount the share from a remote machine.

Login to the client

# mount -t your nfsserver:/package /mnt



##########To restart the NFS server################


# /etc/init.d/nfs.server stop
# /etc/init.d/nfs.server start


######## To disable NFS server#####################


# svcadm -v disable -st network/nfs/server

Installing Nano editor In SOLARIS

-bash-3.00# mkdir /packages

-bash-3.00# cd /packages

-bash-3.00# ftp://ftp.sunfreeware.com/pub/freeware/intel/10/nano-2.0.9-sol10-x86-local.gz

-bash-3.00# gunzip nano-2.0.9-sol10-x86-local.gz

-bash-3.00# pakgadd -d nano-2.0.9-sol10-x86-local

The above steps will help you install nano. nano will be installed inside /usr/local/bin.

Just run

-bash-3.00# /usr/local/bin/nano

Changing The Default shell to Bash in Solaris

Login to the server as root

Run the following command
# passwd -e

It will prompt like below

Old shell: /bin/sh
New shell:

Enter the new shell as

New shell: /usr/bin/bash

LDAP ERROR

[root@test1 ~]# /etc/init.d/ldap start
Stopping slapd: [ OK ]
Checking configuration files for slapd: bdb_db_open: Warning - No DB_CONFIG file found in directory /var/lib/ldap: (2)
Expect poor performance for suffix dc=example,dc=internal.
config file testing succeeded
[ OK ]
Starting slapd: [ OK ]


If you get error while starting ldap for the first time. Do the following.

[root@fedora ~]# rm -rf /var/lib/ldap/*

[root@fedora ~]# updatedb

[root@fedora ~]# locate DB_CONFIG.example
/usr/share/doc/openldap-servers-2.4.12/DB_CONFIG.example

[root@test ~]# cp /usr/share/doc/openldap-servers-2.4.12/DB_CONFIG.example /var/lib/ldap/DB_CONFIG

[root@fedora ~]# chown -R ldap:ldap /var/lib/ldap


Please restart now the error should be resolved.

[root@fedora ~]# /etc/init.d/ldap restart
Stopping slapd: [ OK ]
Starting slapd: [ OK ]

Playing with X(X11)

Virtual Terminals


Linux, FreeBSD, and many other modern Unix kernels support a virtual terminal.(VT) (or virtual console ) capability, which provides independent virtual video cards. The monitor, keyboard, mouse, and physical video card are associated with only one VT at a time, and each virtual video card can be in a different display mode—some may be in character mode while others are in graphical mode. This enables multiple X servers and nongraphical sessions to be active at the same time.

When you are connected to a virtual terminal that isn’t running an X server, you can use Alt-LeftArrow to go to the previous VT and use Alt-RightArrow to switch to the next VT. FreeBSD provides a very similar VT capability, except that the VTs are numbered starting at zero, and the key combination to switch VTs when in character mode is Alt-Fx .

NOTE: Although most kernels support more than 12 virtual terminals, this capability is rarely used because you can’t usually use the keyboard to go directly to higher-numbered Vts.


Starting a Raw X Server Manually
1. The simplest way to start an X server is also the least-used technique: simply type the name of the server at a shell prompt:

$ X

You must enter “X” as a capital letter.



2.If an X server is already running on display :0 , you will get an error message, because the network port will already be in use. In that case, you can give the new X server a different display number:


$ X :1


3 .By default, the X server will start on the first unused VT (usually VT8). You can
request a specific VT by specifying it on the command line:


$ X :1 vt10

4. You can also specify that a particular configuration file should be used, or a particular ServerLayout within a configuration file:


$ X :1 -config configFile


$ X :1 -layout layoutName



NOTE: The downside to starting the X server this way is that no clients are started. Until you start some manually, you’ll be left staring at a blank screen with only a mouse pointer to amuse yourself.

4.You can start the X server and a client at the same time like this:

$ X :1 -terminate & sleep 2 ; DISPLAY=:1 xterm

Using a Display Manager to Start the X
Server


5 .Three display managers are in common use. The biggest difference between them is the toolkit upon which they are built:

• GDM: GNOME Display Manager (built on GTK)
• KDM: KDE Display Manager (Qt)
• XDM: X Display Manager (Xt)

6.You may be able to recognize the display manager used on your system by its appearance, since each toolkit has a distinctive look. Alternately, you can search the process table to see what’s running, using the following:

$ ps -e | grep '[gkx]dm'


7. When you boot into any runlevel that does not start X automatically, you can start
the display manager manually by typing the command name at a root shell prompt:


# gdm

NOTE: By default, Debian-based systems (including Ubuntu) start the display
manager in all runlevels. You can easily disable the startup of the display
manager in runlevel 3 by executing these commands:



# update-rc.d -f gdm remove
# update-rc.d gdm start 31 2 4 5 . stop 31 1 3 .



Started Directly by init


In some Linux distributions, the display manager is directly started by init . For example, in Redhat based systems /etc/inittab, you will find this entry:


# Run xdm in runlevel 5
x:5:respawn:/etc/X11/prefdm -nodaemon

The script /etc/X11/prefdm will execute /usr/sbin/autologin to automatically log in one user if that feature has been set up. Otherwise, it will start one of the display managers (GDM, KDM, or XDM) depending on the specification in /etc/sysconfig/desktop . If that file does not exist, then the first display manager found in alphabetical order will be used.

Since init has been set up to respawn the display manager automatically, it is relatively easy to load and test changes to the display manager configuration file—just kill the display manager! If you’re using XDM or KDM, you can kill the display manager by name:


# killall xdm

NOTE: Killing the display manager will also kill all the display manager’s child processes, including X serversso if you do this through the graphical interface, expect your session to disappear!


GDM is a wrapper script for gdm-binary, so if your system uses GDM , you’d have to kill the display manager with the following:

# killall gdm-binary


You can restart GDM immediately using its restart script:

# gdm-restart


you can specify that a restart should take place as soon as everyone is logged out:


# gdm-safe-restart

On a SUSE system, the display manager is started by

/etc/rc.d/rc5.d/S17xdm
(which is a symbolic link to /etc/rc.d/xdm ).


Similar to the prefdm script used by Fedora, this script finds your preferred display
manager using a configuration file—in this case,

/etc/sysconfig/displaymanager
(or it uses XDM if that file is missing.)

Since this is a regular init script, it is executed only once at startup; when the display manager terminates, it will not be restarted. After editing the display manager configuration file, you can reinvoke the XDM init script using the restart option to put your changes into effect:

# /etc/X11/xdm restart

Or you can use the SUSE shortcut:

# rcxdm restart

Starting Multiple X Servers Using a Display
Manager

Starting Multiple X Servers Using XDM

XDM and older versions of KDM (pre-3.4) use the Xservers file to configure the number of servers started by the display manager.

Open /etc/X11/xdm/Xservers, /opt/kde3/share/config/kdm/Xservers

To start additional X servers, simply add lines at the bottom of this file:


:0 local /usr/bin/X // This is the default line.

Add the lines

:1 local /usr/bin/X :1 vt8
:2 local /usr/bin/X :2 vt9




If you wish to specify a different configuration file for one of the X servers, you can
add a -config argument to the command:

:3 local /usr/bin/X -config configgile :3 vt10

Starting Multiple X Servers Using KDM

If you’re using KDE 3.4 or higher, the local X server configuration is controlled by
the kdmrc file

# /usr/share/config/kdm/kdmrc


In the [General] section of that file, you can specify a list of local displays to be started by adding a StaticServers key:

StaticServers=:0,:1,:2

If this line is missing, the default is to start only display :0 .


Starting Multiple X Servers Using GDM

GDM is configured using two files; the first specifies default values, which may be
overwritten when GDM is updated, and the second provides local values, which are
never overwritten.

/usr/share/gdm/defaults.conf - Defaults

/etc/gdm/custom.conf – Local Values


# vi /usr/share/gdm/defaults.conf

Go to the section

[servers]
0=Standard
1=Standard // Thsi will start second X in

If you wish to use a different configuration for a specific display, you can add a new
configuration section to the local configuration file:
[server-LowRes]
name=Low-Resolution Server
command=/usr/bin/X -config /etc/X11/xorg.conf-lowres
flexible=false


Then specify that configuration for one of your displays:

[servers]
0=Standard
1=Standard
2=Standard
3=LowRes

Recent versions of both GDM and KDM are capable of starting additional X servers
on demand. This is useful when you occasionally want to use multiple X servers but
don’t want the extra overhead when a single X server only is in use. The GNOME
developers call these additional servers flexible servers; the KDE folks call them
reserve servers.


$ gdmflexiserver

gdmflexiserver can also start a nested X server (using Xnest) and present a session
login prompt there:


$ gdmflexiserver -n


Starting Additional X Servers Using KDM

To start multiple KDE desktop on boot open kdmrc file and enter the following.

ReserveServers=:3,:4,:5


The xinit utility can be used to start an X server with specified clients, but the startx wrapper script provides a friendlier interface. After logging in at a character-based login prompt, simply execute:

$ startx

You can explicitly specify a client to be started:

startx /usr/bin/xterm -bg yellow -geometry 180x50

Switching VTs from the Shell Prompt

xdpyinfo
We can switch the virtual terminals using one of the following command.

$ switchto 7
Or:
$ chvt 7

We can also use this command Remotely.




Starting X Within X

To start Xnest on the current display, use the following:


$ Xnest :1

To start Xnest with a particular client, you can use the startx script:

$ startx /usr/bin/startkde -- /usr/bin/Xnest :1

To start Xnest with two screens of 600 * 400 pixels, use the following:

$ Xnest -scrns 2 -geometry 600x400 :1

For many applications it’s desirable to have the X server exit when the last client disconnects. This is configured by adding the -terminate option to the X command line:

$ X -terminate

Let the X Server Configure Itself

The X.org server can, in most cases, probe, guess, and assume enough about the display configuration to start without a configuration file. Even better, it can generate a basic configuration file, if you specify the -configure option on the server command line:

# X -configure

If you’re already running the X server, you can specify an alternate display number
(such as :1 ) on the command line:

# X -configure :1

The X server will gather as much information as possible by probing the hardware,
and will then write the configuration file to /root/xorg.conf.new .
You can test the configuration file by manually specifying it on the command line:

# X -config /root/xorg.conf.new


If the server appears to start and then immediately exits, while displaying
the message Fatal server error: failed to initialize core devices, then
your configuration may be fine except for the pointer device. Try telling
the X server to continue even if the pointer cannot be opened:


# X -config /root/xorg.conf.new -allowMouseOpenFail

Clearing Logs in linux

# cd /var/log

# cat /dev/null > messages

# cat /dev/null > wtmp

LInux Advanced Routing

# ip link list // List al our local interfaces.

# ip address show // Shows our all Local interfaces

# ip route show // List all our routes.

# ip neigh show // To lsit current ARP cache

# ip neigh delete 192.168.0.229 dev eth0 // To delete an entry from arp cache.

# ping -c 1 192.168.0.229 // To add 192.168.0.229 to ARP cache.

#