Month: January 2011

zonecfg:z> select net address=<old-ip>
zonecfg:z:net> set address=<new-ip>
zonecfg:z:net> end
zonecfg:z> commit
copy dvd on solaris10 to an image
I’ve copied and used a DVD image from the eiscd DVD (enterprise installation standards), to add it to my remote
JET(jumpstart enterprise toolkit) servers using:
1- insert the dvd in the drive
2- observe the mountpoint (cxtxdx)
# df -k | grep cdrom
/vol/dev/dsk/c0t1d0/eis-dvd 2290588 2290588 0 100% /cdrom/eis-dvd
3- Stop volume management, because it prevents from reading from the raw device
# /etc/init.d/volmgt stop
4- Use dd on slice 2
# dd if=/dev/dsk/c0t1d0s2 of=/eisdvd.iso
5- transfer eisdvd.iso to other machine, and test:
# mkdir /eis
# mount -F hsfs `lofiadm -a /eisdvd.iso` /eis
Success!
279/433

Sometimes you need to know in which package a particular file is in
grep <full_path_to_filename> /var/sadm/install/contents| awk ‘{ print $1 ‘ ‘ $10 }’
229/433

You can bring a server to the LOM if you don’t specify a different escape sequence for zlogin.
To login to the console, for example, you can
# zlogin -e @ -C thezone
That will make “@.” the escape sequence to get out of the zone’s console
201/433

The “Error with console keyboard” appears on your Sun console, and soon you find out you can’t type anything, even
stop-a does not work…
This is bug #57688 as stated in http://sunsolve.sun.com/search/document.do?assetkey=1-26-57688-1, and
all you got to do is remove the line:
exclude: drv/ohci
from /etc/system
163/433

cd /proc
 pfiles * | egrep "^[0-9]|sockname" | more
 Or use PCP, found at http://www.unix.ms/pcp/
 #!/usr/bin/ksh
 #
 # PCP (PID con Port)
 # v1.07 20/05/2008 sam@unix.ms
 #
 # If you have a Solaris 8, 9 or 10 box and you can't
 # install lsof, try this. It maps PIDS to ports and vice versa.
 # It also shows you which peers are connected on which port.
 # Wildcards are accepted for -p and -P options.
 #
 # The script borrows from Eric Steed's excellent "getport.sh" script.
 #
 #
 if [ $# -lt 1 ]
 then
 echo >&2 "usage: $0 [-p PORT] [-P PID] [-a ALL ] (Wildcards OK)"
 exit 1
 fi
 while getopts :p:P:a opt
 do
 case "${opt}" in
 p ) port=${OPTARG};;
 P ) pid=${OPTARG};;
 a ) all=all;;
 [?]) # unknown flag
 echo >&2 "usage: $0 [-p PORT] [-P PID] [-a ALL ] (Wildcards OK) "
 exit 1;;
 esac
 done
 shift `expr $OPTIND - 1`
 if [ $port ]
 then
 # Enter the port number, get the PID
 #
 port=${OPTARG}
 echo "PIDtProcess Name and Port"
 echo "_______________________________________________________"
 for proc in `ptree -a | grep -v ptree | awk '{print $1};'`
 do
 263/433
 result=`pfiles $proc 2> /dev/null| grep "port: $port"`
 if [ ! -z "$result" ]
 then
 program=`ps -fo comm -p $proc | tail -1`
 echo "$proct$programt$portn$result"
 echo "_______________________________________________________"
 fi
 done
 elif [ $pid ]
 then
 # Enter the PID, get the port
 #
 pid=$OPTARG
 # Print out the information
 echo "PIDtProcess Name and Port"
 echo "_______________________________________________________"
 for proc in `ptree -a | grep -v ptree | grep $pid| awk '{print $1};'`
 do
 result=`pfiles $proc 2> /dev/null| grep port:`
 if [ ! -z "$result" ]
 then
 program=`ps -fo comm -p $pid | tail -1`
 echo "$proct$programn$result"
 echo "_______________________________________________________"
 fi
 done
 elif [ $all ]
 then
 # Show all PIDs, Ports and Peers
 #
 echo "PIDtProcess Name and Port"
 echo "_______________________________________________________"
 for pid in `ptree -a | grep -v ptree |sort -n | awk '{print $1};'`
 do
 out=`pfiles $pid 2>/dev/null| grep "port:"`
 if [ ! -z "$out" ]
 then
 name=`ps -fo comm -p $pid | tail -1`
 echo "$pidt$namen$out"
 echo "_______________________________________________________"
 fi
 done
 fi
 exit 0

# cat /usr/openv/netbackup/dbext/*.version
Thanks to Hemant Chhajed
157/433

Got a logitech webcam c300, it uses the “uvcvideo” kernel module.
Typically you would grab video using “motion” and stream it on mpeg, well that’s rubbish if you want better
compression, so let’s do it using the best of the best: h264.
#!/bin/ksh
DEV=/dev/logitechcam
ps -ef | grep -i vlc | grep -v grep |grep -i logitechcam | awk ‘{ print $2 }’| while read P;do
kill -9 $P
done
VLC=”/usr/local/bin/cvlc v4l2://$DEV :input=2 :input-slave=alsa://hw:2,0 –alsa-samplerate=32000
–v4l2-controls-reset –v4l2-auto-white-balance=1 –v4l2-do-white-balance=1 –v4l2-autogain=1 –sout ”
21/433
CAM=”transcode{vcodec=h264,acodec=mp4a,width=320,height=240,vb=64,ab=24,channels=1,venc=x264}:standard{access=http,dst=0.0.0.0:8090/stream.flv}”
22/433
23/433
#CAM=”transcode{vcodec=mjpg,width=320,height=240}:duplicate{dst=std{access=http{mime=multipart/x-mixed-replace;boundary=–7b3cc56e5f51db803f790dad720ed50a}.mux=mpjpeg,dst=0.0.0.0:8090/m.mjpg}}”
${VLC} “#$CAM”
this produces a very decent quality stream at around 100kbps, audio also included!
Enjoy!
24/433

If your nfs client has this:
# mount /usr/sap/trans
mount server reported tcp not available, falling back to udp
mount: RPC: Program not registered
and this:
# rpcinfo -p nfsserver
No remote programs registered.
you may have tcpwrappers in the nfs server, so, in the nfs server edit /etc/hosts.allow and add:
portmap : usdaapp151,10.21.40.100 : ALLOW
portmap : ALL : DENY
nfs-server : 10.21.40.100 : ALLOW
nfs-server: ALL : DENY
do not restart anything, just mount your filesystem in the client
Thanks to Alfredo Rioja
54/433

We’re trying to save bandwidth here, so we added to httpd.conf:
LoadModule deflate_module lib64/httpd/modules/mod_deflate. so
SetOutputFilter DEFLATE
DeflateCompressionLevel 9
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4.0[678] no-gzip
BrowserMatch bMSIE !no-gzip !gzip-only-text/html
DeflateFilterNote Input input_info
DeflateFilterNote Output output_info
DeflateFilterNote Ratio ratio_info
LogFormat ‘”%r” %b (%{input_info}n===>%{output_info}n) (%{ratio_info}n%%)’ deflate
CustomLog /var/log/httpd/deflate_log deflate
We can see some entries in the /var/log/httpd/deflate_log
“GET /blog/images/magplus.gif HTTP/1.1” 192 (923===>174) (18%)
“GET /blog/ HTTP/1.1” 8044 (50582===>8026) (15%)
“GET /blog/index.php? /serendipity.css HTTP/1.1” 2778 (11987===>2760) (23%)
“GET /blog/templates/translucency/transblue.css HTTP/1.1” 903 (2787===>885) (31%)
“GET /nomove.js HTTP/1.1” 274 (566===>256) (45%)
53/433

To build a Virtual Private Network within two remote machines, you might follow the howto at
http://www.tldp. org/HOWTO/VPN-HOWTO/index.html
which is very detailed, or, if you have two slackware 10.x
with default 2.4.x kernels, just use the procedure described in this document.
This OBSOLETES the ssh reverse telnet entry previously detailed in this blog.

Requirements:
– 2 machines, machineA and machineB.
– machineA will be the ppp client and machineB the ppp server
– machineA MUST have access to machineB through ssh.
– pty-redir in machineA from http://www.shinythings.com/pty-redir/
– No extra ethernet interfaces needed.
At machine A:
Make a file at /scripts/rtelnet/rt.ksh with contents:
#!/bin/bash
ADATE=`date “+%Y-%m-%d-%H:%M”`
PS=`ps -ef | grep -v grep |grep ppp | wc -l`
if [ $PS -gt 0 ]; then
echo “no need to retunnel $ADATE” >> /dev/null
else
echo “now retunneling ppp: $ADATE” >> /root/rtelnet.log
K=`ps -fe | grep ssh | grep -i Batchmode | awk ‘{ print $2 }’`
kill -9 $K >> /root/rtelnet.log
/usr/sbin/pty-redir /usr/bin/ssh -C -t -e none -o ‘Batchmode yes’ vpn@machineB > /tmp/vpn-device
sleep 10
/usr/sbin/pppd `cat /tmp/vpn-device` 192.168.40.253: 192.168.40.254
fi

You can choose 192.168.x.x addresses or 172.16.x addresses at your own will…
Then make a link to this file at /etc/cron.hourly:
machineA# ln -s /scripts/rtelnet/rt.ksh /etc/cron.hourly/rt.ksh
At machine B:
Create user vpn with shell /usr/sbin/pppd, and allow him to execute pppd:
machineB# useradd -d /home/vpn -m vpn -s /usr/sbin/pppd
machineB# mkdir -p /home/vpn/.ssh; chown vpn /home/vpn/.ssh
machineB# chmod u+s /usr/sbin/pppd
At machine A:
Copy a ssh key to allow root to login as user vpn in machine B
machineA# scp /root/.ssh/id_dsa.pub machineB:/home/vpn/.ssh/authorized_keys
At machine B:
machineB# chown vpn /home/vpn/.ssh/authorized_keys
machineB# chmod -fR 700 /home/vpn/.ssh

Edit /etc/ppp/options, and make sure you have enabled:
noauth
proxyarp
ipcp-accept-local
ipcp-accept-remote

You might then run the script manually at machineA:
machineA#/scripts/rtelnet/rt.ksh
Or wait until the crontab executes it hourly.
You can see the results as having a ppp interface when you type ifconfig -a:
machineA# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:11:43:01:BF:97
inet addr:150.100.106.32 Bcast:150.100.106.255 Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1442299 errors:0 dropped:0 overruns:0 frame:8
TX packets:791769 errors:0 dropped:0 overruns:0 carrier:0
collisions:108549 txqueuelen:1000
RX bytes:725406260 (691.8 Mb) TX bytes:113886692 (108.6 Mb)
Interrupt:11
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:7662 errors:0 dropped:0 overruns:0 frame:0
TX packets:7662 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9507700 (9.0 Mb) TX bytes:9507700 (9.0 Mb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.40.253 P-t-P:192.168.40.254 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:116175 errors:0 dropped:0 overruns:0 frame:0
TX packets:111813 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:31145420 (29.7 Mb) TX bytes:7337890 (6.9 Mb)

Now do the same in machineB:
machineB# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:0C:76:AC:C7:AD
inet addr:201.154.187.65 Bcast:201.154.187.67 Mask:255.255.255.252
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1128235 errors:0 dropped:0 overruns:0 frame:0
TX packets:798177 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1028702533 (981.0 Mb) TX bytes:139249041 (132.7 Mb)
Interrupt:10 Base address:0x4000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:94489 errors:0 dropped:0 overruns:0 frame:0
TX packets:94489 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:550735249 (525.2 Mb) TX bytes:550735249 (525.2 Mb)
ppp0 Link encap:Point-to-Point Protocol
inet addr:192.168.40.254 P-t-P:192.168.40.253 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:111998 errors:0 dropped:0 overruns:0 frame:0
TX packets:116406 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:7353046 (7.0 Mb) TX bytes:31169104 (29.7 Mb)

You’ll see machine A as 192.168.40.253 and machineB as 192.168.40.254.
Go ahead and ping’em, nmap’em, use their samba resources, or whatever you want, you have a network
within them!