Month: January 2011

If you get obfuscated about grub’s disk device numbering, in the grub prompt you can do:
“root (” + tab
like:
grub > root ( <press the tab key>
Possible disks are: fd0 hd0 hd1
77/433

When you want to run a vncserver session on a non-root user from a solaris sparc machine, it just ends with this
message:
_XSERVTransSocketCreateListener: failed to bind listener
After going around some places i found something to fix this at
http://www.webservertalk.com/archive100-2004-2-131777.html
That involves creating a script in /usr/bin/fixXdir.ksh and putting it at the crontab, like this:
#!/usr/bin/ksh
PATH=”
IFS=’ ‘
ice_dir=/tmp/.ICE-unix
x11_dir=/tmp/.X11-unix
for dirname in $ice_dir $x11_dir
; do
{
if (! [ -d $dirname ] )
then
/usr/bin/mkdir $dirname
if [ $? != 0 ];
then
/usr/bin/echo “Warning: $0: cannot
mkdir $dirname.”;
fi
fi
if ([ -d $dirname ] )
then
/usr/bin/chown root:root $dirname
if [ $? != 0 ];
then
/usr/bin/echo “Warning: $0: cannot chown $dirname.”;
fi
/usr/bin/chmod 1777 $dirname
if [ $? != 0 ];
then
/usr/bin/echo “Warning: $0: cannot chmod $dirname to 1777.”;
fi
fi
}
done
289/433
The crontab line is this:
0,5,10,15,20,25,30,35,40,45,50,55
/usr/bin/fixXdir.ksh
290/433

Needed to rename all directories and files in a deep directory structure to remove spaces and ugly characters in their
names, in order to build a playlist, take a look at this recursive bash shell:
#!/usr/bin/bash
DIR=/200gb/MP3
FTYPE=mp3
renamedir ()
{
cd
find . -type d -maxdepth 1 -name “??*” | while read d; do
DN=`echo “$d” | sed “s/&/And/g;s/-//g;s/ //g;s/(//g;s/)//g;s/[/
/g;s/]//g;s/’//g” | tr -s ‘_’`
if [ “$d” != “$DN” ];then
echo “— `pwd` $d”
mv “$d” $DN
fi
renamedir
$DN
cd ..
done
}
echo ” —- Recursively clean directories”
renamedir $DIR
echo ” —- Now clean files”
cd $DIR
find . -type f -iname “*.$FTYPE” | while read f;do
FN=`echo “$f”| sed “s/&/And/g;s/-//g;s/ //g;s/(//g;s/)//g;s/[//g;s/]/
/g;s/’//g” | tr -s ‘_’`
if [ “$f” != “$FN” ];then
echo “— $f”
mv “$f” $FN
fi
done
echo “done.”
197/433

if you have many of these in your log:

Nov 8 13:55:47 www sshd[12571]: Failed password for invalid user webmaster from 189.180.184.89 port
47706 ssh2

you can use iptables to stop them for a while, so their brute force will take years to succeed, if ever.
I added some rules so that only 5 connections can be made in a minute to ssh, if one more is attempted the
host will be banned for 2 minutes, if more connections are retried, the ban is extended. since the bots can’t
help themselves they wont’ stop, so they’ll be banned for a real while 🙂

iptables -N SSH_WHITELIST
iptables -A SSH_WHITELIST -s 175.161.21.55 -m recent --remove --name SSH -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_WHITELIST
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 6 --rttl
--name SSH -j ULOG --ulog-prefix SSH_brute_force
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 120 --hitcount 6 --rttl
--name SSH -j DROP

If your vold is fsck’ed up:
# mount -F hsfs -o nomaplcase,ro /dev/sr0 /CDROM
Thanks to Hiram Ruiz
– rdircio
247/433

watch ‘mysql -e “show processlist;”‘
29/433

I found a nice document on how to enable mpxio in solaris:
http://www.petertribble.co.uk/So laris/mpxio.html
267/433

The capture script is:
(date “+%d %m %H %M %S %Y”
top -b -n 1 | head -5) >> /var/log/top. log
The script that generates the csv is:
echo “date,time,loadavg1,loadavg5,loadavg10,processes,sleeping processes,on cpu,cpu idle,cpu user,cpu
kernel,cpu iowait,swap,swap used,swap free,swap cached,mem,mem used,mem free,mem buffers”
cat /var/log/top.log | gawk ‘ORS=NR%6?” “:”n”‘ | while read l;do
date=`echo $l | awk ‘{ print $1″/”$2″/”$6″,”$3″:”$4”:”$5 }’`
load=`echo $l | awk ‘{s=substr($0,index($0,”average: “)+9);print substr(s,1,index (s,”Tasks”)-1)}’ | sed ‘s/,/
/g’`
pt=`echo $l | awk ‘{s=substr($0,index($0,”Tasks:”) +7);print substr(s,1,index (s,” “)-1)}’`
ps=`echo $l | awk ‘{s=substr($0,index($0,”sleeping”)-4);print substr(s,1,index (s,” “)-1)}’`
pr=`echo $l | awk ‘{s=substr($0,index($0,”running”)-3);print substr(s,1,index (s,”running”)-1) }’`
cid=`echo $l | awk ‘{s=substr($0,index($0,”id,”)-5) ;print substr(s,1,index (s,”,”)-1)}’|tr -d ‘[:alpha:]’`
cus=`echo $l | awk ‘{s=substr($0,index($0,”us,”)-5) ;print substr(s,1,index (s,”,”)-1)}’|tr -d ‘[:alpha:]’`
ck=`echo $l | awk ‘{s=substr($0,index($0,”sy,”)-5) ;print substr(s,1,index (s,”,”)-1)}’|tr -d ‘[:alpha:]’`
cio=`echo $l | awk ‘{s=substr($0,index($0,”wa,”)-5) ;print substr(s,1,index (s,”,”)-1)}’|tr -d ‘[:alpha:]’`
swap=`echo $l | awk ‘{s=substr($0,index($0,”Swap:”)+5);print substr(s,1,index (s,”cached”)-1)}’|tr -d
‘[:alpha:]’ | sed ‘s/,/ /g’`
mem=`echo $l | awk ‘{s=substr($0,index($0,”Mem:”)+4);print substr(s,1,index (s,”buffers”)-1) }’|tr -d ‘[:alpha:]’
| sed ‘s/,/ /g’`
echo “${date} ${load} ${pt} ${ps} ${pr} ${cid} ${cus} ${ck} ${cio} ${swap} ${mem}” | sed ‘s/[ t]*$//’| tr -s ‘ ‘| sed
‘s/ /,/g’
done
6/433

To enable sysstat’s sar to collect stats in the background:
# ln -s /etc/init.d/perf /etc/rc2.d/S21perf
# /etc/rc2.d/S21perf start
Use “crontab -e sys” to make sure sys crontab looks like:
0 kraftek.html POSTS rescue rescued.html rescued.txt x y z kraftek.html POSTS rescue rescued.html rescued.txt x y z kraftek.html POSTS rescue rescued.html rescued.txt x y z 0-6 /usr/lib/sa/sa1
20,40 8-17 kraftek.html POSTS rescue rescued.html rescued.txt x y z kraftek.html POSTS rescue rescued.html rescued.txt x y z 1-5 /usr/lib/sa/sa1
5 18 kraftek.html POSTS rescue rescued.html rescued.txt x y z kraftek.html POSTS rescue rescued.html rescued.txt x y z 1-5 /usr/lib/sa/sa2 -s 8:00 -e 18:01 -i 1200 -A
To verify, issue “sar -A” or just “sar”

if you get this message then you don’t have 64 bit java
bash-3.00# java -d64 -version
execve(): No such file or directory
Error trying to exec /usr/jdk/instances/jdk1.5.0/bin/sparcv9/java.
Check if file exists and permissions are set correctly.
Failed to start a 64-bit JVM process from a 32-bit JVM.
Verify all necessary J2SE components have been installed.
(Solaris SPARC 64-bit components must be installed after 32-bit components.)
if you get this message then you have 64 bit java 🙂
bash-3.00# java -d64 -version
java version “1.6.0_18”
Java(TM) SE Runtime Environment (build 1.6.0_18-b07)
Java HotSpot(TM) 64-Bit Server VM (build 16.0-b13, mixed mode)
8/433