Author: rdircio

If when you do netstat -rn you see routes that look the same…
bash-3.00$ netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
——————– ——————– —– —– —— ———
198.148.129.64 198.148.129.110 U 1 385521 ce0:1
198.148.129.64 198.148.129.98 U 1 0 ce0:2
198.148.129.64 198.148.129.110 U 1 0 ce0
198.148.129.64 198.148.129.110 U 1 346097 qfe0
To differentiate them do a netstat -nrv
bash-3.00$ netstat -nrv
IRE Table: IPv4
Destination Mask Gateway Device Mxfrg Rtt Ref Flg Out In/Fwd
——————– ————— ——————– —— —– —– — — —– ——
198.148.129.64 255.255.255.192 198.148.129.110 ce0:1 1500* 0 1 U 385521 0
198.148.129.64 255.255.255.192 198.148.129.98 ce0:2 1500* 0 1 U 0 0
198.148.129.64 255.255.255.192 198.148.129.110 ce0 1500* 0 1 U 0 0
198.148.129.64 255.255.255.192 198.148.129.110 qfe0 1500* 0 1 U 346097 0
then you can add/delete, differentiating them by the netmask, like:
route delete 198.148.129.64 198.148.129.110 255.255.255.192
Thanks to Alejandro Siller
220/433

just do
# passwd -x -1 <account>

You want to know what DMP technology you are using at your server, and if having it activated, how do you see the
 disks....
 Wrote this script:
 #!/bin/ksh
 echo "running check"
 (
 echo "MPXIO ?"
 echo "---------------------------------------------------"
 modinfo | grep -i vhci
 M=`modinfo |grep -i vhci | wc -l`
 if [ $M -gt 0 ];then
 echo "enabled"
 else
 echo "disabled"
 fi
 echo ""
 echo "POWERPATH ?"
 echo "---------------------------------------------------"
 modinfo | grep -i emcp
 P=`modinfo |grep -i emcp | wc -l`
 if [ $P -gt 0 ];then
 echo "enabled"
 else
 echo "disabled"
 fi
 echo ""
 echo "VXDMP ?"
 echo "---------------------------------------------------"
 modinfo | grep -i vxdmp
 V=`modinfo |grep -i vxdmp | wc -l`
 if [ $V -gt 0 ];then
 echo "enabled"
 else
 echo "disabled"
 fi
 echo ""
 if [ $P -gt 0 ];then
 echo "POWERPATH"
 echo "---------------------------------------------------"
 /etc/powermt display dev=all
 fi
 if [ $V -gt 0 ];then
 echo "VXDMP"
 echo "---------------------------------------------------"
 205/433
 vxdmpadm listctlr all
 fi
 if [ $M -gt 0 ];then
 echo "LUXADM"
 echo "---------------------------------------------------"
 for d in `format < /dev/null| egrep 'HIT|EMC' | awk '{ print $2 }'`;do
 echo $d
 luxadm display /dev/rdsk/${d}s2
 done
 fi
 if [ -f /usr/sbin/vxdisk ];then
 echo "VXDISK LIST"
 echo "---------------------------------------------------"
 for d in `/usr/sbin/vxdisk -o alldgs list| awk '{ print $1 }'`;do
 echo $d
 /usr/sbin/vxdisk list $d
 done
 fi
 ) > /tmp/results_`uname -n`.txt
 echo "finished running check"
 Run it, relax, and enjoy
 Thx to Hiram Ruiz and Corey Joiner
 And YES
 This site has been back on Slackware 11 since at least 1 month.
 - rdircio
 206/433

this is a n00b for mac OS X thing, but just to remind me…
while booting the cute zombifying mac, press
cmd-n
and you’ll see verbose booting messages
189/433

if you see some “rdnexus” strings in your format output, you have RDAC (and yes, it is a disease)
32. c9t0d14 <STK-OPENstorageD220-0533 cyl 34965 alt 2 hd 64 sec 64>
/pseudo/rdnexus@4/rdriver@0,e
RDAC is a multipathing software, (like vxdmp or powerpath). Other symptom includes finding the module
loaded.
bash-2.03# modinfo | grep rd
42 103231bf 8f2 235 1 rdnexus (RDAC Pseudo Controller Driver)
43 1032391b 19fb4 236 1 rdriver (Solaris RDAC Driver)
well, you can find out how the paths are shown by issuing:
bash-2.03# SMdevices
SANtricity Storage Manager Devices, Version 08.30.02.00
Built Wed Sep 11 15:25:19 CDT 2002
Copyright (C) 2001 LSI Logic Corporation. All rights reserved.
Copyright (C) 2001 Storage Technology Corporation. All rights reserved.
/dev/rdsk/c5t0d11s2 [Disk Subsystem ImageDisk1, Volume Volume 12, LUN 11, Volume WWN
<600a0b80000f9d5300000014464c4753>, Preferred Path (Controller-B): In Use ]
/dev/rdsk/c5t0d13s2 [Disk Subsystem ImageDisk1, Volume Volume 14, LUN 13, Volume WWN
<600a0b80000f9d5300000015464c47a1>, Preferred Path (Controller-B): In Use ]
/dev/rdsk/c6t0d3s2 [Disk Subsystem ImageDisk2, Volume Volume 4, LUN 3, Volume WWN
<600a0b80001318bd000010c540605ca1>, Preferred Path (Controller-B): In Use]
/dev/rdsk/c6t0d1s2 [Disk Subsystem ImageDisk2, Volume Volume 2, LUN 1, Volume WWN
<600a0b80001318bd000010bd400ceaa7>, Preferred Path (Controller-B): In Use]
/dev/rdsk/c3t0d0s2 [Disk Subsystem ImageDisk2, Volume Volume 1, LUN 0, Volume WWN
<600a0b800013186 c000010d9400cea9e>, Preferred Path (Controller-A): In Use]
/dev/rdsk/c3t0d2s2 [Disk Subsystem ImageDisk2, Volume Volume 3, LUN 2, Volume WWN
<600a0b800013186 c000010e440605c8e>, Preferred Path (Controller-A): In Use]
/dev/rdsk/c3t0d10s2 [Disk Subsystem ImageDisk2, Volume Volume 11, LUN 10, Volume WWN
<600a0b800013186 c000010ef464c4d3a>, Preferred Path (Controller-A): In Use ]
/dev/rdsk/c9t0d14s2 [Disk Subsystem ImageDisk1, Volume Volume 15, LUN 14, Volume WWN
<600a0b80001256a 900000038464c4ca2>, Preferred Path (Controller-A): In Use ]
194/433

To monitor a machine’s performance, in a very raw manner, you can run top in batch mode and redirect it to a file, like:
# top -b -c 10 > topfile.txt &
then parse the output file/s in a script
#!/bin/ksh
echo “DATE,CPUIDLE,ME MUSED,MEMFREE”
(X=0;
B=””;
awk ‘NF!=12 && length>0’ top* | grep -iv defunct | while read line;do
L=`echo “$X % 5” | bc`
if [ $L -eq 0 ];then
echo “$B”
B=””
fi
B=`echo $B$line | sed ‘s/ /_/g’`
X=`echo “$X + 1” | bc`
done ) | awk -F’_’ ‘{ print $3 “,” $31 “,” $41 “,” $43 }’
This was tested on a linux Suse 9 on IBM OpenPower equipment.
=)
Creating a whole root zone
A whole root zone is a zone that has copies of packages in its own filesystem, not mounted as loopback.
# zonecfg -z wrzone
wrzone: No such zone configured
Use ‘create’ to begin configuring a new zone.
zonecfg:wrzone> create -b
zonecfg:wrzone> set autoboot=true
zonecfg:wrzone> set zonepath=/wrzone
zonecfg:wrzone> add net
zonecfg:wrzone:net> set address=100.100.100.1
zonecfg:wrzone:net> set physical=eri0
zonecfg:wrzone:net> end
zonecfg:wrzone> info
zonepath: /wrzone
autoboot: true
pool:
net:
277/433
address: 100.100.100.1
physical: eri0
zonecfg:wrzone> verify
zonecfg:wrzone> commit
zonecfg:wrzone> exit
#
# cat /etc/zones/wrzone.xml
<?xml version=”1.0″ encoding=”UTF-8″?>
<!DOCTYPE zone PUBLIC “-//Sun Microsystems Inc//DTD Zones//EN”
“file:///usr/share/lib/xml/dtd/zonecfg.dtd.1″>
<!–
DO NOT EDIT THIS FILE. Use zonecfg(1M) instead.
–>
<zone name=”wrzone” zonepath=”/wrzone” autoboot=”true”>
<network address=”100.100.100.1″ physical=”eri0″/>
</zone>
#
# chmod 700 /wrzone
#
# df -h /wrzone
Filesystem size used avail capacity Mounted on
/dev/dsk/c0t1d0s0 7.8G 7.9M 7.7G 1% /wrzone
#
# zoneadm -z wrzone verify
# zoneadm -z wrzone install
Preparing to install zone <wrzone>.
Creating list of files to copy from the global zone.
Copying <118457> files to the zone.
# zoneadm -z wrzone boot
# zlogin -C wrzone
278/433

Get it at http://www.opensolaris.org/os/project/awards/awards_land/Entries/
I would love it to be part of opensolaris.
🙂
here
96/433

If you get the message:
c queue max run limit reached
in your /var/adm/messages file and some cron jobs just don’t run, you need to increase the number of
cronjobs that can be run simultaeously in the /etc/cron.d/queuedefs file. On the line that starts with “b”.
for instance:
b.2j2n90w
means that you can only run 2 cron jobs at the same time. Do a man queuedefs for details
57/433

PDC
To add to the previous post, we’ll show now a way to ssh to your Solaris 10 SPARC server using an ActiveDirectory
user+pass, additional to use samba shares anywhere, with your AD credentials.
BUILDING
Samba from blastwave does not include pam_winbind.so, to plug it to PAM, and use our AD user+pass to
login to solaris, so we ned to build our own samba. The release i got is samba 3.0.28, from
http://us4.samba.org/samba/ftp/stable/samba-3.0.28.tar.gz
We need to make sure all required packages to build and use SAMBA are in the system, so please obtain
this list
using pkg-get from blastwave.
Our SAMBA sources like GNU ld, so we are not going to use solaris native ld to build it, we do so by doing:
# mv /usr/ccs/bin/ld /usr/ccs/bin/ld. old
# ln -s /opt/csw/bin/gld /opt/csw/bin/ld
# export PATH=$PATH:/opt/csw/bin
We uncompress SAMBA in a directory called “/builds” and then:
# cd /builds/samba-3.0.28/source
# ./configure –with-ldap –with-ads –with-krb5=/opt/csw –with-winbind –with-pam –prefix=/usr/samba_ad
This will use the openldap client libs in /opt/csw, same as the krb5 in /opt/csw. If all reqs are passed do a
# make && make install
Then, it will all end at /usr/samba_ad
After building these you can always remove the gcc suite, automake, autoconf, flex and bison.
We now need to copy the nsswitch and pam extensions to their locations:
# cp /builds/samba-3.0.28/source/nsswitch/libnss_win* /usr/lib
# ln -s /usr/lib/libnss_winbind.so /usr/lib/libnss_winbind.so.1
# ln -s /usr/lib/libnss_wins.so /usr/lib/libnss_wins.so.1
Now we copy the pam extension:
# cp /builds/samba-3.0.28/source/bin/pam_winbind.so /usr/lib/security
# cp /builds/samba-3.0.28/source/bin/pam_winbind.so /lib/security
# ln -s /usr/lib/security/pam_winbind.so /usr/lib/security/pam_winbind.so.1
# ln -s /lib/security/pam_winbind.so /lib/security/pam_winbind.so.1
CONFIGURING
134/433
/opt/csw/etc/krb5.conf
:
/usr/samba_ad/lib/smb.conf
:
/etc/nsswitch.conf
, to add winbind to users and groups:
passwd: files winbind
group: files winbind
Our Windows 2003 ActiveDirectory Primary Domain controller is “fwa-dc01.aww.com”, our AD domain is
“AWW.COM”, and our solaris 10 sparc server is “netra.aww.com”, so we add these entries to /etc/hosts,
taking care the FQDN appears first.
172.16.1.38 netra.aww.com netra loghost
172.16.1.55 fwa-dc01.aww.com fwa-dc01
Now we configure pam.conf, we need to make sure home directories are created whenever a user from the
windows world logs in, so we get pam_mkhomedir from http://mega.ist. utl.pt/~filipe/pam_mkhomedir-sol/, at
http://mega.ist. utl.pt/~filipe/pam_mkhomedir-sol/pam_mkhomedir-sol-0.0.1.tgz
We build pam_mkhomedir by uncompressing it at /builds/pam_mkhomedir and editing its Makefile to use the
solaris native ld:
LD=/usr/ccs/bin/ld.old
now we just build it
# cd /builds/pam_mkhomedir
# make
And then we copy it to the system default for PAM modules:
# cp /builds/pam_mkhomedir/pam_mkhomedir.so /usr/lib/security
# ln -s /usr/lib/security/pam_mkhomedir.so /usr/lib/security/pam_mkhomedir. so.1
/etc/pam.conf
, to use both pam_winbind and pam_mkhomedir, adding 4 lines:
login auth sufficient pam_winbind.so.1
other auth sufficient pam_winbind.so.1
other account sufficient pam_winbind.so.1
other session optional pam_mkhomedir.so.1 skel=/etc/skel umask=0022
STARTING DAEMONS
After this, we can start samba, and see the effects:
# export PATH=/usr/samba_ad/sbin:/usr/samba_ad/bin:/opt/csw/bin:/opt/csw/sbin:$PATH
# pkill winbindd; pkill smbd;pkill nmbd, /etc/init.d/cswsamba stop
# /opt/csw/bin/kdestroy
# net ads leave -U “Administrator%M1cr050ft123”
# /opt/csw/bin/kinit Administrator@AWW.COM
# net ads join -U “Administrator%M1cr050ft123”
135/433
# winbindd -B
# smbd -D
# nmbd -D
TESTING
I wrote an easy test script called sambatest.ksh:
#!/bin/bash
export
136/433
PATH=/usr/samba_ad/sbin:/usr/samba_ad/bin:/opt/csw/bin:/opt/csw/sbin:/usr/sbin:/usr/bin:/usr/openwin/bin:/opt/csw/gcc3/bin:/usr/sfw/bin:/usr/ccs/bin:/usr/local/bin:/usr/local/bin:/usr/local/sbin
export LD_LIBRARY_PATH=/usr/samba_ad/lib
set -x
which net
which smbd
which nmbd
which winbindd
which klist
which kinit
137/433
sleep 5
smbclient -L netra -U%
wbinfo -m
wbinfo -g
wbinfo -u
getent passwd
getent group
net ads status
net ads info
this
. Please note that wbinfo -m shows your AD domain, wbinfo -g and wbinfo
-u show users and groups, getent passwd should show both your local and AD users.
Now we use ssh with an ActiveDirectory user+pass, it should look like this:
root@kraftek:~# ssh bmahock@netra
Password:
Creating directory ‘/export/home/AWW.bmahock’.
Last login: Sat Feb 2 19:53:08 2008 from localhost
/usr/openwin/bin/xauth: creating new authority file /export/home/AWW.bmahock/.Xauthority
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
-bash-3.00$ id
uid=10004(bmahock) gid=10008(domain users)
-bash-3.00$ pwd
/export/home/AWW.bmahock
Then it’s just a question of enjoying. 🙂
BINARIES
If you don’t want to compile much, just install the CSW packages mentioned above, get these binaries:
samba_ad_solaris_10_sparc.tar.gz
, put them at / and untar them, be careful, these contain the libraries
needed at /usr/lib/security and /usr/lib, then just configure /etc/nsswitch.conf, /etc/pam.conf,
/usr/samba_ad/lib/smb.conf, /etc/krb5.conf and /opt/csw/etc/krb5.conf, verify for each program and library that
no symbol is missing using ldd, and start your engines!.
SCREENSHOTS
Computers
Users
freenx solaris gnome session
for an ActiveDirectory user, yes he can also use sudo!
windows xp
using his AD user+pass, and paswordless-ly view and
smb.conf
.
138/433

to copy a whole directory from this server to another do:

To push files:

cd /dir/to/copy/from; tar zpcf – * | ssh otherserver “(cd /dir/to/copy/to && tar zxvpf – )”

To pull files:

ssh -C otherserver '(cd /some/dir && tar zcf - *)' | (cd /dest/dir && tar zxf -)