This file contains notes from various discussions about IT stuff with Luke before he left (and after!). Transcribed from handwritten notes that were approximations of the discussions. some commands have been moved to: [[commands]] ===== various ===== telnet 127.0.0.1 25 (telnet to a port; use a space for port number.) IMAP webmail uses this. exchange is like IMAP sudo (used to run as root. /etc/sudoers) log files: /var/log/maillog (mail stuff) /var/messages sendmail is a mail trasfer agent (MTA) dovecot-POP & IMAP server dovecot.org sendmail as the MTA wget (downloads http file) bc (calculator) ---- cinepaint yum list '*cine*' vim /etc/yum.repos.d/dag.repo yum install cinepaint Fermilab-Scientific Linux (SL) Origin www.fnal.gov ypcat -k auto.master ---- rpm -qfi '/etc/gshadow' which xterm (gives the location of the command) back ticks send output of commands to RPM rpm -qfi `which xterm` ssh -XY lukeshouse.net glxgears (visual demo) Movie Players: * xine * VLC <--good! * mplayer ---- * Latex * xpdf * ggv postscrip reader Gnome Ghostview * ps2pdf converts postscript file to pdf ---- Grad student computer can run out of domain, just enter passwords when using domain resources. ---- /user/share/sendmail-cf/cf/README /etc/mail /usr/share/doc/sendmail/doc/op/op.ps ---- /etc/yum.conf /etc/yum.repos.d/*.repo grep enabled=1 /etc/yum.repos.d/*.repo ---- http://www.oreillynet.com/pub/a/oreilly/linux/news/linuxnut_0800.html ---- to get root's email: I added you by editing courier:/etc/aliases and then I activated the changes by running "service sendmail reload" on courier. ----- Re: TSM Backup failed for BACCHUS.AOE.VT.EDU This may be because of today's machine-room shutdown, or it may be for some other reason... A "ps -ef | grep dsm" on bacchus shows that the backup service is running there, so it's almost certainly due to the power outage. If not, an "/etc/init.d/tsm stop; /etc/init.d/tsm start" ought to do the trick[0]. -Luke [0] The script that I dropped in /etc/init.d/ doesn't follow the Redhat conventions entirely, but it does work for the important things like starting and stopping. Less important things like "restart", "status", "condrestart", "reload", and "reread" that you see on some of the fancier /etc/init.d/* scripts are not supported. ---- ===== Computer Setup: ===== Do in Luke's office behind NAT will simplify things. Bill's Dell service tag: CGZY3B1 during install, a local account must be set up. Delete this after install. remove google desktop gave up, then reinstalled windows, removing partitions. local admin De12! Aerospace and Ocean Engineering Virginia Tech Domain:aoe.vt.edu aoe/username active directory Users and Computers Move from computers to Acedemic computers gpupdate /force /boot Temporary ip if not behind NAT IP 128.173.188.28 mask 255.255.252.0 Gateway (Router) 128.173.188.1 DNS Pluto,Neptune Wireles SSID VT_WLAN ---- ===== vmware ===== VMware GSXserver free rpm -UvH ^Z bg ---- DECSS video encryption algorythm used on DVD that was decoded by a kid ctrl-D(or was that Z) end of file. Stops program waiting on input ssh -XY lspci (-n) (ls of hardware) lsusb (ls of usb) lsof (open files) less -i (case insensitive) cat /proc/pci ctrl-alt-BS shuts down xserv ctrl-alt-del shuts down computer x8664 .386 .686 PII & up ---- find -type f -exec chmod 644 {} \; converts file permissions find -type d -exec chmod 755 {} \; converts directory permissions proc/version for version information proc/ide ===== xwindows ===== start X from the command line using this command: X :1 & (or ctrl-Z bg) Then switch back to a tty window with ctrl-alt-f2 and log in. Then: export DISPLAY=:1 xterm And switch back to the X session using ctrl-alt-f7 to see the application To kill X: ctrl-alt-bs I added: xauth add :1 . `mcookie` (from a web page) ---- 1-25-2007 ^ alt f1 (change windows) # X :1 (starts Xserver on slot1) # export DISPLAY=:1 # xclock & (no window manger or frame) or # gnome-session & window managers: # twm & mvwm afterstep kwm icewm fvwm fvwm95 to go between boxes # echo $DISPLAY (tells which one in use) # xhosts + # ssh or rlogin telnet rsh sneakernet # export DISPLAY-:0 # xclock & ---- lookukp using man these words Luke used: xargs mmap fgets fprintf fget ps -ef | grep xterm ps -ef | grep glxgears emacs gvim index.php cd campioli/ (on bacchus) gimp vorticity_3D_iso2_www.jpg cd /www/aoe-html/bannerimages/ ---- [[http://www.cyberciti.biz/faq/running-multiple-x-sessions/]] The startx script initialize an X session. You can use the same to run multiple X session. Switch to console mode by pressing CTRL+ALT+F1. Provide your login details and type the following command to start X session: startx -- :1 By default the first X session runs on screen 0. However, you can run the second X session on screen 1, the third on screen 2, and so on. The above startx command tell X to run on screen 1. To run X on screen 2, you'd use the command startx -- :2 How Do I Switch Between X Sessions? 1. To go back to the screen 0 user X session, press Ctrl+Alt+F7 2. To go back to the screen 1 user X session press Ctrl+Alt+F8. 3. To go back to the screen 2 user X session press Ctrl+Alt+F9. 4. Please note that F7 to F12 identify six X sessions. ==== install X-Win32 from softdisk on windows box ==== run X-Config Host Name: aries.soe.vt.edu Login: username command: /usr/X11R6/bin/xterm -ls (for xterm window, which is usual case.) default PuTTY settings with SSH2 Flags. same for Bacchus using remote X on windows: start x-win32 then, in systray, right click on X and open session of choice. Now running graphical applications will appear on the windows box, but are running on the linux system! some things to run: xclock xcalc #dsm from (alexandria) gimp ===== Make ===== makefile stuff: for normal programs that need to be compiled from source (rare) ./config make make install (?) make -n (do nothing) GCC Perl GTK C++ G++ yum list '*gcc' dlopen .so files are equivalent to dll nm lists functions in .so files (dlls) ---- ===== Kernel source ===== Dowload and install kernel SRPM: # rpm -ihv ftp://ftp.scientificlinux.org/linux/scientific/5x/SRPMS/vendor/kernel-2.6.18-53.1.4.el5.src.rpm Unpack kernel source and apply all patches: # cd /usr/src/redhat/SPECS # rpmbuild -bp kernel-2.6.spec Kernel source is now in /usr/src/redhat/BUILD/kernel-2.6.18/linux-2.6.18.i386 Urs ===== database stuff ===== ssh bacchus grep root /www/common/include/aoe_mysql.inc.php grep mysql_connect mysql -p -u root >show databases; (end all statements with ;) (databases in /var/lib/mysql >use givingdb; >show tables; >describe givingdb.donors; >select * from donors; >insert into types set tag="Student"; (select, insert, update, delete are some commands) >show create table calevents; (shows the sql statement to do the command) ---- ===== Restore procedure from backups ===== log in "graphically" as root to alexandria --ssh -XY #dsm or #dsmj (on alexandria for restore from nightly backup.) only six tape machines available #dsmj (on athena for restore from nighly backup.) ---- ===== Group accounts for research ===== these need to be addressed in websites and in the database. ---- ===== Luke's new job ===== Luke's new boss: Tim Rhodes Sun machines run Solaris ---- Luke's cell: 818-5876 New house address: 5795 pifer Dublin, Va ===== logging commands ===== su to root tail -f /var/log/messages use epylog for multiple machines uses Logwatch by default for local machine /root.forward and put email in this to get messages ===== Ron Kriz ===== google VMD used by NIH to visualize molecular dynamics used in biochemisry and biology. ===== athena ===== athena's original disk setup-swap was later moved to its own partition v LVM Volume groups MB v VolGroup00 1791744 LogVol01 swap 1024 v /dev/sda /dev/sda1 /boot ext3 102 /dev/sda2 / ext3 18999 /dev/sda3 /tmp ext3 10001 v /dev/sda4 extended 11853 /dev/sda5 /var ext3 10001 /dev/sda6 VolGroup00 LVMPV 1851 rest LVMPV ... 03:01.0 RAID bus controller: 3ware Inc 9550SX SATA-RAID 07:04.0 Ethernet controller: Intel Corporation 82541GI/PI Gigabit Ethernet Controller (rev 05) 07:06.0 Ethernet controller: Intel Corporation 82541PI Gigabit Ethernet Controller (rev 05) ---- Backups ypcat auto.master ypcat auto.home <=contains partitions /etc/initd <=script /etc/rc.d/rc0.d <=for different init modes /etc/rc.d/rc1.d <=etc, etc through 6 chroot <=changes a branch to appear as the / directory ^A unshare from samba on alexandria /etc/samba/smb.comf comment out /caplab service smb reload <=to activate changes without disconnecting everyone /etc/exports comment out section group for /caplab /sbin/service nfs reload unmount remount in /tmp edit exports on athena copied /caplab section from alexandria to athena unmount /mnt/tmp /etc/init.d/nfs reload /etc/init.d/nfs start chconfig nfs on chkconfig portmap on <= since nfs is always on a different port this resolves the port address for nfs mount athena:/export/caplab /mnt/tmp ls /dev/vg0 will list /caplab cat /proc/lvm/global Active directory (see screenshots) DefaultMigrationContainer30 adsiedit msSFU30NISMAP Entry c:> nisadmin /syncall ypcat -k -h pluto auto.home ---- ===== NTSyslog ===== Http://ntsyslog.sourceforge.net/ ===== Archive users ===== (15:51:25) lscharf@im.iad.vt.edu: My process is usually: (15:51:43) lscharf@im.iad.vt.edu: 1. Move user to the graveyard OU in Active Directory, disable the account. (15:51:52) lscharf@im.iad.vt.edu: 2. Wait a reasonable amount of time for them to complain, in case of a mistake. (15:52:06) lscharf@im.iad.vt.edu: 3. archive_user & delete from Active Directory (15:53:06) lscharf@im.iad.vt.edu: 4. Use the "archive" feature in DSM/TSM/whateveriscallednow to store the account-information long-term. Also, DSM can delete the files as it archives them, which is slightly scary, but it makes the bookkeeping easier. (15:54:04) lscharf@im.iad.vt.edu: There's no reason anyone has to do it that way, but I found that it kept everything organized. (15:54:19) steve: if the account is not disabled, can they still log in if just moved to the graveyard? I set the account to expire AFTER today. is there a more appropriate way to disable the account? (15:54:44) lscharf@im.iad.vt.edu: Right-click on the account and choose "disable". ---- watch ls -lh omarzouk_2006-08-19_2701.tar.gz mtonks_2006-08-19_2797.tar.gz suvasud1_2006-08-19_2890.tar.gz [root@alexandria graveyard]# /home/sysadmin/bin/archive_user.sh suvasud1 Searching file the user's files in /home/grad /home/facultystaff /home/undergrad /home/diskhogs /home/grad2 ... Found "/home/diskhogs/suvasud1" : 61G /home/diskhogs/suvasud1 61G total Tar'ing up the user's files... nice -n 19 tar -zcf /home/sysadmin/graveyard/suvasud1_2006-08-19_2890.tar.gz "/home/diskhogs/suvasud1" tar: Removing leading `/' from member names To check the contents of the archive: tar -ztvf "/home/sysadmin/graveyard/suvasud1_2006-08-19_2890.tar.gz" To remove the files that were just archived, manually run the following command: rm -rvf "/home/diskhogs/suvasud1" ------------ [root@alexandria graveyard]# /home/sysadmin/bin/archive_user.sh mtonks Searching file the user's files in /home/grad /home/facultystaff /home/undergrad /home/diskhogs /home/grad2 ... Found "/home/grad/mtonks" : 20G /home/grad/mtonks 20G total Tar'ing up the user's files... nice -n 19 tar -zcf /home/sysadmin/graveyard/mtonks_2006-08-19_2797.tar.gz "/home/grad/mtonks" tar: Removing leading `/' from member names Broadcast message from nutmon (Sat Aug 19 19:38:16 2006): To check the contents of the archive: tar -ztvf "/home/sysadmin/graveyard/mtonks_2006-08-19_2797.tar.gz" To remove the files that were just archived, manually run the following command: rm -rvf "/home/grad/mtonks" [root@alexandria graveyard]# rm -rvf "/home/grad/mtonks" ---- /home/sysadmin/bin/diskhogs.sh ---- du -sk * (lists sizes of directories.) ---- ===== nut ===== Broadcast message from nutmon (Sat Aug 19 19:38:16 2006): UPS zeus@192.168.88.1 on battery Broadcast message from nutmon (Sat Aug 19 19:38:20 2006): UPS zeus@192.168.88.1 on line power UPS zeus@192.168.88.1 on battery Broadcast message from nutmon (Sat Aug 19 19:38:20 2006): UPS zeus@192.168.88.1 on line power ===== ypserv ===== How to reload the ypserv database on alexandria. These commands are not all required. Some were issued in trying to find the right ones. ypserv restart /etc/init.d/ypbind restart /etc/init.d/ypserv /etc/init.d/ypserv reload /usr/lib/yp/ypinit -s /usr/lib/yp/ypinit -s pluto.aoe.vt.edu /etc/init.d/ypserv restart What is the difference between service nfs reload /etc/init.d/nfs reload Basically, nothing. ---- nisadmin /syncall (on windows) watch ls ===== Random notes ===== Dan's friends: Rob and Chris ---- Madhu uses jed to edit html. ---- ===== Nastran ===== MSC.nastran license Wanda emailed Cassandra Radigan (cassey.radigan@mscsoftware.com) to update MSC software licenses. She sent quote for 3,800, the academic price. Benjamin Kelly [benjamin.kelly@mscsoftware.com] sent an email with a temporary license. The Installation and Operations Guide (hard copy page 32) explained the procedure. On licenseserver, go to FLEXlm License Manager on the control panel. On the setup tab, look for the location of the license files. C:\Msc\FLEXlm\licenses\msc_license_2006-08-30_temp.dat place a new file in this location from the email. Be sure to update the hostname. Stop the license Manager from the control tab. from the setup tab again, replace with old file with the new one. Start the service from the control tab. I also updated license.dat in C:\flexlm\Nastran. I don't think this is required, but hey. ---- ===== LaTeX ===== If you delete c:\texmf, the automatic-install script should run again, during the next reboot. If the script does not run, you can run my installer from, IIRC: " \\alexandria.aoe.vt.edu\packages-win32\latex" -Luke Scott Kowalchuk wrote: Luke- I seem to not have the Miktex\bin. I have localtextmf\miktex\ -> no bin and texttmf\ -> no miktex Does this mean that miktex isn't setup? Thanks, SAK Luke Scharf wrote: sako@aoe.vt.edu wrote: On the computers in the SSSL lab, Texnic wants the location of the Latex executables. Miktex is on the computers. Have you had this problem in the past? Yes. It's one of those problems that can only be documented away. Here's my writeup on the topic: 10.4.1 TeXnicCenter Per-User Setup TeXnicCenter Configuration Wizard Step-Through: Upon launching TeXnicCenter 6.30 for the first time on a specific machine, a "Tip of the Day" window * Click ’Close’; Then, the "Configuration Wizard" window may launch automatically as well, if you’re using TeXnicCent * Click ’Next’; * type in: C:\TEXTMF\MIKTEX\BIN\ into the textbox field (to specify the full path of the directory, where the executables of the Te * Click ’Next’; -type in: C:\TEXTMF\MIKTEX\BIN\YAP.EXE into the *first* textbox field (to specify the full path of the DVI-viewer to use). * Click ’Next’; Accept defaults, or you may choose to enter *one* of the following: C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\DISTILLR\ACRODIST.EXE C:\WINDOWS\NOTEPAD.EXE (to specify the full path of the PostScript-viewer to use). * Click ’Next’; make sure C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\ACROBAT\ACROBAT.EXE is entered as the full path of the PDF-viewer to use. * Click ’Next’; * Click ’Finish’. ---- ===== Active Directory software deployment ===== Here's the writeup that I did for Ben to get him started on distributing applications via GPO in Active Directory. I leave out a lot of context, since he's run Windows AD stuff before -- but that's fine in this crowd. :-) Also, the justification section was something that I slapped together, in case his boss wanted a justification for these kind of changes. -Luke -------- Original Message -------- Subject: Re: active directory & apps Date: Thu, 17 Aug 2006 14:21:06 -0400 From: Luke Scharf To: Ben Pfountz References: <44E3D6C5.9030503@vt.edu> Ben Pfountz wrote: I am working on a long term plan for the psych department, and I remembered you say that aoe uses active directory groups/containers (?) to install apps on certain machines? That sounds sooo frigin cool, do you have any reference material on that? I would love to give it a shot... This looks like a good introduction to what they were thinking: http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/instmain.mspx For a typical program, the procedure goes something like this: 1. Make the package available 1. Find or generate a .msi file that contains the application. 2. Place the foo.msi on a \\server\share. This share is somewhat special, because the system user on Windows needs to be able to read it. It's probably fairly straightforward to set this up in a Windows environment, but there's a trick to it on Samba. 2. Create the deployment policy 1. Open the Active Directory Users and Computers editor. 2. Pick an OU or container that holds the machines on-which you want to install the software. Right-click on it, and choose "Properties" 3. Find or create the GPO object that contains the software installation policy. (It's just like the other GPO objects). Once it's there, click on the "Edit" button. 4. Go to "Computer Configuration" | "Software Settings" | "Software Installation". 5. Right-click in the empty-space in the window, select "New" | "Package". Browse to the file that you placed in step 1. 3. Reboot the workstations. Sometimes the change doesn't catch -- in that case, run "gpupdate /force /boot" on the CLI; this will force a refresh of the group policy and reboot the computer. This stuff can be a real PITA to debug, since you don't get a lot of feedback on why the installation might have failed. The Event Viewer on both the client and the fileserver can be helpful, though. Here's a good program for generating MSI files for those vendors who refuse to generate official ones: http://www.ondemandsoftware.com/PurchaseLE.asp Note that it's quirky on Windows 2003 server - it's easiest to generate the MSI files on a Windows XP box. The WinInstall folks recommend generating the MSI packages inside a VMWare virtual machine, and having tried it both ways, I agree. WinInstall LE makes generating MSI packages for well-behaved applications easy. Microsoft office is neither small, nor particularly well-behaved. Here's a guide on how MS recommends distributing Microsoft Office via GPO - since MS Office is a big application, it's somewhat more complicated then most: http://office.microsoft.com/en-au/assistance/HA011402011033.aspx If you plan to deploy Matlab or LaTeX via GPO, let me know - these were particularly memorable battles, and I can write up a cheat-sheet for you. Also, Autocad and Unigraphics, though I wouldn't expect them to be popular in Psychology. Justification: I found it to be a major timesaver for me - and it also greatly increased the security, since I could mandate that all Windows machines in the domain run the most current virus scanner. Add WSUS into the mix, and the routine maintenance on the Windows machines can done with much better better coverage and consistency than I was ever able to achieve with manual administration -- in much less time... Time that can be spent on the myriad of other IT-related tasks! I hope this helps! -Luke ===== Web info ===== ==== ~/Webpages ==== To change file permissions for Webpages: cd /home/sysadmin/bin ./fix_website_permissions.sh stedwar1 750 for folders 640 for files ==== Student Organizations Websites ==== Student organization web sites can be webmastered(ugh) by the students using a local log-in on bacchus (15:12:45) lscharf@im.iad.vt.edu: Usually, I just have to ssh to root@bacchus"passwd auvt", and enter the new password. If you look at the account's home directory (~auvt), you can look for a file called ".htaccess". That's the configuration file for the restricted access. It also has a reference to the userlist. www.hps.vt.edu is a virtual web server. There are several virtual hosts on bacchus. You can browse the list in /etc/httpd/conf. The real entries are in the mx-cnames file, which is processed by the script along with ip.txt ---- ==== Website problem for devenport 9-11-06 ==== The pages for displaying or editing internal lab safety info seem to have quit. The editing page, for example is... https://www.aoe.vt.edu/computing/online/labsupport/labsupport_document_edit.php URL maps to bacchus:/www/secure-html/computing/online/labsupport/labsupport_document_edit.php The list that is here comes from the database: https://www.aoe.vt.edu/computing/online/ tail -f /var/log/httpd/error_log Then reload the page (or http://www.aoe.vt.edu/labsupport/labsafety.php) Whatever the page is doing, it's taking 32mb of RAM to do it. One possibility is that someone put a huge document into the database and it's overflowing the memory. Luke: I'm going to play with fire and let php use more memory. Steve: I'll get the extinguisher. Luke: I quadrupled the memory limit, and it works now. It makes the problem go away for a while. Until the number of documents in that table quadruples in size. It's not a real solution, but it should make it a non-issue. The memory-quantity is set in /etc/php.ini on line 203 The code is /www/common/include/dblayout*.php ===== AOE Sysadmin Candidates Luke suggested before Steve took the job ===== Short List: Richard W Godbee Jackie Meese Zeb Bowden ===== Thawte Certs ===== Luke 20 pts Mark Warbeck 15 pts ESM Denton Yoder 30 pts AgE Steve 10 pts ===== AV access ===== The PIN for the A/V equipment is 70113 in McBride 113. ===== Pankaj's Patran problem ===== On Pankaj's computer, he was having trouble with the patran uninstall and niether would the install work again because it said it was already installed. We removed the key for patran from these instructions: http://support.microsoft.com/default.aspx?scid=kb;en-us;310750&Product=winxp in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall I also removed removed registry key HKEY_LOCAL_MACHINE\SOFTWARE\MSC...Patran. The install then work. Then on the install, enter 1700@licenseserver.aoe.vt.edu ---- ===== ===== RDP port 3389 ===== Notes from WUG:===== Kiwi eventidinet AD Backups! Sophos- Anti-Virus nano (vi like editor) ------------ ===== Dr Neu's win 2000 box.===== http://support.microsoft.com/default.aspx?scid=kb;en-us;324764 booted with win2000 cd and entered R,C. listsvc disable agp440 enable agp440 SERVICE_START_BOOT (?) this did not work. tried /sos in boot.ini and it halted after the Win2000 screen came up which is after the drivers load. Tried recovery (R,R) on the install disk ---- ===== LVM ===== ====Mounting the lvm on the factory boot hard drive out of athena.==== vgscan vgdisplay vgchange -a y mount /dev/VolGroup00/LogVol00 /mnt umount /mnt vgchange -a n ==== exclude devices ==== If LVM2 shows some warnings like “Incorrect metadata area header checksum”, it’s certainly because it checks some partitions without LVM support (x8e). The filesystem works fine with this message but you can get rid of it, exclude not LVM partitions by editing /etc/lvm/lvm.conf : filter = [ “r|/dev/cdrom|”, “r|/dev/hda1|”, “r|/dev/hda3|” ] Use fdisk to know the partitions to exclude and run vgscan to test. ==== expand ==== # umount /home # lvextend -L+1G /dev/myvg/homevol # resize2fs /dev/myvg/homevol # mount /home ==== reduce ==== # umount /home # resize2fs /dev/myvg/homevol 250G (must know size wanted; cannot use + or -) # lvreduce -L-1G /dev/myvg/homevol # mount /home ==== ext3 ==== [[http://www.troubleshooters.com/linux/ext2toext3.htm]] convert ext2 to ext3 tune2fs -j /dev/AthenaData2/softvault ===== man ===== man 2 kill (to view man page for kill(2)) man -a kill (to view all man pages) $ man -k kill #(keyword) $ apropos kill #(similar to man -k) $ info kill #(info pages) $ help kill #(bash built-ins) $ locate kill | grep /usr/share ===== book list ===== UNIX System Administration Handbook ISBN: 0130206016 ===== interupt issues ===== to check interupt issues: # cat /proc/interrupts # dmesg # lspci -vvv Hardware details: # lspci # lspci -v # lspci -vv Additional information from lspci stored in /usr/share/misc/pci.ids # dmesg or /var/log/boot.log /proc # cat /proc/cpuinfo # cat /proc/ide/ide0/hda/driver # cat /proc/ide/ide0/hda/capacity # cat /proc/ide/ide0/hda/model # fdisk -l # fdisk -l /dev/hda # dmidecode # lshw (not installed) # lsusb # sensors (not installed) # hdparm # lshal ===== Burning an Install CD ===== After downloading your image into your Linux box, do this: 1. As root, type: cdrecord -scanbus ... in order to determine the device. It will be something like '0,0,0' or just '/dev/cdrom': 2. Next type: cdrecord -dummy -v -pad -eject dev=/dev/cdrom sample.iso ... in order to perform a test run. Remove the -dummy flag (but keep 'dev=') to do it for real. You can also add a -eject to cause it to eject when complete; and -pad to pad tracks with 15 sectors with blank space. By adding a speed=x (where x can be 2, 4 ... 16, etc.), you can control the speed of the burn and counter 'buffer underrun' errors, if present. That's it! from user space, Luke used cdrecord --eject --verbose CentOS-5.0-i386-bin-1of6.iso [stedwar1@hephaistos Apple]$ cdrecord --eject --verbose dev=/dev/dvdwriter -dao Mac_OS_X_104_Tiger_dvd.iso [stedwar1@hephaistos Apple]$ cdrecord --eject --verbose dev=/dev/cdwriter1 -dao Mac_OS_X_104_Tiger_dvd.iso ---- To burn CD's as user root must have access to files: sudo cdrecord -dao dev=/dev/cdwriter /home/facultystaff/stedwar1/FC-6-i386-disc1.iso ===== ssh keys ===== The -t option is legacy.... $ ssh-keygen -t rsa put this in .ssh/authorized keys. $ cat id.rsa.pub >authorized_keys There are four files: - authorized_keys -- This is where you put keys to let people in. - id_rsa -- This is the private key - id_rsa.pub -- This is the users public key - known_hosts -- This is the big list of all the hosts the user logs into. remove unused keys in serhat's directory. [[http://kitenet.net/~joey/blog/entry/locking_down_ssh_authorized_keys/]] ===== ssh tunnels ===== [[http://www.enterpriseitplanet.com/security/features/article.php/3797276]] == tunnel from local to remote system or network == steve@steve-thinkpad:~$ ssh -L 33389:192.168.1.101:3389 192.168.1.10 -p 32777 steve@steve-thinkpad:~$ rdesktop localhost:33389 To tunnel to nomahince: ssh -L 33389:charon.aoe.vt.edu:22 riccioli.ipv6.aoe.vt.edu -p 32777 Then use nomachine to connect to localhost port 33389 To tunnel to neptune: ssh -L 33389:128.173.188.26:3389 riccioli.ipv6.aoe.vt.edu -p 32777 rdesktop localhost:33389 == reverse tunnel from remote system back to local system or network == dink:~ jmjones$ ssh -R 8110:mail.myisp.com:110 ezr ===== rsync ===== http://troy.jdmz.net/rsync/index.html Autobackup: rsync -azt --delete-during -a archive -z compress -t time, implied with a --delete removes files not on original set from backup set --delete-during removes files as backup happens crontab -l rootat =====serial port permissions===== to change permission on serial port chmod ... /dev/tty/so also a tool exists to chage permission or logon from RedHat. ---- ===== Star-CCM+ ===== http://www.cd-adapco.com Star-CCM+ Downloaded license manager items to c:\star-ccm+ on licenseserver4.aoe.vt.edu from macrovision, from a link on the cd-adapco web site. https://support.cd-adapco.com steve.edwards@vt.edu name-number A link on the login page got me to macrovision to the flexlm files, except I also had to get cdlmd.exe out of the flexlm download on cd-adapco's site, so it would have been just as good to get all from cd-adapco.com I dropped these files in c:\star-ccm+\ and made them work with lmtools. In lmtools, I added a service from the Config Services tab, and pointed everything to the files in c:\star-ccm+ I had to modify the VENDOR line to: VENDOR cdlmd C:\Star-CCM+\cdlmd.exe for star-design to work. Uses 1999@licenseserver4.aoe.vt.edu To get the bits for the program, use the download area of https://support.cd-adapco.com The products licensed are: Star-CCM+ Star-CCM+/Design not the others like Star-CD, Star-Design Installation seems straightforward. Asks for the license server. ===== Abaqus install ===== Install documentation first. I have use html version and the abaqus web server javaw asked to open firewall. see sofware_license_managment.xls for server information ---- ===== various ===== delivered two Dell 690's to Femoyer for Kapania's students. During Davide's setup I noticed a dhcp problem in Femoyer. Gave it 128.173.105.54, and unused address for gtech2. Later in room 325 fixed a problem with powerpoint. It needed a visual basic runtime install. The error was something needed to be registered. The dchp problem occured again in Femoyer 330, with Chengu(sp?)'s machine. About a week ago, it had network problems. It had a static address of 128.173.105.220(?). It would not accept a dhcp. I called NOC and spoke with Steve and he noticed the dhcp address leases were all used. he gave me a number of 316004 and later called and said the problem was resolved. printer in Femoyer 205 is HP 2200d ---- Mahdu wants a calendaring/Planner software, besided office. ---- Plotter paper problem: spoke with HP, Hosea. Warranty good to 11 Feb 2008. gave me 321 776 4594. Spoke with Zack, then avangelos. ---- SGI Altix CD's Case ID 2697532 cat /etc/*release ===== Wug meeting Feb 1, 2007 ===== David Norris, Microsoft--spoke about Office 2007 Support for network projectors Share Point Alt-Key brings back menues .ost is cached copy of pst on network tabs ribbons- click to hide user Migration tools alt change .docx to .zip and the xml contents can be seen radmin Share Points v3 supports most browsers ---- 670 (??) 42" x 150' C ===== boot.ini maintenance ===== bootcfg /delete /ID 1 (or 2) ---- 14959 (??) ---- ===== Monitor resolutions ===== * 1280x1024 19" * 1600x1200 20" Dell 2007FP * 1680x1050 20"wide Dell 2007WFP * 1680x1050 22"wide Dell 228WFP * 1680x1050 22"wide Dell 2208WFP * 1920x1200 24"wide Dell 2407WFP, 2408WFP * 1920x1200 27"wide Dell 2707WFP ===== Lug meeting (Linux Club) Feb 15, 2007 ===== Jackie Meece Presented pam_ed-auth mirrors.vbi.vt.edu smart (like yum) PAM_LDAP required for suse, not red hat Red hat needs nss_ldap open ldap sis faster thatn smbfs (?) /etc/ldap.conf uupid ! in shadow means no login. nscd caches accounts smb3 coming up ===== openwrt ===== openwrt firmware on linksys routers could be a consideration for printer firewalls. ===== sys admin counsil meeting Jan 30, 2007 ===== * Jeff -- web integration help * Lee Dicky, Desktop support * Ryan Spoon, incumbant for Tommy * Amin, Desktop support SWAT Dino- instructional tool classroom presentor \ These not as easy to use ubiquitus presentor/ addlogics, wireless projector ===== directory information ===== /aoe abaqus Intel compilers Nastran Ansys /opt lives on machine /etc/profile.d / ---- /etc/sysconfig/network (has host names) /etc/sysconfig/network-scripts/ipconfig-eth0 (has ipconfiguartions) ===== Inventor notes ===== called 1-800-551-1490 s/n 400-93122639 (also on software.engr.vt.edu) Inventor Pro11 first Autocad 2007 Mechanical Desktop with Inventor Flexlm 10.8 and up flash = flash dwfviewer = aev mdac 2.7 sp1 = /support/ 1-3424 installation observations: Not quiet : wse visual fortan 9.0 installs every reboot gl-gauss - No inventor , still acad 2005, configure Analysis Server 4.1 gl-newton - same as above dl-maine No inventor dl-apollo1 won't run acad No hardware acceleration: Hyperion Mercury Encaladus iapedus mimas gl-gauss snap-in failed to initialize, name: clsid:{4, DS1410D service failed to start. ===== various ===== model center m.m@vt.edu (????) ---- 382-6557 (????????) 1/19/07 PCland EE01353 Whitney's TV is 32" Samsung ---- gl-iapetus monitor 2005FPW ---- wildfire jabber.org ---- NIST recommends one wipe adequate to clean hard drive. ---- bluej is a java compiler ---- awk '{ sub("\r$",""); print }' filein > fileout ---- openfoam ---- http://www.hostingforum.ca/273271-windows-server-2003-sp2-print-print.html : I found out from MS Support that apparent SP2 has some changes in the way SNMP is handling printer queues. It now does multiple SNMP threads for the printer queues instead of 1 round robin. To resolve this, check if your printer's SNMP is working properly. To workaround, in the Printers and Faxes folder, File > Server Properties Goto Ports Tab > Click the offline Port > Configure Port Uncheck "SNMP Status Enable" OK This will turn off SNMP querying and set the printer to always Online. ---- Home automation equipment: insteon www.insteon.net campus DNS: 198.82.247.34 198.82.247.98 192.82.247.66 Campus Network Time Protocol servers: ntp-1.vt.edu ntp-2.vt.edu ntp-3.vt.edu ==== Kerberos ==== [[http://technet.microsoft.com/en-us/library/Bb742433.aspx]] Kerberos config file krb5.conf ---- Setting up valkyrie to use kerberos: Added pam_krb5.so.1 entries to pam.conf man pam_krb5 works with the verify_req_ap_nofail option set as described in the man page Without the option, it does not have an entry in the /etc/krb5/krb5.keytab file Export keytab file for valkyrie on neptune: >ktpass princ host/valkyrie.aoe.vt.edu@AOE.VT.EDU mapuser AOE\valkyrie +rndPass -out valkyrie.keytab ---- [[http://support.microsoft.com/kb/321044/en-us]] ===== Mount USB Drive on alexandria ===== mount /dev/sdc1 /mnt/usb nice rsync -avt --progress /home/sysadmin /mnt/usb/ "rsync -ax /orginal/ /target/" for file copy ---- ===== Split and rejion tar files ===== tar'ed the file with: nohup nice tar -cf /foo.bu.tar /fooSource & split the file into 500MB chunks with: nohup nice split --line-bytes=500m foo.tar.gz foo_ & rejoined the file with: nohup nice cat foo_a* > foo_FULL.tar.gz & ===== usb speed ===== View dmesg after plugging in a usb device and look for the speed. USB 2.0 operates at high speed, defined as 60MB/s (480Mb/s), which is 40 times faster than USB full speed. USB 1.1 operates either at full speed, which is 1.5MB/s (12Mb/s), or at low speed, which is 1.5Mb/s. =====Add user ===== useradd -u UID -g GID -c "User full name" -d /export/home/$LOGNAME -m -s /bin/ksh loginID The -m creates the user home directory if it does not exist. ===== yum/rpm ===== rpm -qf /etc/yum.repos.d/sl4x-errata.repo (-qf for file stuff) rpm -qa |grep yum-conf rpm -ql yum-conf-4x (list files that belog to package) yum insatll yum-conf-4x /etc/redhat-relaese Trow Dawson at SL commented on how to reinstall an app using yum. You will need to do a yum clean all yum update openssh\* To install everything!!! Yikes! yum install "*" ---- # yum shell erase yum-conf install yum-conf-5x run yum install yum-conf-epel then disable it in /etc/yum.repos.d/epel.repo yum install rdesktop lynx vim-X11 gettext-devel.x86_64 denyhosts lyx compat-gcc-34-g77 subversion.x86_64 sysstat scipy numpy lapack.x86_64 compat-libstdc++-33.x86_64 General sl6 Machine Setup yum install yum-conf-sl6x yum install yum-priorities yum install elrepo-release yum install epel-release yum install rdesktop lynx vim-X11 gettext-devel thunderbird denyhosts gnuplot subversion compat-gcc-34-g77 lyx numpy scipy lapack python-matplotlib ksh screen yum --enablerepo epel-testing install scipy (scipy is now available in the main epel repo) sysadmin tools yum install yum-conf-rpmforge yum install iperf yum install iftop Dell Bios upgrade (still did not work) yum install compat-libstdc++-33 yum install compat-libstdc++ yum install libstdc++ yum install libxml2 yum install compat-libstdc++-33.i686 yum install libstdc++.i686 yum install libxml2.i686 yum install procmail OpenFOAM yum groupinstall "Development tools" yum install libXp yum install cmake yum install zlib-devel yum install libXt-devel paraView yum install qt-devel for Matlab: yum install libXp for Patran: yum install openmotif22 export LC_ALL=C for Gridgen: yum install libXaw for Visual Doc: yum install java-1.6.0-openjdk-devel ---- gecko-libs is provided by firefox. # rpm -q --provides firefox | grep gecko gecko-libs = 1.8.0.12 gecko-libs = 1.8.0.12 ---- sudo yum whatprovides /etc/selinux ---- Are you sure the package is actually there? rpm -qa | grep packagename what errors does rpm -e packagename actually show? ... However, if all you want to do is "reinstall a fresh copy" this is easy: rpm --install --replace-pkgs packagename.rpm $ rpm -qi htop Name : htop Relocations: (not relocatable) Version : 0.6.6 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ Release : 1.el5.rf Build Date: Sat 02 Jun 2007 04:30:01 AM EDT Install Date: Mon 02 Jul 2007 04:09:17 PM EDT Build Host: lisse.leuven.wieers.com Group : Applications/System Source RPM: htop-0.6.6-1.el5.rf.src.rpm Size : 149023 License: GPL Signature : DSA/SHA1, Sat 02 Jun 2007 10:11:07 AM EDT, Key ID a20e52146b8d79e6 Packager : Dag Wieers URL : http://htop.sourceforge.net/ Summary : Interactive process viewer Description : htop is an interactive process viewer for Linux. To get a list of all the keys in your rpm database system: # rpm -qa gpg-pubkey\*|sort - rpm -qa --nodigest --nosignature | egrep 'jdk|java|j2c' ---- Unfortunately when yum is told to pull in some kmdl it will have to choose between all available versions and will choose one that you don't want. So it's better to tell yum what to get exactly and not the decision to yum. You can do that with: yum install ieee80211 ieee80211-kmdl-`uname -r` (assuming you want to point yum to the current kernel, replace `uname -r` with something else if you need to) Same for any other kernel module. -- Axel.Thimm at ATrpms.net ---- Here is a quick set of commands that you can cut and paste, wich will create a build directory called rpmbuild in your home area, and setup your rpm enviroment so that you use it. mkdir -p rpmbuild/{SOURCES,SPECS,BUILD,SRPMS,RPMS} mkdir rpmbuild/RPMS/{i386,i586,i686,noarch} echo "%_topdir $HOME/rpmbuild" >> .rpmmacros echo "%debug_package %{nil}" >> .rpmmacros Troy ---- Remove old package: rpm -U --oldpackage samba-client-previous.version samba-server-previous.version samba-common.previous.version ---- Exclude it from automatic updates? Edit /etc/yum.d/yum.cron.excludes and add samba* at the end of the line. Excluding it from all updates? Edit /etc/yum.conf and put in the line exclude=samba* Troy ---- == To find changelog information: == You can read the upstream errata at: [[http://rhn.redhat.com/errata/RHSA-2007-0964.html]] Or, download the latest openssl rpm from SL and do a: rpm --changelog -qp openssl-xxxxx.rpm Hope this helps, Akemi == rpm version query == $ rpm -qp --requires /opt/instsl/upstream/5x/i386/SL/yum-utils-1.0.4-3.el5.noarch.rpm /usr/bin/python python >= 2.4 rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 yum >= 3.0.1-5 yum < 3.1.0-0 so it wants a yum version of at least 3.0.1-5 and less than 3.1.0-0. == DVD Repo == You could create a repo file pointing to the dvd. This is how centos does it. example: [c4-media] name=CentOS-$releasever - Media baseurl=file:///media/cdrom/ file:///media/cdrecorder/ gpgcheck=1 enabled=0 gpgkey=file:///usr/share/doc/centos-release-4/RPM-GPG-KEY-centos4 == Scientific Linux Source == The src.rpm are in ftp://ftp.scientificlinux.org//linux/scientific/5x/SRPMS/vendor/ == script remove == You probably already found out that if you do a yum remove xorg-x11\* that is is going to remove most everything along with X. So, here is what I would do rpm -qa | grep xorg | sort > /root/rpmlist.xorg This saves things off, so you can get back to where you started I would then do cat /root/rpmlist.xorg | while read line do echo $line rpm -e --nodeps $line done Troy == view rpm scripts == rpm -q --scripts == faulty rpm scripts == The problem with bad preun and postun scripts is that they are next to impossible to fix after they are installed. If they are really bad, the user has to manually remove the rpm's. And such is your case. To get rid of the problem rpm you need to do rpm -e --noscripts lam-libs-7.1.2-8 Otherwise, you will always have two copies of lam-libs, which may or may not affect you. Troy == verify == [[http://www.linuxjournal.com/content/tech-tip-determining-whats-been-changed-rpm-based-systems]] The following is taken from the rpm man pages (Verify Options section): c %config configuration file. d %doc documentation file. g %ghost file (i.e. the file contents are not included in the package payload). l %license license file. r %readme readme file. S file Size differs M Mode differs (includes permissions and file type) 5 MD5 sum differs D Device major/minor number mismatch L readLink(2) path mismatch U User ownership differs G Group ownership differs T mTime differs == information == rpm -i repoview (or a filename.) === testing kernel === yum --enablerepo=sl-testing update kernel\* If a the kernel needs to be re-installed: yum --enablerepo=sl-testing clean all === List available repositories in Scientific Linux 6 === yum groupinfo "Yum Repositories" ==== rpm part 1 ==== http://paskov.biz/blog/?p=724 ===== ethernet speed of NIC ===== sudo ethtool eth0 ---- > The ipw2100 module is part of the SL5 kernel, e.g. > /lib/modules/2.6.18-8.1.1.el5/kernel/drivers/net/wireless/ipw2100.ko > > You need in addition the ipw2100 firmware: > yum install ipw2100-firmware ===== NFS Tricks ===== remount a volume umount /aoe ; mount -a remount a volume with open files mount -o remount /aoe ypcat -k auto.master ypcat -k auto.home ===== MySql ===== Some SQL examples: [[http://www.pantz.org/database/mysql/mysqlcommands.shtml]] Change username (?) update users set username='jowang' where username="jwang"; To add users to the Shop Data Base: use shopDB; insert into users set username="aborgolt", realname="Aurelien Borgoltz"; update users set password=password('password') where username="aborgolt"; To list vertically, end the statement in \G instead of ; mysql> select * from alumni where class=2005\G To delete evaluations: delete from evaluations where id<=1440; Om notes: show databases; show tables; describe ; select * from
\G select CONCAT('$', FORMAT(, 2)) as standard_price; show index from
; ===== Logging ===== Logwatch runs in /etc/cron.daily/00-logwatch /etc/log.d/logwatch.conf Send a message to the logger logger This is a test message restart sysloger service syslog reload ===== Webpages ===== html redirect: ===== email ===== Here's an article that covers a few tricks that you can do if you telnet to the SMTP port: [[http://support.microsoft.com/?kbid=15311]] Send mail from bash script /bin/mail -s "$message_subject" $message_mailto < $message_file Send mail without client telnet mail.aoe.vt.edu 25 ehlo hephaistos.aoe.vt.edu MAIL FROM: bogus@aoe.vt.edu RCPT TO: lscharf@aoe.vt.edu DATA Subject: I don't need an e-mail client! I don't need an e-mail client to send e-mail anymore! -Luke . Steve Edwards wrote: What prevents anyone from using the server? Is it an open relay? Or is it because it recognized your email address in the RCPT TO:? Luke: It will accept mail that is sent to (RCPT TO:) an @aoe.vt.edu e-mail address from everywhere and everyone (provided they handle errors properly). It will relay for anyone connecting from a *.aoe.vt.edu DNS name (or who has authenticated with an AOE username and password). Within those rules, any internet host on the planet can do these kinds of operations. -Luke Example: "telnet mail.aoe.vt.edu 25" [lscharf@hephaistos ~]$ telnet mail.aoe.vt.edu 25 Trying 128.173.188.77... Connected to mail.aoe.vt.edu (128.173.188.77). Escape character is '^]'. 220 courier.aoe.vt.edu ESMTP Sendmail 8.13.1/8.13.1; Mon, 12 Jun 2006 15:41:24 -0400 ehlo hephaistos.aoe.vt.edu 250-courier.aoe.vt.edu Hello hephaistos.aoe.vt.edu [128.173.188.50], pleased tomeet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-STARTTLS 250-DELIVERBY 250 HELP MAIL FROM: bogus@aoe.vt.edu 250 2.1.0 bous@aoe.vt.edu... Sender ok RCPT TO: lscharf@aoe.vt.edu 250 2.1.5 lscharf@aoe.vt.edu... Recipient ok DATA 354 Enter mail, end with "." on a line by itself Subject: I don't need an e-mail client! I don't need an e-mail client to send e-mail anymore! -Luke . 250 2.0.0 k5CJfOEC014576 Message accepted for delivery quit 221 2.0.0 courier.aoe.vt.edu closing connection Connection closed by foreign host. [lscharf@hephaistos ~]$ Send mail with netcat [[http://www.linuxjournal.com/content/sending-email-netcat?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+linuxjournalcom+(Linux+Journal+-+The+Original+Magazine+of+the+Linux+Community)]] ===== generate md5sum of a password ===== echo -n "test" | md5sum ===== Troubleshooting ===== "general slow": check for errors ("dmesg" or /var/log/messages). We have seen a case where a machine would flood syslog and reset the ATA controller because no CD was in the drive.. Otherwise do basic "benchmarking" tests to isolate the component that is slow (hdparm -tT, check for DMA being enabled, check for processor speed not being reduced..) Is the system normally connected to a network, and at the moment is not connected, or is not getting a DHCP lease? I would do as Jan says and watch as the system is booting. Which service seems slow to start? I would bet it is a network-related service - sendmail, NFS or NIS binding, and the system is either unable to resolve a hostname, or is unable to connect to the relevant server. Just for fun, remove the swap from the fstab (I know this is a bad idea) and any NFS mounted drives, then reboot. ===== service failed to start ===== sql and DS1410d.sys file not found. Set SQLExpress service to manual. ===== Printing ===== this should set the default printer for the linux system lpoptions -d MYPRINTER ===== dl door lock ===== Stephen Kelsey Edwards told me to get the next version of the door locks supported by the university, contact Julie Wesel (?) 231 5121 with Hokie Passport Office $1200/yr ===== Loughborough University visitors ===== an account on the domain is shared for the visitors in the Undergraduate username: intldsgn It does not have a home directory, but it uses the current year share for the international design team. ===== Pidgin setup ===== === Basic === == Login Options == * Protocol: **XMPP** * Screen name: **stedwar1** * Domain: **im.vt.edu** * Resource: **laptop** * Password: ******** * Local alias: **Steve E** * **uncheck** Remember password == User Options == * **uncheck** New Mail notifications * **uncheck** Use this buddy icon for this account === Advanced === == XMPP Options == * **check** Require SSL/TLS * **check** Force old (port 5223) SSL * **uncheck** Allow plaintext auth over unencrypted streams * Connect Port: **5223** * Connect server: **im.vt.edu** * File transfew proxies: **im.vt.edu:7777** == Proxy Options == * Proxy type: **Use Global Settings** ===== webpage editors ===== I use PDT (PHP Development Toolkit) for Eclipse. It is free (as in beer) and available for Windows, Mac and Linux. And you can use it for coding in Java, C++, ... and there are lots of plugins available (CVS, subversion, ...). [[http://www.eclipse.org/pdt/]] Johan ---- There's quanta in the kdewebdev package. ---- ===== Top 15 influencial people ===== - Linus Torvalds - Mitchell Baker -- Created Linux and Shared it! - Mike Milinkovich -- Chairwomen of Mozilla Foundation - Tim Golden -- Senior VP of Bank of America - Jim Zemlin -- directory of Linux Foundation - Peter Fenton -- investments include JBoss, Xensource, Zimbra and Larry Augustin -- founded VA Linuz, launched sourceforge - Jim Jagielski -- co-founder of Apache - Michael Tiemann -- President of Open Source Initiative - Marten Mickos -- MySQL (sold to Sun) CEO - Marc Fleury -- Sold JBoss to RedHat - Rod Johnson -- CEO of SpringSource; Spring Framework for speeding Java Development apps - Jonathan Schwartz -- CEO of Sun - Mark Shuttleworth -- Canonical and Ubuntu - John Roberts -- SugarCRM ===== Stop the beep! ===== [[http://www.aoe.vt.edu/~lscharf/samd/?topic=Linux&title=How+to+stop+the+Beeping]] termimal /etc/inputrc set bell-style visible vim /etc/vimrc set vb (for visual bell) ===== 64 bit nfs mount problem -- delay at startup ===== [[http://crazytoon.com/2007/05/11/centos-and-redhat-problem-nfs-mount-at-boot-up-fails-with-error-system-error-no-route-to-host/]] /etc/init.d/netfs insert: action $”Sleeping for 30 secs: ” sleep 30 right after: [ ! -f /var/lock/subsys/portmap ] && service portmap start and right before: action $”Mounting NFS filesystems: ” mount -a -t nfs,nfs4 ===== Root Color ===== Highlight Your Shell Prompt When Working as Root April 14th, 2008 by Mitch Frazier in HOWTOs A useful thing that some distros have started doing is setting the color of your shell prompt differently if you're logged in as root. This gives you an additional visual cue that helps avoid doing things as root when you don't want to. If your distro doesn't do this for you, you can accomplish it by changing your .bashrc files. To set the color of your shell prompt you set the shell variable PS1. To make the prompt red when you're running as root add this to /root/.bashrc: PS1="\[\e[31m\]\h:\w#\[\e[m\] " To make the prompt green when running as a normal user add this to ~/.bashrc: PS1="\[\e[32m\]\u@\h:\w\$\[\e[m\] " See the shell man page and search the web for ANSI Escape codes for more info on the meaning of the escape sequences. ===== Firefox extensions ===== [[http://www.linuxjournal.com/content/10-must-have-firefox-extensions]] Sun Chun-Yen's Stop Autoplay Panic TabRenamizer Fast Video Download Download Helper File Uploader FireFTP ChatZilla NewsFox Free Access Plus Stand alone FTP app: gftp [[https://www.aoe.vt.edu/~stedwar1/Steve/doku/dokuwiki-2009-02-14/doku.php?id=aoe:browsers#add-ons]] ===== mdadm ===== [[http://www.howtoforge.org/software-raid1-grub-boot-debian-etch]] If the device node is dynamically allocated and not available, try: cat /proc/partitions mknod /dev/md3 b 9 3 then mdadm -C /dev/md3 --level=1 --raid-devices=2 /dev/sda1 /dev/sdb1 or one by one mdadm --create /dev/md3 --level=1 --raid-disks=2 missing /dev/sda1 set up the file system, then mdadm --add /dev/md3 /dev/sdb1 Set up filesystem mke2fs /dev/md3 mount /dev/md3 /mnt/tmp/ replace a drive mdadm --manage /dev/md3 --fail /dev/sdb1 mdadm --manage /dev/md3 --remove /dev/sdb1 cat /proc/mdstat mdadm -a /dev/md3 /dev/sdi1 cat /proc/mdstat config checks mdadm --query /dev/sda1 mdadm --examine /dev/sda1 mdadm --detail /dev/md1 remove remnants of superblock mdadm --zero-superblock /dev/sdi1 completely remove or Stop umount /mnt/tmp mdadm -S /dev/md3 reconnect disks from an array after -S mdadm --assemble /dev/md3 /dev/sda1 /dev/sdi1 ==Random notes from Dom's lessons== blockdev --rereadpt /dev/sdb cat /proc/mdstat watch -D (difference) mdadm -D /dev/md3 (detail) mdadm -E /dev/sdb1 disconnect the drive and add the drive back mdadm - /dev/md3 - a /dev/sda1 remove mdadm /dev/md3 -r /dev/sdc1 =====compiz===== On SL5.2 the frames were missing for testaccount on tsunami # nvidia-xconfig --add-argb-glx-visuals -d 24 brought them back =====mono-core update problem===== yum remove libicu yum remove mono-core yum clean all yum install mono-core yum update It still doesn't work! ===== Killians usb disk mounting ===== modprobe usb-ohci modprobe usb-storage ===== Group permissions ===== Yoder, Denton wrote: >Looking at the /home folder contents, it appears that ubuntu uses a 755 >mask. Isn't that weird to default to letting everyone on a box see everyone >else's files? > Those permissions honor the collaborative tradition -- it's pretty standard. I usually set home directories to 700 and then set up shared group directories with 770. >What are others doing on ubuntu? Or do you just reset home folder >permissions after adding users? Chmod 760 username ? > To remove group and other permission for a particular user's files and directories, you can do the following to set minimal permissions cleanly: chmod -R g-w,g-r,g-x,o-w,o-r,o-x ~joeuser If the user has a webpage hosted from that directory, you might script something like the following in order to set clean, minimal permissions: ### Set minimal permissions ### chmod -R g-w,g-r,g-x,o-w,o-r,o-x ~joeuser ### Make the ~joeuser/public_html Readable to the webserver ### # On many Linux distributions, the webserver runs as a user named "apache" who is a member of # a group named "apache". In addition to guarding against the problem that would arrise if the # webserver program were owned, this allows for some file-permissions tricks. # allow anyone (including the webserver) to traverse joeuser's directory. They won't be able to # see a filelist or perform any operations -- but if they know the name of a subdirectory that is # readable, they'll be able to cd there. chmod g+x,o+x ~joeuser # Set the group chgrp -R apache ~joeuser/public_html # Set the directories to rwxr-x--- ; now the user can do anything to his/her public_html and # children, and members of the apache group can read and traverse the directories. Other users on # the machine cannot read this, unless they've been added to the apache group. find ~joeuser/public_html -type d -exec chmod 750 {} \; # Set files to rw-r---- ; now the user can do anything to the files in the public_html subtree, except # execute them accidentally. The webserver can read the files as well. Other users on the # machine can't read the files unless they've been added to the apache group. find ~joeuser/public_html -type f -exec chmod 640 {} \; Anyway, back to the original question, creating the home directory and setting the permissions to something site-specific is just part of my account-creation checklist. -Luke > To remove group and other permission for a particular user's files and > directories, you can do the following to set minimal permissions cleanly: > chmod -R g-w,g-r,g-x,o-w,o-r,o-x ~joeuser A little easier way to do the same thing: chmod -R go-rwx ~joeuser -Vincent ===== gkrellm ===== gkrellm is a system monitor tool ===== yakuake ===== konsole based terminal indicator ===== names ===== [[http://stackoverflow.com/questions/262657/the-coolest-server-names]] [[http://itworld.com/offbeat/61750/would-server-any-other-name-be-functional]] ===== Milko's Red Hat FDI course ===== visudo vipasswd init 5 service --status-all lshal cadaver (command line web DAV) Kopete (IM program) ===== Add time to history command ===== http://linux.byexamples.com/archives/467/list-command-line-history-with-timestamp/ Add this to the .bash_profile export HISTTIMEFORMAT="%F %T " ===== reinstalling grub after xp wipes it out ===== grub > find /boot/grub/stage1 > find /grub/stage1 > root (hd0,2) > setup (hd0) ===== Change label on flash drive ===== [[https://help.ubuntu.com/community/RenameUSBDrive]] Change the label mlabel -i /dev/sdb1 -s ::CORSAIR The old label is in the output Check label blkid blkid will list the UUID's for all drives. The UUID can be used in fstab [[http://www.linuxplanet.com/linuxplanet/tutorials/7048/1/]] ===== xargs ===== [stedwar1@hephaistos ~]$ echo pluto |xargs host pluto.aoe.vt.edu has address 128.173.188.25 find gpodder-downloads/ -type d -print0 | (xargs -0 echo) find with -print0 prints a long string delimited with nulls. The echo does not print the string differently. find gpodder-downloads/ -type d -print0 | (xargs -0I{} echo {};echo end) This one prints each directory on a separate line. ===== NetworkManager ===== hawker1 with fedora 11 on the aoe domain was broadcasting portmapper (port 111) each minute. The source was nis. restarting ypbind seemed to fix the issue. Also, NetworkManager was being used, so I stopped and turned off 'NetworkManager' and turned on 'network' with chkconfig ===== use volume id for mounting disk to ensure proper disk mount point ===== xena:/home/carla# vol_id --uuid /dev/sda2 40295806-448b-4fdf-9ce8-5f5fc7984c9b Then use the UUID in place of /dev/sda5, or whatever your block device is, like this: UUID=40295806-448b-4fdf-9ce8-5f5fc7984c9b /home/carla/mydata ext3 user,defaults 0 0 ===== Linux release information ===== lsb_release -a ===== scan maillog for Greylisting from addresses ===== awk '/Greylisting/ && /brown/ {getline;print $7}' /var/log/maillog |sort|uniq -c ===== ntfsundelete recovers deleted Windows files ===== http://www.howtogeek.com/howto/13706/recover-deleted-files-on-an-ntfs-hard-drive-from-a-ubuntu-live-cd/ sudo ntfsundelete /dev/sda1 sudo ntfsundelete /dev/sda1 –u –m *.jpg sudo ntfsundelete /dev/sda1 –u –i 14159 ===== SMART disk drive monitoring ===== [[http://blogs.techrepublic.com.com/opensource/?p=1389]] # smartctl -H /dev/sda # smartctl -i /dev/sda # smartctl --test=short /dev/sda # smartctl --test=long /dev/sda # smartctl -a /dev/sda [[http://www.cyberciti.biz/faq/linux-checking-sas-sata-disks-behind-adaptec-raid-controllers/|Use smartctl To Check Disk Behind Adaptec RAID Controllers]] === smartmontools === http://www.linux-mag.com/id/7767 scan each drive using: smartctl -i /dev/hda Check drive database: smartctl -P show /dev/hda Check health of drive: smartctl -H /dev/sdb # Enable SMART permanently # Turn on offline data collection # Autosave device vendor-specific attributes through power cycles (so we don’t lose data between power cycles) smartctl -s on -o on -S on /dev/sdb Print capabilities of the drive: smartctl -c /dev/sdb Short Test smartctl -t short /dev/sdb Check log for results of short test: smartctl -l selftest /dev/sdb enable extented offline testing smartctl -t long /dev/sdb Check log for results of long test smartctl -l selftest /dev/sdb Search log for errors: smartctl -l error -d sat /dev/sdb (-d sat tells it is a sata drive and bypasses drive determination) list vendor specific attributes: smartctl -a /dev/sdb http://sysadmingeek.com/articles/hard-drive-monitor-script-for-headless-linux-servers/ /usr/sbin/smartctl -A /dev/$1 | grep Reallocated_Sector_Ct |tr -s ' '|cut -d' ' -f11 ===== type ===== type type type which type ls type set ===== determining what process is Slowing down the system ===== sluggish processes and causes can be determined by istat iostat -x sysstat yum install sysstat sar this shows D jobs--those that are waiting: top -b -n 1 | awk '{if (NR <=7) print; else if ($8 == "D") {print; count++} } END {print "Total status D: "count}' http://kerneltrap.org/Linux/High_Idle_Load_Average echo w > /proc/sysrq-trigger ;dmesg -c > foo http://www.linuxjournal.com/magazine/hack-and-linux-troubleshooting-part-i-high-load iostat iotop To disable hardware, add to the blacklist: /etc/modprobe.d/blacklist.conf blacklist cdrom ===== iostat ===== http://www.linux-mag.com/id/7906/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+LinuxMagazine+%28Linux+Magazine%3A+Top+Stories%29&utm_content=Google+Reader iostat - Report Central Processing Unit (CPU) statistics and input/output statistics for devices and partitions. IOstat is part of a bigger package of performance monitoring tools called sysstat The basic command has a few options followed by the device you want to monitor, followed by two numbers. These two are numbers are (1) the time internal between output from iostat, and (2) the number of times iostat is to be run. If you leave the second number blank, iostat will continue indefinitely or until you hit ^c to stop it. iostat -x -m /dev/md0 1 5 * I used the extended output option (”-x”) * I chose to have the output appear in megabytes (”-m”) * I chose to have iostat report the statistics for the device, /dev/md0 * report the values in 1 second intervals and do that 5 times. ===== serial port communications ===== From Linux, a couple of programs will talk to a serial port with terminal emulation. minicom is a good program with all the features for serial communications. minicom must be used from root to access the serial port. To set up minicom: minicom -s To start minicom: minicom A configuration file can be saved with a different name and called as such: minicom switch Screen is another more fundamental way to talk to serial ports. Check the man page for more details. It's pretty thorough. screen /dev/ttyUSB0 9600 help ^A ? to quit ^A K For Macs using the Cables to Go USB to Serial port, first, load the Mac driver from Prolific. http://www.prolific.com.tw/eng/downloads.asp?ID=31 Then start the screen session using the following command screen /dev/tty.usbserial 9600 to quit the screen session: ^A ^\ Here is a link for using the serial port with a Mac: http://www.tigoe.net/pcomp/resources/archives/avr/000749.shtml ===== 20 tips ===== http://www.tuxarena.com/?p=388 Take a screenshot in command-line import filename.png Kill processes with ‘pidof’ kill -9 $(pidof firefox-bin) Resize images from command-line convert -sample 30%x30% input_image.png output_image.png Convert MKV to AVI with mencoder mencoder input_file.mkv -ffourcc xvid -ovc lavc -lavcopts vcodec=xvid:vhq:vbitrate=1800 -oac mp3lame -lameopts vbr=5 -o Create ISO images from command-line with genisoimage genisoimage -o output_file.iso directory_name Close a port fuser -k 80/tcp Format C code using indent indent -kr source_file.c Get rid of the system beep temporarily modprobe -r pcspkr Get rid of the system beep permanently blacklist pcspkr Extract audio only from DVD VOB files mplayer input_file.vob -aid 128 -dumpaudio -dumpfile output_file.ac3 You can even concatenate VOB files first, e.g.: cat VTS_01_1.VOB VTS_01_2.VOB VTS_01_3.VOB > ~/output_file.vob Convert OGV to FLV ffmpeg -i input_file.ogv output_file.flv Rip FLAC/WAV to Ogg Vorbis or MP3 oggenc -b 256 input_file.flac -o output_file.ogg Which will convert input_file.flac to Ogg Vorbis using a bitrate of 256 kbps. To convert FLAC to MP3 you will first need to convert it to WAV using flac -d input_file.flac and then convert the obtained WAV to MP3 using: lame -b 192 input_file.wav Which will use a bitrate of 192 kbps. ===== command line fun ===== http://distrowatch.com/weekly.php?issue=20101220#tips count word usage in file cat my_text_file.txt | tr -c a-zA-z '\n' | sed '/^$/d' | sort | uniq -i -c display all combinations of a set of letters echo {a,c,t}{a,c,t}{a,c,t} | tr -c a-z '\n' check spelling echo {a,c,t}{a,c,t}{a,c,t} | tr -c a-z '\n' > complete_list.txt echo {a,c,t}{a,c,t}{a,c,t} | tr -c a-z '\n' | spell > misspellings.txt diff complete_list.txt misspellings.txt | awk '{ if (! (NR % 2)) print $2}' video recording of your desktop ffmpeg -f x11grab -s wxga -r 25 -i :0.0 -sameq ~/my_video.mpg ===== Shell script monitoring activities ===== http://www.packtpub.com/article/linux-shell-script-monitoring-activities ==== Disk Usage === File sizes du FILE List all files and sizes du -a DIRECTORY Human readable du -h List all files in kilobytes du -ak SOURCE_DIR | sort -nrk 1 | head find . -type f -exec du -k {} \; | sort -nrk 1 | head My favorite for a summary (not sure if it includes hidden files and directories) du -sh ==== Time ==== time COMMAND Real is wall clock time User is the amount of CPU time spent in user-mode code (outside the kernel) within the process Sys is the amount of CPU time spent in the kernel within the process Write to a file time -o output.txt COMMAND Write to a file and append time -a -o output.txt COMMAND Format strings Real time - %e User - %U sys - %S see man page for more time -f "FORMAT STRING" COMMAND For example: time -f "Time: %U" -a -o timing.log uname Linux When formatted output is produced, the formatted output of the command is written to the standard output and the output of the COMMAND, which is timed, is written to standard error. We can redirect the formatted output using a redirection operator (>) and redirect the time information output using the (2>) error redirection operator. For example: time -f "Time: %U" uname> command_output.txt 2>time.log cat time.log Time: 0.00 cat command_output.txt Linux /usr/bin/time -f "Page size: %Z bytes" ls> /dev/null Page size: 4096 bytes ==== Printing the 10 most frequently-used commands ==== #!/bin/bash #Filename: top10_commands.sh #Description: Script to list top 10 used commands printf "COMMAND\tCOUNT\n" ; cat ~/.bash_history | awk '{ list[$1]++; } \ END{ for(i in list) { printf("%s\t%d\n",i,list[i]); } }'| sort -nrk 2 | head ==== Listing the top 10 CPU consuming process in a hour ==== #!/bin/bash #Name: pcpu_usage.sh #Description: Script to calculate cpu usage by processes for 1 hour SECS=3600 UNIT_TIME=60 #Change the SECS to total seconds for which monitoring is to be performed. #UNIT_TIME is the interval in seconds between each sampling STEPS=$(( $SECS / $UNIT_TIME )) echo Watching CPU usage... ; for((i=0;i> /tmp/cpu_usage.$$ sleep $UNIT_TIME done echo echo CPU eaters : cat /tmp/cpu_usage.$$ | \ awk ' { process[$1]+=$2; } END{ for(i in process) { printf("%-20s %s",i, process[i] ; } }' | sort -nrk 2 | head rm /tmp/cpu_usage.$$ #Remove the temporary log file ===== Clear Java Cookies ===== /usr/java/jdk1.6.0_24/bin/ControlPanel ===== Power Tools from SL listserv ===== iperf, mtr and configuring browser with java to enable running NDT. rsync and wget "vim" and "bash" at/cron (crontabs: how to deal with *useful* output of crontabs and to learn to target mails to the *good* people :)). Maybe also 'sudo': learn them to *not* use root access Screen I've recently had a lot of work to do with OOo Calc and MS Excel. This work reminded me what a great tool awk can be for working with tabular data - not just the ubiquitous "awk '{print $3}' < data.csv". Emacs for programming enciornments). sed. awk. grep and all the regexp syntax. sort. cut. make inetd or xinetd. syslog and its variants. .bashrc and .bash_profile, and the subtle distinctions between them. SysV init scripts: too many people try to re-invent those. Nagios and its monitoring utilits. (Again, too many people try to re-invent those unnecessarily.) Webmin. (Again, too many people try to re-invent utilities already done well in Webmin.) Mousepad. It allows me to save text files in Windows format for all kinds of stuff I have to do for my Widows clients. xargs bash, python, awk, grep, wget, curl, sed, ping, dig, perl find wget screen wc grep (and all the fun of regular expressions) awk sed While not necessarily tools themselves, the following may also be interesting: Use of cron/crontabs Use of hosts.allow/deny to control access to network services Or you could do some more advanced things with: find vi (and the fun things you can do with regular expressions there) bash scripting command pipelines multitail screen ssh with flags (port forwarding, X forwarding, etc) perl awk curl find + xargs skill mpg123 (hey gotta have some tunes while you power admin stuff) a terminal that can do horizontal/vertical splits Version control (git, hg, svn, cvs) pushd/popd and "cd -" C-r searching and C-p/C-n browsing of command history. M-/ completion, TAB completion, C-a/C-k/C-y/C-e/M-f/M-b/M-d dorking about with the current command line. M-. insertion of last word of last command. ===== Hex dumps ===== http://blog.commandlinekungfu.com/2011/04/episode-144-what-hex.html od od -N 48 -x /bin/bash od -N 48 -t x1 /bin/bash xxd xxd -l 48 -g 1 /bin/bash xxd -p -l 48 /bin/bash xxd -p -l 48 /bin/bash | sed 's\(..\)/\\x\1 /g' hexdump hexdump -C -n 48 /bin/bash ===== stat ===== http://bashshell.net/commands/linux-stat-command/ You can use the “-c” switch, along with the appropriate option, if you only want to look at one particular piece of information. For example, if you only want to look at the file’s permissions setting, you can enter: stat -c%A process.sh -rw-r--r-- If you want to see information on a particular directory, use the “-f” switch. stat -f /etc ===== smb mount ===== smbmount is not available for SL. Use this newer method: mount -t cifs //server/sharename /mntfolder -o username=,password= mount -t cifs -o username=stedwar1 //server5.software.vt.edu/tecplot /mnt/smb/