# tune2fs -l /dev/sda1 | grep Inode
Wednesday, March 26, 2008
Restore a backup of a MySQL Database Server
# read the dump file back into the server
mysql db-name <>For example, to restore database called sales:
mysql db-name <>For example, to restore database called sales:
# First create the database sales:$ mysql -u root -p
mysql> CREATE DATABASE sales;
mysql> quit;
# now restore database:$ mysql -u root -p sales < /path/to/sales-backup-file.sql
Force DHCP client (dhclient) to renew ip address
$ sudo dhclient -r # release current ip
$ sudo dhclient # acquire new ip
$ sudo dhclient # acquire new ip
How to format and connect to an iSCSI Volume
Install open-iscsi package for high performance, transport independent iSCSI implementation. This package is also known as the Linux Open-iSCSI Initiator.
Kernel version 2.6.16+
Install Open-iSCSI Initiator
$ sudo apt-get install open-iscsi
Open-iSCSI default configuration
Default configuration file: /etc/iscsi/iscsid.conf or ~/.iscsid.conf.
# vi /etc/iscsi/iscsid.confnode.startup = automatic
node.session.auth.username = MY-ISCSI-USER
node.session.auth.password = MY-ISCSI-PASSWORD
discovery.sendtargets.auth.username = MY-ISCSI-USER
discovery.sendtargets.auth.password = MY-ISCSI-PASSWORD
node.session.timeo.replacement_timeout = 120
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.noop_out_interval = 10
node.conn[0].timeo.noop_out_timeout = 15
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.conn[0].iscsi.MaxRecvDataSegmentLength = 65536# /etc/init.d/open-iscsi restart
Now run a discovery against the iscsi target host:# iscsiadm -m discovery -t sendtargets -p ISCSI-SERVER-IP-ADDRESS
For example:# iscsiadm -m discovery -t sendtargets -p 192.168.1.60
# /etc/init.d/open-iscsi restart
Format iSCSI Volume
Now an additional drive should appear on the system, such as /dev/sdc. To find out device name:
# tail -f /var/log/messages
Create a partition:# fdisk /dev/sdc
Format partition:# mkfs.ext3 /dev/sdc1
Mount file system:# mkdir /iscsi
# mount /dev/sdc1 /iscsi
Reboot after kernel panic
By default, the kernel will not reboot after a panic, to change this.
# vi /etc/sysctl.conf
kernel.panic = 10 # reboot after 10 seconds
Shell completion dig-in
Fine tunning Shell Completing stuff with ESC key
Bash allows you to fine tune file completion using ESC key combinations. People get amazed when I use ESC combination in front of them. For example, to inserts all possible completions into your command use ESC+*. Let us see how to backup all /etc/*.conf files, type the command:tar -zcvf /dev/rt0 /etc/*.conf {hit ESC followed by *}
As soon as you hit Esc+*, shell replaces the /etc/*.conf part with names of all matching wild card patternstar -zcvf /dev/rt0 /etc/aatv.conf /etc/adduser.conf /etc/apg.conf /etc/brltty.conf /etc/ca-certificates.conf /etc/cvs-cron.conf /etc/cvs-pserver.conf /etc/debconf.conf ....
To displays all possible completions of command or filenames or username type ESC+?, to display all username start with the word le, typecat ~le {hit ESC followed by ?}
complete command
There is also in built command called complete. It is used to specify how arguments are to be completed for a command. For example, when you type passwd (or any other user admin command such as su / usermod etc) and hit tab key, bash will show you a list of all available users i.e. all user admin related commands will see only user names:complete -u su usermod userdel passwd chage write chfn groups slay w
Now type passwd and hit tab key to see all username:
# passwd {hit tab key}
Output:
avahi bin dhcp gdm haldaemon klog mail news root sys uucp
avahi-autoipd cupsys dnsmasq gnats hplip list man nobody sshd syslog vivek
backup daemon games guest irc lp messagebus proxy sync telnetd www-data
To make life even easier, source the file in the startup script:$ source /etc/bash_completion
How to check if a shell script is being run by root
BASH stores a user's ID in $UID variable. Your effective user ID is stored in $EUID variable.
#Old way: just add a simple check at the start of the script:#!/bin/bash#A new way by using EUID
# Init
FILE="/tmp/out.$$"
GREP="/bin/grep"
#....
# Make sure only root can run our script
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi
#!/bin/bash
# Init
FILE="/tmp/out.$$"
GREP="/bin/grep"
#....
# Make sure only root can run our script
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root" 1>&2
exit 1
fi
# ...
#only root can mount /dev/sdb1
#!/bin/bash
if [[ $EUID -ne 0 ]]; then
echo "You must be a root user" 2>&1
exit 1
else
mount /dev/sdb1 /mnt/disk2
fi
Booting from SAN, bad idea?
SAN/iSCSI/NAS, or any other centralized network storage, work great for shared data or HA configuration. Although technically they can be used to boot, it's not recommended, unless you need diskless nodes.
Moreover, booting from SAN volumes is complicated, as most OSes are not designed for this kind of configuration. A huge scripting effort and booting procedure is required.
SAN vendor must support platform booting a Linux server. You need to configure HBA and SAN according to vendor specification. You must totally depend upon SAN vendor for drivers and firmware (HBA Bios) to get thing work properly. General principle - don’t put all your eggs in one basket err one vendor
Proper fiber channel topology must be used. Make sure Multipathing and redundant SAN links are used. The boot disk LUN is dedicated to a single host. etc
To support more than 4 GB memory
By default the kernel's scope is capped at 4GB memory, it won't see more than this amount even if memory is physically there.
To extend kernel's sightseeing, the Kernel PAE package is needed, which provides support for up to 64GB of high memory. A CPU with Physical Address Extensions (PAE) is required, most modern CPUs support it so no big deal.
To extend kernel's sightseeing, the Kernel PAE package is needed, which provides support for up to 64GB of high memory. A CPU with Physical Address Extensions (PAE) is required, most modern CPUs support it so no big deal.
# yum install kernel-PAE
...
# init 0 (of course a reboot is needed)
Friday, March 14, 2008
Marry mutt and gmail
I found one of my colleagues showing off a console tool to read/send emails, its name is mutt and it looks wicked cool, so I want it!
I'll pick gmail as mutt's husband here, as it's probably the most popular email service nowadays. After a few hours setup marathoon, I finally got mutt pulling off gmails on my laptop:)... well, still get some works to do on filter, though.
First thing first, get everything setup, it can be lenghty, but worth my time.
http://www.andrews-corner.org/mutt.html
To do it real quick,
1. Get mutt (obviously), procmail, fetchmail
2. Get Gmail's SSL certificate
$ openssl s_client -connect smtp.gmail.com:995 -showcerts
paste the "BEGIN...END" code to ~/.certs/gmail.pem
3. This gets a little tricky, as the article doesn't elaborate clearly.
If you are using a Debian/Ubuntu, the instructions there. If you're using other distros like me, here is the way to get it straight
$ locate mutt|grep bundle
/usr/share/doc/mutt-1.5.17/ca-bundle.crt
copy the first instance of "BEGIN...END" (there should be many), paste to: ~/.certs/equifax.pem
wierd name... I don't know what it means, just do it.
4. I will skip some long boring stuff, go directly to: http://www.thawte.com/roots/
where you'll obtain a zip file, which include the third and the last certificate.
Unzip the file, go to the Thawte Server Roots directory, issue:
cp ThawtePremiumServerCA_b64.txt $HOME/.cert/ThawtePremiumServerCA.txt
5. Now all certificates are set, you'll need a tool called c_rehash, a perl script comes with openssl package.
$c_rehash $HOME/.certs/
$openssl s_client -connect pop.gmail.com:995 -CApath $HOME/.certs/
Unfortunately, my distro Fedora 8 isn't generous enough to provide this tool, and I couldn't find one googling...Out of nowhere, I found a guy, who had the same problem, translated it to a sh script... and it actually worked. Check it out here:
http://article.gmane.org/gmane.os.netbsd.devel.crypto/182
paste the script code .certs/c_rehash.sh, then:
$ chmod 744 c_rehash.sh
$ ./c_rehash.sh .
...
6. The hardest part ends here, the rest of works is all about setup the config files, just follow the article.
7. viola, mutt is online:)...
oh wait, I found my mutt, although working beautifully, couldn't handle the HTML mails...Fine, more googling ... ok, to get this done, I found this URL has very straightforward steps.
http://www.debian-administration.org/articles/75
Of course, this just gets mutt starting to work, mutt, is an extremely daunting tool for Linux /Unix newbies, as well as a great challenge to Unix vets.
However, the effort is worthy, remember the motto of mutt:
"All email clients suck, mutt sucks less" :)
I'll pick gmail as mutt's husband here, as it's probably the most popular email service nowadays. After a few hours setup marathoon, I finally got mutt pulling off gmails on my laptop:)... well, still get some works to do on filter, though.
First thing first, get everything setup, it can be lenghty, but worth my time.
http://www.andrews-corner.org/mutt.html
To do it real quick,
1. Get mutt (obviously), procmail, fetchmail
2. Get Gmail's SSL certificate
$ openssl s_client -connect smtp.gmail.com:995 -showcerts
paste the "BEGIN...END" code to ~/.certs/gmail.pem
3. This gets a little tricky, as the article doesn't elaborate clearly.
If you are using a Debian/Ubuntu, the instructions there. If you're using other distros like me, here is the way to get it straight
$ locate mutt|grep bundle
/usr/share/doc/mutt-1.5.17/ca-bundle.crt
copy the first instance of "BEGIN...END" (there should be many), paste to: ~/.certs/equifax.pem
wierd name... I don't know what it means, just do it.
4. I will skip some long boring stuff, go directly to: http://www.thawte.com/roots/
where you'll obtain a zip file, which include the third and the last certificate.
Unzip the file, go to the Thawte Server Roots directory, issue:
cp ThawtePremiumServerCA_b64.txt $HOME/.cert/ThawtePremiumServerCA.txt
5. Now all certificates are set, you'll need a tool called c_rehash, a perl script comes with openssl package.
$c_rehash $HOME/.certs/
$openssl s_client -connect pop.gmail.com:995 -CApath $HOME/.certs/
Unfortunately, my distro Fedora 8 isn't generous enough to provide this tool, and I couldn't find one googling...Out of nowhere, I found a guy, who had the same problem, translated it to a sh script... and it actually worked. Check it out here:
http://article.gmane.org/gmane.os.netbsd.devel.crypto/182
paste the script code .certs/c_rehash.sh, then:
$ chmod 744 c_rehash.sh
$ ./c_rehash.sh .
...
6. The hardest part ends here, the rest of works is all about setup the config files, just follow the article.
7. viola, mutt is online:)...
oh wait, I found my mutt, although working beautifully, couldn't handle the HTML mails...Fine, more googling ... ok, to get this done, I found this URL has very straightforward steps.
http://www.debian-administration.org/articles/75
Of course, this just gets mutt starting to work, mutt, is an extremely daunting tool for Linux /Unix newbies, as well as a great challenge to Unix vets.
However, the effort is worthy, remember the motto of mutt:
"All email clients suck, mutt sucks less" :)
Subscribe to:
Posts (Atom)