We moved to new domain!! kerneltalks.com

We moved to new domain!! kerneltalks.com

Howdy readers! We have moved to new domain www.kerneltalks.com . If you have bookmarked this blog please update new URL. See yaa there! 9:44:00 AM

Howdy readers!

We have moved to new domain www.kerneltalks.com. If you have bookmarked this blog please update new URL.

See yaa there!

How to check bad wrong login attempts in HPUX

How to check bad wrong login attempts in HPUX

Requirement : To check bad / wrong login attempts done on HPUX server. Howto : HPUX server logs all wrong logins information in  /var/... 8:55:00 AM

Requirement :

To check bad / wrong login attempts done on HPUX server.

Howto :

HPUX server logs all wrong logins information in /var/adm/btmps file. This file is data file hence commands like cat, more wont work for this file. To read data within this file use below command

# /usr/sbin/acct/fwtmp -X < /var/adm/btmps > /tmp/badlogins.log

This will convert data in btmps file in human readable format (binary to ASCII). Later you can cat or more output file and investigate bad logins.

# cat /tmp/badlogins.log
root          pts/ta       12127  0 0000 0000 1190171137 0 Sep 19 11:05:37 2007 0 10.105.100.89 10.105.100.89
root          pts/tb       13964  0 0000 0000 1190174185 0 Sep 19 11:56:25 2007 0 10.105.100.89 10.105.100.89

Important fields here are :

1. ID which tried to log in
2. Terminal from which attempt was made
3. Date time stamp when attempt was made
4. IP from which attempt came to server (last field)

Adding extra or secondary swap in HPUX

Adding extra or secondary swap in HPUX

Freeimages When system runs low on memory and swap continuously, its time to troubleshoot. Even after troubleshooting and all available ... 6:51:00 AM

Freeimages

When system runs low on memory and swap continuously, its time to troubleshoot. Even after troubleshooting and all available app/OS tuning you are still running out of memory then you can try
adding extra swap before you think of adding RAM to server which involves cost/resources of parent machine.

Step 1.

For adding extra swap check how much space you have available in root volume group vg00. Use vgdisplay command to get free PE and PE size numbers.

# /usr/sbin/vgdisplay vg00
--- Volume groups ---
VG Name                     /dev/vg00
VG Write Access             read/write
VG Status                   available
Max LV                      255
Cur LV                      9
Open LV                     9
Max PV                      16
Cur PV                      2
Act PV                      2
Max PE per PV               4384
VGDA                        4
PE Size (Mbytes)            16
Total PE                    6544
Alloc PE                    5978
Free PE                     566
Total PVG                   0
Total Spare PVs             0
Total Spare PVs in use      0

Here we have 566 free PE with 16MB size of each. This sums upto 8.8GB of free space in root vg. We can use space from this 8.8GB for adding extra swap.

Check current swap configuration

# /usr/sbin/swapinfo -tam
             Mb      Mb      Mb   PCT  START/      Mb
TYPE      AVAIL    USED    FREE  USED   LIMIT RESERVE  PRI  NAME
dev       43008       0   43008    0%       0       -    1  /dev/vg00/lvol2
reserve       -    1963   -1963
memory    40861    9261   31600   23%
total     83869   11224   72645   13%       -       0    -

Step 2.

Create new contiguous logical volume with no bad block relocation policy and size of your requirement. Lets make a LV of 2GB. 

# lvcreate -L 2048 -C y -r n /dev/vg00
Logical volume "/dev/vg00/lvol10" has been successfully created with character device "/dev/vg00/rlvol10"

Step 3.

Start swap on this lvol. Add -f argument to start forcefully if below command fails.

# swapon -p 1 /dev/vg00/lvol10

Step 4.

Edit /etc/fstab to mount this LV as swap on every boot. Add below entry :

/dev/vg00/lvol10 ... swap pri=1 0 1

Step 5.

Check again swap size.

# /usr/sbin/swapinfo -tam
             Mb      Mb      Mb   PCT  START/      Mb
TYPE      AVAIL    USED    FREE  USED   LIMIT RESERVE  PRI  NAME
dev       43008       0   43008    0%       0       -    1  /dev/vg00/lvol2
dev        2048       0    2048    0%       0       -    2  /dev/vg00/lvol10
reserve       -    1963   -1963
memory    40861    9261   31600   23%
total     85917   11224   74693   13%       -       0    -

Adding new storage LUN to integrity virtual machine (iVM) in HPUX

Adding new storage LUN to integrity virtual machine (iVM) in HPUX

Steps to add new LUN into integrity virtual machine (iVM) in HPUX and use it within existing VG or create a new VG on it.In this process, s... 7:46:00 AM

Steps to add new LUN into integrity virtual machine (iVM) in HPUX and use it within existing VG or create a new VG on it.In this process, storage luns are always presented to physical host server. from host they are attached to virtual guest server running on it.

Step 1.

Identify new LUN on HP iVM host server. When new LUN is presented to iVM, run ioscan command to scan new disks. Post ioscan, run insf command to make sure all available hardware has its related files created in kernel.

# ioscan -fnCdisk
# insf -e

Now your new LUN is identified in kernel. Match lun id in storage utility (syminq in case of EMC
storage, evainfo in case of HP EVA storage etc) and get related disk number. We are using agile naming convention here so lets take /dev/rdisk/disk10 & /dev/rdisk/disk11 are new identified disks.

Step 2.

Make disks LVM ready by using pvcreate.

# pvcreate /dev/rdisk/disk10
Physical volume "/dev/rdisk/disk10" has been successfully created.

# pvcreate /dev/rdisk/disk11
Physical volume "/dev/rdisk/disk11" has been successfully created.

Step 3.

Attach these disks to iVM (guest) which is running on host. Assume vmserver1 is our iVM here.

# hpvmmodify -P vmserver1 -a disk:avio_stor::disk:/dev/rdisk/disk10
# hpvmmodify -P vmserver1 -a disk:avio_stor::disk:/dev/rdisk/disk11

Step 4.

Once above commands are successful, disks are attached to iVM and needs to scan in guest. Login to iVM server and scan the new disks the same way we did in step 1 and 2 on host. Lets say those disks are identified as /dev/rdisk/disk2 & /dev/rdisk/disk3 on guest server. Observe those are identified as Virtual disk on vm.

disk 6 0/0/0/0.2.0 sdisk CLAIMED DEVICE HP Virtual Disk
/dev/dsk/c0t2d0 /dev/rdsk/c0t2d0

disk 8 0/0/0/0.3.0 sdisk CLAIMED DEVICE HP Virtual Disk
/dev/dsk/c0t3d0 /dev/rdsk/c0t3d0

Step 5.

Complete LVM tasks on these disks to use space in mount point.

To create new VG named vg01

# mkdir /dev/vg01
# mknod /dev/vg01/group c 64 0x010000
# vgcreate -s 64 -p 60 -e 12500 vg01 /dev/disk/disk2 /dev/disk/disk3
Volume group "/dev/vg01" has been successfully created.
Volume Group configuration for /dev/vg01 has been saved in /etc/lvmconf/vg01.conf

# lvcreate -L 200 /dev/vg01
Logical volume "/dev/vg01/lvol1" has been successfully created with
character device "/dev/vg01/rlvol1".

# newfs -F vxfs -o largefiles /dev/vg01/rlvol1
 version 7 layout
 204800 sectors, 204800 blocks of size 1024, log size 1024 blocks
 largefiles supported

# mkdir /data
# mount /dev/vg01/lvol1 /data

To extend current existing VG named vg02 & mount point /data1 within it

# vgextend vg02 /dev/disk/disk2 /dev/disk/disk3
Volume group "vg02" has been successfully extended.
Volume Group configuration for /dev/vg02 has been saved in /etc/lvmconf/vg02.conf

# lvextend -L 512 /dev/vg02/lvol1
Logical volume "/dev/vg02/lvol1" has been successfully extended.
Volume Group configuration for /dev/vg02 has been saved in /etc/lvmconf/vg02.conf

# fsadm -F vxfs -b 524288 /data1
vxfs fsadm: V-3-23585: /dev/vg02/rlvol1 is currently 7731200 sectors - size will be increased

HPUX Patch naming conventions

HPUX Patch naming conventions

HP release OS patches for HPUX every 6 month i.e. twice a year. For smaller patches which are releases as on need basis HP follows below na... 7:15:00 AM

HP release OS patches for HPUX every 6 month i.e. twice a year. For smaller patches which are releases as on need basis HP follows below naming conventions 

Patch name format is PHxx_yyyy

Where,

xx = area of patch
        CO : General HPUX commands
        KL : Kernel patches
        NE : Network specific patch
        SS : all other subsystem patches

yyyy = unique number

From patch name you will be able to guess area of its impact so that you can plan your activities accordingly.

Basics of LVM legends

Basics of LVM legends

LVM (logical volume manager) legends : PV is Physical Volume.   Any single disk / LUN on system is identified as PV. It can be raw or f... 6:54:00 AM

LVM (logical volume manager) legends :

PV is Physical Volume. 

Any single disk / LUN on system is identified as PV. It can be raw or formatted with file system. Raw PV is referred as /dev/rdsk/c0t0d1 (legacy) or /dev/rdisk/disk1 (agile) whereas formatted one is referred as  /dev/dsk/c0t0d1 (legacy) or /dev/disk/disk1 (agile). Check PV name in below output as formatted device.

# vgdisplay -v vg00

--- Volume groups ---
VG Name                     /dev/vg00
VG Write Access             read/write
VG Status                   available
Max LV                      255
Cur LV                      13
Open LV                     13
Max PV                      16
Cur PV                      1
Act PV                      1
Max PE per PV               4355
VGDA                        2
PE Size (Mbytes)            32
Total PE                    4345
Alloc PE                    4303
Free PE                     42
Total PVG                   0
Total Spare PVs             0
Total Spare PVs in use      0

   --- Logical volumes ---
   LV Name                     /dev/vg00/lvol1
   LV Status                   available/syncd
   LV Size (Mbytes)            1024
   Current LE                  32
   Allocated PE                32
   Used PV                     1

   --- Physical volumes ---
   PV Name                     /dev/dsk/c3t0d0s2
   PV Status                   available
   Total PE                    4345
   Free PE                     42
   Autoswitch                  On
   Proactive Polling           On

PE is Physical Extent. 

Its smallest chunk of PV which can be used as block under file system. PV is consist of number of PEs. We always use PV names while using LVM commands. In above example PE size is set to 32MB & total 4345 PEs are available on disk.

VG is Volume Group. 

One or more PV come together to form a Volume Group. This grouping enables to slice down combined

storage capacity of disks to our choice of small volumes. In above example vg00 is volume group made up of single PV & its sliced down to 8 LV (only one shown in above exmaple)

LV is Logical Volume. 

Its a slice of volume group using some capacity of PV to form a smaller volume. Its basically used as a mount point /swap like drives (C:, D:) in Windows. We can see one LV in above example and its details.

LE is Logical Extent.
Same as PE, LE are smallest chunk of LV.

Below tables gives you idea about some numbers related to them:

LVs per VG  range : 1-255, default : 255
PVs per VG  range : 1-255, default : 16
PEs per VG   range : 1-66535 default : 1016

with above table, as max PE size is 64MB and 66,535 PEs max per VG, one can create max of 64x66353=4TB of file system.
     

Account lock unlock status in Linux

Account lock unlock status in Linux

Requirement : To check current password status of account in Linux Solution : 1. To check if account is locked or not. Below are two ... 6:50:00 PM

Requirement :

To check current password status of account in Linux

Solution :

1. To check if account is locked or not.
Below are two examples of command outputs when account is locked and when account is not locked.

# passwd -S user1
user1 LK 2016-10-01 0 90 7 -1 (Password locked.)

# passwd -S user1
user1 PS 2016-10-01 0 90 7 -1 (Password set, MD5 crypt.)

# cat /etc/shadow |grep -i user1
user1:$1$ZFXgKhSG$lroasdrS0QM4iji.4h1:17075:0:90:7:::   <--- Account is not locked

# cat /etc/shadow |grep -i user1
user1:!!$1$ZFXgKhSG$lroasdrS0QM4iji.4h1:17075:0:90:7:::  <---Account is locked

2. Lock account manually.

# passwd -l user1
Locking password for user user1.
passwd: Success

3. Unlock account manually.

# passwd -u user1
Unlocking password for user user1.
passwd: Success.

Password file commands

Password file commands

Here are the list of commands which can be used on /etc/passwd file. vipw This command is being used to edit /etc/passwd file manually... 2:11:00 AM

Here are the list of commands which can be used on /etc/passwd file.

vipw

This command is being used to edit /etc/passwd file manually. It is not recommended to edit /etc/passwd file manually. All changes on user accounts should be carried out using commands like usermod. But in some scenario if you want to edit passwd file manually, then use this command. It opens file in vi editor and locks it for other users. So any other admin from any other terminal wont be able to open the file in editor for manual editing. This ensures integrity of file.

pwck 

To check integrity of /etc/passwd file this command can be used. Once executed it checks passwd files and its all fields. It reports any issues observed in the file e.g. if user directory does not exist on server, it will report it.

# /usr/sbin/pwck

[/etc/passwd] sfmdb:*:107:20::/home/sfmdb:/sbin/sh
        Login directory not found

[/etc/passwd] smmsp:*:109:20::/home/smmsp:/sbin/sh
        Login directory not found

pwconv

It generates /etc/shadow file which has user passwords in encrypted format under second field in each user entry. If /etc/shadow file already exist on system then this command will update relevant fields if there were any changes in /etc/passwd file. If your system is trusted (see tsconvert command) then user password database (Trusted Computing Database) is being maintained separately and /etc/shadow doesn't exist on system. In that case, this command will update the TCB accordingly.

# /usr/sbin/pwconv

Updating the tcb to match /etc/passwd, if needed.

pwunconv

It reverse the changes made by pwconv command.