Difference between revisions of "Jalapeno"

From Nuclear Physics Group Documentation Pages
Jump to navigationJump to search
Line 80: Line 80:
 
         path    = /var
 
         path    = /var
 
         comment = user and system storage
 
         comment = user and system storage
</pre>
 
== SNMP Configuration ==
 
=== /etc/snmp/snmpd.conf ===
 
<pre># enterprises.ucdavis.50.100.1 = 35
 
# enterprises.ucdavis.50.101.1 = "hello world."
 
# enterprises.ucdavis.50.101.2 = "hi there."
 
# enterprises.ucdavis.50.102.1 = 0
 
 
# Now the Output has grown to two lines, and we can see the 'hi
 
# there.' output as the second line from our shell script.
 
#
 
# Note that you must alter the mib.txt file to be correct if you want
 
# the .50.* outputs above to change to reasonable text descriptions.
 
 
# Other ideas:
 
#
 
# exec .1.3.6.1.4.1.2021.51 ps /bin/ps
 
# exec .1.3.6.1.4.1.2021.52 top /usr/local/bin/top
 
# exec .1.3.6.1.4.1.2021.53 mailq /usr/bin/mailq
 
 
# -----------------------------------------------------------------------------
 
 
 
###############################################################################
 
# Pass through control.
 
#
 
 
# Usage:
 
#  pass MIBOID EXEC-COMMAND
 
#
 
# This will pass total control of the mib underneath the MIBOID
 
# portion of the mib to the EXEC-COMMAND. 
 
#
 
# Note:  You'll have to change the path of the passtest script to your
 
# source directory or install it in the given location.
 
#
 
# Example:  (see the script for details)
 
#          (commented out here since it requires that you place the
 
#          script in the right location. (its not installed by default))
 
 
# pass .1.3.6.1.4.1.2021.255 /bin/sh /usr/local/local/passtest
 
 
# % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.255
 
# enterprises.ucdavis.255.1 = "life the universe and everything"
 
# enterprises.ucdavis.255.2.1 = 42
 
# enterprises.ucdavis.255.2.2 = OID: 42.42.42
 
# enterprises.ucdavis.255.3 = Timeticks: (363136200) 42 days, 0:42:42
 
# enterprises.ucdavis.255.4 = IpAddress: 127.0.0.1
 
# enterprises.ucdavis.255.5 = 42
 
# enterprises.ucdavis.255.6 = Gauge: 42
 
#
 
# % snmpget -v 1 localhost public .1.3.6.1.4.1.2021.255.5
 
# enterprises.ucdavis.255.5 = 42
 
#
 
# % snmpset -v 1 localhost public .1.3.6.1.4.1.2021.255.1 s "New string"
 
# enterprises.ucdavis.255.1 = "New string"
 
#
 
 
# For specific usage information, see the man/snmpd.conf.5 manual page
 
# as well as the local/passtest script used in the above example.
 
 
# Added for support of bcm5820 cards.
 
pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat
 
 
###############################################################################
 
# Further Information
 
#
 
#  See the snmpd.conf manual page, and the output of "snmpd -H".
 
 
</pre>
 
</pre>

Revision as of 19:34, 18 November 2009

General Information

Jalapeno is a virtual machine Hostnames: jalapeno.unh.edu, jalapeno.farm.physics.unh.edu

Jalapeno is our DNS server.

Network Configuration

Currently has ethernet cable to switch, accessing outside world via the VLAN functions of the switch.

/etc/sysconfig/network-scripts/ifcfg-eth0.2

VLAN=yes
DEVICE=eth0.2
BOOTPROTO=static
HWADDR=00:04:23:A7:55:3C
IPADDR=132.177.88.37
NETMASK=255.255.252.0
REORDER_HDR=no
ONBOOT=yes
TYPE=Ethernet

/etc/sysconfig/network-scripts/ifcfg-farm

DEVICE=eth0
BOOTPROTO=none
HWADDR=00:04:23:a7:55:3c
IPADDR=10.0.0.253
NETMASK=255.255.252.0
ONBOOT=yes
TYPE=Ethernet

/etc/sysconfig/network-scripts/ifcfg-lo

DEVICE=lo
IPADDR=127.0.0.1
NETMASK=255.0.0.0
NETWORK=127.0.0.0
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=127.255.255.255
ONBOOT=yes
NAME=loopback

Access Configuration

/etc/security/access.conf

# NPG Config:
# Allow direct root logins only from console and einstein
+ : root : LOCAL einstein.unh.edu einstein.farm.physics.unh.edu lentil.unh.edu lentil.farm.physics.unh.edu

# Allow only administrators
- : ALL EXCEPT domain_admins : ALL

Backup Configuration

/etc/rsync-backup.conf

# Backups are 'pull' only.  Too bad there isn't a better way to enforce this.
read only       = yes

# Oh for the ability to retain CAP_DAC_READ_SEARCH, and no other.  
#uid            = root
# XXX There seems to be an obscure bug with pam_ldap and rsync whereby 
# getpwnam(3) segfaults when (and only when) archiving /etc.  Using a numeric
# uid avoids this bug.  Only verified on Fedora Core 2.
uid             = 0

# There's not much point in putting the superuser in a chroot jail
# use chroot    = yes

# This isn't really an effective "lock" per se, since the value is per-module,
# but there really ought never be more than one, and it would at least 
# ensure serialized backups.
max connections = 1

[usr_local]
        path    = /usr/local
        comment = unpackaged software

[opt]
        path    = /opt
        comment = unpackaged software

[etc]
        path    = /etc
        comment = conf files

[var]
        path    = /var
        comment = user and system storage