Difference between revisions of "Tbow's Log"

From Nuclear Physics Group Documentation Pages
Jump to navigationJump to search
Line 801: Line 801:
  
 
==Virtualization==
 
==Virtualization==
 +
 +
===Xen Basic Commands 2009-06-04===
 +
Basic management options
 +
 +
The following are basic and commonly used xm commands:
 +
xm help [--long]: view available options and help text.
 +
  use the xm list command to list active domains:
 +
$ xm list
 +
  Name                                ID  Mem(MiB)  VCPUs      State      Time(s)
 +
  Domain-0                            0    520      2        r-----    1275.5
 +
  r5b2-mySQL01                      13    500      1        -b----      16.1
 +
 +
xm create [-c] DomainName/ID: start a virtual machine. If the -c option is used, the start up process will attach to the guest's console.
 +
 +
xm console DomainName/ID: attach to a virtual machine's console.
 +
 +
xm destroy DomainName/ID: terminate a virtual machine , similar to a power off.
 +
 +
xm reboot DomainName/ID: reboot a virtual machine, runs through the normal system shut down and start up process.
 +
 +
xm shutdown DomainName/ID: shut down a virtual machine, runs a normal system shut down procedure.
 +
 +
xm pause
 +
 +
xm unpause
 +
 +
xm save
 +
 +
xm restore
 +
 +
xm migrate
  
 
==Misc==
 
==Misc==

Revision as of 15:35, 18 May 2014

This is a log of everything Josh (Systems Administrator) has done over the years.

Projects, Scripts, and Daemons

This section includes things like:

  • Scripts I have written
  • Daemons I have setup
  • Projects I have attempted or completed

Upgrades

This a list of my notes on the sysems upgrades I have performed in the past.

System Upgrade 2013-12-30

The order we will be updating is: jalapeno, pumpkin, gourd, einstein, taro, roentgen, and endeavour. The reason I picked this order is because we need a physical machine to test this update on and Pumpkin is the lowest priority physical machine to do tthis with. Taro needs to stay after gourd and einstein because I will want to be able to recover the VMs on a working virtualized server (the backup will come from the pulled drive on Gourd, described below). If pumpkin goes well, then it should follow that gourd will go smoothly. Jalapeno goes first because it is the lowest priority VM and it will help us get our feet wet with the updating of CentOS 5 to 6, which will also help in pumpkin's update from RHEL 5 to 6.

This will require (for the physical machines) us to get in touch with UNH IT and make sure we can get the proper keys to update with official RHEL 6 repos. Gourd could be problematic, that is why we will update her and make sure she runs properly (including the VMs) then we will detach one of the software RAID drives (for backup) and rebuild the RAID with a new drive, and then we will proceed to upgrading to RHEL 6.

There are a few problems I foresee, that is: upgrading from 5 to 6, endeavour's yum and cluster software, making sure that latest version GCC (and anyother crucial software to the physicists projects) is backwards compatible with older version (in other words, how many problems will they have), the video cards in pumpkin and taro, and finally einstein's mail and LDAP (will it be compatible with CentOS 6).

RAID and Areca

Drive Life 2012-06-24

This is a list of expected drive life from manufacturer. All of these drives are in are RAIDs.

Pumpkin

ST3750640NS (p.23)
 8,760 power-on-hours per year.
 250 average motor start/stop cycles per year.
ST3750640AS (p.37)
 2400 power-on-hours per year.
 10,000 average motor start/stop cycles per year.
WDC WD7500AAKS-00RBA0
 Start/stop cycles 50,000

Endeavour

ST31000340NS
ST31000524AS
ST31000526SV
 MTBF 1,000,000 hours
 Start / Stop Cycles 50,000
 Non-Recoverable Errors 1 per 10^14

Areca 1680 2010-01-10

4.3 Driver Installation for Linux

This chapter describes how to install the SAS RAID controller driver to Red Hat Linux, SuSE and other versions of Linux. Before installing the SAS RAID driver to the Linux, complete the following actions:

  1. Install and configure the controller and hard disk drives according to the instructions in Chapter 2 Hardware Installation.
  2. Start the system and then press Tab+F6 to enter the McBIOS RAID manager configuration utility. Using the McBIOS RAID manager to create the RAID set and volume set. For details, see Chapter 3, McBIOS RAID Manager.

If you are using a Linux distribution for which there is not a compiled driver available from Areca, you can copy the source from the SAS software CD or download the source from the Areca website and compile a new driver.

Compiled and tested drivers for Red Hat and SuSE Linux are included on the shipped CD. You can download updated versions of com- piled and tested drivers for RedHat or SuSE Linux from the Areca web site at http://www.areca.com.tw. Included in these downloads is the Linux driver source, which can be used to compile the updat- ed version driver for RedHat, SuSE and other versions of Linux. Please refer to the “readme.txt” file on the included Areca CD or website to make driver diskette and to install driver to the system.

Areca Scripts

This is a collection of the Areca Scripts I have attempted to build.

grep_areca_info.sh 2012-10-09

#!/bin/bash
cat /net/data/taro/areca/areca_info | grep -A 52 $1 | grep \#$3 | grep $2

areca_info.sh 2014-01-14

#!/bin/bash
info=areca_info
echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++" >> $info
echo "`date +%Y-%m-%d_%T`_`echo $HOSTNAME`" >> $info
echo "------------------------------------------------------------------" >> $info
echo -e "Drv#\t`areca_cli64 disk smart info drv=1 | grep Attribute`" >> $info
echo "======================================================================================" >> $info
for i in `seq 1 $1`
do
 areca_cli64 disk smart info drv=$i > .areca_temp
 echo -e "`echo \#$i`\t`cat .areca_temp | grep Start`" >> $info
done
for i in `seq 1 $1`
do
 areca_cli64 disk smart info drv=$i > .areca_temp
 echo -e "`echo \#$i`\t`cat .areca_temp | grep Power-on`" >> $info
done
for i in `seq 1 $1`
do
 areca_cli64 disk info drv=$i > .areca_temp
 echo -e "`echo \#$i`\t`cat .areca_temp | grep Temperature`" >> $info
done
rm .areca_temp
echo "------------------------------------------------------------------" >> $info
areca_cli64 hw info | grep Temp >> $info

mydata.py 2012-06-19

#!/usr/bin/python
import sqlite3
import re
data = open("mydata","r")
all_data = data.read()
all_data_split = all_data.split("+++")
for i in all_data_split:
 print i
#Make connection to database mydata.db,
#	which is in the current directory.
conn = sqlite3.connect('mydata.db')
c = conn.cursor()
# Insert a row of data
c.execute("INSERT INTO stocks VALUES ('2006-01-05','BUY','RHAT',100,35.14)")
# Save (commit) the changes
conn.commit()
# We can also close the cursor if we are done with it
c.close()
# Create table
#c.execute(CREATE TABLE stocks
#             (date text, trans text, symbol text, qty real, price real))

LDAP

LDAP setup 2009-05-20

Setting up through command line

sudo -s (to be root)
env HOME=/root /usr/local/bin/adduser-npg
make sure that in adduser-npg (script) that the location for luseradd is set to /usr/sbin/	
add user to farm, npg, and domain-admins

Something is still wrong with the lgroupmod

LDAP_output.py

#!/usr/bin/env python
#
# Copyright (C) 2011 Adam Duston 
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
import os,sys,getopt,random,ldif,ldap,subprocess
import ldap.modlist as modlist 
from string import letters,digits
from getpass import getpass
from crypt import crypt
from grp import getgrnam
from time import sleep
from shutil import copytree
#
ldap_server = "ldaps://einstein.farm.physics.unh.edu:636"
basedn      = "dc=physics,dc=unh,dc=edu"
domain      = "physics.unh.edu"
homedir     = "/home"
maildir     = "/mail"
admin_dn    = "cn=root,dc=physics,dc=unh,dc=edu"
users_ou    = "ou=People"
skel_dir    = "/etc/skel/"
#
def usage():
   """ 
       Print usage information
   """
   print "Usage: usergen.py [options] USERNAME"
   print "Creates a new NPG user account and adds to the LDAP database."
   print "Will prompt for necessary values if not provided."
   print "The--ldif and --disable options effect existing accounts,"
   print "and will not attempt to add new users to the LDAP database." 
   print " " 
   print "Options:"
   print "-d, --create-dirs" 
   print "    Create home and mail directories for the new account. "
   print "-f, --firstname NAME"
   print "    The user's first name."
   print "-l, --lastname NAME"
   print "    The user's last name."
   print "-m, --mail ADDRESS" 
   print "    The user's e-mail address." 
   print "-u, --uid UID"
   print "    The user's numerical UID value."
   print "-g, --gid GID"
   print "    The numerical value of the user's primary group."
   print "-s, --shell SHELL"
   print "    The user's login shell."
   print "-h, --help"
   print "     Display this help message and exit."
   print "--disable"
   print "    Disables logins by changing user's login shell to /bin/false." 
   print "--ldif"
   print "    Save user details to an LDIF file, but do not add the user to LDAP."
#     
def makeuser( login, firstname, lastname, mail, \
             uidnum, gidnum, shell, password ):
   """
       Returns a tuple containing full dn and a dictionary of
       attributes for the user information given. Output intended
       to be used for adding new user to LDAP database or generating
       an LDIF file for that user.
   """
#
   dn = "uid=%s,%s,%s" % (login,users_ou,basedn)
   attrs = {} 
   attrs['uid'] = [login]
   attrs['objectClass'] = ['top', 'posixAccount', 'shadowAccount',
                           'inetOrgPerson', 'organizationalPerson',
                           'person']
   attrs['loginShell'] = [shell]
   attrs['uidNumber'] = [uidnum]
   attrs['gidNumber'] = [gidnum] 
   attrs['mail'] = [mail] 
   attrs['homeDirectory'] = ['%s/%s' % (homedir, login)]
   attrs['cn'] = ['%s %s' % (firstname, lastname)]
   attrs['sn'] = [lastname]
   attrs['gecos'] = ['%s %s' % (firstname, lastname)]
   attrs['userPassword'] = [password]
#
   return (dn, attrs) 
#
def getsalt():
   """
       Return a two-character salt to use for hashing passwords.
   """
   chars = letters + digits
   return random.choice(chars) + random.choice(chars)
#
def user_exists(username):
   """
       Search LDAP database to verify whether username already exists.
       Return a boolean value. 
   """
#
   search_base = "%s,%s" % (users_ou,basedn)
   search_string = "(&(uid=%s)(objectClass=posixAccount))" % username
#    
   try:
       # Open LDAP Connection
       ld = ldap.initialize(ldap_server)
#        
       # Bind anonymously to the server
       ld.simple_bind_s("","") 
#
       # Search for username
       result = ld.search_s(search_base, ldap.SCOPE_SUBTREE, search_string, \
                            ['distinguisedName'])
#
       # Close connection
       ld.unbind_s()                     
#    
   except ldap.LDAPError, err: 
       print "Error searching LDAP database: %s" % err
       sys.exit(1) 
#
   # If user is not found, result should be an empty list. 
   if len(result) != 0: 
       return True
   else: 
       return False 
#
def get_uids():
   """
       Return a list of UID numbers currently in use in the LDAP database. 
   """
#    
   search_base = "%s,%s" % (users_ou, basedn)
   search_string = "(objectClass=posixAccount)"
#    
   try: 
       # Bind anonymously
       ld = ldap.initialize(ldap_server) 
       
       ld.simple_bind_s("","")
       
       # Get UIDS from all posixAccount objects. 
       result = ld.search_s(search_base, ldap.SCOPE_SUBTREE, search_string, \
                            ['uidNumber'])
#    
       ld.unbind_s()
#
   except ldap.LDAPError, err: 
           print "Error connecting to LDAP server: %s" % err 
           sys.exit(1)
#
   # Pull the list of UIDs out of the results. 
   uids = [result[i][1]['uidNumber'][0] for i in range(len(result))]
#
   # Sort UIDS and return
   return sorted(uids)
#
def create_ldif(dn, attrs):
   """
       Output an LDIF file to the current directory. 
   """
#
   try:
       file = open(str(attrs['uid'][0]) + ".ldif", "w")
#        
       writer = ldif.LDIFWriter(file) 
       writer.unparse(dn, attrs)
#
       file.close() 
#    
   except EnvironmentError, err:
       print "Unable to open file: %s" % err
       sys.exit(1)
#
def ldap_add(dn, attrs):
   """
       Add a user account with the given dn and attributes to the LDAP 
       database. Requires authentication as LDAP admin. If user added
       successfully return true, else return False. 
   """ 
#    
   try:
       # Open a connection to the ldap server
       ld = ldap.initialize(ldap_server)
#        
       print "\nAdding new user record. Authentication required." 
#        
       # Bind to the server as administrator     
       ld.simple_bind_s(admin_dn,getpass("LDAP Admin Password: "))
#        
       # Convert attrs to correct syntax for ldap add_s function
       ldif = modlist.addModlist(attrs) 
#
       # Add the entry to the LDAP server
       ld.add_s(dn, ldif) 
#
       # Close connection to the server
       ld.unbind_s()
#      
       print "User account added successfully." 
       return True
#
   except ldap.LDAPError, err: 
       print "Error adding new user: %s" % err
       return False 
#
def ldap_disable(username):
   """
       Disable login on a user a count by setting the login shell to 
       /bin/false.
   """
   try:
       # Open a connection to the ldap server
       ld = ldap.initialize(ldap_server)
#
       print "\nModifying user record. Authentication required."
#
       ld.simple_bind_s(admin_dn,getpass("LDAP Admin Password: "))
#    
       # Set the dn to modify and the search parameters 
       mod_dn = "uid=%s,%s,%s" % (username,users_ou,basedn)
       search_base = "%s,%s" % (users_ou,basedn) 
       search_string = "(&(uid=%s)(objectClass=posixAccount))" % username
#        
       # Get the current value of loginShell from the user LDAP entry.
       result = ld.search_s(search_base, ldap.SCOPE_SUBTREE, search_string, \
                            ['loginShell'])
#     
       oldshell = result[0][1]
       newshell = {'loginShell':['/bin/false']}
#    
       # Use modlist to configure changes
       diff = modlist.modifyModlist(oldshell,newshell)
#        
       # Modify the LDAP entry. 
       ld.modify_s(mod_dn,diff)
#
       # Unbind from the LDAP server
       ld.unbind_s()
#        
       # Return True if successful
       return True
#
   except ldap.LDAPError, err:
       print "Error connecting to LDAP server: %s" % err
       return False 
#   
def chown_recursive(path, uid, gid):
   """
       Recursively set ownership for the files in the given
       directory to the given uid and gid. 
   """
   command = "chown -R %i:%i %s" % (uid,gid,path) 
#
   subprocess.Popen(command, shell=True) 
#
def create_directories(username, uid, gid):
   """
       Create user home and mail directories. 
   """  
   # Create home directory
   try:
#        
       user_homedir = "%s/%s" % (homedir,username)
#
       # Copying skel dir to user's home dir makes the directory and
       # adds the skeleton files.
       copytree(skel_dir,user_homedir)
#
       chown_recursive(user_homedir,uid,gid) 
#
   except OSError, err:
       print "Unable to create home directory: %s" % err
       sys.exit(1) 
#
   # Create mail directory 
   try:
       # Get GID for the mail group
       mailgid = getgrnam('mail')[2]
#        
       user_maildir = "%s/%s" % (maildir,username)
#        
       os.mkdir(user_maildir)
       # There also needs to be a "cur" subdirectory or IMAP will cry.
       os.mkdir(user_maildir + "/cur") 
#
       chown_recursive(user_maildir, uid, mailgid)
#
   except OSError, err:
       print "Unable to create mail directory: %s" % err 
       sys.exit(1)
#    
def main(argv):
   """
       Parse command line arguments, prompt the user for any missing
       values that might be needed to create a new user. 
   """
   # Parse command line args using getopt
   try:
       opts, args = getopt.getopt(argv, "hf:l:m:u:g:s:d", \
                                  ["help", "ldif", "create-dirs","disable", "firstname=", \
                                   "lastname=", "mail=", "uid=", "gid=", \
                                   "shell="])
   except getopt.GetoptError:
       # An exception should mean misuse of command line options, so print
       # help and quit. 
       usage()
       sys.exit(2)
#    
   # Defining variables ahead of time should help later on when I want to
   # check whether they were set by command line arguments or not. 
   firstname       = ""
   lastname        = ""
   mail            = "" 
   uid             = ""
   gid             = ""
   shell           = "" 
#
   # Booleans for run options
   run_add      = True
   run_ldif     = False
   run_disable  = False
   create_dirs  = False     
#
   # Parse command line options
   for opt, arg in opts:
#        
       if opt in ("-h", "--help"):
           usage()
           sys.exit()
       elif opt in "--ldif":
           # If creating LDIF don't add a new user. 
           run_ldif = True
           run_add = False 
       elif opt in "--disable": 
           # If disabling a user, turn off adding new user
           run_disable = True
           run_add = False
       elif opt in ("-d","--create-dirs"):
           create_dirs = True 
       elif opt in ("-f", "--firstname"):
           firstname = arg
       elif opt in ("-l", "--lastname"):
           lastname = arg
       elif opt in ("-m", "--mail"):
           mail = arg
       elif opt in ("-u", "--uid"):
           uid = arg
       elif opt in ("-g", "--gid"):
           gid = arg 
       elif opt in ("-s", "--shell"):
           shell = arg
#    
   # Whatever was left over after parsing arguments should be the login name
   username = "".join(args)
#    
   # Make sure the user entered a username.  
   while not username:
       username = raw_input("Enter a username: ")
#    
   if run_disable:
       # Make sure the user exists before trying to delete it. 
       if user_exists(username):
           print "Warning: This will disable logins for user %s. Proceed?" \
                  % username
           answer = raw_input("y/N: ")
#            
           if answer in ("y","yes","Y"):
               # If user is disabled print success message and quit.
               # If an error occurs here quit anyway. 
               if ldap_disable(username):
                   print "Logins for user %s disabled." % username
                   sys.exit(1)
               else:
                   print "An error occurred. Exiting." 
                   sys.exit(1) 
           else:
               print "User account not modified."
               sys.exit(1)
       else:
           print "User %s does not exist in LDAP database. Exiting." % username 
           sys.exit(1) 
#    
   # Don't continue if this account already exists. 
   if run_add and user_exists(username):
       print "Error: account with username %s already exists." % username
       sys.exit(1) 
#
#    
   # Prompt user for any values that were not defined as a command line option
   while not firstname:
       firstname = raw_input("First Name: ")
   while not lastname: 
       lastname = raw_input("Last Name: ")
   while not mail:
       addr_default = "%s@%s" % (username,domain) 
       mail = raw_input("E-mail address [%s]: " % addr_default)
       if not mail:
           mail = addr_default
#    
   # Get the uid. Make sure it's not already in use. 
   while not uid: 
       # Get a list of in-use UID numbers
       existing_uids = get_uids()
#       
       # Get one plus the highest used uid        
       next_uid = int(existing_uids[-1]) + 1
#
       uid = raw_input("UID [%i]: " % next_uid)
#
       if not uid: 
           uid = str(next_uid) 
       elif uid in existing_uids: 
           print "UID " + uid + " is already in use." 
           uid = ""
#    
   # Get the user's default group. Use 5012 (npg) if none other specified. 
   while not gid:
       gid = raw_input("GID [5012]: ")
#    
       if not gid:
           gid = "5012" 
#    
   # Prompt for a shell, if user doesn't enter anything just use the default
   # Make sure the shell exists before accepting it.
   while not shell:
       shell = raw_input("Shell [/bin/bash]: ")
       if not shell:
           shell = "/bin/bash"
       elif not os.path.exists(shell):
           print shell + " is not a valid shell."
           shell = ""
#    
   # Get the password from the user. Make sure it's correct. 
   pwCorrect = False 
   while not pwCorrect:
       salt = getsalt()
       password1 = crypt(getpass(),salt)
       password2 = crypt(getpass('Retype password: '),salt)
       if password1 == password2:
           ldap_password = "{CRYPT}" + password1
           pwCorrect = True
       else:
           print "Passwords do not match. Try again."
#    
   # Build the account info        
   account = makeuser(username, firstname, lastname, mail, \
                      uid, gid, shell, ldap_password)
#    
   # Decide what to do with it. Only one of these should run at a time. 
   if run_add:
       if ldap_add(account[0],account[1]):
           if create_dirs:
               create_directories(username, int(uid), int(gid))
               print "User directories created successfully."
           else: 
               print "Create home and mail directories for %s?" % username
               answer = raw_input("y/N")
#
               if answer in ("y","Y","yes"):
                   create_directories(username, int(uid), int(gid))
       else:
           print "Create user failed." 
           sys.exit(1)
#
   if run_ldif:
       create_ldif(account[0],account[1])
#
if __name__ == "__main__":
   if os.geteuid() != 0: 
       print "This program must be run as an administrator."
   else:
       main(sys.argv[1:])

Elog

Elog notes 2009-05-20

Info from the site https://midas.psi.ch/elog/adminguide.html

Download: http://midas.psi.ch/elog/download/

RPM Install Notes

Since version 2.0, ELOG contains a RPM file which eases the installation. Get the file elog-x.x.x-x.i386.rpm from the download section and execute as root "rpm -i elog-x.x.x-x.i386.rpm". This will install the elogd daemon in /usr/local/sbin and the elog and elconv programs in /usr/local/bin. The sample configuration file elogd.cfg together with the sample logbook will be installed under /usr/local/elog and the documentation goes to /usr/share/doc. The elogd startup script will be installed at /etc/rc.d/init.d/elogd. To start the daemon, enter

/etc/rc.d/init.d/elogd start

It will listen under the port specified in /usr/local/elog/elogd.cfg which is 8080 by default. So one can connect using any browser with the URL:

http://localhost:8080

To start the daemon automatically, enter:

chkconfig --add elogd
chkconfig --level 345 elogd on 

which will start the daemon on run levels 3,4 and 5 after the next reboot.

Note that the RPM installation creates a user and group elog, under which the daemon runs.

Notes on running elog under apache

For cases where elogd should run under port 80 in parallel to an Apache server, Apache can be configured to run Elog in a subdirectory of Apache. Start elogd normally under port 8080 (or similarly) as noted above and make sure it's working there. Then put following redirection into the Apache configuration file:

Redirect permanent /elog http://your.host.domain/elog/
ProxyPass /elog/ http://your.host.domain:8080/

Make sure that the Apache modules mod_proxy.c and mod_alias.c are activated. Justin Dieters <enderak@yahoo.com> reports that mod_proxy_http.c is also required. The Redirect statement is necessary to automatically append a "/" to a request like http://your.host.domain/elog. Apache then works as a proxy and forwards all requests staring with /elog to the elogd daemon.

Note: Do not put "ProxyRequests On" into your configuration file. This option is not necessary and can be misused for spamming and proxy forwarding of otherwise blocked sites.

Because elogd uses links to itself (for example in the email notification and the redirection after a submit), it has to know under which URL it is running. If you run it under a proxy, you have to add the line:

     URL = http://your.proxy.host/subdir/

into elogd.cfg.

Notes on Apache:

Another possibility is to use the Apache web server as a proxy server allowing secure connections. To do so, Apache has to be configured accordingly and a certificate has to be generated. See some instructions on how to create a certificate, and see Running elogd under Apache before on this page on how to run elogd under Apache. Once configured correctly, elogd can be accessed via http://your.host and via https://your.host simultaneously.

The redirection statement has to be changed to

     Redirect permanent /elog https://your.host.domain/elog/
     ProxyPass /elog/ http://your.host.domain:8080/
and following has to be added to the section "VirtualHOst ...:443 in /etc/httpd/conf.d/ssl.conf:
     # Proxy setup for Elog
     <Proxy *>
     Order deny,allow
     Allow from all
     </Proxy>
     ProxyPass /elog/ http://host.where.elogd.is.running:8080/
     ProxyPassReverse /elog/ http://host.where.elogd.is.running:8080/
Then, following URL statement has to be written to elogd.cfg:
     URL = https://your.host.domain/elog

There is a more detailed step-by-step instructions at the contributions section.

Using ssh: elogd can be accessed through a a SSH tunnel. To do so, open an SSH tunnel like:

ssh -L 1234:your.server.name:8080 your.server.name

This opens a secure tunnel from your local host, port 1234, to the server host where the elogd daemon is running on port 8080. Now you can access http://localhost:1234 from your browser and reach elogd in a secure way.

Notes on Server Configuration

The ELOG daemon elogd can be executed with the following options :

elogd [-p port] [-h hostname/IP] [-C] [-m] [-M] [-D] [-c file] [-s dir] [-d dir] [-v] [-k] [-f file] [-x]

with :

   * -p <port>  TCP port number to use for the http server (if other than 80)
   * -h <hostname or IP address> in the case of a "multihomed" server, host name or IP address of the interface ELOG should run on
   * -C <url>  clone remote elogd configuration 
   * -m  synchronize logbook(s) with remote server
   * -M  synchronize with removing deleted entries
   * -l <logbook>  optionally specify logbook for -m and -M commands
   * -D   become a daemon (Unix only)
   * -c <file>  specify the configuration file (full path mandatory if -D is used)
   * -s <dir> specify resource directory (themes, icons, ...)
   * -d <dir> specify logbook root directory
   * -v  verbose output for debugging
   * -k  do not use TCP keep-alive
   * -f <file> specify PID file where elogd process ID is written when server is started
   * -x  enables execution of shell commands

It may also be used to generate passwords :

     elogd [-r pwd] [-w pwd] [-a pwd] [-l logbook]

with :

   * -r <pwd> create/overwrite read password in config file
   * -w <pwd> create/overwrite write password in config file
   * -a <pwd> create/overwrite administrative password in config file
   * -l <logbook> specify logbook for -r and -w commands

The appearance, functionality and behaviour of the various logbooks on an ELOG server are determined by the single elogd.cfg file in the ELOG installation directory.

This file may be edited directly from the file system, or from a form in the ELOG Web interface (when the Config menu item is available). In this case, changes are applied dynamically without having to restart the server. Instead of restarting the server, under Unix one can send a HUP signal like "killall -HUP elogd" to tell the server to re-read its configuration.

The many options of this unique but very important file are documented on the separate elogd.cfg syntax page.

To better control appearance and layout of the logbooks, elogd.cfg may optionally specify the use of additional files containing HTML code, and/or custom "themes" configurations. These need to be edited directly from the file system right now.

The meaning of the directory flags -s and -d is explained in the section covering the configuration options Resource dir and Logbook dir in the elogd.cfg description.

Notes on tarball install Make sure you have the libssl-dev package installed. Consult your distribution for details.

Expand the compressed TAR file with tar -xzvf elog-x.x.x.tar.gz. This creates a subdirectory elog-x.x.x where x.x.x is the version number. In that directory execute make, which creates the executables elogd, elog and elconv. These executables can then be copied to a convenient place like /usr/local/bin or ~/bin. Alternatively, a "make install" will copy the daemon elogd to SDESTDIR (by default /usr/local/sbin) and the other files to DESTDIR (by default /usr/local/bin). These directories can be changed in the Makefile. The elogd executable can be started manually for testing with :

elogd -p 8080

where the -p flag specifies the port. Without the -p flag, the server uses the standard WWW port 80. Note that ports below 1024 can only be used if elogd is started under root, or the "sticky bit" is set on the executable.

When elogd is started under root, it attaches to the specified port and tries to fall-back to a non-root account. This is necessary to avoid security problems. It looks in the configuration file for the statements Usr and Grp.. If found, elogd uses that user and goupe name to run under. The names must of course be present on the system (usually /etc/passwd and /etc/group). If the statements Usr and Grp. are not present, elogd tries user and group elog, then the default user and group (normally nogroup and nobody). Care has to be taken that elogd, when running under the specific user and group account, has read and write access to the configuration file and logbook directories. Note that the RPM installation automatically creates a user and group elog.

If the program complains with something like "cannot bind to port...", it could be that the network is not started on the Linux box. This can be checked with the /sbin/ifconfig program, which must show that eth0 is up and running.

The distribution contains a sample configuration file elogd.cfg and a demo logbook in the demo subdirectory. If the elogd server is started in the elogd-x.x.x directory, the demo logbook can be directly accessed with a browser by specifying the URL http://localhost:8080 (or whatever port you started the elog daemon on). If the elogd server is started in some other directory, you must specify the full path of the elogd file with the "-c" flag and change the Data dir = option in the configuration file to a full path like /usr/local/elog.

Once testing is complete, elogd will typically be started with the -D flag to run as a daemon in the background, like this :

elogd -p 8080 -c /usr/local/elog/elogd.cfg -D

Note that it is mandatory to specify the full path for the elogd file when started as a daemon. To test the daemon, connect to your host via :

http://your.host:8080/

If port 80 is used, the port can be omitted in the URL. If several logbooks are defined on a host, they can be specified in the URL :

http://your.host/<logbook>

where <logbook> is the name of the logbook.

The contents of the all-important configuration file elogd.cfg are described below:

[Tbow@gluon documentation-notes]$ ll elog*
-rw-r--r-- 1 Tbow npg 9.4K May 20  2009 elog
-rw-r--r-- 1 Tbow npg  623 Jan 26  2010 elog.roentgen.messages.problem
-rw-r--r-- 1 Tbow npg 1.2K Feb 11 19:12 elog_users_setup
[Tbow@gluon documentation-notes]$ text
text2pcap  text2wave  textools

elog_users_setup 2010-02-11

You can find some instructions/information here:

http://pbpl.physics.ucla.edu/old_stuff/elogold/current/doc/config.html#access

The thing you have to remember is that you want the new users to end up being users of just the logbook they will be using, not a global user. So, if you look at where my name is in the elogd.cfg file, I am designated as an admin user, and am a global user that can log into any logbook to fix things. If you look through the file for a user like Daniel, he can only log into the nuclear group logbooks, not my private one, or Karl's, or Maurik's. So, if you want to add someone to the nuclear group's logbooks, for example, add that new person's user name to where you find people like Daniel and Ethan, and set the thing to allow self-registering at the top. Restart, and then go ahead and use the self-register to register the new person's password and account. Then go back into the elogd.cfg file and comment out the self register, so other people cannot do that, and restart. That should be the easiest way to do it, but you can read the info and decide about that. How does that sound? Does this make sense?

elog_roentgen_messages_problems 2010-01-26

Jan 26 09:48:00 roentgen elogd[15215]: elogd 2.7.8 built Dec  2 2009, 11:54:27 
Jan 26 09:48:00 roentgen elogd[15215]: revision 2278
Jan 26 09:48:00 roentgen elogd[15215]: Falling back to default group "elog"
Jan 26 09:48:01 roentgen elogd[15215]: Falling back to default user "elog"
Jan 26 09:48:01 roentgen elogd[15215]: FCKedit detected
Jan 26 09:48:01 roentgen elogd[15217]: Falling back to default group "elog"
Jan 26 09:48:01 roentgen elogd[15217]: Falling back to default user "elog"
Jan 26 09:48:01 roentgen elogd[15215]: ImageMagick detected
Jan 26 09:48:02 roentgen elogd[15215]: SSLServer listening on port 8080

CUPS

CUPS quota accounting 2009-06-10

3. 3. Print quotas and accounting

CUPS has also basic page accounting and quota capabilities.

Every printed page is logged in the file /var/log/cups/page_log So one can everytime read out this file and determine who printed how many pages. The system is based on the CUPS filters. They simply analyse the PostScript data stream to determine the number of pages. And there fore it depends on the quality of the PostScript generated by the applications whether the pages get correctly counted. And if there is a paper jam, pages are already counted and do not get printed. Also Jobs which get rendered printer-ready on the client (Windows) will not get accounted correctly, as CUPS does not understand the proprietary language of the printer.

In addition, one can restrict the amount of pages (or kBytes) which a user is allowed to print in a certain time frame. Such restrictions can be applied to the print queues with the "lpadmin" command.

lpadmin -p printer1 -o job-quota-period=604800 -o job-k-limit=1024
lpadmin -p printer2 -o job-quota-period=604800 -o job-page-limit=100

The first command means that within the "job-quota-period" (time always given in seconds, in this example we have one week) users can only print a maximum of 1024 kBytes (= 1 MByte) of data on the printer "printer1". The second command restricts printing on "printer2" to 100 pages per week. One can also give both "job-k-limit" and "job-page-limit" to one queue. Then both limits apply so the printer rejects jobs when the user already reaches one of the limits, either the 1 MByte or the 100 pages.

This is a very simple quota system: Quotas cannot be given per-user, so a certain user's quota cannot be raised independent of the other users, for example if the user pays his pages or gets a more printing-intensive job. Also counting of the pages is not very sophisticated as it was already shown above.

So for more sophisticated accounting it is recommended to use add-on software which is specialized for this job. This software can limit printing per-user, can create bills for the users, use hardware page counting methods of laser printers, and even estimate the actual amount of toner or ink needed for a page sent to the printer by counting the pixels.

The most well-known and complete free software package for print accounting and quotas id PyKota:

http://www.librelogiciel.com/software/PyKota/

A simple system based on reading out the hardware counter of network printers via SNMP is accsnmp:

http://fritz.potsdam.edu/projects/cupsapps/

CUPS Basic Info 2009-06-11

This file contains some basic cups commands and info:

The device can be a parallel port, a network interface, and so forth. Devices within CUPS use Uniform Resource Identifiers ("URIs") which are a more general form of Uniform Resource Locators ("URLs") that are used in your web browser. For example, the first parallel port in Linux usually uses a device URI of parallel:/dev/lp1

Lookup printer info:

lpinfo -v ENTER
 network socket
 network http
 network ipp
 network lpd
 direct parallel:/dev/lp1
 serial serial:/dev/ttyS1?baud=115200
 serial serial:/dev/ttyS2?baud=115200
 direct usb:/dev/usb/lp0
 network smb

File devices have device URIs of the form file:/directory/filename while network devices use the more familiar method://server or method://server/path format. Printer queues usually have a PostScript Printer Description ("PPD") file associated with them. PPD files describe the capabilities of each printer, the page sizes supported, etc.

Adding a printer:

/usr/sbin/lpadmin -p printer -E -v device -m ppd

Managing printers:

/usr/sbin/lpadmin -p printer options

Starting and Stopping printer queues:

/usr/bin/enable printer ENTER
/usr/bin/disable printer ENTER

Accepting and Rejecting Print jobs:

/usr/sbin/accept printer ENTER
/usr/sbin/reject printer ENTER

Restrict Access:

/usr/sbin/lpadmin -p printer -u allow:all

Virtualization

Xen Basic Commands 2009-06-04

Basic management options

The following are basic and commonly used xm commands:

xm help [--long]: view available options and help text.
 use the xm list command to list active domains:
$ xm list
 Name                                ID  Mem(MiB)   VCPUs      State      Time(s)
 Domain-0                            0     520       2         r-----     1275.5
 r5b2-mySQL01                       13     500       1         -b----       16.1

xm create [-c] DomainName/ID: start a virtual machine. If the -c option is used, the start up process will attach to the guest's console.

xm console DomainName/ID: attach to a virtual machine's console.
xm destroy DomainName/ID: terminate a virtual machine , similar to a power off.
xm reboot DomainName/ID: reboot a virtual machine, runs through the normal system shut down and start up process.
xm shutdown DomainName/ID: shut down a virtual machine, runs a normal system shut down procedure.
xm pause
xm unpause
xm save
xm restore
xm migrate

Misc

denyhosts-undeny.py 2013-05-31

#!/usr/bin/env python
import os
import sys
import subprocess
#The only argument should be the host to undeny
try:
 goodhost = sys.argv[1]
except:
 print "Please specify a host to undeny!"
 sys.exit(1)
#These commands start/stop denyhosts. Set these as appropriate for your system.
stopcommand = '/etc/init.d/denyhosts stop'
startcommand = '/etc/init.d/denyhosts start'
#Check to see what distribution we're using.
distrocheckcommand = "awk '// {print $1}' /etc/redhat-release"
d = os.popen(distrocheckcommand)
distro = d.read()
distro = distro.rstrip('\n')
#Check to see what user we're being run as.
usercheckcommand = "whoami"
u = os.popen(usercheckcommand)
user = u.read()
user = user.rstrip('\n')
if user == 'root':
 pass
else:
 print "Sorry, this script requires root privileges."
 sys.exit(1)
#The files we should be purging faulty denials from.
if distro == 'Red':
 filestoclean = ['/etc/hosts.deny','/var/lib/denyhosts/hosts-restricted','/var/lib/denyhosts/sync-hosts','/var/lib/denyhosts/suspicious-logins']
elif distro == 'CentOS':
 filestoclean = ['/etc/hosts.deny','/usr/share/denyhosts/data/hosts-restricted','/usr/share/denyhosts/data/sync- hosts','/usr/share/denyhosts/data/suspicious-logins']
elif distro == 'Fedora':
 print "This script not yet supported on Fedora systems!"
 sys.exit(1)
else:
 print "This script is not yet supported on your distribution, or I can't properly detect it."
 sys.exit(1)
#Stop denyhosts so that we don't get any confusion.
os.system(stopcommand)
#Let's now remove the faulty denials.
for targetfile in filestoclean:
 purgecommand = "sed -i '/" + goodhost + "/ d' " + targetfile
 os.system(purgecommand)
#Now that the faulty denials have been removed, it's safe to restart denyhosts.
os.system(startcommand)
sys.exit(0)

Hosts

These are hosts that I have worked on. The services I have worked on may not carry the same services, but this is a log not a reflection of what is.

Gourd

Network Config 2012-11-05

ifcfg-farm

DEVICE=eth0
ONBOOT=yes
HWADDR=00:30:48:ce:e2:38
BRIDGE=farmbr

ifcfg-farmbr

ONBOOT=yes
TYPE=bridge
DEVICE=farmbr
BOOTPROTO=static
IPADDR=10.0.0.252
NETMASK=255.255.0.0
GATEWAY=10.0.0.1
NM_CONTROLLED=no
DELAY=0

ifcfg-farmbr:1

ONBOOT=yes
TYPE=Ethernet
DEVICE=farmbr:1
BOOTPROTO=static
IPADDR=10.0.0.240
NETMADK=255.255.0.0
GATEWAY=10.0.0.1
NM_CONTROLLED=no
ONPARENT=yes

ifcfg-unh

DEVICE=eth1
ONBOOT=yes
HWADDR=00:30:48:ce:e2:39
BRIDGE=unhbr

ifcfg-unhbr

ONBOOT=yes
TYPE=bridge
DEVICE=unhbr
BOOTPROTO=static
IPADDR=132.177.88.75
NETMASK=255.255.252.0
GATEWAY=132.177.88.1
NM_CONTROLLED=no
DELAY=0

ifcfg-unhbr:1

ONBOOT=yes
TYPE=Ethernet
DEVICE=unhbr:1
BOOTPROTO=static
IPADDR=132.177.91.210
NETMASK=255.255.252.0
GATEWAY=132.177.88.1
NM_CONTROLLED=no
ONPARENT=yes

rc.local 2009-05-20

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
#This will send an email to the npg-admins at startup with the hostname and the boot.log file
mail -s "$HOSTNAME Started, Here is the boot.log" npg-admins@physics.unh.edu < /var/log/boot.log

Yum 2009-05-21

Fixing yum on gourd

In order to get RHN support (repo files) you must download and install off the rhn network

yum-rhn-plugin

and then these errors

[Tbow@gourd ~]$ sudo rpm -i Desktop/documentation-notes/downloads/yum-rhn-plugin-0.5.3-30.el5.noarch.rpm 
Password:
warning: Desktop/documentation-notes/downloads/yum-rhn-plugin-0.5.3-30.el5.noarch.rpm: V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
rhn-client-tools >= 0.4.19-9 is needed by yum-rhn-plugin-0.5.3-30.el5.noarch
rhn-setup is needed by yum-rhn-plugin-0.5.3-30.el5.noarch
yum >= 3.2.19-15 is needed by yum-rhn-plugin-0.5.3-30.el5.noarch
[Tbow@gourd nut-2.4.1]$ less /proc/version|grep Linux
Linux version 2.6.9-67.0.15.EL (brewbuilder@hs20-bc2-2.build.redhat.com) (gcc version 3.4.6   20060404 (Red Hat 3.4.6-9)) #1 Tue Apr 22 13:42:17 EDT 2008

When I tried installing the package for el3 this came up

[Tbow@gourd nut-2.4.1]$ sudo rpm -Uvh /yum-2.0.8-0.1.el3.rf.noarch.rpm 
Preparing...                ########################################### [100%]
package yum-2.4.2-0.4.el4.rf (which is newer than yum-2.0.8-0.1.el3.rf) is already installed

Tried using the --replacefiles, but didn't work with this command, look into it

[Tbow@gourd nut-2.4.1]$ sudo rpm -U --replacefiles /yum-2.4.2-0.4.el4.rf.noarch.rpm 
package yum-2.4.2-0.4.el4.rf is already installed

Tried updating then go this

[Tbow@gourd nut-2.4.1]$ sudo yum update
Setting up Update Process
Setting up repositories
No Repositories Available to Set Up
Reading repository metadata in from local files
No Packages marked for Update/Obsoletion

Either go to the red hat network website to find the repos.d/ files or run rhn_check

/usr/sbin/rhn_check
/usr/sbin/rhn_register
Upgrade yum for rhel 3

Old repository files are still on this system so I will reinstall yum on the is system

smartd.conf 2009-05-20

# Home page is: http://smartmontools.sourceforge.net
# $Id: smartd.conf,v 1.38 2004/09/07 12:46:33 ballen4705 Exp $
# smartd will re-read the configuration file if it receives a HUP
# signal
# The file gives a list of devices to monitor using smartd, with one
# device per line. Text after a hash (#) is ignored, and you may use
# spaces and tabs for white space. You may use '\' to continue lines. 
# You can usually identify which hard disks are on your system by
# looking in /proc/ide and in /proc/scsi.
# The word DEVICESCAN will cause any remaining lines in this
# configuration file to be ignored: it tells smartd to scan for all
# ATA and SCSI devices.  DEVICESCAN may be followed by any of the
# Directives listed below, which will be applied to all devices that
# are found.  Most users should comment out DEVICESCAN and explicitly
# list the devices that they wish to monitor.
#DEVICESCAN
# First (primary) ATA/IDE hard disk.  Monitor all attributes, enable
# automatic online data collection, automatic Attribute autosave, and
# start a short self-test every day between 2-3am, and a long self test
# Saturdays between 3-4am.
#/dev/hda -a -o on -S on -s (S/../.././02|L/../../6/03)
# Monitor SMART status, ATA Error Log, Self-test log, and track
# changes in all attributes except for attribute 194
#/dev/hda -H -l error -l selftest -t -I 194 
# A very silent check.  Only report SMART health status if it fails
# But send an email in this case
#/dev/hda -H -m npg-admins@physics.unh.edu
# First two SCSI disks.  This will monitor everything that smartd can
# monitor.  Start extended self-tests Wednesdays between 6-7pm and
# Sundays between 1-2 am
#/dev/sda -d scsi -s L/../../3/18
#/dev/sdb -d scsi -s L/../../7/01
# Monitor 4 ATA disks connected to a 3ware 6/7/8000 controller which uses
# the 3w-xxxx driver. Start long self-tests Sundays between 1-2, 2-3, 3-4, 
# and 4-5 am.
# Note: one can also use the /dev/twe0 character device interface.
#/dev/sdc -d 3ware,0 -a -s L/../../7/01
#/dev/sdc -d 3ware,1 -a -s L/../../7/02
#/dev/sdc -d 3ware,2 -a -s L/../../7/03
#/dev/sdc -d 3ware,3 -a -s L/../../7/04
# Monitor 2 ATA disks connected to a 3ware 9000 controller which uses
# the 3w-9xxx driver. Start long self-tests Tuesdays between 1-2 and 3-4 am
#/dev/sda -d 3ware,0 -a -s L/../../2/01
#/dev/sda -d 3ware,1 -a -s L/../../2/03
#Send quick test email at smartd startud
#/dev/sda -d 3ware,0 -a -m npg-admins@physics.unh.edu -M test
#/dev/sda -d 3ware,1 -a -m npg-admins@physics.unh.edu -M test
#/dev/sda -d 3ware,2 -a -m npg-admins@physics.unh.edu -M test
#/dev/sda -d 3ware,3 -a -m npg-admins@physics.unh.edu -M test
#/dev/sda -d 3ware,4 -a -m npg-admins@physics.unh.edu -M test
#/dev/sda -d 3ware,5 -a -m npg-admins@physics.unh.edu -M test
#/dev/sda -d 3ware,6 -a -m npg-admins@physics.unh.edu -M test
#/dev/sda -d 3ware,7 -a -m npg-admins@physics.unh.edu -M test
#Email all (-a) the information gathered for each drive
/dev/sda -d 3ware,0 -a -m npg-admins@physics.unh.edu
/dev/sda -d 3ware,1 -a -m npg-admins@physics.unh.edu
/dev/sda -d 3ware,2 -a -m npg-admins@physics.unh.edu
/dev/sda -d 3ware,3 -a -m npg-admins@physics.unh.edu
/dev/sda -d 3ware,4 -a -m npg-admins@physics.unh.edu
/dev/sda -d 3ware,5 -a -m npg-admins@physics.unh.edu
/dev/sda -d 3ware,6 -a -m npg-admins@physics.unh.edu
/dev/sda -d 3ware,7 -a -m npg-admins@physics.unh.edu
#Does a Long test on all 12 drives on the 3ware card
#and is scheduled on saturday to run at specified (Military) time.
/dev/sda -d 3ware,0 -a -s L/../../7/01
/dev/sda -d 3ware,1 -a -s L/../../7/03
/dev/sda -d 3ware,2 -a -s L/../../7/05
/dev/sda -d 3ware,3 -a -s L/../../7/07
/dev/sda -d 3ware,4 -a -s L/../../7/09
/dev/sda -d 3ware,5 -a -s L/../../7/11
/dev/sda -d 3ware,6 -a -s L/../../7/13
/dev/sda -d 3ware,7 -a -s L/../../7/15
# HERE IS A LIST OF DIRECTIVES FOR THIS CONFIGURATION FILE.
# PLEASE SEE THE smartd.conf MAN PAGE FOR DETAILS
#
#   -d TYPE Set the device type: ata, scsi, removable, 3ware,N
#   -T TYPE set the tolerance to one of: normal, permissive
#   -o VAL  Enable/disable automatic offline tests (on/off)
#   -S VAL  Enable/disable attribute autosave (on/off)
#   -n MODE No check. MODE is one of: never, sleep, standby, idle
#   -H      Monitor SMART Health Status, report if failed
#   -l TYPE Monitor SMART log.  Type is one of: error, selftest
#   -f      Monitor for failure of any 'Usage' Attributes
#   -m ADD  Send warning email to ADD for -H, -l error, -l selftest, and -f
#   -M TYPE Modify email warning behavior (see man page)
#   -s REGE Start self-test when type/date matches regular expression (see man page)
#   -p      Report changes in 'Prefailure' Normalized Attributes
#   -u      Report changes in 'Usage' Normalized Attributes
#   -t      Equivalent to -p and -u Directives
#   -r ID   Also report Raw values of Attribute ID with -p, -u or -t
#   -R ID   Track changes in Attribute ID Raw value with -p, -u or -t
#   -i ID   Ignore Attribute ID for -f Directive
#   -I ID   Ignore Attribute ID for -p, -u or -t Directive
#   -C ID   Report if Current Pending Sector count non-zero
#   -U ID   Report if Offline Uncorrectable count non-zero
#   -v N,ST Modifies labeling of Attribute N (see man page)
#   -a      Default: equivalent to -H -f -t -l error -l selftest -C 197 -U 198
#   -F TYPE Use firmware bug workaround. Type is one of: none, samsung
#   -P TYPE Drive-specific presets: use, ignore, show, showall
#    #      Comment: text after a hash sign is ignored
#    \      Line continuation character
# Attribute ID is a decimal integer 1 <= ID <= 255
# except for -C and -U, where ID = 0 turns them off.
# All but -d, -m and -M Directives are only implemented for ATA devices
#
# If the test string DEVICESCAN is the first uncommented text
# then smartd will scan for devices /dev/hd[a-l] and /dev/sd[a-z]
# DEVICESCAN may be followed by any desired Directives.

rc3.d 2010-01-16

K00ipmievd
K01dnsmasq
K02avahi-dnsconfd
K02NetworkManager
K05conman
K05saslauthd
K05wdaemon
K10dc_server
K10psacct
K12dc_client
K15httpd
K24irda
K25squid
K30spamassassin
K34yppasswdd
K35dhcpd
K35dhcrelay
K35dovecot
K35vncserver
K35winbind
K36lisa
K50netconsole
K50tux
K69rpcsvcgssd
K73ypbind
K74ipmi
K74nscd
K74ntpd
K74ypserv
K74ypxfrd
K80kdump
K85mdmpd
K87multipathd
K88wpa_supplicant
K89dund
K89hidd
K89netplugd
K89pand
K89rdisc
K90bluetooth
K91capi
K91isdn
K99readahead_later
S00microcode_ctl
S02lvm2-monitor
S04readahead_early
S05kudzu
S06cpuspeed
S08ip6tables
S08iptables
S08mcstrans
S10network
S11auditd
S12restorecond
S12syslog
S13irqbalance
S13portmap
S14nfslock
S15mdmonitor
S18rpcidmapd
S19nfs
S19rpcgssd
S20vmware
S22messagebus
S23setroubleshoot
S25netfs
S25pcscd
S26acpid
S26lm_sensors
S28autofs
S29iptables-netgroups
S50hplip
S55sshd
S56cups
S56rawdevices
S56xinetd
S60apcupsd
S80sendmail
S85arecaweb
S85gpm
S90crond
S90splunk
S90xfs
S95anacron
S95atd
S97rhnsd
S97yum-updatesd
S98avahi-daemon
S98haldaemon
S99denyhosts
S99firstboot
S99local
S99smartd

Taro

Lentil

Pumpkin

Endeavour

Yum Problems 2012-10-11

libsdp.x86_64
libsdp-devel.x86_64

Journal of Process

Install both libsdp (i386 and x86_64) and libxml2 from rpm

There is still a seg fault when yum tries to read the primary.xml, this is seen when I run strace yum check-update.

Wake-On LAN 2013-08-20

First run this command on the node

ethtool -s eth0 wol g

Then add this line to the /etc/sysconfig/network-scripts/ifcfg-eth0

ETHTOOL_OPTS="wol g"

List of the nodes and their MACs:

Node2 (10.0.0.2) at 00:30:48:C6:F6:80
node3 (10.0.0.3) at 00:30:48:C7:03:FE
node4 (10.0.0.4) at 00:30:48:C7:2A:0E
node5 (10.0.0.5) at 00:30:48:C7:2A:0C
node6 (10.0.0.6) at 00:30:48:C7:04:54
node7 (10.0.0.7) at 00:30:48:C7:04:A8
node8 (10.0.0.8) at 00:30:48:C7:04:98
node9 (10.0.0.9) at 00:30:48:C7:04:F4
node16 (10.0.0.16) at 00:30:48:C7:04:A4
node17 (10.0.0.17) at 00:30:48:C7:04:A6
node18 (10.0.0.18) at 00:30:48:C7:04:4A
node19 (10.0.0.19) at 00:30:48:C7:04:62
node20 (10.0.0.20) at 00:30:48:C6:F6:14
node21 (10.0.0.21) at 00:30:48:C6:F6:12
node22 (10.0.0.22) at 00:30:48:C6:EF:A6
node23 (10.0.0.23) at 00:30:48:C6:EB:CC
node24 (10.0.0.24) at 00:30:48:C7:04:5A
node25 (10.0.0.25) at 00:30:48:C7:04:5C
node26 (10.0.0.26) at 00:30:48:C7:04:4C
node27 (10.0.0.27) at 00:30:48:C7:04:40

Einstein

rc3.d 2010-01-16

K01dnsmasq
K02avahi-dnsconfd
K02dhcdbd
K02NetworkManager
K05conman
K05saslauthd
K05wdaemon
K10dc_server
K10psacct
K12dc_client
K12mailman
K15httpd
K19ntop
K20nfs
K24irda
K25squid
K30spamassassin
K35dovecot
K35smb
K35vncserver
K35winbind
K50netconsole
K50snmptrapd
K50tux
K69rpcsvcgssd
K73ldap
K73ypbind
K74ipmi
K74nscd
K74ntpd
K80kdump
K85mdmpd
K87multipathd
K87named
K88wpa_supplicant
K89dund
K89netplugd
K89pand
K89rdisc
K91capi
K92ip6tables
K99readahead_later
S02lvm2-monitor
S04readahead_early
S05kudzu
S06cpuspeed
S07iscsid
S08ip6tables
S08iptables
S08mcstrans
S09isdn
S10network
S11auditd
S12restorecond
S12syslog
S13irqbalance
S13iscsi
S13mcstrans
S13named
S13portmap
S14nfslock
S15mdmonitor
S18rpcidmapd
S19rpcgssd
S22messagebus
S23setroubleshoot
S25bluetooth
S25netfs
S25pcscd
S26acpid
S26hidd
S26lm_sensors
S27ldap
S28autofs
S29iptables-npg
S50denyhosts
S50hplip
S50snmpd
S55sshd
S56cups
S56rawdevices
S56xinetd
S58ntpd
S60apcupsd
S65dovecot
S78spamassassin
S80postfix
S85gpm
S85httpd
S90crond
S90elogd
S90splunk
S90xfs
S95anacron
S95atd
S95saslauthd
S97libvirtd
S97rhnsd
S97yum-updatesd
S98avahi-daemon
S98haldaemon
S98mailman
S99firstboot
S99local
S99smartd

Corn

Jalapeno

Roentgen

Xen to VMware Conversion 2009-06-23

The transfer process

  1. Shutdown the xen virtual machine and make a backup of the .img file.
  2. Make a tarball of roentgens filesystem
    • This must be done as root
    • tar -cvf machine.tar /lib /lib64 /etc /usr /bin /sbin /var /root
  3. Set up an identical OS (CentOS 5.3) on VMWare Server.
  4. Mount the location of the tarball and extract to the /
    • Make sure to backup the original OSs /etc/ to /etc.bak/
    • tar -xvf machine.tar

Files to copy back over from the /etc.bak/

/etc/sysconfig/network-scripts/ifcfg-*
/etc/inittab
/etc/fstab
/etc/yum*
/etc/X11*

Turn roentgen on to prepare for rsync transfer.

Make sure to shutdown all important services (httpd, mysqld, etc)

Log on to roentgen as root and run the following command for each folder archived above.

rsync -av --delete /src/(lib) newserver.unh.edu:/dest/(lib)>>rsync.(lib).log

Rsync process

--delete   delete extraneous files from dest dirs
-a, --archive               archive mode; equals -rlptgoD (no -H,-A,-X)
 --no-OPTION             turn off an implied OPTION (e.g. --no-D)


This tells us how to convert xen to vmware

  1. download the current kernel for the xen virtual machine (not the xen kernel) and install it on the virtual machine. This is done so when the virtual machine is transitioned into a fully virtualized setup, it can boot a normal kernel not the xen kernel.
  2. shutdown roentgen to copy the image file to a back for exporting
  3. Install qemu-img
  4. Run the following command:
    • qemu-img convert <source_xen_machine> -O vmdk <destination_vmware.vmdk>
  5. Now it boots but, it also kernel panics.

This was scratched and instead made a tarball of roentgens filesystem.

http://www.howtoforge.com/how-to-convert-a-xen-virtual-machine-to-vmware