|
|
Home | Switchboard | Unix Administration | Red Hat | TCP/IP Networks | Neoliberalism | Toxic Managers |
| (slightly skeptical) Educational society promoting "Back to basics" movement against IT overcomplexity and bastardization of classic Unix | |||||||
|
|
It's not easy to define what is a tip. Tips are setting, commands, etc that are important to know but usually are hidden in the volume of documentation and/or capabilities that are are not evident.
|
|
The first and the most important tip that one can get to a Solaris user is to get a good shell prompt. What Sun ships is a disaster.
The second is to install open source software provided by Sun on a separate disk. Not all of it requires root access and administrator permission (difficult to obtain in corporate environment). Also if the server allow NFS mounting you can mount directory from you workstation to use many of those utilities.
Tips pages are usually do not last long on the Net. Please be ready to find out that some of the links below already disappeared.
Here are several of my favorite tip pages
Sun Solaris Tips -- contains more a dozen very good, often unobvious, high quality tips.
has a list of useful command-line examples:
- listing files by size of a particular partition, e.g. /var can be done using:
du -ad /var | sort -n
wgrep is a windowing grep that is useful for grabbing X number of
lines before and after a match. psrinfo to view the processor info on a system running SolarisWhen you're writing interactive shell programs, you often want to add a little more spice to your user interface - those special nuances that make your application more appealing. The Solaris "tput" command can be used to enhance your user interface.
Here's a couple of quick tput commands that can spice up your user interface:
The tput command can be used to make text appear bold on terminals that support a bold appearance. Making text appear bold works very well for titles, or at times when you want a word or phrase to stand out from the rest of the text. Try these three commands at your command line to make the "[Enter]" portion of the following echo statement output appear bold:
bold=`tput smso`
norm=`tput rmso`
echo "Hit the ${bold}[Enter]${norm} key to continue: \c"
You can also position the cursor on-screen with the tput command. Type this command at the command line to see what happens:
tput cup 10 40
I once wrote a crude interactive screen editor using tput cup to properly position the cursor
when the user hit the various arrow keys.
Ever wondered what's inside some of those binary files on your system (binary executables or binary data)? Several times I've gotten error messages from some command in the Solaris system, but I couldn't tell where the error was coming from because it was buried in some binary executable file.
The Solaris "strings" command lets you look at the ASCII text buried inside of executable files, and can often help you troubleshoot problems. For
instance, one time I was seeing error messages like this when a user was trying to log in:Could not set ULIMIT
I finally traced the problem down to the /bin/login command by running the "strings" command like this:
root> strings /bin/login | more
The strings command lists ASCII character sequences in binary files, and help me determine that the "Could not set ULIMIT" error was coming from
this file. Once I determined that the error message I was seeing was coming from this file, solving the problem became a simple matter.
It's 3 p.m., and you want to start a long job running. Unfortunately, you can't be sure that the job will finish by 5 p.m. when you need to leave, and the company is very strict about making sure you log off when you leave. However, if you log off the system, the job will be stopped. What can you do?
On Solaris systems you can use the "nohup" (no hang-up) command to keep jobs running long after you log off the system. Using nohup tells the system not to "hang-up" on your job after you've logged off the system.
Here's how to run the job, and keep it running after you log off:
root> nohup my-long-job &
This creates a file named "nohup.out" in the current directory that contains the standard output of the command ("my-long-job") you're running.
Everyone is happy because the job keeps running, you get to leave at 5 p.m., and you're properly logged off the system.
|
|
Switchboard | ||||
| Latest | |||||
| Past week | |||||
| Past month | |||||
 |
 |
 |
Jan 13, 2015 | cyberciti.biz
As my journey continues with Linux and Unix shell, I made a few mistakes. I accidentally deleted /tmp folder. To restore it all you have to do is:
mkdir /tmp chmod 1777 /tmp chown root:root /tmp ls -ld /tmp mkdir /tmp chmod 1777 /tmp chown root:root /tmp ls -ld /tmp
|
|
|
Feb 04, 2017 | hints.macworld.com
The variable CDPATH defines the search path for the directory containing directories. So it served much like "directories home". The dangers are in creating too complex CDPATH. Often a single directory works best. For example export CDPATH = /srv/www/public_html . Now, instead of typing cd /srv/www/public_html/CSS I can simply type: cd CSS
Use CDPATH to access frequent directories in bash
Mar 21, '05 10:01:00AM • Contributed by: jonbaumanI often find myself wanting to cd to the various directories beneath my home directory (i.e. ~/Library, ~/Music, etc.), but being lazy, I find it painful to have to type the ~/ if I'm not in my home directory already. Enter CDPATH , as desribed in man bash ):
The search path for the cd command. This is a colon-separated list of directories in which the shell looks for destination directories specified by the cd command. A sample value is ".:~:/usr".Personally, I use the following command (either on the command line for use in just that session, or in .bash_profile for permanent use):This way, no matter where I am in the directory tree, I can just cd dirname , and it will take me to the directory that is a subdirectory of any of the ones in the list. For example:CDPATH=".:~:~/Library"[ robg adds: No, this isn't some deeply buried treasure of OS X, but I'd never heard of the CDPATH variable, so I'm assuming it will be of interest to some other readers as well.]$ cd $ cd Documents /Users/baumanj/Documents $ cd Pictures /Users/username/Pictures $ cd Preferences /Users/username/Library/Preferences etc...cdable_vars is also nice
Check out the bash command shopt -s cdable_vars
Authored by: clh on Mar 21, '05 08:16:26PMFrom the man bash page:
cdable_varsWith this set, if I give the following bash command:If set, an argument to the cd builtin command that is not a directory is assumed to be the name of a variable whose value is the directory to change to.
export d="/Users/chap/Desktop"
I can then simply type
cd d
to change to my Desktop directory.
I put the shopt command and the various export commands in my .bashrc file.
|
|
|
|
|
|
|
|
|
|
|
|
About:
Expect-lite is a wrapper for expect, created to make expect programming even easier. The wrapper permits the creation of expect script command files by using special character(s) at the beginning of each line to indicate the expect-lite action. Basic expect-lite scripts can be created by simply cutting and pasting text from a terminal window into a script, and adding '>' 'Release focus: Major feature enhancements
Changes:
The entire command script read subsystem has changed. The previous system read directly from the script file. The new system reads the script file into a buffer, which can be randomly accessed. This permits looping (realistically only repeat loops). Infinite loop protection has been added. Variable increment and decrement have been added to support looping.Author:
Craig Miller [contact developer]
|
|
|
|
|
|
scsiinfo' extracts formatting
and other parameters from SCSI hard disk drives that aren't listed in /etc/format.dat and
can optionally create entries to be added to your system's format.dat file.. Might be useful
for old boxes.
$Id: ANNOUNCEMENT,v 1.24 2001/07/16 16:03:14 jdd Exp $
Version 4.7 of scsiinfo is now available.
New in release 4.7:
o support for Sun's PLN fibre-channel SCSI host adapter.
o support for Sun's simple SCSI target (sst) driver.
o -O support (Solaris 2.x) to check for devices already open.
o autodetection of host adapter include files.
o Solaris 8 support.
For those unfamiliar with scsiinfo:
Scsiinfo displays information about SCSI devices attached to a given system,
as seen by a supported SCSI device driver. For each target known to the SCSI
host adapter, scsiinfo reports SCSI transfer information for the device. In
particular, when a target supports synchronous transfer, the negotiated
maximum transfer rate (in MB/sec) is reported. Scsiinfo can also report the
type and speed of each supported host adapter attached to the system. In
addition, it supports querying SCSI disks for geometry and formatting and
optionally generates a format.dat entry based on these values. Finally,
scsiinfo supports querying SCSI devices for vendor, product, and revision
information, in the style of the Sun OpenBoot prom's probe-scsi and
probe-scsi-all commands.
Only suns with esp, isp, fas, ptisp and glm SCSI controllers
(sun4c/4m/4e/4d/4u) running SunOS 4.1 or later are supported. The isp, fas
and glm controllers are only supported under SunOS 5.x.
Scsiinfo version 4.7 is available for anonymous ftp from:
ftp://ftp.cs.toronto.edu/pub/jdd/scsiinfo/scsiinfo-4.7.shar
|
|
|
memconf' is a Perl script which determines the configuration of the RAM modules in Sun workstations. It uses the SunOS 5.x 'prtconf' and 'prtdiag' utilities extract relevent information and present it in more user-friendly format.
|
|
|
The most commonly used stty command is undoubtedly the "stty erase ^h" command which is often used in scripts
if [ `tty | grep -ci console` -eq 0 ] then stty ERASE ^H TERM=SUN fi
|
|
|
truss -c (Solaris >= 8): This astounding option to truss provides a profile summary of the command being trussed:
$ truss -c grep asdf work.doc syscall seconds calls errors _exit .00 1 read .01 24 open .00 8 4 close .00 5 brk .00 15 stat .00 1 fstat .00 4 execve .00 1 mmap .00 10 munmap .01 3 memcntl .00 2 llseek .00 1 open64 .00 1 ---- --- --- sys totals: .02 76 4 usr time: .00 elapsed: .05It can also show profile data on a running process. In this case, the data shows what the process did between when truss was started and when truss execution was terminated with a control-c. It's ideal for determining why a process is hung without having to wade through the pages of truss output.
truss -d and truss -D (Solaris >= 8): These truss options show the time associated with each system call being shown by truss and is excellent for finding performance problems in custom or commercial code. For example:
$ truss -d who Base time stamp: 1035385727.3460 [ Wed Oct 23 11:08:47 EDT 2002 ] 0.0000 execve("/usr/bin/who", 0xFFBEFD5C, 0xFFBEFD64) argc = 1 0.0032 stat("/usr/bin/who", 0xFFBEFA98) = 0 0.0037 open("/var/ld/ld.config", O_RDONLY) Err#2 ENOENT 0.0042 open("/usr/local/lib/libc.so.1", O_RDONLY) Err#2 ENOENT 0.0047 open("/usr/lib/libc.so.1", O_RDONLY) = 3 0.0051 fstat(3, 0xFFBEF42C) = 0 . . .truss -D is even more useful, showing the time delta between system calls:
Dilbert> truss -D who 0.0000 execve("/usr/bin/who", 0xFFBEFD5C, 0xFFBEFD64) argc = 1 0.0028 stat("/usr/bin/who", 0xFFBEFA98) = 0 0.0005 open("/var/ld/ld.config", O_RDONLY) Err#2 ENOENT 0.0006 open("/usr/local/lib/libc.so.1", O_RDONLY) Err#2 ENOENT 0.0005 open("/usr/lib/libc.so.1", O_RDONLY) = 3 0.0004 fstat(3, 0xFFBEF42C) = 0In this example, the stat system call took a lot longer than the others.
truss -T: This is a great debugging help. It will stop a process at the execution of a specified system call. ("-U" does the same, but with user-level function calls.) A core could then be taken for further analysis, or any of the /proc tools could be used to determine many aspects of the status of the process.
truss -l (improved in Solaris 9): Shows the thread number of each call in a multi-threaded processes. Solaris 9 truss -l finally makes it possible to watch the execution of a multi-threaded application.
Truss is truly a powerful tool. It can be used on core files to analyze what caused the problem, for example. It can also show details on user-level library calls (either system libraries or programmer libraries) via the "-u" option.
pkg-get: This is a nice tool (http://www.bolthole.com/solaris) for automatically getting freeware packages. It is configured via /etc/pkg-get.conf. Once it's up and running, execute pkg-get -a to get a list of available packages, and pkg-get -i to get and install a given package.
plimit (Solaris >= 8): This command displays and sets the per-process limits on a running process. This is handy if a long-running process is running up against a limit (for example, number of open files). Rather than using limit and restarting the command, plimit can modify the running process.
coreadm (Solaris >= 8): In the "old" days (before coreadm), core dumps were placed in the process's working directory. Core files would also overwrite each other. All this and more has been addressed by coreadm, a tool to manage core file creation. With it, you can specify whether to save cores, where cores should be stored, how many versions should be retained, and more. Settings can be retained between reboots by coreadm modifying /etc/coreadm.conf.
pgrep (Solaris >= 8): pgrep searches through /proc for processes matching the given criteria, and returns their process-ids. A great option is "-n", which returns the newest process that matches.
preap (Solaris >= 9): Reaps zombie processes. Any processes stuck in the "z" state (as shown by ps), can be removed from the system with this command.
pargs (Solaris >= 9): Shows the arguments and environment variables of a process.
nohup -p (Solaris >= 9): The nohup command can be used to start a process, so that if the shell that started the process closes (i.e., the process gets a "SIGHUP" signal), the process will keep running. This is useful for backgrounding a task that should continue running no matter what happens around it. But what happens if you start a process and later want to HUP-proof it? With Solaris 9, nohup -p takes a process-id and causes SIGHUP to be ignored.
prstat (Solaris >= 8): prstat is top and a lot more. Both commands provide a screen's worth of process and other information and update it frequently, for a nice window on system performance. prstat has much better accuracy than top. It also has some nice options. "-a" shows process and user information concurrently (sorted by CPU hog, by default). "-c" causes it to act like vmstat (new reports printed below old ones). "-C" shows processes in a processor set. "-j" shows processes in a "project". "-L" shows per-thread information as well as per-process. "-m" and "-v" show quite a bit of per-process performance detail (including pages, traps, lock wait, and CPU wait). The output data can also be sorted by resident-set (real memory) size, virtual memory size, execute time, and so on. prstat is very useful on systems without top, and should probably be used instead of top because of its accuracy (and some sites care that it is a supported program).
trapstat (Solaris >= 9): trapstat joins lockstat and kstat as the most inscrutable commands on Solaris. Each shows gory details about the innards of the running operating system. Each is indispensable in solving strange happenings on a Solaris system. Best of all, their output is good to send along with bug reports, but further study can reveal useful information for general use as well.
vmstat -p (Solaris >= 8): Until this option became available, it was almost impossible (see the "se toolkit") to determine what kind of memory demand was causing a system to page. vmstat -p is key because it not only shows whether your system is under memory stress (via the "sr" column), it also shows whether that stress is from application code, application data, or I/O. "-p" can really help pinpoint the cause of any mysterious memory issues on Solaris.
pmap -x (Solaris >= 8, bugs fixed in Solaris >= 9): If the process with memory problems is known, and more details on its memory use are needed, check out pmap -x. The target process-id has its memory map fully explained, as in:
# pmap -x 1779 1779: -ksh Address Kbytes RSS Anon Locked Mode Mapped File 00010000 192 192 - - r-x-- ksh 00040000 8 8 8 - rwx-- ksh 00042000 32 32 8 - rwx-- [ heap ] FF180000 680 664 - - r-x-- libc.so.1 FF23A000 24 24 - - rwx-- libc.so.1 FF240000 8 8 - - rwx-- libc.so.1 FF280000 568 472 - - r-x-- libnsl.so.1 FF31E000 32 32 - - rwx-- libnsl.so.1 FF326000 32 24 - - rwx-- libnsl.so.1 FF340000 16 16 - - r-x-- libc_psr.so.1 FF350000 16 16 - - r-x-- libmp.so.2 FF364000 8 8 - - rwx-- libmp.so.2 FF380000 40 40 - - r-x-- libsocket.so.1 FF39A000 8 8 - - rwx-- libsocket.so.1 FF3A0000 8 8 - - r-x-- libdl.so.1 FF3B0000 8 8 8 - rwx-- [ anon ] FF3C0000 152 152 - - r-x-- ld.so.1 FF3F6000 8 8 8 - rwx-- ld.so.1 FFBFE000 8 8 8 - rw--- [ stack ] -------- ------- ------- ------- ------- total Kb 1848 1728 40 -Here we see each chunk of memory, what it is being used for, how much space it is taking (virtual and real), and mode information.
df -h (Solaris >= 9): This command is popular on Linux, and just made its way into Solaris. df -h displays summary information about file systems in human-readable form:
$ df -h Filesystem size used avail capacity Mounted on /dev/dsk/c0t0d0s0 4.8G 1.7G 3.0G 37% / /proc 0K 0K 0K 0% /proc mnttab 0K 0K 0K 0% /etc/mnttab fd 0K 0K 0K 0% /dev/fd swap 848M 40K 848M 1% /var/run swap 849M 1.0M 848M 1% /tmp /dev/dsk/c0t0d0s7 13G 78K 13G 1% /export/home
|
|
|
It's 3 p.m., and you want to start a long job running. Unfortunately, you can't be sure that the job will finish by 5 p.m. when you need to leave, and the company is very strict about making sure you log off when you leave. However, if you log off the system, the job will be stopped. What can you do?
On Solaris systems you can use the "nohup" (no hang-up) command to keep jobs running long after you log off the system. Using nohup tells the system not to "hang-up" on your job after you've logged off the system.
Here's how to run the job, and keep it running after you log off:
root> nohup my-long-job &
This creates a file named "nohup.out" in the current directory that contains the standard output of the command ("my-long-job") you're running. Everyone is happy because the job keeps running, you get to leave at 5 p.m., and you're properly logged off the system.
|
|
|
Use CDPATH to traverse filesystems faster
If you're like many Solaris users and administrators, you spend a lot of time moving back and forth between directories in similar locations. For instance, you might often work in your home directory (such as "/home/al"), the /usr/local directories, web page directories, or other user's home directories in /home.
If you're often moving back-and-forth between the same directories, and you use the Bourne shell (sh) or Korn shell (ksh) as your login shell, you can use the CDPATH shell variable to save yourself a lot of typing, and quickly move between directories.
Here's a quick demo. First move to the root directory:
cd /
Next, if it's not set already, set your CDPATH shell variable as follows:
CDPATH=/usr/spool
Then, type this cd command:
cd cron
What happens? Type this and see what happened:
pwd
The result should be "/usr/spool/cron".
When you typed "cd cron", the shell looked in your local directory for a sub-directory named "cron". When it didn't find one, it searched the CDPATH variable, and looked for a "cron" sub-directory. When it found a sub-directory named cron in the /usr/spool directory, it moved you there.
You can set your CDPATH variable just like your normal PATH variable:
CDPATH=/home/al:/usr/local:/usr/spool:/home
Group commands together with parentheses
Have you ever needed to run a series of commands, and pipe the output of all of those commands into yet another command?
For instance, what if you wanted to run the "sar", "date", "who", and "ps -ef" commands, and wanted to pipe the output of all three of those commands
into the "more" command? If you tried this:sar -u 1 5; date; who; ps -ef | more
you'll quickly find that it won't work. Only the output of the "ps -ef" command gets piped through the "more" command, and the rest of the output
scrolls off the screen.Instead, group the commands together with a pair of parentheses (and throw in a few echo statements for readability) to get the output of all these
commands to pipe into the more command:(sar -u 1 5; echo; who; echo; ps -ef; echo; date; echo) | more
Use the "at" command to run jobs some other time
Many times it's necessary to schedule programs to run at a later time. For instance, if your computer system is very busy during the day, you may need
to run jobs late at night when nobody is logged on the system.Solaris makes this very easy with the "at" command. You can use the "at" command to run a job at almost any time--later today, early tomorrow...whenever.
Suppose you want to run the program "my_2_hour_program" at ten o'clock tonight. Simply tell the at command to run the job at 10 p.m. (2200):
/home/al> at 2200
at> my_2_hour_program > /tmp/2hour.out
at> <CTRL><D>
warning: commands will be executed using /bin/ksh
job 890193600.a at Tue Mar 17 22:00:00 1998Or suppose you'd like to run a find command at five o'clock tomorrow morning:
/home/al> at 0500 tomorrow
at> find /home > /tmp/find.out
at> <CTRL><D>
warning: commands will be executed using /bin/ksh
job 890215200.a at Wed Mar 18 05:00:00 1998When you're at the "at" prompt, just type the command you want to run. Try a few tests with the at command until you become comfortable with the way
it works.Add spice to interactive shell programs with tput
When you're writing interactive shell programs, you often want to add a little more spice to your user interface - those special nuances that make
your application more appealing. The Solaris "tput" command can be used to enhance your user interface.Here's a couple of quick tput commands that can spice up your user interface:
The tput command can be used to make text appear bold on terminals that support a bold appearance. Making text appear bold works very well for
titles, or at times when you want a word or phrase to stand out from the rest of the text. Try these three commands at your command line to make
the "[Enter]" portion of the following echo statement output appear bold:bold=`tput smso`
norm=`tput rmso`
echo "Hit the ${bold}[Enter]${norm} key to continue: \c"You can also position the cursor on-screen with the tput command. Type this command at the command line to see what happens:
tput cup 10 40
I once wrote a crude interactive screen editor using tput cup to properly position the cursor when the user hit the various arrow keys.
Create a directory and move into it at the same time
Question: How often do you create a new directory and then move into that directory in your next command? Answer: Almost always.
I realized this trend in my own work habits, so I created a simple shell function to do the hard work for me.
md () {
mkdir -p $1 && cd $1
}This is a Bourne shell function named "md" that works for Bourne and Korn shell users. It can be easily adapted for C shell users.
Taking advantage of the -p option of the mkdir command, the function easily creates multi-level subdirectories, and moves you into the lowest level of the directory structure. You can use the command to create one subdirectory like this:
/home/al> md docs
/home/al/docs> _or you can create an entire directory tree and move right into the new directory like this:
/home/al> md docs/memos/internal/solaris8
/home/al/docs/memos/internal/solaris8>Easily convert man pages to text documents
Have you ever wanted to convert a man page into a plain text document?
I do this occasionally when I want to share information via an email or other document format.I used to think this was difficult, but then I discovered a simple way to do it. Here's the wrong way to write the man page for the ls command into a text file named ls.bad:
man ls > ls.bad
This keeps all of the formatting characters in your document, which is generally not what you want. Here's a better way that eliminates those formatting characters:
man ls | col -b > man.txt
The col command with the -b option removes the undesirable backspace characters from the text stream, so the only thing left in your document is the text you want, in the format you want.
How to page more than one command at a time
Have you ever wanted to group a bunch of commands into a paging program like "page" or "more", but didn't know how?
As a system administrator, I always worry about certain things, like who's doing what, what processes are running, what the network traffic looks like, etc. One day I decided to create a simple alias that would combine all the commands I wanted into one big chunk of information. Then I realized that it wouldn't all fit into one screen.
Fortunately I knew how to group all of the commands together, so the "more" command could handle them as one set of input.First, here's the wrong way to try to page a sequence of four commands:
date; netstat -i; whodo; ps -ef | more
The only command that gets paged properly here is the "ps -ef" command
--the rest of them scroll off the screen before you can read them.Here's the correct way to page four commands so they're all controlled
by "more":(date; netstat -i; whodo; ps -ef) | more
Once you find the commands you want to group together, you can combine them into an alias or shell program. I recommend a shell program for this, because a few "echo" statements sure make it easier to see where one command ends and the next command begins!
Initializing log files
Like all Unix file systems, open log files can cause a real problem when they get too large and need to be deleted. The problem is, if you delete an open file, the link is removed, but all of the inodes are lost. Even worse, if the program continues to log to the file, the link never re-appears, and additional inodes are lost and are unrecoverable. I suggest two solutions to the above problems.
If you have lost inodes, a simple reboot (make sure FSCK is run on startup) will recover lost inodes and missing filespace.
To empty (or zero out) an open log file, simply issue the following command:
date > logfile
This will 'empty' the file and insert as the first line the output from the date command. If you want a completely empty file, don't enter date,
just > logfile.
This works great on apache and other web server logs, without ever stopping the service.
Don't forget the options that make ls work better for you
Generally speaking, most users type ls or ls -al to see their directory listings. But don't forget that there are a few other cool options that make it easier to read your directory listings.
The -aCF options are my next-favorite listing combination. The following command:
ls -aCF
lists (a) all files in columns with special characters appended to the end of each name to show whether the file is a normal file, directory, executable file, or link.
The -m option lets you list files in a comma-separated list, which can be useful if you're going to be exporting the list to a Perl program or shell script.
To sort the listing by file size, try
ls -al | sort -4n
To reverse the filesize listing, use
ls -al | sort -4nr
instead.
Using the which command
I think a good command in addition to the 'type' is the 'which' command. You can really see where the executable come from. This is very helpful to find out if there is an alias set to the command and if so - which one.
Example: # type ls
ls is a tracked alias for /usr/bin/ls
# which ls
ls: aliased to ls -aF
|
|
|
Add spice to interactive shell programs with tput
When you're writing interactive shell programs, you often want to add a little more spice to your user interface - those special nuances that make
your application more appealing. The Solaris "tput" command can be used to enhance your user interface.Here's a couple of quick tput commands that can spice up your user interface:
The tput command can be used to make text appear bold on terminals that support a bold appearance. Making text appear bold works very well for
titles, or at times when you want a word or phrase to stand out from the rest of the text. Try these three commands at your command line to make
the "[Enter]" portion of the following echo statement output appear bold:bold=`tput smso`
norm=`tput rmso`
echo "Hit the ${bold}[Enter]${norm} key to continue: \c"You can also position the cursor on-screen with the tput command. Type this command at the command line to see what happens:
tput cup 10 40
I once wrote a crude interactive screen editor using tput cup to properly position the cursor when the user hit the various arrow keys.
[Jan 17, 2005] Updating OpenBoot PROM for Sun Workstations and Workgroup Servers Based on SPARC Technology
Having the latest version of OpenBoot PROM (OBP) on a SPARC processor-based workstation or workgroup server can be critical when adding new applications or hardware, or when upgrading the machine's Solaris Operating System (OS). Updating may also save some time and difficulty by resolving any latent bugs that have been detected and fixed since the previous releases. The paragraphs that follow guide you through the steps required to do the update.
Note: This Tech Tip does not cover larger servers; for those systems, see SunSolve document #41723 entitled Updating the Sun Fire 3800-6800 series Flash Proms.
|
|
|
|
|
|
|
|
|
There are so many commands in Solaris that it is difficult to separate the cool ones from the mundane. For example, there are commands to report how much time a program spends in each system call, and commands to dynamically show system activities, and most of these commands are included with Solaris 8 as well as Solaris 9. This month, I'm highlighting some of the commands that you might find particularly useful.Systems administrators are tool users. Through experience, we have learned that the more tools we have, the better able we are to diagnose problems and implement solutions. The commands included in this column are gleaned from experience, friends, acquaintances, and from attendance at the SunNetwork 2002 conference in September. "The /procodile Hunter" talk by Solaris kernel developers Brian Cantrill and Mike Shapiro was especially enlightening and frightening because Cantrill wrote code to illustrate a point faster than Shapiro could explain the point they were trying to illustrate!
Useful Solaris Commands
truss -c (Solaris >= 8): This astounding option to truss provides a profile summary of the command being trussed:
$ truss -c grep asdf work.doc syscall seconds calls errors _exit .00 1 read .01 24 open .00 8 4 close .00 5 brk .00 15 stat .00 1 fstat .00 4 execve .00 1 mmap .00 10 munmap .01 3 memcntl .00 2 llseek .00 1 open64 .00 1 ---- --- --- sys totals: .02 76 4 usr time: .00 elapsed: .05It can also show profile data on a running process. In this case, the data shows what the process did between when truss was started and when truss execution was terminated with a control-c. It's ideal for determining why a process is hung without having to wade through the pages of truss output.
truss -d and truss -D (Solaris >= 8): These truss options show the time associated with each system call being shown by truss and is excellent for finding performance problems in custom or commercial code. For example:
$ truss -d who Base time stamp: 1035385727.3460 [ Wed Oct 23 11:08:47 EDT 2002 ] 0.0000 execve("/usr/bin/who", 0xFFBEFD5C, 0xFFBEFD64) argc = 1 0.0032 stat("/usr/bin/who", 0xFFBEFA98) = 0 0.0037 open("/var/ld/ld.config", O_RDONLY) Err#2 ENOENT 0.0042 open("/usr/local/lib/libc.so.1", O_RDONLY) Err#2 ENOENT 0.0047 open("/usr/lib/libc.so.1", O_RDONLY) = 3 0.0051 fstat(3, 0xFFBEF42C) = 0 . . .truss -D is even more useful, showing the time delta between system calls:
Dilbert> truss -D who 0.0000 execve("/usr/bin/who", 0xFFBEFD5C, 0xFFBEFD64) argc = 1 0.0028 stat("/usr/bin/who", 0xFFBEFA98) = 0 0.0005 open("/var/ld/ld.config", O_RDONLY) Err#2 ENOENT 0.0006 open("/usr/local/lib/libc.so.1", O_RDONLY) Err#2 ENOENT 0.0005 open("/usr/lib/libc.so.1", O_RDONLY) = 3 0.0004 fstat(3, 0xFFBEF42C) = 0In this example, the stat system call took a lot longer than the others.
truss -T: This is a great debugging help. It will stop a process at the execution of a specified system call. ("-U" does the same, but with user-level function calls.) A core could then be taken for further analysis, or any of the /proc tools could be used to determine many aspects of the status of the process.
truss -l (improved in Solaris 9): Shows the thread number of each call in a multi-threaded processes. Solaris 9 truss -l finally makes it possible to watch the execution of a multi-threaded application.
Truss is truly a powerful tool. It can be used on core files to analyze what caused the problem, for example. It can also show details on user-level library calls (either system libraries or programmer libraries) via the "-u" option.
|
|
|
|
|
|
There are too many of these changes to include in this FAQ, but here are some key ones:
a. locations are often different
- whoami
- /usr/ucb/whoami
- make
- /usr/ccs/bin/make
- hostid
- /usr/ucb/hostid
- hostname
- /usr/ucb/hostname (or use uname -n)
Note that the last two commands are back in /usr/bin in Solaris 2.5.
b. some old commands don't exist or have replacements
This information can be found in the Solaris 2.x Transition Guide - Appendix A (commands), Appendix B (system calls), Appendix C (files).
- pstat -s
- swap -s (how much swap space?)
- dkinfo
- /usr/sbin/prtvtoc raw_dev_name
- trace
- truss
- mount -a
- mountall
- exportfs
- share
- bar
- cpio -H bar (read only)
This guide has undergone some changes from 2.0 -> 2.1 and beyond. Several manuals have ended up being combined into this single manual. This manual discusses administrative transition and developer transition issues.
The command "whatnow" (for Solaris 2.x) is included in the "Admigration Toolkit" package (see below). The Admigration toolkit can be obtained from:
|
|
|
Sample output:
% whatnow hostname hostname 4.x command only hostname /usr/ucb/hostname part of SCP package hostname /usr/bin/uname -n alternate command
The whatnow command is limited in that it may point to one command which may only implement a subset of the old command (e.g., pstat points to sar, while pstat -s is identical to swap -s)
Descriptionif [ -x /usr/bin/ksh ]; then
SHELL=/usr/bin/ksh
export SHELL
exec /usr/bin/ksh
else
echo /usr/bin/ksh not found using default shell of $SHELL
fi
Make certain that the login shell for root in /etc/passwd is /sbin/sh.
The coreadm command controls the generation of core files. To determine the current coreadm
settings, run coreadm as root. Output such as the following will be generated: global core file
pattern:
init core file pattern: core
global core dumps: disabled
per-process core dumps: enabled
global setid core dumps: disabled
per-process setid core dumps: disabled
global core dump logging: disabled
Given the sample configuration above, per-process core dumps are enabled. When a process terminates
abnormally or receives an appropriate signal, it will generate a core file named 'core' in the working
directory of the process.
To disable per-process core file creation, use:
| coreadm -d process |
This will modify the /etc/coreadm.conf which is read at boot when /etc/init.d/coreadm is executed from
a runtime control script. To make permanent changes to coreadm, do not edit the /etc/coreadm.conf file,
use the coreadm command.
docs.sun.com man pages section 1M System Administration Commands
isainfo -v 64-bit sparcv9 applications
32-bit sparc applications
psrinfo to view the processor info on a system running Solaris, the following command can be used
syslogd -t will turn on sysloging but it will not receive remote logging from other
devices.
Best way to enable is to go to /etc/init.d/syslog and edit the script. Go to line
/usr/sbin/syslogd >/dev/msglog 2>&1 &
and edit it with the -t option to look like:
/usr/sbin/syslogd -t >/dev/msglog 2>&1 &
The start syslogd again and verify with a ps -ef | grep
Tech-Recipes.com - creating a solaris 8 flash archive boot disk
| creating a solaris 8 flash archive boot disk Home -> UNIX -> Solaris -> System administration |
3794 views | ||
| From the computer of: weezlboy (1 recipe) | |||
| created: 2004-05-27 10:53:27 last updated: 2004-05-28 09:15:02 | |||
| 1 comments: View all comments Add a comment | |||
| Description creating a Solaris 8 flash archive boot disk with Schily's mkisofs |
|||
Directions #! /bin/csh # script asumptions: # the /opt/make_os directory is present. # the flash archive s8.archive is in the /opt/make_os directory # the file profind is located in /opt/make_os # the mkisofs is located in /opt/schily/bin # the Solaris 8 Software 1 of 2 disk
# create the s8.profile in the .install_config directory echo "install_type flash_install" > s8.profile chmod 644 s8.profile # run check on the rules file to create the rules.ok file # rules file looks like /cdrom/cdrom0/s0/Solaris_8/Misc/jumpstart_sample/check #cdrom() # if [ $? -eq 0 ]; then # gettext " <<< using CDROM install_config >>>"; echo #new # copy the profind file from the /opt/make_os directory # now edit the sysidcfg on slice 1 lofiadm -a /opt/make_os/solaris_8/s8u5.s1 echo "system_locale=en_US" > sysidcfg chmod 777 sysidcfg # # create the image using Schily's mkisofs # burn the cd |
|||
Hi.
Just a comment on this otherwise nice script. The delete lines such as:
# remove the packages from the Product directory
cd /opt/make_os/solaris_8/s0/Solaris_8/Product
rm -rf *
and
# remove the configuration files from the .install_config directory
cd /opt/make_os/solaris_8/s0/.install_config
rm *
are extremely dangerous. If for some reason the cd command fails (permission problems, missing directories etc), the next command will wipe the rootdisk clean (or at least every file in the directory the command is issued from and all directories below). A much better version would be to do the rm command directly on the directory:
rm -rf /opt/make_os/solaris_8/s0/Solaris_8/Product/*
In this case the rm command will fail if the directory doesn't exist, and no harm would be done. Another approach would be to test for the existence of the directory prior to issue the commands, and to exit with an error code if the check fails.
Source: http://www.kevlo.com/~ebs/unix_commands.txt
Listed here are a bunch of unix commands.
--> change file date stamp
touch -t 199906042020 filename
--> move partitions
ufsdump 0f - /dev/rdsk/c0t0s0s0 | (cd /home; ufsrestore xv -)
--> lay down file system with 1% minfree and inode density
newfs -m1 -i81920 /dev/rdsk/c0t0d0s0
--> check file system
fsck /dev/rdsk/c0t0d0s0
Q: starting sybase
login as sybase, run: ./install/RUN_SYBASE
Q: logging in as sybase sa
isql -U sa <password>
--> dump a partition and pipe to gzip. Watch > 2GB limit
ufsdump 0f - /home | gzip - >/tmp/home.dump.gz
--> rewind offline a tape
mt -f /dev/rmt/0 rewoffl
--> only allow 300MB for user /tmp access
swap - /tmp tmpfs - yes SIZE=300M
--> verbose interactive restore
ufsrestore -ivf /dev/rmt/1
--> remove a printer from a class
lpadmin -p level5-line1 -r level5-line
--> truss a command
truss --f --o /tmp/log.txt
--> [DB] feed a script into sybase
isql -Urfe_xfer -Uuser -Ppassword -isqlscript >>blah.txt
--> make a printer class
lpadmin -p level5-line1 -c level5-line
--> remove level2-line2 printer from printer class level2-line
lpadmin -p level2-line2 -r level2-line
--> add level2-line3 to printer class
lpadmin -c level2-line -p level2-line3
--> [DB] how to change your password in isql
sp_password password, password-new
--> move a directory
tar cf - ./games | (cd /tmp; tar xvBpf - )
--> [DB] run a sybase script, and dump to file
$ISQL -i$SCRIPTFILE -U$USER -D$DATABASE -P$PASS_ENC >> $SCRIPTLOGFILE
--> move a directory to another server
tar cf - ./games | rsh brucey cd /tmp\; tar xvBpf -
--> check for SUID SGID files
ncheck -F ufs -s /dev/dsk/c3t0d0s
-- remove core files
find / -name core -exec rm -f {} \; -o -fstype nfs -prune
--> rebuild man pages
catman -w -M man-page-directory or /usr/lib/makewhatis
--> vi command to show special characters
: set list
--> adding an account
useradd -u 120 -g dls -d /apps/dls -s /bin/ksh -c "comment" -m dls
--> create a mysql database
mysqladmin -uroot -ppassword create ebs
--> starting mysql database
/etc/rc.d/init.d/mysql.server start
/usr/local/bin/safe_mysqld
--> Invoke CPAN module install
perl -MCPAN -eshell
--> dump to zip
ufsdump 0f - /filesystem | /opt/local/gzip - > /tmp/dump.gz
--> shutdown mysql databse
/usr/local/bin/mysqladmin shutdown -ppassword
/etc/rc.d/init.d/mysql.server stop
--> test the loading of a module
PERL_DL_DEBUG=255 perl -e 'use CGI;'
--> shows open files
fuser -cu /
--> Writing a Daemon:
1. edit /etc/services
add service and port.
2. edit /etc/inetd.conf
add in: edwardd stream tcp nowait root /bin/sh /bin/sh /home/sextone/bin/SERVER.mine
3. kill -HUP inetd.conf
--> how to mount a file system
mount /dev/dsk/c3t0d0s4 /apps/data/easysoft/DEVT
--> look at sar log
sar -f /var/adm/sa/sa24
--> write file checksums and size
cksum filename
--> show storage array info
ssaadm display /dev/rdsk/c1t5d2s0
--> show all disks on device d
luxadm display d
--> examine for a specific OS finerprint
nmap -sS -p 80 -O -v <host> = examine OS
--> show print jobs
/usr/ucb/lpq -Plevel6
--> Scan for known ports. log it. do OS scan.
nmap -sS -F -o foo.log -v -O www.foo.com//24 =
--> show status of printer
/usr/ucb/lpc status
--> make a swap file:
dd if=/dev/zero of=swapfile bs=1024 count=65535
mkswap ./swapfile
chmod 600 ./swapfile
swapon ./swapfile
--> show open files for process
lsof -p PID
--> show open files for all TCP connections
lsof -iTCP
--> show open files for internet address
lsof [email protected]
--> as above
lsof -i @10.20.2.122
--> examine tcp ports
lsof -iTCP@sarah:1-50000
--> show open files for user.
lsof -u username
--> show processes that has the file in use.
lsof /apps/cms/ECMS-Server
--> show open files and retry every 5 seconds
lsof -p process-id -r 5
--> mount a floppy
mount -t vfat /dev/fd0 /mnt/floppy
--> check here for debugging processes and errno.h for errors
/usr/include
/usr/include/sys
/usr/include/sys/errno.h
--> scp a whole directory, preserve mods
sudo scp -prv devel [email protected]:/home/httpd/cgi-bin
--> take processor 2 and 3 offline.
psradm -f 2 3
--> show processor stats verbose.
psrinfo -v
--> how to skip grant tables in mysql (over ride security)
/usr/local/libexec/mysqld -Sg
--> how to feed in an SQL program
mysql <create_table.sql
--> rm all files in directories
find . -type f -exec rm {} \;
--> dump packets to a capture file
sudo snoop -o /tmp/tcp.txt cp
--> backup one liner
tar cvf - /home/ebs | gzip - > ebs.tar.gz
--> Look at selected packets in capture file
sudo snoop -i /tmp/tcp.txt
--> unzip and pipe to tar
gzip -dc <kmysql-1_1_6_tar.gz | tar xvf -
--> watch packets from two servers.
snoop sarah brucey
--> enable ip masquerading
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 10.100.100.100/8 -j MASQ
-> view su log file
cat /var/adm/sulog
--> establish a default router or gateway.
echo "sagacity.com" > /etc/defaultrouter
echo "10.100.100.100 sagacity.com sagacity" >> /etc/hosts
change /etc/nsswitch.conf so that hosts has files, dns
edit resolv.conf put in
search .
nameserver 203.7.132.98
--> turn off automounter on /export/home.
vi /etc/auto_master, comment out /export/home
--> configuration file for sudoers
/opt/local/etc/sudoers
--> building ssh-1.2.27 on x86Solaris2.6 needed a few things:
/usr/openwin/bin in path
/usr/xpg4/bin in path
declare AR="/usr/xpg4/bin/ar"
declare NM_PATH="/usr/xpg4/bin/nm"
--> snoop network packets and get size and time stamp entries.
snoop -S -ta empa1
--> access perl CPAN
perl -MCPAN -e shell
install DBI
--> search for no password entries and lock all accounts.
for i in `passwd -sa | grep NP | awk '{print $1'`
do
echo "locking $i"
passwd -l $i
done
--> delete from a tar
tar --delete -f fs_backup_Sunday.tar home/ebs/tmp
--> Example on backing up files to tape. Must specify non rewinding, else you will over-write the
files.
for file in `ls`
do
echo "sending $file to tape..."
echo `date`
tar cvpf /dev/rmt/0n $file
done
--> making/adding a partition.
1. use fdisk to make a parition.
2. mkfs -t ext2 -c /dev/hda11
3. mount -t ext2 /dev/hda11 /opt2
4. update /etc/fstab
--> rebuild the windex file
catman -w -M /usr/share/man
--> execute tar on remote host sarah and send tarball to standard output,
which becomes standard input for tar xvf - and the file gets dumped locally,
in this case on crawl. you have to cd to dir before tar or else you
will include path in tar
ssh maggie "cd $DIRNAME; tar cvf - $BASENAME" | (cd $TPATH; tar xvf - )
--> dump a remote filesystem and send it to local tape drive.
ssh --x $fw /usr/sbin/ufsdump 0cf - $fs | dd obs=63k of=$TAPE
--> encrypt filename 1 and output to 1.crypt file
crypt < 1 > 1.crypt ; rm 1
--> decrypt filename 1.crypt and stdout to screen
crypt < 1.crypt
--> send a file to tape
tar cvpf /dev/rmt/0 filename
--> quicker way to search and replace in vi
: %s/existing/new/g
--> shows where and which shared library files an application uses.
ldd binary
--> shell script stuff:
# repeat a command 100 times
x=100
while [ $x -gt 0 ]
do
command
x=$(($x-1))
done
--> Something very important to remember about partitions
It is important to note that Cylinder 0 contains the disklabel, which
contains the partition table. A normal filesystem can be placed
starting at Cylinder 0, since it will not touch the disklabel.
If you lay down a raw device, for a database, over Cylinder 0,
then you will completely lose all your partitions. You will then
have to restore the disklabel, and backup from tape if you happen to do this.
--> move a partition
find . |cpio -pdm /apps
--> cron structure
min hour day-of-month month weekday command
--> PatchDiag Tool. Get patches from:
http://sunsolve.sun.com/private-cgi/patchpage.pl
patchdiag.xref is available at: http://sunsolve.sun.com/sunsolve/patchdiag/
/opt/local/bin/patchdiag -x /opt/local/lib/patchdiag.xref > patchdiag.`uname -n`
--> command showing system parameters
/usr/sbin/sysdef
--> Get Ambient Temperature of Server
/usr/platform/SUNW,Ultra-4/sbin/prtdiag -v
--> good ps formatting showing percent cpu first.
ps -edf -o pcpu,pid,user,arg
--> full details on ps
/usr/bin/ps -A -o user,pid,pcpu,pmem,vsz,rss,tty,s,stime,time,args
--> chown the hidden files as well.
find . -print -exec chown -R sextone:staff {} \;
--> The nsradmin command is a command-line based administrative
program for the NetWorker system. Normally nsradmin monitors
and modifies NetWorker resources over the network.
/usr/sbin/nsr/nsradmin
--> Spray a server
-c number of packets
-d delay in microseconds
-l pakcet size in bytes
/usr/sbin/spray -c 1 -d 20 -l 4096 maggie
--> Turn on bold.
bold=`tput smso`
offbold=`tput rmso`
echo "${bold}You must be the \"root\" user to run this script.${offbold}"
--> good way to send a dir to tape
tar cf /dev/rmt/0n directory
--> example of bringing up an interface
ifconfig hme0:1 inet 10.2.25.52 up
--> show all connections
netstat -f inet
--> rpcinfo makes an RPC call to an RPC server and reports
what it finds.
rpcinfo -b 390109 2 | sort -u
--> rewind a tape fast
< /dev/rmt/0
--> show loaded modules
/usr/sbin/modinfo
--> find world readable files and dirs
find / -type d -perm -2 -print
find . -type f -perm -2 -print
--> adding in a boot alias, eg:
boot sarahroot1 -s
nvalias sarahroot1 /sbus@1f,0/sunw,fas@e,8800000/sd@9,0:a
--> clever way to archive
tar cvf - `find . -print` >/tmp/dumpfile.tar
tar xvf - </tmp/dumpfile.tar
--> tee to a file
echo "Start Date/Time: `date`" | tee -a $LOG_FILE
--> read a snoop file
snoop -i anz-telnet.snoop
--> write a snoop log (this will count the number of connections, which is pretty neat).
snoop -osnoop.log sarah
--> set default run level. 5 for gui.
/etc/inittab
--> show all exported filesystems
showmount -e crawl
--> shows all configurable variables for tcp interface.
sudo ndd -get /dev/tcp
- ?
eg:
sudo ndd -get /dev/tcp tcp_conn_req_max_q
128
ndd /dev/arp \?
ndd /dev/ip \?
ndd /dev/tcp \?
ndd /dev/udp \?
ndd /dev/icmp \?
--> set sticky bit on group files, only the owner can change the mode.
--> the +l is mandatory file and record locking while a program
--> is accessing that file.
chmod g+s,+l file
--> print duplex landscape 4 qudrant printing
mpage -t -l -4
--> install a patch
installpatch .
--> check to see if a patch has been installed
showrev -p |grep package name
--> unzip, untar in a /tmp directory
zcat 104708-16.tar.gz | ( cd /tmp; sudo tar xvf - )
--> check out revision level on ssa controller
/usr/sbin/ssaadm display controller
--> unzip and untar a file without having to create an intermediate tar file
sudo gzip -dc /tmp/270599/post-EOD.tar.gz |tar xvf -
--> selectively extract from a tar archive
tar xvf /tmp/iona.tar ./iona/.sh_history
--> send a bunch of files to tape
tar cf /tmp/rules.tar ruleb* objects.C *.W
--> examine section 5 of man
man -s 5 signal
--> shows signals and definitions of structures, eg sigaction
/usr/include/sys/signal.h
--> location of the limits file on solaris
/usr/include/limits.h
--> send an attachment via email from command prompt
uuencode file.tar.gz file.tar.gz | mailx -s "backup" root@crawl
--> zero a file
cat /dev/null > isam.log
--> good way to restore from cdrom a binary file
zcat < /cdrom/cdrom0/Solaris_2.6/Product/SUNWcsu/install/reloc.cpio.Z |
cpio -idm usr/lib/fs/ufs/ufsrestore
--> running su as a user then ssh
su - dls-PROD -c "/opt/local/bin/ssh drp-stagger \"cd /tmp; /bin/ls\" "
--> verify a newfs format
sudo newfs -Nv /dev/md/dsk/d96
--> making lost_found. must be 8192 bytes in size.
mkdir ./lost+found;chown root ./lost+found; chgrp root ./lost+found ;chmod 700 ./lost+found'; cd ./lost+found
nofiles=0 ; while [ "$nofiles" -le 650 ] ; do ; /usr/ucb/touch $nofiles ; nofiles=`expr $nofiles + 1`
; done
--> execute lynx
lynx -cfg /usr/lib/lynx.cfg
--> sed search example
sed '/Sep\ 25/!d; /castill/!d' /var/log/syslo
-->should only be used at the EEPROM
boot -r
--> should be used at single user mode
reboot -- -r
--> should be used in multiuser mode
touch /reconfigure
--> performing a remote dump
find MFASYS
|cpio -oc |gzip -c
|ssh brucey -l chaup dd obs=18k of=/dev/rmt/0n
- to extract -
cd /ssa/emphasys/sybase/dump
dd ibs=18k if=<TAPE DEVICE>|gunzip -c |cpio -idc
--> boot block located here.
/usr/platform/`uname -i`/lib/fs/ufs
--> getting a server on the network
add hosts entry for IP address
clear configs: ifconfig pe0 unplumb
ifconfig pe0 10.20.2.27 netmask 255.0.0.0 up
route add default 10.20.0.1 1
verify the routing table: netstat -rn
add resolv.conf entry: domain rabobank.com.au nameserver 192.192.192.252
edit /etc/nsswitch.conf change hosts to files, dns
lesson here is to unplumb interface, and let ifconfig setup the routing.
if you specify an ip address and a netmask it will manage
the routing and the broadcasting.
--> find all, files associated with PID 22240
/usr/proc/bin/pfiles 22240
find file based on inode
find -i number
"ncheck -i number
--> good redirection example
./a.out </etc/termcap | (sleep 10; cat) >trash
--> synchronize files from one server to another. This is useful for
synchronizing database dump files, binary files, etc. This is definitely a powerful tool.
rsync -avz -e ssh --rsync-path="/usr/local/bin/rsync" `pwd` myhost.com:/home/ebs/public_html
--> Example Awk Script
# run with awk -f/tmp/1.awk /etc/group
BEGIN { FS = ":" }
{ print $1 | "sort" }
{ nlines++ }
END { print nlines }
--> awk example.
awk '/#/ {print "Got a comment"}' /etc/hosts
--> delete every 2nd field in file
awk '{$2= ""; print}' datafile > datafile.new
--> awk average/standard deviation program
x1 += $1
x2 += $1*$1
END {
x1 = x1/NR
x2 = x2/NR
sigma = sqrt(x2 - x1*x1)
if (NR > 1) std_err = sigma/sqrt(NR - 1)
print "Number of points = " NR
print "Mean = " x1
print "Standard Deviation = " sigma
print "Standard Error = " std_err
from client "linux" to backup server "solaris":
clent> cd /tmp
client> ssh -x server "dd if=/dev/rmt/0ln ibs=63k" | /sbin/restore -ivf -
Verify tape and initialize maps
Input is from file/pipe
user@server's password:
Input block size is 32
Dump date: Tue May 9 07:07:49 2004
Dumped from: the epoch
Level 0 dump of / on client.comp.com:/dev/sda3
Label: /
Extract directories from tape
Initialize symbol table.
/sbin/restore >
bash-2.03# /usr/sbin/ndd -set /dev/hme instance 0 Choose instance like this: 1. instance 0 - hme0 2. instance 1 - hme1 bash-2.03# /usr/sbin/ndd -get /dev/hme link_status 1 0 - down 1 - up bash-2.03# /usr/sbin/ndd -get /dev/hme link_speed 1 0 - 10Mbps 1 - 100Mbps bash-2.03# /usr/sbin/ndd -get /dev/hme link_mode 1 0 - half duplex 1 - full duples
Ex. Domain bigdaddy.com nameserver 10.0.1.1 nameserver 10.0.1.2
Glenn Brunette's Security Weblog Tip of the Month: Enabling TCP Wrappers in Solaris 10
Before answering this question, let's first provide a little background. TCP Wrappers has been around for many, many years. It is used to restrict access to TCP services based on host name, IP address, network address, etc. For more detailed on what TCP Wrappers is and how you can use it, see tcpd(1M). TCP Wrappers was integrated into Solaris starting in Solaris 9 where both Solaris Secure Shell and inetd-based (streams, nowait) services were wrapped. Bonus points are awarded to anyone who knows why UDP services are not wrapped by default.
TCP Wrappers support in Secure Shell was always enabled since Secure Shell always called the TCP Wrapper function host_access(3) to determine if a connection attempt should proceed. If TCP Wrappers was not configured on that system, access, by default, would be granted. Otherwise, the rules as defined in the hosts.allow and hosts.deny files would apply. For more information on these files, see hosts_access(4). Note that this and all of the TCP Wrappers manual pages a stored under /usr/sfw/man in Solaris 10. To view this manual page, you can use the following command:
$ man -M /usr/sfw/man -s 4 hosts_accessinetd-based services use TCP Wrappers in a different way. In Solaris 9, to enable TCP Wrappers for inetd-based services, you must edit the /etc/default/inetd file and set the ENABLE_TCPWRAPPERSparameter to YES. By default, TCP Wrappers was not enabled for inetd.
In Solaris 10, two new services were wrapped: sendmail and rpcbind. sendmail works in a way similar to Secure Shell. It always calls the host_access function and therefore TCP Wrappers support is always enabled. Nothing else needs to be done to enable TCP Wrappers support for that service. On the other hand, TCP Wrappers support for rpcbind must be enabled manually using the new Service Management Framework ("SMF"). Similarly, inetd was modified to use a SMF property to control whether TCP Wrappers is enabled for inetd-based services.
Let's look at how to enable TCP Wrappers for inetd and rpcbind...
To enable TCP Wrappers support for inetd-based services, you can simply use the following commands:
# inetadm -M tcp_wrappers=true # svcadm refresh inetdThis will enable TCP Wrappers for inetd-based (streams, nowait) services like telnet, rlogin, and ftp (for example):
# inetadm -l telnet | grep tcp_wrappers default tcp_wrappers=TRUEYou can see that this setting has taken effect for inetd by running the following command:
# svcprop -p defaults inetd defaults/tcp_wrappers boolean trueNote that you can also use the svccfg(1M) command to enable TCP Wrappers for inetd-based services.
# svccfg -s inetd setprop defaults/tcp_wrappers=true # svcadm refresh inetdWhether you use inetadm(1M) or svccfg is really a matter of preference. Note that you can also use inetadm or svccfg to enable TCP Wrappers on a per-service basis. For example, let's say that we wanted to enable TCP Wrappers for telnet but not for ftp. By default, both the global and per-service settings for TCP Wrappers are disabled:
# inetadm -p | grep tcp_wrappers tcp_wrappers=FALSE # inetadm -l telnet | grep tcp_wrappers default tcp_wrappers=FALSE # inetadm -l ftp | grep tcp_wrappers default tcp_wrappers=FALSETo enable TCP Wrappers for telnet, use the following command:
# inetadm -m telnet tcp_wrappers=TRUELet's check out settings again:
# inetadm -p | grep tcp_wrappers tcp_wrappers=FALSE # inetadm -l telnet | grep tcp_wrappers tcp_wrappers=TRUE # inetadm -l ftp | grep tcp_wrappers default tcp_wrappers=FALSEAs you can see, TCP Wrappers has been enabled for telnet but none of the other inetd-based services. Pretty cool, eh?
You can enable TCP Wrappers support for rpcbind by running the following command:
# svccfg -s rpc/bind setprop config/enable_tcpwrappers=true # svcadm refresh rpc/bindThis change can be verified by running:
# svcprop -p config/enable_tcpwrappers rpc/bind trueThat is all that there is to it! Quick, easy and painless! As always, let me know what you think!
Take care!
Google matched content |
***** Sun Solaris Tips An excellent collection of tips !!!
Solaris IAOQ (INFREQUENTLY ASKED AND OBSCURE
QUESTIONS )
Tips and Tricks at OpenSolaris.org
Modem
Volume manager tips aka automounter
Modular Debugger (mdb) cheatsheet (PDF)
Solaris Admininstror's Quick Reference (PDF)
Solaris Tips and tricks knowledge base (outdated)
/etc/aliases /etc/auto_home /etc/hostname /etc/hosts /etc/nodename
Solaris - Tips & Tricks collection
Some scripts I have written for Solaris that you may find interesting:
- netlink, a script to set duplex/media option settings.
- fix.sh, a script to strip down services in Solaris systems + do network tuning & hardening. Currently for Solaris 8 and 9. Using nddconfig and fixmodes from www.sun.com/security/ somewhere and nettune from http://www.sean.de/Solaris/, the rest of the stuff by me. Run like this: ./fix.sh auto. Run it again if you patch your system, in case the patches re-enables scripts previously set up to not run. Fix-modes and friends are left in /opt/fixit for your convinience, should you need to reverse its actions. I recommend copying fix.sh there as well. Adjust what services you want turned on by editing /etc/startup.conf. Also walk through /etc/inetd.conf to see if there is anything you want on (requires INETD=YES in startup.conf). The script is intended to be run once to do "all" basic security tweaking in one shot. Script requires Perl with MIME::Base64 in your PATH, trying /usr/local/bin first. Your comments, ideas etc. are very welcome!
Oracle Tips and Tricks of the Week Part 3
Everything Solaris Filesystem Tips and Tricks
Society
Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers : Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism : The Iron Law of Oligarchy : Libertarian Philosophy
Quotes
War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda : SE quotes : Language Design and Programming Quotes : Random IT-related quotes : Somerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce : Bernard Shaw : Mark Twain Quotes
Bulletin:
Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 : Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law
History:
Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds : Larry Wall : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOS : Programming Languages History : PL/1 : Simula 67 : C : History of GCC development : Scripting Languages : Perl history : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history
Classic books:
The Peter Principle : Parkinson Law : 1984 : The Mythical Man-Month : How to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite
Most popular humor pages:
Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor
The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D
Copyright © 1996-2021 by Softpanorama Society. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.
This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...
|
|
You can use PayPal to to buy a cup of coffee for authors of this site |
Disclaimer:
The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.
Last modified: April, 23, 2019
