Unix Revolution

I have encountered a rather specific situation, but the resolution may help others. We have Dell servers and use multipath as part of the standard build.  Strangely once multipath is enabled, the PERC controller would show up in the config. So - I updated my blacklist in /etc/multipath.conf  blacklist {         devnode "^(ram|raw|loop|fd|md|dm-|sr|scd|st)[0-9]*"         devnode "^(hd|xvd|vd)[a-z]*"         devnode "^asm/*"         devnode "ofsctl"            device {         vendor "DELL"         product "PERC*"     } } followed by # multipath -F however, I would still get an error when I would attempt to create a pv on the new slice. # pvcreate /dev/sdb1 Can't open /dev/sdb1 exclusively.  Mounted filesystem?   multipath -F dmsetup remove /dev/mapper/sdb1

This summary is not available. Please click here to view the post.

A topic, or topics, that I have paid not-enough attention to through my career. openSCAP In Fedora, everything is quite simple: [root@cypher ~]# yum -y install openscap openscap-content openscap-perl openscap-python openscp-selinux openscap-utils [root@cypher ~]# oscap xccdf eval --profile common --report /tmp/`hostname -s`-ssg-fedora-xccdf-report.html --results /tmp/`hostname -s`-ssg-fedora-xccdf-results.html --cpe  /usr/share/xml/scap/ssg/fedora/ssg-fedora-cpe-dictionary.xml /usr/share/xml/scap/ssg/fedora/ssg-fedora-xccdf.xml git clone git://git.fedorahosted.org/git/scap-security-guide.git cd scap-security-guide/RHEL/6 make cd output mkdir -p /usr/share/xml/scap/ssg/RHEL6 cp *rhel6* /usr/share/xml/scap/ssg/RHEL6 nmap? Nessus Snort

I have NO idea how portable this is, whether it would work in an environment other than my own, etc...  So - give it a try, let me know if you found some place it would not work and how you fixed it. This is a HACK.  Someone could do this with Perl/Python/etc... and make lightwork of the problem.  That was not a possible solution for what I was trying to do. So - I would like to automate a job to take the users who belong to a particular netgroup and apply filesystem quotas to those users.  Unfortunately, the output from a getent command is a bit difficult to simply parse. I am going to create a file with the output of the getent command (not necessary) [jradtke@cypher BashFoo]$ getent netgroup sysadmin > netgroup.sysadmin sysadmin              ( , jradtke, ) ( , usern1, )  ( , dilbert, ) Remove the name of the netgroup itself from my query [jradtke@cypher BashFoo]$ cat netgroup.sysadmin | sed 's/sysadmin//g'               ( , jradtke, ) ( , usern1, )  ( , dilbe

Enabling Disk Quotas ==Update /etc/fstab== <pre>Update the fstab - adding ,usrquota,grpquota /dev/VolGroup00/LogVol01 /                       ext3    noatime,usrquota,grpquota         1 1 /dev/mapper/ORAAPPVG-LV_U01 /u01 ext4 defaults,usrquota,grpquota 1 2 /dev/mapper/ORAAPPVG-LV_U02 /u02 ext4 defaults,usrquota,grpquota 1 2 /dev/mapper/ORAAPPVG-LV_U03 /u03 ext4 defaults,usrquota,grpquota 1 2 </pre> ==Create aquota file for each FS== <pre>for FS in `grep usrquota /etc/fstab | awk '{ print $2 }'`; do touch ${FS}/aquota.user && chmod 0600 ${FS}/aquota.user; done for FS in `grep grpquota /etc/fstab | awk '{ print $2 }'`; do touch ${FS}/aquota.group && chmod 0600 ${FS}/aquota.group; done </pre> ==Remount Filesystem or reboot== <pre>It is likely best to reboot at this point.   Otherwise, run # mount -oremount / </pre>==Turn on quotas / create template user==   for FS in `grep grpquota /etc/fstab | awk 

Red Hat recently announced that they will be taking over CentOS... and not to shut it down, or necessarily change how it benefits the community - no, they want to make it better and a more cohesive experience to benefit the community more! http://www.linux.com/news/featured-blogs/200-libby-clark/757524-centos-project-leader-karanbir-singh-opens-up-on-red-hat-deal Red Hat continues to amaze! A start contrast to a particular company that stopped the community project of their OS... one they didn't even develop, but had instead acquired... Or another company that sued to have a mainframe emulator development stopped. These times are a changin'

It should be noted that I am JUST starting to educate myself on testing performance of disks.  Do NOT assume that what I am doing here is the work of someone that actually knows about this topic. I decided that Bonnie (or Bonnie++ more accurately) would be the tool I use, in addition to benchmarking a mkfs and dd of /dev/zero.     wget http://www.coker.com.au/bonnie++/bonnie++-1.03e.tgz     tar -xvzf bonnie++-1.03e.tgz     cd bonnie++-1.03e     ./configure     make && make install On my system I have 2 LUNs from the same array.  I am assuming they are on the same, or similar, RAID Parity Groups on the Array.  My concern is that a misaligned partition table and partitions would have a noticeable performance impact. [root@dvgllprhvsrv91 sysadmin]# parted -s /dev/dm-6 mklabel msdos mkpart primary ext3 2048s 100% [root@dvgllprhvsrv91 sysadmin]# parted -s /dev/dm-5 mklabel msdos mkpart primary ext3 0 100% Warning: The resulting partition is not properly aligned for

On Linux Client On some linux installations due to Java OpenSDK (based on IcedTea), the certificate store will be different. If there is no trusted.certs file under ~/.java/deployment/security and if there are ~/.icedtea/security/trusted.* files, then run the following commands. mkdir –p ~/.java/deployment/security cp ~/.icedtea/security/trusted.* ~/.java/deployment/security Launch virtual console now Also, the default home directory on Linux is /home/<user_name>.  Sometimes this would be an NFS mount or remote file system and user home doesn’t have the permission to create ~/.java/deployment/security.  Change/obtain permissions to the folder and create it using the command ‘mkdir –p ~/.java/deployment/security’.

Command Line to update certificate (takes a while) # rhn-satellite-activate -vvv --rhn-cert=/root/SAT_CERTS/blah-company-20140103.cert # /usr/bin/satellite-sync --list-channels --ca-cert /usr/share/rhn/RHNS-CA-CERT