SPARCed.org blogsberg

Was passiert eigentlich, wenn man in der /etc/passwd einen Benutzer mit "#" auskommentieren will?

Ein Arbeitskollege hat es offenbar gerade versucht, jedenfalls gibt es lustige Berechtigungen wie folgende:


testbox # ls -la
total 2
drwxr-xr-x 3 root root 96 Oct 31 14:38 .
drwxrwxr-x 6 # f00adm sapsys 1024 Nov 1 20:48 ..
drwxr-xr-x 2 root root 96 Oct 31 14:38 lost+found



Fazit: Geht nicht.

Fazit2: Das hätt man vorher wissen können

In all the jobs I had until now,

most of the system documentation did NOT include why the machine was set up
or what one had to do to get common things done, but many people think, listing
all the hardware, serial numbers and installed software packages is sufficient.

I don't think so, but I think that these pieces of information should be included
into the documentation. But how do you do this without too much work?
You COULD collect all that information manually and type or cut&paste it into
your existing documentation.

I chose a different way: On many systems, we already collect data with the
neat cfg2html script. It collects most
vital data of many different operating systems and outputs them to a text or
html file.

I'm using the text file to create a Docbook appendix which I can include into
my documentation.

Consider this:

You're making a copy of all files within a filesystem to a brand new disk with rsync.

In a second run, rsync doesn't report any differences between the original filesystem and
its copy.

But the filesystems differ in size and number of files.

After comparing numerous lists of files in both filesystems(about 500k files in each),
we found the reason for the difference and it was, as always, pretty obvious:

Installing Solaris 10 into a virtual machine during the daily commute by train and...

I just removed KDE and GNOME from my Linux machine again, because it didn't "feel" comfortable.
A while ago, I was introduced to tiling window managers and ion3 was the window manager of my choice, because it was not to hard to learn(if you're used to using screen) and not too hard to customize and it had support for floating windows(for applications like The Gimp and similar) and it had a cool thing called the "scratchpad", a workspace which could be made visible and invisible on demand, an ideal place for things like media players and a spare shell.

But then, the author of ion3 went berzerk on many Linux package maintainers, trying to force them to ALWAYS use the latest snapshot of the source code which was hard to fulfill for distributions like Debian which have a long release cycle and put a lot of effort into creating a nice mixture of current features and proven versions of programs.

So I went back to GNOME and then to KDE, because I couldn't get packages for ion3 anymore.. Now, a couple of months later, I missed the advantages of a tiled desktop and went out to try a few other window managers.

I tried the X11 equivalent of screen, ratpoison, for some time, but always got confused with the actual screen sessions I was using, then I tried wmii, but for some reason, I did not feel comfortable with it and at last, I felt like I had to learn Haskell, because XMonad's configuration is done by extending the XMonad programm and compiling the whole thing into an executable and run it.

But none of the above felt quite right and for a while, I hesitated trying a window manager called "awesome", but I can't say that the title is too bold, because it really IS awesome.. in a way. It features several tiled layouts, a floating layout and a fullscreen-only mode, it has vi-like keyboard shortcuts, some things can still be used with a mouse and the statusbar can be filled with several types of widgets(eg. text, graphics, bar graphs) which in turn can come to life by a simple shellscript.

So there's not much to learn to start using awesome(apart from the strange feeling of a tiled desktop for first time users) in all its power and the decision was made rather quickly. Now I have several hundreds of megabytes more free space on my harddisk and a desktop environment even better than my old ion desktop


And it all looks like this:

Die Installation von fail2ban hat sich offenbar schnell rentiert:

# grep postfix fail2ban.log | grep -c Ban
435

Dabei läuft das Ding für Postfix gerade mal ne Woche:

2008-04-03 16:04:04,908 fail2ban.actions: WARNING [postfix] Ban 85.114.182.3

Und ich finde ja, die Zahl der Attacken hält sich arg in Grenzen, so interessant bin ich halt nicht


Immerhin schwillt die Spam-Mailbox nicht mehr ganz so schnell an...

Need something like top on a Solaris machine which hasn't installed top?

Try this, most active processes should be at the bottom of the list:

while true; do clear; ps -o pcpu,pid,ppid,user,comm -ef | sort -n | grep -v PPID; echo; date; sleep 2; done

lines are sorted by CPU usage which can be found in the first column. The other columns show process id, parent process id, user and the command running like this:

0.0 26012 686 root /usr/local/openssh/sbin/sshd
0.0 26015 26012 root -sh
0.0 26561 1 root vmstat
0.0 27084 637 root sh
0.0 27085 27084 root /bin/ksh
0.0 27086 27085 root sleep
0.0 27094 26015 root grep
0.0 27095 27094 root ps
0.0 27096 27094 root sort
0.1 1 0 root /etc/init
0.1 479 1 root /opt/VRTSob/bin/vxsvc
0.1 522 1 root /usr/lib/netsvc/yp/ypserv
0.1 623 1 root /usr/lib/autofs/automountd
0.1 17621 1 root /usr/sbin/nscd
0.4 3 0 root fsflush

Wed Feb 20 13:15:01 MET 2008

Not the best way, but good enough for a quick estimation.

I've always wanted to get into Linux software RAID setups, but my laptop only has one harddisk and my other machines are still packed up into boxes from the recent move into the new flat.

So I had the idea of using several flash disks in my cardreader, all appearing as separate SCSI devices within Linux, but that failed due to a faulty SMC card, leaving me with only two working "drives" and that doesn't allow for certain RAID types.

Last resort: Install VMWare, create a bunch of disks and start cracking...

For quite a while, we've been installing our POWER5 LPARs one at a time by activating it, booting to SMS, fill all the netboot menus and finally selecting an ethernet adapter as the boot/install device.

But there's another way, which doesn't boot quite as fast(eg. it waits 60 seconds for spanning tree to settle), but you just send the command and all the rest goes automagically.

It's called

lpar_netboot

and works like this:

Partitioning an IBM POWER5 machine with an HMC is, most of the time, an easy but tiresome task. And when it comes to reproduce the same partitioning scheme on more than one machine, it just takes to much time doing it the "official" way. I'm putting the word "official" in quotes, because I won't be giving you any advice on advanced voodoo tactics to POWER5 partitioning here, but just a different way of cloning partitioning schemes not shown on IBM courses