MIT's OpenCourseWare Model is Proliferating Online

The Massachusetts Institute of Technology OpenCourseWare effort has been offering free lecture notes, exams, and other resources from more than 1800 courses per its website. Some of their courses offer a substantial amount of video and audio content. I remember stumbling across this resource via my employer's intranet about a year ago. Frankly speaking, I didn't think the concept would go very far because you couldn’t earn credit…

Well, I was wrong. It’s catching fire and over 100 universities worldwide have setup similar models and some are top tier schools such as Johns Hopkins and Tufts.

I was searching for a good UNIX course but I haven't found one yet. Surprisingly, it appears MIT’s Linear Algebra course is quite popular with the OpenCourseWare community.

By the way, I don't have any affiliation with OCW or any of the higher learning institutions mentioned.

Added later:

UC Irvine OCW
Notre Dame OCW
Utah State OCW
Osaka OCW
Japan OCW Consortium

Shutdown a Sybase Adaptive and Backup Server

Lately, I have seen a number of searches related to terminating an Sybase Adaptive server process. I wrote a post for starting a Sybase DBMS in July but not vice versa.

Typically, the DBMS is started and terminated by using common startup and kill scripts. But SysAdmins can also gracefully shut down both the dataserver and backup servers via the command line. Here is a run.

# isql –Usa –Ppassword
1> shutdown SYB_BACKUP
2> go
1> shutdown
2> go

If you can not shutdown the dataserver by the aforementioned methods, you might have to employ brute force: the kill -9 command. But note, this should only be performed in an emergency.

# ps –ef | grep backupserver
# kill -9 PID

# ps –ef | grep dataserver
# kill -9 PID

Assign Unique Numbers to Columns in Database - Oracle

The other day I had someone ask me how to automatically assign unique numbers (integers) to a column in an Oracle database. I took an Oracle SQL class a few years ago and I remember learning about the “create sequence” command. After reviewing a couple archived homework assignments for syntax, here are three typical examples of its use.

create sequence myblog_ID increment by 1 start with 100;
insert into MYBLOG (Blog, Author, ID) values (‘My SysAd Blog’,’esofthub’,myblog_ID.Nextval);

create sequence topblog_ID increment by 1 start with 1000;
insert into TOPBLOG (Blog, Author, ID) values (‘TopBlogLists’,’esofthub’,topblog_ID.Nextval);

create sequence mysysad_ID increment by 1 start with 10000;
insert into MYSYSAD (Blog, Author, ID) values (‘My SysAd Blog’,’esofthub’,mysysad_ID.Nextval);

Search String Within Paragraph and Print the Paragraph - UNIX

Here is another guest post by Mary M. Chaddock. She is a Network Security Administrator for a major university in Texas. Here is her time saving tip. Thanks Mary.

This little routine searches a file for a string and then prints the paragraph associated with that string.

Note: The Blogger application parsed out the greater-than and less-than characters so an underscore was used to preserve the contiguous nature of the <_string> <_filename> symbols.

Mary says…

Grep'ing from a file with more than one line per record:

You can do this with a Perl one-liner command: 'perl -00 -ne 'print if /'<_gstring>'/' <_filename>'

But I can rarely remember the Perl syntax, so I put this small shell script in my $HOME/bin directory:

#!/bin/sh
#
# grep a string in a paragraph and print the paragraph.
# A paragraph is delimited by a blank line.
#
# syntax: gparagraph <_string> <_filename>
#
gstring=$1
gfile=$2
perl -00 -ne 'print if /'$gstring'/' $gfile

Merge Multiple Files and Sort Simultaneously

The other day I was gathering historical files populated with multiple logins. I was trying to determine how many user logins were created over the past three years. Obtaining a unique login count would involve simultaneously merging the files and then sorting.

The actual run was much larger than the example run below.

# ls
user1.txt user2.txt user3.txt user4.txt group1.txt group2.txt
# more user[1-4].txt
::::::::::::::
user1.txt
::::::::::::::
user1
user2
user3
tom
mike
unix
sysad
::::::::::::::
user2.txt
::::::::::::::
ott
bird
user1
mike
sysad
paul
user2
user3
bob
::::::::::::::
user3.txt
::::::::::::::
mike
unix
blogger
rick
senior
chopper
paulie
mikey
tom
vince
cody
::::::::::::::
user4.txt
::::::::::::::
vince
mikey
paulie
senior
cody

# wc -l user[1-4].txt
7 user1.txt
9 user2.txt
11 user3.txt
5 user4.txt
32 total

Here is the merged, sorted and unique output
# sort user[1-4].txt | uniq

There are 19 unique logins for this example
# sort user[1-4].txt | uniq | wc -l
19

Java Programming Language Tutorial

Nowadays, I am more interested in PHP and mySQL because of activities related to my websites, so it has been awhile since I dabbled with the Java programming language.

So why the concern?

Lately, I have been thinking about writing a small Java utility for a personal project of mine. But I definitely needed a quick refresher. I found a reliable Java tutorial that covers the fundamentals of programming in the Java programming language. Here are the topics covered: object-oriented programming concepts, language basics, classes and object, interface and inheritance, numbers and strings, generics and packages.

I will, undoubtedly, have to look over my old programs, too.

You can also download The Java Tutorial

The Irony of a UNIX System Administrator

A colleague of mine emailed me this funny animated gif about a frustrated user. I thought it was comical from my own user experiences, especially prior to my UNIX system administration days.

I hated going through the troubleshooting part, particularly when the SysAd showed up to resolve my issue after it had “magically” resolved itself. I remember the “all knowing” system administrator explaining away the issue or looking at me as if I had “timing and head space” issues.

Frankly speaking, I find some irony in this rumination… ;)

Convert Length, Weight, Pressure, Volume and Temperature

Here is a fairly comprehensive calculator by World Wide Metric that converts length, weight, pressure, volume, and temperature. Living in South Korea, I’m always converting some metric unit, especially Celsius to Fahrenheit.

Length: meter, kilometers, feet, yards, millimeters, centimeters, miles, and inches.
Weight: metric tons, kilograms, pounds, ounces, grams, and tons
Pressure: bar, kg/cm, and psi
Volume: milliliters, liters, fluid ounces, pints, cups, quarts, and gallons
Temperature: Celsius and Fahrenheit

Convert quantities via the Unix command line

HTTP Response Status Code List

The other day I was creating a sitemap for one of my websites. Unfortunately, I had a number of errors reported with several of my pages. I was trying to make sense of the error status codes but didn't have a handy reference readily available. Here's a compiled listing of common HTTP status codes.

Common HTTP status codes and standard phrases:
100 - Continue
200 - OK - No error or successful response
301 - Permanent Redirect
302 - Redirect
400 - Bad request
401 - Unauthorized or this page requires authentication
402 - Payment Required - Not used
403 - Forbidden
404 - Page not found
405 - Method Not Allowed
406 - Not Acceptable
407 - Proxy Authentication Required
408 - Request Timeout
409 - Conflict
410 - Gone
411 - Length Required
412 - Precondition Failed
413 - Request Entity Too Large
414 - Request-URI Too Long
415 - Unsupported Media Type
416 - Requested Range Not Satisfiable
417 - Expectation Failed
500 - Internal Server error
501 - Not Implemented
502 - Bad Gateway
503 - Service Unavailable
504 - Gateway Timeout
505 - HTTP Version Not Supported
0 - Some network connection error - possible time out
990 - Blocked by robots.txt file
999 - Undefined error - not sure what

The Great Wall Visit and UNIX wall

I'm using the wall command for this post but only to stay within the format of this blog (Use of command and then show its output). And it is also being used as a pun to boot.

# wall
I just returned to South Korea from Beijing, China. It was a relaxing 5 days but also a bit cold and foggy for my liking.

The group tour package venues exceeded my expectations. We visited the Temple of Heaven, Lama Temple, Tiananmen Square, The Forbidden City, Summer Palace, Silk Factory, Hutong, Hard Rock Cafe, Jade Factory, and Pearl Factory, a couple markets (not my idea :)) and the Great Wall. The Great Wall is an amazing feature and was by far the best venue. I traversed its highest tower carrying a 20+lb backpack. Unfortunately, my quads and hams were really sore for a couple days afterwards.

The 2008 Olympics will be held in Beijing and everything seemed to be under construction. It’s amazing how much time, money, and effort goes into preparing for these games. The Chinese are hoping for post Olympic results similar to what South Korea experienced in 1988 – a vast infusion of foreign investment.

One last thing, I could not access my blog, "My SysAd Blog," via my hotel's Internet connection (business center). Instead, I was redirected to China's leading search engine, Baidu. It returned an outdated index of "My SysAd Blog." I think most blogs are blocked. Yahoo mail and Gmail were accessible but Hotmail was not.

I would recommend a visit if you get the time.

ctrl ^d

Determine the Number of Login/Logout Sessions - UNIX

Here is an easy way to determine how many login/logout sessions were recorded for a particular workstation. I will employ a few common UNIX system administration commands to fetch, filter, and then count the information derived from the wtmpx file. And by the way, my wtmpx file has not been cleared out in awhile.

# csh
# last | grep esoft | wc -l
24

In some organizations, logging in as the root user via the console is restricted. Check to see if anyone has logged in as root via the console.
# last | grep console | grep root | wc -l
20

Recorded Reboots
# last | awk '{print $1}’ | grep reboot | wc -l
36

Number of logins for each users/pseudo users (/bin/ later added per ux-admin's suggestion)
# foreach i (`last | awk '{print $1}' | sort | uniq | grep -v wtmp`)
? /bin/echo $i `last | grep $i | wc -l`
? end
ftp 16
reboot 36
restrict 1
root 167
esoft 24

Total logins for users/pseudo users
# last | awk '{print $1}' | grep '.' | grep -v wtmp | wc -l
244

List, Remove or Rename Multi-spaced Filenames - UNIX

I know this is a common HOWTO for UNIX system administrators, but I do get this question on occasion. The question is the following: "how do you delete a file with spaces in its name?" Use quotes, "".

From experience, I have seen numerous people type in file name at the CLI, and then they are prompted with the predictable “No such file or directory” error message. Here are some ubiquitous examples for dealing with spaces in filenames.

Using no quotes, 3 separate files are created
# csh
# touch test file 1
# ls -l
total 0
-rw-r--r-- 1 root other 0 Nov 16 23:17 1
-rw-r--r-- 1 root other 0 Nov 16 23:17 file
-rw-r--r-- 1 root other 0 Nov 16 23:17 test

Using quotes, 5 files are created with spaces as part of their unique filenames
# touch "test file 1"
# touch "test file 2"
# touch "test file 3"
# touch "test file 4"
# touch "test file 5"
# ls
test file 1 test file 2 test file 3 test file 4 test file 5

Attempt to list a specific multi-spaced filename without quotes
# ls test file 1
test: No such file or directory
file: No such file or directory
1: No such file or directory

Use quotes to list the file named test file 1
# ls "test file 1"
test file 1

Attempt to remove a specific multi-spaced filename without quotes
# rm test file 1
test: No such file or directory
file: No such file or directory
1: No such file or directory

Use quotes to remove the file named test file 1
# rm "test file 1"
# ls
test file 2 test file 3 test file 4 test file 5

Use quotes to rename the file named test file 2
# mv "test file 2" "test file 2a"
# ls
test file 2a test file 3 test file 4 test file 5

Use a “for loop” to rename these multi-spaced filenames. This example deletes the spaces and makes the filename contiguous.

# foreach i (*)
? mv "$i" `echo $i | tr -d 'space here '`
? end
# ls
testfile2a testfile3 testfile4 testfile5

Log Repeated Login Failures

You can log repeated login failures with the /var/adm/loginlog file. This file is not created by default, so you will have to create it. Most systems will allow 5 login retries before logging the event to this file. By the way, you can modify the max retries variable in the /etc/default/login file.

# cd /var/adm
# touch loginlog; chmod 700 loginlog; chown root:sys loginlog
# ls -l loginlog
-rwx------ 1 root sys 0 Nov 16 02:33 loginlog

Attempt to login

login: user1
Password:
Login incorrect
login: user1
Password:
Login incorrect
login: user1
Password:
Login incorrect
login: user1
Password:
Login incorrect
login: user1
Password:
Login incorrect

Connection to host lost.
###################

Now view the contents of the /var/adm/loginlog file.
# cd /var/adm
# more loginlog
user1:/dev/pts/2:Fri Nov 16 02:37:01 2007
user1:/dev/pts/2:Fri Nov 16 02:37:09 2007
user1:/dev/pts/2:Fri Nov 16 02:37:16 2007
user1:/dev/pts/2:Fri Nov 16 02:37:23 2007
user1:/dev/pts/2:Fri Nov 16 02:37:31 2007

Sort a File by a Defined Delimiter

I was sorting out a few colon delimited files tonight. I though the task might be post worthy. The two examples below are colon, ":", delimited and pipe, "|", delimited. Obviously, you can define other types of delimiters such as "," , ";" , "#", and etc.

# vi sortme
phoenix:az:mountain
los angeles:ca:pacific
augusta:me:eastern
houston:tx:central
dallas:tx:central
berkeley:ca:pacific
seattle:wa:pacific
denver:co:mountain
santa fe:nm:mountain
:wq!

Sort by TZ
# sort -t: +2 sortme
dallas:tx:central
houston:tx:central
augusta:me:eastern
denver:co:mountain
phoenix:az:mountain
santa fe:nm:mountain
berkeley:ca:pacific
los angeles:ca:pacific
seattle:wa:pacific

Sort by state
# sort -t":" +1 sortme
phoenix:az:mountain
berkeley:ca:pacific
los angeles:ca:pacific
denver:co:mountain
augusta:me:eastern
santa fe:nm:mountain
dallas:tx:central
houston:tx:central
seattle:wa:pacific

Sort by city
# sort -t":" sortme
augusta:me:eastern
berkeley:ca:pacific
dallas:tx:central
denver:co:mountain
houston:tx:central
los angeles:ca:pacific
phoenix:az:mountain
santa fe:nm:mountain
seattle:wa:pacific

# sort -t":" +1 +2 sortme
phoenix:az:mountain
berkeley:ca:pacific
los angeles:ca:pacific
denver:co:mountain
augusta:me:eastern
santa fe:nm:mountain
dallas:tx:central
houston:tx:central
seattle:wa:pacific

Delimited by a pipe, "|", symbol
# vi sortme
phoenix|az|mountain
los angeles|ca|pacific
augusta|me|eastern
houston|tx|central
dallas|tx|central
berkeley|ca|pacific
seattle|wa|pacific
denver|co|mountain
santa fe|nm|mountain

# sort -t"|" +1 sortme
phoenix|az|mountain
berkeley|ca|pacific
los angeles|ca|pacific
denver|co|mountain
augusta|me|eastern
santa fe|nm|mountain
dallas|tx|central
houston|tx|central
seattle|wa|pacific

Strip an Extension From a Filename - UNIX

I received this common question the other day. "How do I strip an extension from filenames using sed?" Frankly speaking, I thought this howto was already posted in this blog, but after further review, it doesn't appear to be. At any rate, here are some examples starting out with sed. I'm sure others have better ways of performing this task.

Using the sed command to strip an extension
# csh
# ls
t1.dat t2.dat t3.dat t4.dat t5.dat
# foreach filename (*.dat)
? mv $filename `echo $filename | sed 's/.dat//g'`
? end
# ls
t1 t2 t3 t4 t5

Using the basename command to strip an extension
# ls
t1.dat t2.dat t3.dat t4.dat t5.dat
# foreach filename (*.dat)
? mv $filename `basename $filename .dat`
? end
# ls
t1 t2 t3 t4 t5

Using the echo command to strip an extension
# ls
t1.dat t2.dat t3.dat t4.dat t5.dat t6.d1t
# foreach filename (*.dat)
? mv $filename `echo $filename:r`
? end
# ls
t1 t2 t3 t4 t5 t6.d1t

Using a zsh for loop to strip an extension
# ls
t1.dat t2.dat t3.dat t4.dat t5.dat t6.d1t
# zsh
# for filename (*.dat) mv $filename $filename:r
# ls
t1 t2 t3 t4 t5 t6.d1t

Another example using the echo command to strip an extension
# ls
t1.dt3 t2.d67 t3.d79 t4.e67 t5.007 t6.d17
# foreach filename (*.??7)
? mv $filename `echo $filename:r`
? end
# ls
t1.dt3 t2 t3.d79 t4 t5 t6

More examples using the echo command to strip an extension
# ls
t1.110207_org t2.110307_tmp t3.100307 t4.053106 t5.090606 t6.032307 t7.112307_log
# foreach filename (*.11*)
? mv $filename `echo $filename:r`
? end
# ls
t1 t2 t3.100307 t4.053106 t5.090606 t6.032307 t7

# ls
t1.0a t10.aj t2.1b t3.2c t4.3d t5.4e t6.5f t7.6g t8.7h t9.8i
# foreach filename (*.[0-9]?)
? mv $filename `echo $filename:r`
? end
# ls
t1 t10.aj t2 t3 t4 t5 t6 t7 t8 t9

Remove First 10 or 100 or 1000 Lines in a Log File - UNIX

After reviewing my Google Webmaster tools, I've observed several search iterations for "remove first 100 or 1000 lines in a log file." Here's an example to demonstrate removing the first 10 lines, 100 lines or 1000 lines in an .htaccess file.

Remove first 10 lines
# nl -ba .htaccess | more
1
2 order allow,deny
3 allow from all
4
5
6 deny from 213.xxx.xxx.xx
7 deny from 124.xxx.xxx.xx
8 deny from 81.xxx.xxx.xx
9 deny from 88.xxx.xxx.xx
10 deny from 88.xxx.xxx.11
11 deny from 84.xxx.xxx.56
12 deny from 88.xxx.xxx.xx
13 deny from 82.xxx.xxx.xx
14 deny from 69.xxx.xxx.xx
15 deny from 24.xxx.xxx.xx
...

# tail +11 .htaccess | more
deny from 84.xxx.xxx.56
deny from 88.xxx.xxx.xx
deny from 82.xxx.xxx.xx
deny from 69.xxx.xxx.xx
deny from 24.xxx.xxx.xx
...

Above is for illustration purposes but this syntax is all you need.
# tail +11 .htaccess > remove_10Lines.txt

Remove first 100 lines
# nl -ba .htaccess | more
...
96 deny from 85.xxx.xxx.xx
97 deny from 85.xxx.xxx.xx
98 deny from 85.xxx.xxx.xx
99 deny from 83.xxx.xxx.xx
100 deny from 81.xxx.xxx.70
101 deny from 81.xxx.xxx.29
102 deny from 81.xxx.xxx.xx
103 deny from 77.xxx.xxx.xx
...

# tail +101 .htaccess | more
deny from 81.xxx.xxx.29
deny from 81.xxx.xxx.xx
deny from 77.xxx.xxx.xx
...

Above is for illustration purposes but this syntax is all you need.
# tail +101 .htaccess > remove_100Lines.txt

Remove first 1000 lines
# nl -ba .htaccess | grep 1000 | more
1000 deny from 88.xxx.xxx.114

# nl -ba .htaccess | more
...
996 deny from 88.xxx.xxx.xxx
997 deny from 88.xxx.xxx.xxx
998 deny from 88.xxx.xxx.xxx
999 deny from 88.xxx.xxx.xxx
1000 deny from 88.xxx.xxx.114
1001 deny from 88.xxx.xxx.59
1002 deny from 88.xxx.xxx.xxx
1003 deny from 88.xxx.xxx.xxx
...

# tail +1001 .htaccess | more
deny from 88.xxx.xxx.59
deny from 88.xxx.xxx.xxx
deny from 88.xxx.xxx.xxx
...

Above is for illustration purposes but this syntax is all you need.
# tail +1001 .htaccess > remove_1000Lines.txt

Add User Information with .project and .plan files

The .plan file was intended to advise users, who can use the finger command, where someone was located or planning to do in the near-term. It's a user created free form file, so you can pretty much add what you want -- maybe signature type (phone number, address, website, blog, interests, etc) information. In this example, I'm listing phone numbers for after hours support followed by a quote.

Note: The fingerd daemon may be disabled at your site per security policies.

The finger command will read the first line of the .project file.
# vi .project
AFTER HOURS SUPPORT
:wq!

Just add your free form information in the .plan file
# vi .plan
For after hours support, call xxx-xxxx.
-----
"If you get the dirty end of the stick, sharpen it and turn it into a useful tool" -- Colin Powell

(¯`•.¸¸.»»» My SysAd Blog «««.¸¸.•´¯)
:wq!

# finger -l esoft
Login name: esoft
Directory: /export/home/esoft Shell: /bin/csh
Last login Wed Oct 31 23:57 on pts/3 from wkstn2
No unread mail
Project: AFTER HOURS SUPPORT
Plan:
For after hours support, call xxx-xxxx or cell 010-xxx-xxxx
-----
"If you get the dirty end of the stick, sharpen it and turn it into a useful tool" -- Colin Powell

(¯`•.¸¸.»»» My SysAd Blog «««.¸¸.•´¯)

Are Blogspot blogs being blocked in South Korea?

A number of folks living in South Korea are complaining their *.blogspot blogs are inaccessible. I'm one of them.

I can access the blogger.com homepage and obviously my control panel, but I can't view the blog unless I go proxy.

I did a trace route a few times and it does appear to be stopping in Asia.

C:\Documents and Settings\esoft>tracert esofthub.blogspot.com

Tracing route to blogspot.l.google.com
over a maximum of 30 hops:
It was dying after 7 hops...

TraceRoute to 59.18.xx.xx

Blogger Help Group

Update @1903 KST Nov 2: After several hours of dialog with Korean Telecoms customer service and their technicians, I'm finally able to access *.blogspot URLs. I spoked to one of their English speaking representatives and he said the issue was being worked.

Evaluate Constants and Strings with expr Command

The expr command is a handy utility for evaluating constants and strings via the command line interface. Here are a few examples of expressions.

# expr 9 \* 9
81
# expr 9 / 9
1
# expr 9 + 9
18
# expr 9 - 9
0
# expr 9 % 9
0
# expr 50 - 100
-50
# expr 6 + 8 \* 9
78
# expr 9 \* \( 2 + 6 \)
72

Evaluate relational operators: true (1) or false (0)

# expr aaa \< myblog
1
# expr aaa \> myblog
0
# expr aaa == myblog
0
# expr aaa != myblog
1
# expr 8 \<> 9
0
# expr 8 != 9
1
# expr 8 \<= 9
1

Remove the PHPSESSID From URL

The last couple of days I have been trying to remove unsightly PHPSESSIDs from my URLs. Here's how one looked on google.com.

http://www.xxxxxx.com/details_xxxxxx__xxxxxxxxxxxxxx-.html?
PHPSESSID=976fc83764c21749f95e831xxx6a3bxx

I opened up the php.ini file in Notepad and changed the 1 to 0. I'll check later on to see if it worked.

session.use_trans_sid = 0

-----
You can also put this in your config file
ini_set('session.use_trans_sid', false);

You can also modify the .htaccess file but a lot of web hosts won't let you do this type of modification. I tried.
php_flag session.use_trans_sid off

Get Better Compression with bzip2 Command - UNIX

I was trying out the bzip2 compression command. I did notice better compression rates with larger files (testing large tarballs) compared to gzip or compress. But it does take quite a bit of time to perform the compression. Here's one run I did.

# ls -l mytest20.tar
-rw-r--r-- 1 root other 50747392 Oct 28 23:58 mytest20.tar
# gzip mytest20.tar
# ls -l mytest20.tar.gz
-rw-r--r-- 1 root other 9763163 Oct 28 23:58 mytest20.tar.gz
# gunzip mytest20.tar.gz
# bzip2 mytest20.tar
# ls -l mytest20.tar.bz2
-rw-r--r-- 1 root other 5757170 Oct 28 23:58 mytest20.tar.bz2

To uncompress use bunzip2 or bzip2 -d
# bunzip2 mytest20.tar.bz2
# ls -l mytest20.tar
-rw-r--r-- 1 root other 50747392 Oct 28 23:58 mytest20.tar

Display MAC, IP and DNS information for Windows

I've had few questions about obtaining the MAC and IP addresses on a Windows box. Personally, I find the ipconfig command as the easiest way to get this information. Here's an example.

C:\Documents and Settings\esofthub>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : ixxx
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 CT Network Connect
ion
Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : xxx.xxx.x.x
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : xxx.xxx.xx.x
DHCP Server . . . . . . . . . . . : xxx.xxx.x.x
DNS Servers . . . . . . . . . . . : xxx.xxx.xx.x
xxx.xxx.xx.x
Lease Obtained. . . . . . . . . . : Monday, October 22, 2007 6:46:11 PM
Lease Expires . . . . . . . . . . : Tuesday, October 23, 2007 6:46:11 PM

Modify a Command's Scheduling Priority with nice

There may be times when you need to modify the priority of a command prior to starting it. You can do this by using the nice command. It modifies the scheduling priority of the command . 19 is the lowest priority, 1 is the highest priority, and 10 is the default. Here are a few examples.


Highest priority
# nice -n 1 myfind &
returns PID

Lowest priority
# nice -n 19 myfind &
returns PID

Default priority is 10

Also, the renice command can be used to change the priority of a job.

# renice -18 PID

stephane added the priorities range from -20 (or -19 depending on the Unix) to 19, -20/-19 being the most favorable scheduling, 19 the least favorable one. The negative increments are allowed only for root.

So if you are root, you can do this : nice -19 myfind

to get it running with max priority.

Check Sent Mail Status with mailq

I had a number of users informed me that their messages were "stuck in the queue or something hanging." Their concerns were confirmed after using the mailq command. After a brief investigation, it was discovered was a small hiccup with DNS.

Here's an example of the mailq output.
# mailq
or
# mailq -v
/var/spool/mqueue (19 requests)
----Q-ID---- --Size-- -Priority- ---Q-Time--- ---------Sender/Recipient--------
l9HDvk500367 5 120046 Oct 17 22:57 user1
user2
l9GGhCW02706 1333 7770119 Oct 17 01:43 user3
user1
l9GGhCX02706 1363 7770119 Oct 17 01:43 user4
user5
...

Recovering a Corrupted Mailbox -- UNIX

The other day I had user who was having problems popping mail from the mail server. My first thoughts were wrong password, POP server issue or permissions. Well, it was none of the above. Then I started thinking about the mailbox itself. Here's what I found.

Btw, this example is not the original user's mailbox but it should demonstrate the problem.

Notice there are three lines that don't make much sense.

# cd /var/mail
# more user1
Status: RO
X-Status: $$$$
X-UID: 0000000001

From user2 Fri Jun 29 22:51:34 2007
Return-Path:
Received: (from user2@localhost)
by esoft (8.11.6+Sun/8.11.6) id l5TDpYJ01536
for root; Fri, 29 Jun 2007 22:51:34 +0900 (KST)
Date: Fri, 29 Jun 2007 22:51:34 +0900 (KST)
From: Super-User
Message-Id: <200706291351.l5tdpyj01536@esoft>
...
...

I deleted those 3 lines (plus the blank line) and re-saved the mailbox. After that, he was able to pull his mail successfully.

# more user1
From user2 Fri Jun 29 22:51:34 2007
Return-Path:
Received: (from user2@localhost)
by esoft (8.11.6+Sun/8.11.6) id l5TDpYJ01536
for root; Fri, 29 Jun 2007 22:51:34 +0900 (KST)
Date: Fri, 29 Jun 2007 22:51:34 +0900 (KST)
From: Super-User
Message-Id: <200706291351.l5tdpyj01536@esoft>
...
...

The Popular XV Image Viewer for UNIX

Yesterday, I received an email asking me about a versatile jpeg image viewer for UNIX. My initial thoughts were to use the common browser or the image related utilities in /usr/openwin/bin -- imagetool or snapshot.

Then I started thinking about XV. XV is a popular image viewing shareware program. I have found it to be very effective at resizing screenshots, cropping, expanding, and converting images to different image formats. Personally, I've been using XV (3.10 and now 3.10a) for a number of years without complaint.

Here's another reliable source for XV Image Viewer.

I installed xv in my /opt/apps directory.
# /opt/apps/xv &

Display a Specified Number of Lines From Multiple Files

Here's an ad-hoc way of viewing a specified number of lines that begins with line one. In this example, the templated report has 8 lines and only its values change each day.

I only want to show the first 5 lines for each file. Here's a quick and dirty way of doing that.

In this template file (Mon), the values are only shown for illustration purposes .

# cat Mon
Average Stats: 100
Hourly Stats: 4
Daily Stats: 103
Weekly Stats: 700
Monthly Stats: 2812
###############
END END
###############

Display 5 different files and show their first 5 lines
# head -5 Mon Tue Wed Thu Fri
==> Mon <==
Average Stats: 100
Hourly Stats: 4
Daily Stats: 103
Weekly Stats: 700
Monthly Stats: 2812

==> Tue <==
Average Stats: 102
Hourly Stats: 4
Daily Stats: 104
Weekly Stats: 706
Monthly Stats: 2822

==> Wed <==
Average Stats: 104
Hourly Stats: 5
Daily Stats: 110
Weekly Stats: 730
Monthly Stats: 2842

==> Thu <==
Average Stats: 90
Hourly Stats: 200
Daily Stats: 2400
Weekly Stats: 4499
Monthly Stats: 3006

==> Fri <==
Average Stats: 101
Hourly Stats: 3
Daily Stats: 106
Weekly Stats: 703
Monthly Stats: 2855

Here's a poor man's label maker. Cut (literally) and paste :)
# cat > From
FirstName LastName
123 Any Street
Anytown, State, Zipcode
Ctrl+d

# head From From From
==> From <==
FirstName LastName
123 Any Street
Anytown, State, Zipcode

==> From <==
FirstName LastName
123 Any Street
Anytown, State, Zipcode

==> From <==
FirstName LastName
123 Any Street
Anytown, State, Zipcode

Delete Extra Spaces Between Words in a File

I had a file peppered with extra spaces, which were between the terms (chars need to be contiguous). I could read it but it was fairly annoying. I used the tr utility to delete most of the extra spaces and then vi'ed the file to rid it of the rest. To accomplish this task, here's an example using the tr utility -- nothing fancy.

Since Blogger is displaying this test file without the extra spaces, please take my word for it.
# cat filename
This is a test. We will delete the extra spaces.
This can be accomplished with the UNIX tr utility.
# cat filename | tr -s ' ' ' '
This is a test. We will delete the extra spaces.
This can be accomplished with the UNIX tr utility.

Output to newfilename
# cat filename | tr -s ' ' ' ' > newfilename

View newfilename contents
# more newfilename
This is a test. We will delete the extra spaces.
This can be accomplished with the UNIX tr utility.

Per a reader's request, here's a picture similar to the aforementioned without Blogger compressing the spaces.

Manage Removing Directories from a Stack with popd

I thought about adding the popd command verbiage to the last post (pushd), but I do like to keep these HOWTOs pithy. The pushd command was used to push directories onto a stack, so now I'm going to use the popd to remove directories from the stack. Again, I will use the dirs command to display the stack.

# csh
# dirs
/usr/local/popper / /export/home/esoft/xml/XMLDIR /opt/myapps/etc
# pwd
/usr/local/popper

Removes /usr/local/popper directory
# popd
/ /export/home/esoft/xml/XMLDIR /opt/myapps/etc
# dirs
/ /export/home/esoft/xml/XMLDIR /opt/myapps/etc
# pwd
# /

Removes /opt/myapps/etc directory
# popd +2
# / /export/home/esoft/xml/XMLDIR
# dirs
/ /export/home/esoft/xml/XMLDIR
# pwd
/

Manage Adding Directories to a Stack with pushd

While working on my FreeAdLists personal project at home, I decided it was time to better manage my pwd efforts. I quickly grew weary and impatient (exacerbated by the fact I'm fighting a nasty cold and acute rhinitis) of changing directories so many darn times, so I decided it was time to use a stack (stack starts with 0). Here are few examples of the pushd and dirs commands, which pushes a directory and displays a stack, respectively.

# csh
# cd /
# pushd `pwd`
/ /export/home/esoft/xml/XMLDIR /opt/apps/apps1
# pushd /usr/local/popper
# dirs
/usr/local/popper / /export/home/esoft/xml/XMLDIR /opt/apps/apps1
# pwd
/usr/local/popper

Switches between the first two directories paths
# pushd
/ /usr/local/popper /export/home/esoft/xml/XMLDIR /opt/apps/apps1
# dirs
/usr/local/popper / /export/home/esoft/xml/XMLDIR /opt/apps/apps1
# pwd
# /

Moves /export/home/esoft/xml/XMLDIR to the top of the stack
# pushd +2
/export/home/esoft/xml/XMLDIR / /usr/local/popper /opt/apps/apps1
# dirs
/export/home/esoft/xml/XMLDIR / /usr/local/popper /opt/apps/apps1
# pwd
/export/home/esoft/xml/XMLDIR

Download an XML feed with wget

For one of my projects, I was attempting to download a 70MB XML feed. Unfortunately, it was taking forever to download via HTTP and crashing my MSIE 6.0 and Firefox 2.0.0.7 browsers. I ended up using the wget utility to complete the task. Here's what I did.

C:\Documents and Settings\esoft\Desktop>wget www.xxxx.com/partnerfeeds/esofthub%20lists/esofthub%20xmllists.xml
--02:02:09-- http://www.xxxx.com/partnerfeeds/esofthub%20lists/esofthub%20xmllists.xml
=> `esofthub xmllists.xml'
Resolving www.xxxx.com... xx.1xx.x.2xx
Connecting to www.xxxx.com|xx.1xx.x.2xx|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 70,722,387 (67M) [text/xml]

100%[====================================>] 70,722,387 130.78K/s ETA 00:00

02:08:32 (182.75 KB/s) - `esofthub xmllists.xml' saved [70722387/70722387]

If you don't have wget, here's a couple site you can go to get it.

Download WGET for Windows
Download GNU WGET

Ping Multiple Workstations and Mail Results

Here's a simple Z Shell script to check for network connectivity. If you have several dozen workstations, manually pinging each one can be a laborious task. This script pings (w/2 second timeout) and mails the results to a group alias. You can automate by scheduling it with a cron job.

# vi pinger.zsh
#!/bin/zsh

log=/tmp/log.`date '+%d%h%Y%H%M'`

echo >> $log
date >> $log
echo >> $log

for i in {1..30}
do
ping wkstn$i 2
if [ $? = 0 ]
then
echo wkstn$i up >> $log
else
echo wkstn$i down >> $log
fi
done
cat $log | mailx -s "Workstation Status: `basename $log`" groupalias@esofthub.com
#rm $log
:wq!

Use .htaccess to Deny Internet Protocol (IP) Address or Domain Name

You can use the .htaccess file to deny sites that are wreaking havoc on your site. I have a dozen or so IPs from a couple countries that are doing just that to one of my sites. You can block specific IPs/IP blocks or deny by domain names.

The first two lines (deny statements) are indicative of what I did. By the way, I don't control the main configuration of the host (server), so I had to use this file.

# vi .htaccess
order allow,deny
allow from all

deny from xxx.xxx.xx.xxx
deny from xxx.xxx.xxx.xxx
deny from xx.xxx.xx.
deny from xxx.xx.
deny from xx.
:wq!

Here's a screenshot (so tags shows up on this Blogger post) with the tags:









Extra:
If you are trying to block IPs on the Blogger.com platform, see this post: How to block IPs on Blogger.com

Joining and Renaming Multiple Files Using a for loop

I'm doing this personal project where I parsed almost 26,000 items into a particular format. I then parsed 300 of those items into file with a unique filename, so I ended up with 86 unique files. Lastly, I added a header and footer to each unique file and then renamed it to its original filename. Here is a pithy example of what was done on this task.

# sh
# for i in `ls *_num_*`
do
cat header $i footer > $i.$$
mv $i.$$ $i
echo $i done
done

Extra: For those that asked me how to rename files, the mv command is used to rename files in UNIX. In the example below, the esofthub filename will be renamed to esoft
e.g. # mv esofthub esoft

Delete Tabs, Newlines, Carriage Returns, or Spaces from a File

There are times when you might want to delete formatting characters from a file. The tr command does an excellent job of performing this task. Here are some examples.

Note: I have included a screen shot of this task per the request of a commenter. This example in the jpeg deals with tabs and newlines.

Remove tabs
# more filename
esoft esoft esoft
esoft esoft esoft

# cat filename | tr -d space '\t'
esoftesoftesoft
esoftesoftesoft
# tr -d space '\t' < filename

Remove newlines
# cat filename | tr -d space '\n'
esoft esoft esoftesoft esoft esoft










Additional information:
Remove carriage returns
# cat filename | tr -d space '\r'

Remove spaces
# cat filename | tr -d space "space"

Evaluate NFS Statistical Information with nfsstat

The nfsstat command is used to show the statistical information of Network File System (NFS) and Remote Procedure Call (RPC). It is useful for showing NFS activity between the server and client. My box is down right now, so I won't be able to show you a run right now. But here are a few quick examples.

Show the nfs stats
# nfsstat

Evaluate NFS mount stats between server and the client
# nfsstat -m

Reinitialize the nfs stats
# nfsstat -z

My SysAd Blog Reader Appreciation Shout

I want to thank all the "My SysAd Blog" readers that Stumble this site now and then. It's really nice to see that on a daily basis. It hasn't been Stumbled or Dugg like some of the Linux blogs out there but that was never the objective. But at any rate, I definitely appreciate the stumbles and thank you for helping me share the information. Maybe I will get lucky one of these days...I guess my content should improve first :)

By the way, this is a terse "howto type" blog, so if you're looking for verbosity, that's another (or see man page) blog, so please checkout my technical blogroll :)

Respectfully,

Roy Wood

Try my favorite Free browser:
Get FireFox

My Favorite Links

Linux Screw

The UNIX Forums

Unix Guru Universe

Mika's Blog

PC Blade Computing

Planet Sysadmin

Aspiring Sysdmin

Operating Systems - Unix, Linux, Mac OS X, Windows

TechEd Bloggers

PatchLog | patches 'n hacks

@unixville

The Sys Admin

Tech@Sakana

Unix Admin Corner

Geeky Bits

Bash Shell Cures Cancer

Ramblings of a Geek

Open Source Fedora Core

Schneier on Security

Setup a nisplus Server and Populate its Tables

Setup a nisplus server and then populate its tables. Here's a run on my box. Some of the non-interactive portion of the run has been omitted.

# cd /etc
# cp -p /etc/nsswitch.conf /etc/nsswitch.conf.sav
# cp -p /etc/nsswitch.nisplus /etc/nsswitch.conf
# domainname esofthub.com | tee /etc/defaultdomain
# domainname
esofthub.com

For safey reasons, use copies of the /etc files. Copy those /etc files to a staging area /var/nisfiles.

# cd /var
# mkdir nisfiles; chmod 755 nisfiles
# cd /etc
# cp -p hosts rpc services netmasks networks netgroup services protocols /var/nisfiles
# cd /var/nisfiles

Create empty files. It's recommended that you don't populate the contents of the local passwd and shadow files across the namespace.

# touch passwd shadow ipnodes timezone bootparams group aliases auto_home auto_master ethers

Bourne Shell
# PATH=$PATH:/usr/lib/nis; export PATH

C Shell
# setenv PATH ${PATH}:/usr/lib/nis
# csh
# setenv PATH ${PATH}:/usr/lib/nis
# nisserver -v -r -d esofthub.com

This script sets up this machine "esoft" as an NIS+
root master server for domain esofthub.com..

Domain name : esofthub.com.
NIS+ group : admin.esofthub.com.
NIS (YP) compatibility : OFF
Security level : 2=DES

Is this information correct? (type 'y' to accept, 'n' to change) y

This script will set up your machine as a root master server for
domain esofthub.com. without NIS compatibility at security level 2.
Use "nisclient -r" to restore your current network service environment.
Do you want to continue? (type 'y' to continue, 'n' to exit this script) y
setting up domain information "esofthub.com." ...
setting up switch information ...
switch configuration file already set to use NIS+.
killing process keyserv ...
restarting process keyserv ...
killing NIS and NIS+ processes ...
killing process ypbind ...
killing process rpc.nisd ...
killing process rpc.nispasswdd ...
killing process nis_cachemgr ...
stopping nscd ...

setup NIS_GROUP environment variable ...

rm /var/nis files ...
running nisinit ...
This machine is in the "esofthub.com." NIS+ domain.
Setting up root server ...

All done.

starting root server at security level 0 to create credentials...
running nissetup to create standard directories and tables ...
org_dir.esofthub.com. created
groups_dir.esofthub.com. created
passwd.org_dir.esofthub.com. created
group.org_dir.esofthub.com. created
auto_master.org_dir.esofthub.com. created
auto_home.org_dir.esofthub.com. created
bootparams.org_dir.esofthub.com. created
cred.org_dir.esofthub.com. created
ethers.org_dir.esofthub.com. created
hosts.org_dir.esofthub.com. created
ipnodes.org_dir.esofthub.com. created
mail_aliases.org_dir.esofthub.com. created
sendmailvars.org_dir.esofthub.com. created
netmasks.org_dir.esofthub.com. created
netgroup.org_dir.esofthub.com. created
networks.org_dir.esofthub.com. created
protocols.org_dir.esofthub.com. created
rpc.org_dir.esofthub.com. created
services.org_dir.esofthub.com. created
timezone.org_dir.esofthub.com. created
client_info.org_dir.esofthub.com. created
auth_attr.org_dir.esofthub.com. created
exec_attr.org_dir.esofthub.com. created
prof_attr.org_dir.esofthub.com. created
user_attr.org_dir.esofthub.com. created
audit_user.org_dir.esofthub.com. created

adding credential for esoft.esofthub.com...

Enter login password:
nisaddcred: WARNING: password differs from login password.
Retype password:

creating NIS+ administration group: admin.esofthub.com. ...
adding principal esoft.esofthub.com. to admin.esofthub.com. ...
updating the keys for directories ...
restarting NIS+ root master server at security level 2 ...
killing process rpc.nisd ...
restarting process rpc.nisd ...
starting NIS+ password daemon ...
starting NIS+ cache manager ...
modifying the /etc/init.d/rpc file ...
starting Name Service Cache Daemon nscd ...

This system is now configured as a root server for domain esofthub.com.

You can now populate the standard NIS+ tables by using the
nispopulate script or /usr/lib/nis/nisaddent command.

# nispopulate -v -F -p /var/nisfiles -d esofthub.com

NIS+ domain name : esofthub.com.
Directory Path : /var/nisfiles

Is this information correct? (type 'y' to accept, 'n' to change) y

This script will populate the standard NIS+ tables for domain
esofthub.com. from the files in /var/nisfiles:
auto_master auto_home ethers group hosts ipnodes networks passwd protocols services rpc netmasks bootparams netgroup aliases timezone auth_attr exec_attr prof_attr user_attr audit_user shadow
**WARNING: Interrupting this script after choosing to continue
may leave the tables only partially populated. This script does
not do any automatic recovery or cleanup.
Do you want to continue? (type 'y' to continue, 'n' to exit this script) y
auto_master.org_dir.esofthub.com. OK...
populating auto_master table from file /var/nisfiles/auto_master...
adding standard key-value table auto_master...
adding /var/nisfiles/auto_master to table auto_master.org_dir.esofthub.com.

0 entries added/updated
...
...
Credentials have been added for the entries in the
hosts and ipnodes and passwd table(s). Each entry was given a default
network password (also known as a Secure-RPC password).

This password is:
nisplus

Use this password when the nisclient script requests the
network password.
...
...
Check to see if nisplus was setup
# nisls
esofthub.com.:
org_dir
groups_dir
# niscat host.org_dir
localhost localhost 127.0.0.1
localhost loghost 127.0.0.1
esoft esoft 192.168.1.19
esoft mailhost 192.168.1.19

To remove NISPLUS
Visit this link: remove NIS+ from server

Forward Mail to a Different Account with .forward

There are times when you might need to forward your mail to another email account. The .forward file is used to accomplish this task. Here are a couple examples.

All email will be forwarded to this email address, esoft@esofthubInTheWoods.com.

# echo "esoft@esofthubInTheWoods.com" > $HOME/.forward
Or
# cat > $HOME/.forward
esoft@esofthubInTheWoods.com
control ^d

Output Strings in Lowercase -- UNIX

I should have done this post earlier when I was talking about capitalizing strings. I just forgot. Anyways, here's an easy way to output strings as lowercase.

# cat uppercasefile | tr "[:upper:]" "[:lower:]"
this file's contents are in uppercase
but its output should be
lowercased

# tr "[:upper:]" "[:lower:]" < uppercasefile
this file's contents are in uppercase
but its output should be
lowercased

# cat uppercase | tr '[A-Z]' '[a-z]'
this file's contents are in uppercase
but its output should be
lowercased

# tr '[A-Z]' '[a-z]' < uppercasefile
this file's contents are in uppercase
but its output should be
lowercased

Output lowercase strings to file
# tr '[A-Z]' '[a-z]' < uppercasefile > outputfile_lower

# date | tr "[:upper:]" "[:lower:]"
sat sep 8 23:24:20 kst 2007

Traverse an Argument List using shift Command

You can move through an argument list using the shift command. Here's an example using an inline while loop and and an inline for loop.

# sh

The while loop
# set M Y S Y S A D B L O G
# while [ $# -gt 0 ]
> do
> echo $*
> shift
> done
M Y S Y S A D B L O G
Y S Y S A D B L O G
S Y S A D B L O G
Y S A D B L O G
S A D B L O G
A D B L O G
D B L O G
B L O G
L O G
O G
G

The for loop
# set M Y S Y S A D B L O G
# for i in $*
> do
> echo $*
> shift
> done
M Y S Y S A D B L O G
Y S Y S A D B L O G
S Y S A D B L O G
Y S A D B L O G
S A D B L O G
A D B L O G
D B L O G
B L O G
L O G
O G
G

Print a File in Landscape Mode via Command Line

I was asked how to print a file in landscape mode via the command line. I haven't done that in awhile, so I had to delve into my old notes. Here's the syntax.

# /usr/lib/lp/postscript/postprint -pland filename | lp

Set File or Directory Access Control List with setfacl

The setfacl command is used to add, modify, delete an ACL entry (or entries) or replace the entire Access Control List (ACL) on a file or directory. Here are a few examples.

Replaces the entire ACL via man page

--setfacl -s user:esoft:rwx,user::rwx,group::rw-,mask:r--,other:--- testfile
or its octal equivalent
--setfacl -s user:esoft:7,user::7,group::6,mask:4,other:0 testfile

Before changing ACL
# getfacl testfile
# file: testfile
# owner: root
# group: other
user::rw-
group::r-- #effective:r--
mask:r--
other:r--
# ls -l testfile
-rw-r--r-- 1 root other 0 Sep 4 23:26 testfile

After changing ACL
# setfacl -s user:esoft:rwx,user::rwx,group::rw-,mask:r--,other:--- testfile
# getfacl testfile

# file: testfile
# owner: root
# group: other
user::rwx
user:esoft:rwx #effective:r--
group::rw- #effective:r--
mask:r--
other:---
# ls -l testfile
-rwxr-----+ 1 root other 0 Sep 4 23:27 testfile

Same as above but in octal

# rm testfile
# touch testfile
# ls -l testfile
-rw-r--r-- 1 root other 0 Sep 4 23:30 testfile
# setfacl -s user:esoft:7,user::7,group::6,mask:4,other:0 testfile
# getfacl testfile

# file: testfile
# owner: root
# group: other
user::rwx
user:esoft:rwx #effective:r--
group::rw- #effective:r--
mask:r--
other:---
# ls -l testfile
-rwxr-----+ 1 root other 0 Sep 4 23:32 testfile

#######################################

Change user and mask
# setfacl -m u:esoft:6,m:6 testfile
# getfacl testfile

# file: testfile
# owner: root
# group: other
user::rwx
user:esoft:rw- #effective:rw-
group::rw- #effective:rw-
mask:rw-
other:---

Change group and mask
# setfacl -m g:other:4,m:6 testfile
# getfacl testfile

# file: testfile
# owner: root
# group: other
user::rwx
user:esoft:rw- #effective:rw-
group::rw- #effective:rw-
group:other:r-- #effective:r--
mask:rw-
other:---

Delete ACL
# setfacl -d u:esoft:6 testfile
# getfacl testfile

# file: testfile
# owner: root
# group: other
user::rwx
group::rw- #effective:rw-
group:other:r-- #effective:r--
mask:rw-
other:---

Get ACL of testfile then set (apply) to testfile1
# getfacl testfile | setfacl -f - testfile1

Get the Access Control List on a File or Directory

The getfacl command is used to obtain the filename, file owner, file group owner, and its Access Control List or ACL. It will display the ACL for a regular file or a directory. Here are some examples of its use.

On a file
# getfacl newcron

# file: newcron
# owner: esoft
# group: staff
user::rw-
group::r-- #effective:r--
mask:r--
other:r--

On a directory
# getfacl MyDir

# file: MyDir
# owner: root
# group: other
user::rwx
group::r-x #effective:r-x
mask:r-x
other:r-x

Free Virtual Network Computing Remote Control Software

Virtual Network Computing (VNC) is a client/server software package that allows remote access to graphical desktops. Here's some information about VNC at TightVNC.org. The downloads are free under the GNU General Public License and available on several platforms.

Send Network Packets to a Host with spray

The spray command is used to send packets to a hostname, URL, or IP. It reports how many packets were received and transfer rate. However, spray can NOT be used as a network benchmark because it uses unreliable connectionless protocols such as UDP. Here's an example of its use on my box.

# spray esoft
sending 1162 packets of length 86 to esoft...
754 packets (64.888%) dropped by esoft
26 packets/sec, 2317 bytes/sec

Troubleshooting a Network with the Snoop Utility

One of the most useful networking utilities is the snoop command. It is used to capture and inspect network packets. Here are some examples of its use.

Snoop a network in the promiscuous mode (captures and displays all packets as received)
# snoop
Using device /dev/hme (promiscuous mode)
192.168.1.26 -> esoft TELNET C port=2319
esoft -> 192.168.1.10 TELNET R port=2319 Using device /dev/hm
192.168.1.26 -> esoft TELNET C port=2319

Snoop a particular host
# snoop client-10

Prints detailed ETHER, IP and TCP header data (a lot of data)
# snoop -v

Snoop between two hosts
# snoop client-10 client-11

Capture snoop output to a file (binary format)
# snoop -o snoop_capture

Read captured snoop output from file
# snoop -i snoop_capture

Prints summary mode
# snoop -V

Extra:

I've been asked how to disable snoop. Rename the utility so it can't be executed when someone executes snoop via CLI. Or simply move it to another area of the filesystem. You can also tighten down the permissions, too. i.e. root can only run it.

# mv /usr/sbin/snoop /usr/sbin/mysnoop
# mv /usr/sbin/snoop /usr/sbin/.snoop
# chmod 700 /usr/sbin/snoop

Check the permissions (perm 600) on the interfaces -- hme, ge, ce, eri, etc
# ls -l /devices/pseudo/

Date Command in Debian Linux

Here are some interesting uses of the date command in Debian Linux by Mary M. Chaddock, GSEC, GCUX. She is a Network Security Administrator for Abilene Christian University in Texas. Thanks Mary for the nice email, and of course, the Debian date tip.

Mary said, "Specifically, I often have a need to convert log dates or search logs for specific dates when the log date is in epoch format."

Displays the current date
'date +%s'

Gives date two weeks ago
'date +%s --date=-2week'

Converts an epoch timestamp
'date --date=@1187103930'

System Activity Reporter Command Monitors CPU, Disk and Virtual Memory

The system activity reporter or sar command is useful in reporting system resource utilization. It can report on CPU, disk, and virtual memory use. Here are some examples.

Three samples for every 5 seconds

For CPU utilization
# sar 5 3

For disk utilization
# sar -d 5 3

For virtual memory utilization
#sar -g 5 3

Text Editor for Simple Formatting

The fmt utility is a simple text formatter. It will fill lines up to a specified character width -- default is 72. Here are some examples.

Original file
# more sysad
This blog
is primarily
a howto for UNIX
system administration.
Its articles consist of Solaris,
Sybase, Oracle, and miscellaneous
tips and operating system information.

Here's the default of 72 characters wide.
# fmt sysad
This blog is primarily a howto for UNIX system administration. Its
articles consist of Solaris, Sybase, Oracle, and miscellaneous tips and
operating system information.

Here's the same file but formatted 35 characters wide.
# fmt -35 sysad
This blog is primarily a howto for
UNIX system administration. Its
articles consist of Solaris,
Sybase, Oracle, and miscellaneous
tips and operating system
information.

Combine files (default width)
# fmt sysad sysad
This blog is primarily a howto for UNIX system administration. Its
articles consist of Solaris, Sybase, Oracle, and miscellaneous tips and
operating system information. This blog is primarily a howto for UNIX
system administration. Its articles consist of Solaris, Sybase, Oracle,
and miscellaneous tips and operating system information.

Merge Lines From One or More Files

The paste command will merge corresponding lines from one or more files. Each file is treated as a column. Here are some examples to demonstrate its use.

# more city
Helena
Bosie
Olympia
Salem
Denver

# paste city city
Helena Helena
Bosie Bosie
Olympia Olympia
Salem Salem
Denver Denver

# more state
Montana
Idaho
Washington
Oregon
Colorado

# paste city state
Helena Montana
Bosie Idaho
Olympia Washington
Salem Oregon
Denver Colorado

Redirect output to file
# paste city state > CityState
# more CityState
Helena Montana
Bosie Idaho
Olympia Washington
Salem Oregon
Denver Colorado

Limit User's File Size -- UNIX

If you are hurting for disk space, you might want to look into limiting the file size a user can create. Depending on the shell, you can do this by using either limit or ulimit command -- add to a user's initialization file to make permanent. Here are a few examples.

# sh
# ulimit -f 5000
# mkfile 6m MB
File Size Limit Exceeded - core dumped

# ksh
# ulimit -f 5000
# mkfile 6m MB
File Size Limit Exceeded(coredump)

# csh
# limit filesize 5m
# mkfile 6m MB
File Size Limit Exceeded (core dumped)

# bash
# ulimit -f 5000
# mkfile 6m MB
File Size Limit Exceeded (core dumped)

Convert Tab to Specified Number of Spaces

You can also use the expand utility to specify the number of spaces between a tab. See below for an illustration.

Original file with tabs
# cat -v -t esoftfile
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft

Convert tab to 20 spaces
# expand -20 esoftfile | cat -t -v
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft

Convert tab to 10 spaces
# expand -10 esoftfile | cat -v -t
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft

Convert tab to 2 spaces
# expand -2 esoftfile | cat -v -t
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft

Remove Tabs From a File -- UNIX

Occasionally, you might want to remove tabs from a file. This can be accomplished with the expand command. Here's an easy way of doing that.

View tabs (^I)
# cat -v -t esoftfile
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft
esoft^Iesoft^Iesoft^Iesoft

View tabs (^I) removed and replaced with 5 spaces to stdout
# expand esoftfile | cat -v -t
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft
esoft esoft esoft esoft

Tabs removed and output written to file
# expand esoftfile > esoftfile_notab

Verify tabs removed
# vi esoftfile_notab
esoft esoft esoft esoft$
esoft esoft esoft esoft$
esoft esoft esoft esoft$
esoft esoft esoft esoft$
esoft esoft esoft esoft$
~
~
~
:set list

Double Space a Single Spaced File -- UNIX

You can use the powerful stream editor (sed) utility to convert a single-spaced file to a double-spaced file. Conversely, you can take a double-spaced file and convert it to a single-spaced file. Here's an illustration.

Single-spaced to double-spaced file
# more tstfile
This is a test
This is a test
This is a test
This is a test
This is a test
This is a test

Now output to stdout and tstfile1 -- double-spaced
# sed G tstfile | tee tstfile1
This is a test

This is a test

This is a test

This is a test

This is a test

This is a test

Verify tstfile1 is double-spaced
# more tstfile1
This is a test

This is a test

This is a test

This is a test

This is a test

This is a test

Double-spaced to single-spaced file
Now output to stdout and tstfile2 -- single-spaced
# sed 'n;d' tstfile1 | tee tstfile2
This is a test
This is a test
This is a test
This is a test
This is a test
This is a test

Verify tstfile2 is single-spaced
# more tstfile2
This is a test
This is a test
This is a test
This is a test
This is a test
This is a test

Extra...
To triple-spaced
# sed 'G;G' tstfile | tee tstfile1

To double-spaced
# sed 'n;n;d' tstfile1 | tee tstfile2

To single-spaced
# sed 'n;n;d' tstfile1 | sed 'n;d' | tee tstfile3

Sun Studio 12 C/C++ & Fortran Compilers and Tools

Sun is offering a free download of its Sun Studio 12 software. Provides compilers for C, C++, and Fortran for Solaris OS on SPARC and Solaris/Linux on x86/x64 platforms.

Also, here's GCC For SPARC Systems 4.0.4

Nvu or "New View" Web Authoring Application

Nvu or "New View" is a complete and 100% open source web authoring application that I use to modify my websites. It works on Linux, Microsoft Windows, and Macintosh platforms. A great deal of technical expertise is not required to use this application.

From the Nvu site: "Anyone is welcome to download Nvu at no charge, including the source code if you need to make special changes. Developers are encouraged to get involved and help make Nvu even better."

Specify or Report Default Permissions with umask

The umask command can be used to specify default permissions on files you create. It also can be used to report on a file's current defaults. Here are some examples.

Explanation of what the octal digits mean
0 - don't restrict any permissions
1 - restrict execute permissions
2 - restrict write permissions
4 - restrict read permissions

Report current umask setting
# umask

Provides complete access to every file you create on the system to everyone.
# umask 000

Provides complete access to you and your group. The others (world) are excluded.
# umask 007

Provides complete access to you but limits group and others to read and execution.
# umask 022

Change the Operational Status of Processors

The psradm command can be used to change the operational status of a processor(s) in a multiprocessor system. The statuses are online, offline and no-intr. Here are a few examples.

Take processors 2 and 3 offline
# psradm -f 2 3

Processors 1 and 2 are not interrupted by I/O processes
# psradm -i 1 2

Bring a specified processor, 3, online
# psradm -n 3

Bring all processors online
# psradm -a -n

Log Telnet and FTP Sessions in Log File

For security reasons, you might opt to log telnet and FTP sessions. On my box, those sessions are logged into the /var/adm/messages file. To make this change, you will have to modify the /etc/rc2.d/S72inetsvc script. Here's an example.

Go to the bottom of this file and look for this line, /usr/sbin/inetd -s &

# vi /etc/rc2.d/S72inetsvc
...
/usr/sbin/inetd -s &

Change to /usr/sbin/inetd -s -t &
: wq!

You will have to recycle the inetd daemon.

Reverse the Contents of a File

The tail command can be used to reverse the contents of a file. Here's an example.

# cat > filename
THIS IS AN EASY WAY TO REVERSE THE CONTENT OF A FILE.
THE REVERSAL WILL DO MORE THAN 10 LINES. IT WILL REVERSE THE ENTIRE FILE.
EOM
.
# tail -r filename
.
EOM
THE REVERSAL WILL DO MORE THAN 10 LINES. IT WILL REVERSE THE ENTIRE FILE.
THIS IS AN EASY WAY TO REVERSE THE CONTENT OF A FILE.

By the way, this command line entry will do the same thing as tail -r.
# perl -e 'print reverse <>' filename

Display either Files or Directories -- UNIX

I'm revisiting the common but important ls command. Here's an easy way to show either files or directories that are in the current directory.

Listing files only
# ls -l | awk '{if (substr($1,1,1) == "-") {print}}'
-rw-r--r-- 1 esoft other 103936 Jul 7 21:11 070707_archive.tar
-rw-r--r-- 1 esoft other 348672 Jul 7 21:44 07072007_archive.tar
-rw-r--r-- 1 esoft other 330240 Jul 7 21:16 07072007Y_arch.tar
-rw-r--r-- 1 esoft other 482 Jun 2 19:42 crontab_file
-rw-r--r-- 1 esoft other 1029 May 30 00:21 exclude
-rw-r--r-- 1 esoft other 0 May 30 00:24 include
-rw-r--r-- 1 esoft other 103936 Jul 7 21:14 Jul07%s070707_archive.tar
...

Listing directories only
# ls -ld */.
drwxr-xr-x 2 esoft sys 512 Oct 22 2005 default/.
drwxr-xr-x 3 esoft other 512 Jul 7 20:03 esoft/.
drwx------ 2 esoft staff 512 May 30 22:16 Mail/.
drwxr-xr-x 2 esoft other 512 Jul 7 20:57 RAID/.
drwxr-xr-x 3 esoft other 512 Jul 7 19:33 TEMP/.
drwxr-xr-x 10 esoft other 512 Jun 19 21:59 TEMP1/.
drwxrwxrwx 2 esoft other 512 May 30 00:00 data/.
drwxr-xr-x 4 esoft other 512 Jun 26 21:14 TMP/.
drwxr-xr-x 3 esoft other 512 Jun 26 21:08 TMP1/.

Display Non-printable Characters in a Text File

I received a message asking me how to see non-printable characters in a text file. Almost immediately, utilities such as vi, cat, and od come to mind. The od command clearly states which non-printable characters are present. Here are examples using a text file.

# vi filename.txt
^I^I^I^I$
$
$
$
this is a test$
^I^I^I^I$
~
: set list

# cat -vet filename.txt
^I^I^I^I$
$
$
$
this is a test$
^I^I^I^I$

# od -c filename.txt
0000000 \t \t \t \t \n \n \n \n t h i s i s
0000020 a t e s t \n \t \t \t \t \n
0000034

Related post

Using octal dump to find bad characters

Using the UNIX repeat Command

The other day I was thinking about all those sentences I had to write while in grade school (primary). It would have been great to know something about the repeat command. In all seriousness, you can use it as a separator (maybe script output). Here are some examples of its use.

# repeat 5 echo "*********"
*********
*********
*********
*********
*********
# repeat 5 echo "##########"
##########
##########
##########
##########
##########
# repeat 5 echo " "





# repeat 500 echo "I will not chew gum or backtalk."
I will not chew gum or backtalk.
I will not chew gum or backtalk.
I will not chew gum or backtalk.
I will not chew gum or backtalk.
I will not chew gum or backtalk.
...
You get the idea

Display Specific Lines in a File using sed

I'm often asked how to show specific lines in a file. The utility I use for this task is the powerful string editor or sed. Here's a brief example of its use.

For illustration purposes, I'm using the cat -n filename to show the line numbers in this script.

# cat -n filename
...
8 for i in $*
9
10 do
11
12 typeset -i16 hex
13 hex=$i
14 print $i equals $hex in hexadecimal
15
16 typeset -i8 oct
17 oct=$i
18 print $i equals $oct in octal
19
20 typeset -i2 bin
21 bin=$i
22 print $i equals $bin in binary
23
24 print
25 done
...

Prints out the for loop without displaying the line numbers
# sed -n 8,25p filename | tee for_loop

Recreate the /dev/null Link using devlinks

If you inadvertently delete the /dev/null link, you can recreate it by using the devlinks command. The null device is basically a bit bucket. Here's an example.

# cd /dev/
# ls -l null
null: No such file or directory
# devlinks
# ls -l null
lrwxrwxrwx 1 root other 27 Aug 10 16:11 null -> ../devices/pseudo
mm@0:null

If null device and link is missing, use mknod.

# cd /devices/pseudo
# mknod mm@0:null c 13 2
# chown root:sys mm@0:null
# chmod 666 mm@0:null
# devlinks

Capitalize Strings in UNIX

There might be times when you need to CAPITALIZE everything. The capitalize command handles this task well. Here is an example of its use.

Capitalize entire contents of a script or plain file
# cat testme | /usr/openwin/bin/capitalize -u
#!/BIN/KSH

IF [ $# = 0 ]; THEN
ECHO ADD AN ARGUMENT LIST
EXIT
FI
...

# cat Tech@Sakana | /usr/openwin/bin/capitalize -u
YOU CAN USE CAPITALIZE COMMAND OR THE UNIX TR COMMAND, WHICH WAS SUGGESTED BY STEPHANE KATTOOR

Capitalize the output of a command
# date | /usr/openwin/bin/capitalize -u
THU AUG 9 22:56:16 KST 2007

To lowercase , read this post: Output strings to lowercase

Display the core File Configuration

The dumpadm command is used to show the dump configuration. However, you can change the dump configuration using the dumpadm -d option, e.g. dumpadm -d /dev/dsk/the_slice_device

Note below that a crash dump would be saved in the /var/crash/esoft directory.

# dumpadm
Dump content: kernel pages
Dump device: /dev/dsk/c0t0d0s1 (swap)
Savecore directory: /var/crash/esoft
Savecore enabled: yes

Z Shell for loop -- UNIX zsh

Here is a succinct use of the for loop using the robust Z Shell. See ZSH is cool: Brace Expansion by Stéphane Kattoor for background details. Here is a practical application of the zsh for loop.

Using the Bourne shell for loop
# sh
# for i in 1 2 3 4 5 6 7 8 9 10 11 12
do
rcp -p /etc/hosts esoftclient$i:/etc
done

Now using brace expansion for the Z shell for loop
# zsh
# for i in {1..12}
do
rcp -p /etc/hosts esoftclient$i:/etc
done

# zsh
# for i in {1..100}
do
rcp -p /etc/hosts esoftclient$i:/etc
done

As you can see in the aforementioned, this inline is short and to the point.

Display the Checksum and Size for a File

The UNIX cksum command is used to display the checksum and the size of a file. This command is useful in verifying file integrity over noisy transmission lines. Here's an example of its application.

# cksum firefox-1.0-sparc-sun-solaris2.8.tar
2821005393 55203840 firefox-1.0-sparc-sun-solaris2.8.tar

I saw some email traffic from someone asking for methods of verifying files over noisy lines, so I thought this might be a useful post.

Process Control for UNIX

Here's a listing of common process controls. This listing contains controls codes accompanied with descriptions.

Control+s --> Stops screen scrolling
Control+q --> Resumes suspended display
Control+d --> Signals end of file
Control+c --> Interrupts a process
Control+z --> Suspends a foreground process
bg --> Resumes a background process
fg --> Resumes a foreground process
Control+u --> Clears command line

View the Value of a UNIX Variable

Sometimes you might want to display the contents of a variable. Why? It might be set to an incorrect value. Here's a couple basic ways of doing that.

Set variable
# csh
# setenv ESOFT /export/home/esofthub
or
# sh
# ESOFT=/export/home/esofthub; export ESOFT

View variable contents
# echo $ESOFT
/export/home/esofthub
# env | grep ESOFT
ESOFT=/export/home/esofthub

Other miscellaneous uses
# cd /
# cd $ESOFT; pwd
# ls $ESOFT
# $ESOFT/myscript.csh
THIS IS A TEST

Copy the Contents of a Magnetic Tape to Another

If you need to copy the contents of a magnetic tape to another magnetic tape, it is a fairly easy task. However, prior to copying, ensure tapes are free of errors and rewound. Here is the syntax.

# mt -f /dev/rmt/0 rewind
# mt -f /dev/rmt/1 rewind

# tcopy /dev/rmt/0 /dev/rmt/1

Clear the Terminal Screen

I use the clear command to clear out the contents of a screen. It's similar to executing a new xterm without the extra window. I sometimes use it, afterwards, when I inadvertently cat/opened a file (e.g. binary file) that can cause extraneous characters to show up in my xterm or command tool interface. You might also want to use it to prevent prying eyes (i.e. competitors, nosy sysadmins, passwords, etc). Here is the syntax to clear your xterm window.

# clear

Send Message to Users with Write All Command

When you need to send a real-time message to everyone, you can use the write all or wall command. It is normally used when there is a need to send an urgent message to everyone who is currently logged onto the system. I use it sparingly because it can be somewhat annoying to the enduser and you want users to pay attention to it. It sends the message immediately to the console. Here is its syntax.

This message is just for illustration purposes and hardly constitutes an emergency.

# wall
I hope everyone had a great and safe 4th of July weekend.
control+d

Using the Common UNIX Find Command

One of the most useful utilities in the UNIX systems resources directory is the find command. System administrators use this powerful utility frequently. Here are a few common tasks performed by the ubiquitous find command. I'll add more as time goes on.

# cd /export/home/esofthub

Find a file or directory
# find . -name TEMP -print
or
# find . -name TEMP -exec echo {} \;

Find core files in this directory tree and remove them
# find . -name "core" -exec rm -f {} \;

Find junk directories and remove their contents recursively
# find . -name "junk" -exec rm -rf {} \;

Find files not starting with "junk" OR not ending with "log"
# find . ! \( -name "junk*" -o -name "*log" \) -print

Find a pattern in a file using the recursive grep (ignore case)
# find . -type f | xargs grep -i MYPATTERN
# find . -name '*.sh' -exec grep -i MYPATTERN {} \;

Find files modified in the past 7 days
# find . -mtime -7 -type f

Find files owned by a particular user
# find . -user esofthub

Find all your writable directories and list them
# find . -perm -0777 -type d -ls
or
# find . -type d -perm 777 -print

Find all your writable files and list them
# find . -perm -0777 -type f -ls
or
#find . -type f -perm 777 -print

Find large file sizes and list them or output to file
# find . -type f -size +1000 -ls
or
# find . -type f -size +1000 -print
# find . -type f -size +2000K | tee filename

Find how many directories are in a path (counts current directory)
# find . -type d -exec basename {} \; | wc -l
53

Find how many files are in a path
# find . -type f -exec basename {} \; | wc -l
120

Find all my pipe files and change their permissions to all writable
# find . -name "pipe*" -exec chmod 666 {} \;

Find files that were modified 7 days ago and archive
# find . -type f -mtime 7 | xargs tar -cvf `date '+%d%m%Y'_archive.tar`

Find files that were modified more than 7 days ago and archive
# find . -type f -mtime +7 | xargs tar -cvf `date '+%d%m%Y'_archive.tar`

Find files that were modified less than 7 days ago and archive
# find . -type f -mtime -7 | xargs tar -cvf `date '+%d%m%Y'_archive.tar`

Find files that were modified more than 7 days ago but less than 14 days ago and archive
# find . -type f -mtime +7 -mtime -14 | xargs tar -cvf `date '+%d%m%Y'_archive.tar`

Find files in two different directories having the "test" string and list them
# find esofthub esoft -name "*test*" -type f -ls

Find files in two different directories having the "test" string and list them
# find esofthub esoft -name "*test*" -type f -ls

Find files in two different directories having the "test" string and count them
# find esofthub esoft -name "*test*" -type f -ls | wc -l
12

Find files and directories newer than CompareFile
# find . -newer CompareFile -print

Find files and directories older than CompareFile
# find . ! -newer CompareFile -print

Find files and directories but don't traverse a particular directory
# find . -name RAID -prune -o -print

Find all the files in the current directory
# find * -type f -print -o -type d -prune

Find files associated with an inode
# find . -inum 968746 -print
# find . -inum 968746 -exec ls -l {} \;

Find an inode and remove
# find . -inum 968746 -exec rm -i {} \;

Enable Stop-A or Disable Stop-A

When you run the bsmconv script, it disables the Stop-A feature. However, this can present a problem during troubleshooting efforts (e.g. problems bringing the system down to OBP level). Here's how to re-enable or disable it.

To enable Stop-A, prepend an asterisk, "*", to the following line in the /etc/system file.
# vi /etc/system
...
*set abort_enable = 0
OR
set abort_enable = 1
:wq!
# init 6

To disable Stop-A, add "set abort_enable = 0" to the /etc/system file
# vi /etc/system
...
set abort_enable =0
:wq!
# init 6

Disable C2 Security Audits on Solaris

Keep in mind that auditing takes a lot of disk space, so you will need to plan accordingly. Also, the audits are cryptic and may not be useful unless you have someone who understands them. If you weren't aware of the aforementioned, you might want to disable the Basic Security Module (BSM). Here's an example.

Go to single user state
# init s
# cd /etc/security
# ./bsmunconv
This script is used to disable the Basic Security Module (BSM).
Shall we continue the reversion to a non-BSM system now? [y/n] y
bsmunconv: INFO: moving aside /etc/security/audit_startup.
bsmunconv: INFO: restore /etc/rc2.d/S92volmgt.
bsmunconv: INFO: removing c2audit:audit_load from /etc/system.
bsmunconv: INFO: stopping the cron daemon.

The Basic Security Module has been disabled.
Reboot this system now to come up without BSM.
# init 6

Enable C2 Security Audits on Solaris

It's always a good idea to monitor activity on your server or workstation. Solaris provides a C2 auditing level system, which is the Basic Security Module (BSM). It's enabled by running the bsmconv command. Here's an example.

# cd /etc/security
# ./bsmconv
This script is used to enable the Basic Security Module (BSM).
Shall we continue with the conversion now? [y/n] y
bsmconv: INFO: checking startup file.
bsmconv: INFO: move aside /etc/rc2.d/S92volmgt.
bsmconv: INFO: turning on audit module.
bsmconv: INFO: initializing device allocation files.

The Basic Security Module is ready.
If there were any errors, please fix them now.
Configure BSM by editing files located in /etc/security.
Reboot this system now to come up with BSM enabled.

# init 6

By the way, the binary audit files (default directory /var/audit) are a bit cryptic. Use the praudit command to convert files to a ASCII format. Also, the /etc/rc2.d/S92volmgt file was moved to /etc/security/spool.

Drop User From a Sybase Database

Denying user access to a database is a fairly simple task. The sp_dropuser stored procedure makes this task possible. However, there are some things you need to ensure beforehand. First, ensure the user doesn't own any objects in the database and has grant privileges or owns the database. Usually, I like to verify the action was performed by performing a quick select on the affected table. Here is the syntax for dropping a user in Sybase.

1> sp_dropuser esofthub
2> go
1> select * from sysusers
2> go

Drop a Sybase Group

Dropping a group in Sybase is another fairly easy task. To accomplish this task, you will need use the sp_dropgroup stored procedure. But here is one caveat on dropping a group, the group must not contain any members. Here is an example.

1> sp_dropgroup esoftdb_group
2> go

Change a Sybase User's Group

Changing a user's group in Sybase is another fairly straightforward task. A user only belongs to two groups. The assigned group and default group, which is "public." You will need to use the sp_changegroup stored procedure to accomplish this task. Here is an example.

The user "esofthub" belongs to the mynewgroup and public.

1> sp_changegroup mynewgroup, esofthub
2> go

To remove a user from a group affiliation, here's an example.

1> sp_changegroup "public", esofthub
2> go

Create a Sybase Group

Creating a group in a Sybase database is an easy task. You will need to use the sp_addgroup stored procedure to accomplish the task. Here is the syntax for the current database.

# isql -Usa -Ppassword
1> use esoftdb
2> go
1> sp_addgroup esoftdb_group
2> go

Determine groups in a database
# isql -Usa -Ppassword
1> use esoftdb
2> go
1> sp_helpgroup
2> go

Determine users in a specific group
1> sp_helpgroup esoftdb_group
2> go

Dumping Sybase Transaction Log

A common database problem is transaction logs filling up when the log is not setup to automatically truncate. This can cause all sorts of problems for your database dependent applications. You will have to dump it or you could face serious performance issues. You might consider making your transaction log bigger if automatically truncating the log is not an option.

Here is the syntax.

# isql -Usa -Ppassword
1> use esoftdb
2> go
1> dump tran esoftdb with no_log
2> go

Display Sybase Login Information

The sp_displaylogin reports information on a login in Sybase. It gives detailed information such as, user identification, full name, roles, and account status. Here is its syntax.

For privilege roles

This example provides information about a privileged user.
# isql -Usa -Ppassword
1> sp_displaylogin esofthub
2> go

For non-privilege roles

This example provides information about a user’s own login.
# isql -Uesofthub -Panypassword
1> sp_displaylogin
2> go

Change Default Database for Sybase User

Here is a quick way to change the default database for a user in Sybase. This is a fairly common database administration (DBA) task which I have done on several occasions. The change can be done with the sp_modifylogin stored procedure. In the SQL example below, the esofthub login is being assigned the esoftdb as its default database. Here is its syntax.

# isql -Usa -Ppassword
1> sp_modifylogin esofthub, defdb, esoftdb
2> go