Tuesday, July 31, 2007

View the Value of a UNIX Variable

Sometimes you might want to display the contents of a variable. Why? It might be set to an incorrect value. Here's a couple basic ways of doing that.

Set variable
# csh
# setenv ESOFT /export/home/esofthub
or
# sh
# ESOFT=/export/home/esofthub; export ESOFT

View variable contents
# echo $ESOFT
/export/home/esofthub
# env | grep ESOFT
ESOFT=/export/home/esofthub

Other miscellaneous uses
# cd /
# cd $ESOFT; pwd
# ls $ESOFT
# $ESOFT/myscript.csh
THIS IS A TEST

Monday, July 30, 2007

Copy the Contents of a Magnetic Tape to Another

If you need to copy the contents of a magnetic tape to another magnetic tape, it is a fairly easy task. However, prior to copying, ensure tapes are free of errors and rewound. Here is the syntax.

# mt -f /dev/rmt/0 rewind
# mt -f /dev/rmt/1 rewind

# tcopy /dev/rmt/0 /dev/rmt/1

Clear the Terminal Screen

I use the clear command to clear out the contents of a screen. It's similar to executing a new xterm without the extra window. I sometimes use it, afterwards, when I inadvertently cat/opened a file (e.g. binary file) that can cause extraneous characters to show up in my xterm or command tool interface. You might also want to use it to prevent prying eyes (i.e. competitors, nosy sysadmins, passwords, etc). Here is the syntax to clear your xterm window.

# clear

Saturday, July 07, 2007

Send Message to Users with Write All Command

When you need to send a real-time message to everyone, you can use the write all or wall command. It is normally used when there is a need to send an urgent message to everyone who is currently logged onto the system. I use it sparingly because it can be somewhat annoying to the enduser and you want users to pay attention to it. It sends the message immediately to the console. Here is its syntax.

This message is just for illustration purposes and hardly constitutes an emergency.

# wall
I hope everyone had a great and safe 4th of July weekend.
control+d

Using the Common UNIX Find Command

One of the most useful utilities in the UNIX systems resources directory is the find command. System administrators use this powerful utility frequently. Here are a few common tasks performed by the ubiquitous find command. I'll add more as time goes on.

# cd /export/home/esofthub

Find a file or directory
# find . -name TEMP -print
or
# find . -name TEMP -exec echo {} \;

Find core files in this directory tree and remove them
# find . -name "core" -exec rm -f {} \;

Find junk directories and remove their contents recursively
# find . -name "junk" -exec rm -rf {} \;

Find files not starting with "junk" OR not ending with "log"
# find . ! \( -name "junk*" -o -name "*log" \) -print

Find a pattern in a file using the recursive grep (ignore case)
# find . -type f | xargs grep -i MYPATTERN
# find . -name '*.sh' -exec grep -i MYPATTERN {} \;

Find files modified in the past 7 days
# find . -mtime -7 -type f

Find files owned by a particular user
# find . -user esofthub

Find all your writable directories and list them
# find . -perm -0777 -type d -ls
or
# find . -type d -perm 777 -print

Find all your writable files and list them
# find . -perm -0777 -type f -ls
or
#find . -type f -perm 777 -print

Find large file sizes and list them or output to file
# find . -type f -size +1000 -ls
or
# find . -type f -size +1000 -print
# find . -type f -size +2000K | tee filename

Find how many directories are in a path (counts current directory)
# find . -type d -exec basename {} \; | wc -l
53

Find how many files are in a path
# find . -type f -exec basename {} \; | wc -l
120

Find all my pipe files and change their permissions to all writable
# find . -name "pipe*" -exec chmod 666 {} \;

Find files that were modified 7 days ago and archive
# find . -type f -mtime 7 | xargs tar -cvf `date '+%d%m%Y'_archive.tar`

Find files that were modified more than 7 days ago and archive
# find . -type f -mtime +7 | xargs tar -cvf `date '+%d%m%Y'_archive.tar`

Find files that were modified less than 7 days ago and archive
# find . -type f -mtime -7 | xargs tar -cvf `date '+%d%m%Y'_archive.tar`

Find files that were modified more than 7 days ago but less than 14 days ago and archive
# find . -type f -mtime +7 -mtime -14 | xargs tar -cvf `date '+%d%m%Y'_archive.tar`

Find files in two different directories having the "test" string and list them
# find esofthub esoft -name "*test*" -type f -ls

Find files in two different directories having the "test" string and list them
# find esofthub esoft -name "*test*" -type f -ls

Find files in two different directories having the "test" string and count them
# find esofthub esoft -name "*test*" -type f -ls | wc -l
12

Find files and directories newer than CompareFile
# find . -newer CompareFile -print

Find files and directories older than CompareFile
# find . ! -newer CompareFile -print

Find files and directories but don't traverse a particular directory
# find . -name RAID -prune -o -print

Find all the files in the current directory
# find * -type f -print -o -type d -prune

Find files associated with an inode
# find . -inum 968746 -print
# find . -inum 968746 -exec ls -l {} \;

Find an inode and remove
# find . -inum 968746 -exec rm -i {} \;


Friday, July 06, 2007

Enable Stop-A or Disable Stop-A

When you run the bsmconv script, it disables the Stop-A feature. However, this can present a problem during troubleshooting efforts (e.g. problems bringing the system down to OBP level). Here's how to re-enable or disable it.

To enable Stop-A, prepend an asterisk, "*", to the following line in the /etc/system file.
# vi /etc/system
...
*set abort_enable = 0
OR
set abort_enable = 1
:wq!
# init 6

To disable Stop-A, add "set abort_enable = 0" to the /etc/system file
# vi /etc/system
...
set abort_enable =0
:wq!
# init 6

Disable C2 Security Audits on Solaris

Keep in mind that auditing takes a lot of disk space, so you will need to plan accordingly. Also, the audits are cryptic and may not be useful unless you have someone who understands them. If you weren't aware of the aforementioned, you might want to disable the Basic Security Module (BSM). Here's an example.

Go to single user state
# init s
# cd /etc/security
# ./bsmunconv
This script is used to disable the Basic Security Module (BSM).
Shall we continue the reversion to a non-BSM system now? [y/n] y
bsmunconv: INFO: moving aside /etc/security/audit_startup.
bsmunconv: INFO: restore /etc/rc2.d/S92volmgt.
bsmunconv: INFO: removing c2audit:audit_load from /etc/system.
bsmunconv: INFO: stopping the cron daemon.

The Basic Security Module has been disabled.
Reboot this system now to come up without BSM.
# init 6

Enable C2 Security Audits on Solaris

It's always a good idea to monitor activity on your server or workstation. Solaris provides a C2 auditing level system, which is the Basic Security Module (BSM). It's enabled by running the bsmconv command. Here's an example.

# cd /etc/security
# ./bsmconv
This script is used to enable the Basic Security Module (BSM).
Shall we continue with the conversion now? [y/n] y
bsmconv: INFO: checking startup file.
bsmconv: INFO: move aside /etc/rc2.d/S92volmgt.
bsmconv: INFO: turning on audit module.
bsmconv: INFO: initializing device allocation files.

The Basic Security Module is ready.
If there were any errors, please fix them now.
Configure BSM by editing files located in /etc/security.
Reboot this system now to come up with BSM enabled.

# init 6

By the way, the binary audit files (default directory /var/audit) are a bit cryptic. Use the praudit command to convert files to a ASCII format. Also, the /etc/rc2.d/S92volmgt file was moved to /etc/security/spool.

Thursday, July 05, 2007

Drop User From a Sybase Database

Denying user access to a database is a fairly simple task. The sp_dropuser stored procedure makes this task possible. However, there are some things you need to ensure beforehand. First, ensure the user doesn't own any objects in the database and has grant privileges or owns the database. Usually, I like to verify the action was performed by performing a quick select on the affected table. Here is the syntax for dropping a user in Sybase.

1> sp_dropuser esofthub
2> go
1> select * from sysusers
2> go

Drop a Sybase Group

Dropping a group in Sybase is another fairly easy task. To accomplish this task, you will need use the sp_dropgroup stored procedure. But here is one caveat on dropping a group, the group must not contain any members. Here is an example.

1> sp_dropgroup esoftdb_group
2> go

Change a Sybase User's Group

Changing a user's group in Sybase is another fairly straightforward task. A user only belongs to two groups. The assigned group and default group, which is "public." You will need to use the sp_changegroup stored procedure to accomplish this task. Here is an example.

The user "esofthub" belongs to the mynewgroup and public.

1> sp_changegroup mynewgroup, esofthub
2> go

To remove a user from a group affiliation, here's an example.

1> sp_changegroup "public", esofthub
2> go

Create a Sybase Group

Creating a group in a Sybase database is an easy task. You will need to use the sp_addgroup stored procedure to accomplish the task. Here is the syntax for the current database.

# isql -Usa -Ppassword
1> use esoftdb
2> go
1> sp_addgroup esoftdb_group
2> go

Determine groups in a database
# isql -Usa -Ppassword
1> use esoftdb
2> go
1> sp_helpgroup
2> go

Determine users in a specific group
1> sp_helpgroup esoftdb_group
2> go

Dumping Sybase Transaction Log

A common database problem is transaction logs filling up when the log is not setup to automatically truncate. This can cause all sorts of problems for your database dependent applications. You will have to dump it or you could face serious performance issues. You might consider making your transaction log bigger if automatically truncating the log is not an option.

Here is the syntax.

# isql -Usa -Ppassword
1> use esoftdb
2> go
1> dump tran esoftdb with no_log
2> go

Display Sybase Login Information

The sp_displaylogin reports information on a login in Sybase. It gives detailed information such as, user identification, full name, roles, and account status. Here is its syntax.

For privilege roles

This example provides information about a privileged user.
# isql -Usa -Ppassword
1> sp_displaylogin esofthub
2> go

For non-privilege roles

This example provides information about a user’s own login.
# isql -Uesofthub -Panypassword
1> sp_displaylogin
2> go

Change Default Database for Sybase User

Here is a quick way to change the default database for a user in Sybase. This is a fairly common database administration (DBA) task which I have done on several occasions. The change can be done with the sp_modifylogin stored procedure. In the SQL example below, the esofthub login is being assigned the esoftdb as its default database. Here is its syntax.

# isql -Usa -Ppassword
1> sp_modifylogin esofthub, defdb, esoftdb
2> go

Tuesday, July 03, 2007

Change Password for a Sybase User

Changing passwords for a Sybase user is a fairly straightforward process. The first example deals with changing the “sa” password (privilege user) or another user's password. The second example is when a user changes their password. Here is the syntax.

Note: If your password string begins with a number, enclose it in "quotes."

# isql -Usa -Ppassword
1> sp_password old_password, new_password, sa
2> go

Changing another user's password

# isql -Usa -Ppassword
1> sp_password old_password, new_password, esofthub
2> go


Any user can change their own password

# isql -Uesofthub -Pesofthub_password
1> sp_password old password, new_password
2> go

Reset sa Password for Sybase

Here is a procedure to reset the "sa" password for Sybase. But first, the RUN_ESOFTHUB_SVR script will have be modified. Here is a terse rundown of this procedure.

Run a tail -f to observe the new SSO password in the log.
# tail -f SYBASE.log

The dataserver should not be running
# ps -ef | grep dataserver

Append the following entry, -psa, to this file
# vi RUN_ESOFTHUB_SVR
...
-psa
:wq!

Starts the dataserver
# startserver -f RUN_ESOFTHUB_SVR

Observe the new password in the console or SYBASE.log

# vi RUN_ESOFTHUB_SVR
...
-psa (delete this line)
:wq!

# isql -Usa -Pfrom_the_log_file

Now use sp_password to change the "sa" password to something permanent.

Monday, July 02, 2007

Using UNIX Redirection Symbols for Sybase

You can send input to the isql command via the command line interface. Note the ESOFT string is arbitrary. I have also included reading SQL commands from a file. Here are the examples.

# isql -Usa -Pyourpassword -Syourserver_name << ESOFT > myoutput
use esoftdb
go
select count(*) from mysoft_table
go
ESOFT

View the results
# cat myoutput

Read SQL from a file
# isql -Usa -Pyourpassword -Syourserver_name < ESOFTFILE > myoutput

View the results
# cat
myoutput

Start a Sybase Adaptive and Backup Server

You can manually start an Adaptive Server and Backup server using the startserver command. I find this useful during troubleshooting efforts because I can watch the initialization output in real-time. Here's the syntax.

Starts only the Adaptive Server
# startserver -f RUN_ESOFTHUB_SVR

Starts both the Adaptive and Backup servers
# startserver -f RUN_ESOFTHUB_SVR -f RUN_SYB_BACKUP

Starts only the Backup Server
# startserver -f RUN_SYB_BACKUP

If you want to shutdown the dataserver, go to this post:
Shutdown DBMS (Sybase)

Sunday, July 01, 2007

Terminate or Kill a Sybase Process

From time to time, you may need to kill an internal Sybase process or processes. This requires using Sybase’s sp_who command ascertain the process identification or PID. Then you will use the kill command. Here is a run of how to kill a process via SQL.

1> sp_who
2> go
1> kill PID
2> go

I always like to reconfirm that the process or processes was/were killed.

1> sp_who
2> go

For a specific login
1> sp_who esofthub
2> go
1> kill esofthub_PID
2> go