Monday, December 29, 2008

Clean-up Dangling Dev Links - sp diff: name finddevice

A couple weeks ago we encountered the "sp diff" message below on bootup. The message iterated about 15-20 times before continuing the final bootup sequence, which took at least twice as long as normal. 

A colleague of mine recalled performing some multipathing activities a few days earlier and thought there might be some dangling dev links as a result. 

To resolve the issue, the devfsadm command was executed in cleanup mode, -C.

sp diff: name finddevice, nargs 1, nret 1,sp 0xf05d35b8 osp 0xf05d35a8
sp diff: name finddevice, nargs 1, nret 1,sp 0xf05d35b8 osp 0xf05d35a8
sp diff: name finddevice, nargs 1, nret 1,sp 0xf05d35b8 osp 0xf05d35a8
sp diff: name finddevice, nargs 1, nret 1,sp 0xf05d35b8 osp 0xf05d35a8
sp diff: name finddevice, nargs 1, nret 1,sp 0xf05d35b8 osp 0xf05d35a8
...

# devfsadm -C -v
# init 6

Update: A message from a colleague who requested not to be named.

stmsboot -e will enable multipathing, the system needs to be rebooted in order for it to take effect.

When the system comes up, you will notice long device names in
/dev/dsk/. It may be coincidence but I noticed that the number of
multipathing devices listed match the number of sp diff lines that are
displayed.

Next, I did a stmsboot -d to disable multipathing and rebooted the
system. When the system came back online, I still saw the sp diff lines.

Lastly, I did the devfsadm -C -v and I saw it clean up the device links. I rebooted the system again and the sp diff lines were gone.

You would think that disabling multipathing should delete the links but
it doesn't.

Friday, December 26, 2008

Use Z-Shell for loop to Compact Argument List

The other day I pinged a number of remote workstations to observe Round Trip Times (RTT) but forgot to eliminate a few series of contiguously numbered remotes that were known to be powered-off. Needless to say, the pinging effort was taking longer than it should have -- I promptly aborted the effort. Here is an example of a compact way of performing this common task using a Z-Shell for loop.

# zsh
# for blog in {1..5} {7..13} {15..22} {27..37}
for> ping -s mysysad$blog 1024 5

Friday, December 12, 2008

My SysAd Blog Temporarily Reverts to its Legacy Blogspot URL

This evening I was checking my web statistics and noticed mysysad.com's traffic had plummeted. At first, I thought it had something to do with me adding a comment widget. You know the deal..."what did you change?" is a common sysad retort. But I quickly realize that was not the issue; it was a DNS issue. Here is a run of the events using the ubiquitous ping command. By the way, I have linked back to sysad several times because I have my very own unsolicited blog scraper.

Checking Google Server (nslookup and ping)

C:\Users\esoft>ping ghs.google.com

Pinging ghs.l.google.com [209.85.171.121] with 32 bytes of data:
Reply from 209.85.171.121: bytes=32 time=128ms TTL=236
Reply from 209.85.171.121: bytes=32 time=155ms TTL=236
Reply from 209.85.171.121: bytes=32 time=129ms TTL=236
Reply from 209.85.171.121: bytes=32 time=155ms TTL=236

Ping statistics for 209.85.171.121:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 128ms, Maximum = 155ms, Average = 141ms

Pinging My SysAd Blog

C:\Users\esoft>ping mysysad.com

Pinging mysysad.com [64.233.179.121] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 64.233.179.121:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Pinging My SysAd Blog but now by IP

C:\Users\esoft>ping 64.233.179.121

Pinging 64.233.179.121 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 64.233.179.121:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Pinging another known Google Server IP (ghs.google.com) for Blogspot

C:\Users\esoft>ping 66.249.81.121

Pinging 66.249.81.121 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 66.249.81.121:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Reverted My SysAd Blog to its legacy Blogspot URL via backend

C:\Users\esoft>ping esofthub.blogspot.com

Pinging blogspot.l.google.com [72.14.207.191] with 32 bytes of data:
Reply from 72.14.207.191: bytes=32 time=182ms TTL=237
Reply from 72.14.207.191: bytes=32 time=207ms TTL=237
Reply from 72.14.207.191: bytes=32 time=181ms TTL=237
Reply from 72.14.207.191: bytes=32 time=179ms TTL=237

Ping statistics for 72.14.207.191:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 179ms, Maximum = 207ms, Average = 187ms

Pinging esofthub.blogspot.com IP

C:\Users\esoft>ping 72.14.207.121

Pinging 72.14.207.121 with 32 bytes of data:
Reply from 72.14.207.121: bytes=32 time=210ms TTL=237
Reply from 72.14.207.121: bytes=32 time=210ms TTL=237
Reply from 72.14.207.121: bytes=32 time=179ms TTL=237
Reply from 72.14.207.121: bytes=32 time=182ms TTL=237

Ping statistics for 72.14.207.121:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 179ms, Maximum = 210ms, Average = 195ms

Edited A-Record settings with my domain registrar, yahoo.com, and then returned My SysAd Blog to www.mysysad.com via Blogger's backend...waited a few minutes

C:\Users\esoft>ping mysysad.com

Pinging mysysad.com [72.14.207.121] with 32 bytes of data:
Reply from 72.14.207.121: bytes=32 time=207ms TTL=239
Reply from 72.14.207.121: bytes=32 time=178ms TTL=239
Reply from 72.14.207.121: bytes=32 time=180ms TTL=239
Reply from 72.14.207.121: bytes=32 time=181ms TTL=239

Ping statistics for 72.14.207.121:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 178ms, Maximum = 207ms, Average = 186ms

C:\Users\esoft>

Here is another domain name issue I had back in April 2008

Saturday, November 29, 2008

copy running-config startup-config

We had an issue a couple weeks ago when our power failed and so did the UPS. At first, everything seem to come back online as usual but later we noticed a "network issue." We didn't think much of it because operations were only somewhat degraded. After a few more tests, we noticed that our old style Cisco ATM switch had reverted to our legacy configuration. Apparently, the new running configuaration was not saved.

At any rate, here are the steps to save the running configuration for this particular IOS.

Hyperterminal or Telnet into switch
enable
Password goes here
config terminal

run your configuration commands here
...
and soforth
control+Z
enable
show running-config
show startup-config

Friday, November 28, 2008

A Blogger is Copying Your Contents "ditto"

Anonymous said...
Think this guy http://*tips.blogspot.com/2008/11/ftp-using-one-liner-and-perl-script.html is copying your contents "ditto"

chk out 
http://*tips.blogspot.com/2008/11/ftp-using-one-liner-and-perl-script.html
http://*tips.blogspot.com/2008/11/ftp-using-shell-script.html

=======

I was notified by the aforementioned My SysAd Blog commenter that another blogger was blatantly lifting content from "My SysAd Blog." I tried contacting the blogger but he or she was missing contact information on their blog. I left a comment on one of the offending posts regarding the infraction. Frankly speaking, I do not mind people using the tips or even copying them but do not copy without linking back. I appreciate the commenter who brought this to my attention. Thanks.

So far, I found 13 posts that were verbatim on the blog. I left a comment on this post,  unable-to-switch-user.html, and I noticed it has since been deleted. 

http://*tips.blogspot.com/2008/10/strip-prepended-string-from-filename.html
http://*tips.blogspot.com/2008/10/mounting-iso-and-dd-image-files.html
http://*tips.blogspot.com/2008/11/unable-to-switch-user.html 
http://*tips.blogspot.com/2008/11/ftp-using-shell-script.html
http://*tips.blogspot.com/2008/11/common-unix-find-commands.html
http://*tips.blogspot.com/2008/11/howto-remove-file-or-directory.html
http://*tips.blogspot.com/2008/11/inline-shell-script-with-for-loop.html
http://*tips.blogspot.com/2008/11/determine-directory-size-recursively.html
http://*tips.blogspot.com/2008/11/ftp-using-one-liner-and-perl-script.html
http://*tips.blogspot.com/2008/10/hardware-mismatch-for-fibre-channel.html
http://*tips.blogspot.com/2008/10/convert-decimal-to-hexadecimal-octal-or.html
http://*tips.blogspot.com/2008/10/delete-user-account-with-userdel-via.html
http://*tips.blogspot.com/2008/10/install-solaris-boot-block.html

Friday, October 03, 2008

Strip a Prepended String From a Filename - Unix

I had a process that was pre-pending by design its PID to a file name string. But unfortunately, it caused a few unexpected problems when this handling process inadvertently terminated. I had to rename the files without the defunct pre-pended PID string and then reprocess them (several thousand).

Here is what I used as a quick and dirty procedure.

# csh
# ls
prependPID_filename_etc1 prependPID_filename_etc2 prependPID_filename_etc3 prependPID_filename_etc4
# foreach filename (prependPID*)
? mv $filename `echo $filename | sed 's/prependPID_//'`
? end
# ls
filename_etc1 filename_etc2 filename_etc3 filename_etc4

# zsh
# ls
prependPID_filename_etc1 prependPID_filename_etc2 prependPID_filename_etc3 prependPID_filename_etc4
# for i in prependPID*
for> mv $i `echo $i | sed 's/prependPID_//'`
# ls
filename_etc1 filename_etc2 filename_etc3 filename_etc4

Tuesday, September 16, 2008

IrfanView - Comprehensive Graphic Viewer for Windows

Yesterday, we were trying to run a couple practice exams via CD to prepare for a security based certification. However, our normal players didn't support the required file format. As usual, it was time to perform a quick Internet search. After awhile, I found this one viewer, IrfanView, which supported many different file formats - to include the one I was searching for. I downloaded the viewer and then later its plugins. It worked like a champ for my particular task. Anyways, here is some information about IrfanView and its supported file formats.

From Mr. Irfan Skiljan's website:

What is IrfanView?

IrfanView is a very fast, compact and innovative FREEWARE image viewer/converter for Windows 9x/ME/NT/2000/XP/2003/Vista.

IrfanView is fast and small, with extremely low system resources requirements. It is trying to be simple for beginners and powerful for professionals.

Supported file formats:
AIF, ANI/CUR, ASF, AU/SND, AVI, AWD, B3D, BMP/DIB, CAD formats, CLP, DDS, Dicom/ACR, DJVU, ECW, EMF/WMF, EPS/PS/PDF, EXR, FITS, FPX (FlashPix), FSH, G3, GIF, HDR, HDP/WDP, ICO/ICL/EXE/DLL, IFF/LBM, IMG (GEM), JPG2000, JPG, JPM, KDC, LDF, LWF, MED, MID/RMI, MNG/JNG,OV, MP3, MPG, MrSID, NLM/NOL/NGG, OGG, PBM/PGM/PPM, PCX/DCX, PhotoCD, PNG, PSD, PSP, PVR, RAS/SUN, RAW, Real Audio (RA), RLE, SFF, SFW, SGI/RGB, SWF/FLV, TGA, TIF, TTF, TXT, WAD, WAV, WBMP, XBM, XPM, CRW/CR2, VTF, DNG, NEF, ORF, RAF, MRW, DCR, X3F, PEF, SRF, EFF, DXF, DWG, HPGL, CGM, SVG, etc.

Some features of IrfanView:
Multi language support, thumbnail option, slideshow, fast directory browsing, batch conversion/editing, multipage editing, file search, email, print, Paint plugin - to paint lines, circles, arrows, straighten image etc., support for color profiles, change color depth, scanning, cut/crop, IPTC edit, capturing, lossless JPG operations, effects (sharpen, blur, Adobe Photoshop filters), EXE/SCR creating, many hotkeys, many command line options, 50+ plugins...

Microsoft Media Player Plug-In: allows IrfanView to read following formats: ASF, AU/SND/AIF, AVI, MID/RMI, MOV, MP3, MPG/MPEG, WAV, WMA, WMV.

Support for Apple QuickTime (Plug-In): allows IrfanView to read following formats: MOV, QTIF, Mac PICT, and FLI/FLC.

IrfanView was the first Windows graphic viewer (worldwide) with Animated-GIF support!

FREEWARE for non commercial use!

By the way, this was an unsolicited and unpaid post.

Friday, August 29, 2008

Mounting ISO and DD Image Files

Occasionally, I'll download an image file and want to see what is on it, or make a few changes to it before burning it to CD.

The image file (dd, iso, etc) can be mounted using the loop device. You will need to know the type of filesystem the image uses.

Most Linux/Unix-based OS's have an application that will help you identify the filesystem type. Debian includes the command /lib/udev/vol_id, SUSE has the same command but in a different location (/sbin/vol_id). If you know how to get this information on a SUN box, please leave a comment for us.

If you don't have a command that will tell you the filesystem type, you can guess. Most images downloaded from the Internet will be iso9660, Windows filesystems are normally ntfs, Linux are commonly ext2, and Macintosh are udf or hfs.

As a last resort, you can work your way down the list of filesystem types listed in the mount man pages.

After you know the filesystem type, you are ready to mount.
Note: replace <_type> with the filesystem type.

To mount the file livebootcd.iso with write enabled:

mount -t <_type> -o loop ./livebootcd.iso /mnt

To mount an image made from a Windows partition in read-only mode:

mount -t ntfs -o loop,ro,umask=0222 ./evidence.dd /mnt

Post provided by Mary M. Chaddock

Tuesday, August 19, 2008

Hardware Mismatch for Fibre Channel Hard Drive

We had a hard drive (FC) mismatch and had to rebuild the path_to_inst file and /dev/rdsk/*, /dev/dsk/* and /dev/rmt/* directories. We had two drives (but the backup drive was inoperable), so instead of booting off the backup, we had to recover via cdrom. That part was a little trickier than expected. After a little web searching, a handy disaster discovery procedure (hardware mismatch) was found on the Sun BigAdmin site.

Method 1 (towards the bottom of the Sun page)

Here is what was done.

Boot from CDROM
ok boot cdrom -s
# mount /dev/dsk/c1t#d#s0 /mnt
Rename path_to_inst
# mv /mnt/etc/path_to_inst /mnt/etc/path_to_inst.org
Remove all old device links
# rm /mnt/dev/rdsk/c1*; rm /mnt/dev/dsk/c1*; rm /mnt/dev/rmt/*
Rebuild path_to_inst and devices (this (syntax) was the part we were missing)
# devfsadm -r /mnt -p /mnt/etc/path_to_inst
**Note: Suspect corrupted bootblock? - reinstall it.
# cd /mnt/usr/platform/`uname -i`/lib/fs/ufs
# /mnt/usr/sbin/installboot bootblk /dev/rdsk/c1t#d#s0
Unmount root slice and reboot
# cd /
# umount /mnt; init 6

By the way, we tried method two (boot -rav) prior to performing the web search but each attempt failed.

Unable to Switch User Error - su: no shell

We had some users complaining about not being able to switch or substitute user, su. Here is the error message they were receiving: "su: no shell.” At first I thought the users had inadvertently locked out their accounts. But after querying nisplus and checking the file-based users, I didn’t observe any locked accounts. I tried switching to various users from root and received the same error. Then I tried switching user on a different workstation - no problem. The problem was tied to a particular box.

Then we used the truss command to trace the system/lib calls. It pointed to an unexpected access/permission issue. Observed the /usr directory was set to 600. Frankly speaking, the permission problem was somewhat a surprise since it was working fine the previous day. At any rate, changed the permissions and things were back to normal.

# truss su esofthub

Sunday, August 03, 2008

iPod Disconnected During Recharge

I know this topic is not Unix or sysadmin related, but I thought I'd document it for reference. This morning one of our personal home computers was inadvertently powered off while an iPod was recharging. To me, it didn't seem like a big deal. The PC was powered back up and the iPod was "reconnected" and it should be “okay.” But after six hours or so, I was frantically informed the iPod screen was still frozen – the "Do not disconnect" message and its related symbol were still displayed.

I started wondering if I was going to have to shell out another 400 bucks, especially since I was the inadvertent power off culprit. I asked for the manual but it was MIA--no surprise there. It was time for a quick Web search.

I found this little jewel on the Apple support site: “Try resetting your iPod to solve common problems by pressing and holding the Menu and Select buttons until the Apple logo appears, about 6 to 10 seconds. You may need to repeat this step.”

Whew, it worked the first time.

Thursday, July 31, 2008

Citrix Users Report Login Issue on Unix Workstation

A few days ago, one of our remote Citrix workstation users reported a login issue. Here was the error message displayed on the client interface.

"Your account is configured to prevent you from using this computer."

To fix the issue, I confidently used the "tried and true" procedure described below. At the same time, I was “showing” someone else how to address the issue. I was quite surprised when the procedure didn't work. The registry key values were not displaying in the right pane. The only thing showing up was the tree structure, no data. After awhile, I realized the regedt32 editor was not set to “View->Tree and Data”; it was only set for “View->Tree” structure. After making the trivial adjustment, we ran through the procedure without incident.

Here is the procedure - Source: MS Help and Support

Part 1: Disable the Security Policy
Disable the following Group Policy setting on either the default domain or the domain controller organizational unit:
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Shut down your system immediately if unable to log security audits
You can find this policy on the default domain policy, default domain controller policy, and local security policy.

Note: After you disable the security policy, you must also remove the security policy registry key.

Back to the top
Part 2: Edit the CrashOnAuditFail Registry Key
1. Click Start, and then click Run.
2. In the Open box, type regedt32.exe, and then click OK.
3. Click the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail
4. In the right pane, double-click CrashOnAuditFail.
5. In the Value data box, type 0 (zero), and then click OK.
6. Click Start, and then click Run.
7. In the Open box, type secedit /refreshpolicy machine_policy /enforce, and then click OK to apply the new security setting.
8. Restart your server.

Friday, July 25, 2008

System Administrator Appreciation Day

Today is System Administrator Appreciation Day. As SysAdminDay puts it, it is a thankless job for 364 days. You do not receive a lot of attention when things are going well. But when things do go wrong, you do, in deed, receive a lot attention - the type that spikes your stress level. You routinely get those dreaded calls between 12 am and 4 am or on your days off: "I need YOU to come in ASAP!" A lot of people will say that SysAdmins can just work from home. I wish. You can be rest assured that is not always the case or even possible (depending on the type of work).

By the way, you are reading this post because some underappreciated system administrator at Blogger is taking care of the "behind the scenes" activities - Thank you Mr/Ms. SysAd @Blogger.

But when it is all said and done for me, being a SysAdmin is one of the best darn occupations in the world. Frankly speaking, I really can not think of a more interesting profession.

By the way, today, we lost an inspirational leader in the field of computing: Dr. Randy Pausch, "Last Lecture Professor," 1960-2008

Monday, July 21, 2008

Inadvertent Use of Duplicate Group ID

We were trying to limit the number of regular users who could use xterm or cmdtool for security reasons. A user-defined group was created and admins/non-regulars were assigned to it. Unfortunately, the admins/non-regulars were mysteriously denied xterm/cmdtool execution, which definitely was not the desired effect. Permission denied. That feedback was a bit perplexing because the admins/non-regulars were supposeably assigned to the newly created group per niscat. After a little troubleshooting, it was discovered the newly created group ID matched an existing group’s GID in a different name service database. The GID issue was corrected and xterm worked like a champ.

Tuesday, July 15, 2008

UNIX Admin Corner and the IT Island

I thought James Dickens of UNIX Admin Corner wrote a short but interesting post a few days ago. His post was titled "Why is IT such an Island." It was something to ponder regarding the rapidly growing IT community. Personally, I share a similar opinion with Mr. Dickens and felt it was a fair portrayal of the IT community.

Here is an excerpt of his post: "Seems like everywhere I go, people in IT act like they are on an island, they don't attend user groups, Geek/Techy relationships I have with others seem to be rare, they don't visit or much less hang out on irc (.i.e. freenode) most don't follow blogs...Read more plus comments"

I know sites like UNIX Forums are great places to get your tech-related questions answered or simply share your knowledge, but where are the social sites geared to the hard-core UNIX/Technical community. I think it would be beneficial if we had a mybloglog or blogcatalog type site that primarily focused on connecting techies.

Presumably some would say large social behemoths such as facebook (general) or linkedin (general professional-oriented) already fill that niche by having user-defined techie groups. That might be true but I think most techies join those groups as a side note. I do.

Monday, June 30, 2008

FTP Using a One-Liner and Perl Script

A colleague of mine, Mahlon Anderson, wanted to revisit the FTP Using a Shell Script post.

Here is what he had to say...

Here is a creative way to put an FTP command on a single line. Why one line? The short story is I needed to do an ftp in a crontab without calling another script.

Three things to note:

1) I have only tested this with Solaris 8.
2) This works in the one true shell, Bourne shell.
3) If you have a "$" in your password, it might cause you problems.



Use this in a Perl script. (I didn’t have access to the CPAN FTP module)

# vi myftp.pl

#!/usr/bin/perl

$USER = “esoft”;
$PASSWORD=”myftp125”;
$REMOTE=”esoft”;
$DIR=”/jpg_dir;
$FILE=”esoft.jpg”;
$echo = ‘echo “quote user ‘ . $USER. ‘\nquote pass ‘ . $PASSWORD .’\nbin\nlcd ‘ . $DIR . ‘\nmput $FILE\n”’;
@status = ‘$echo| ftp –nv $REMOTE‘;
print @status;
:wq!

The FTP module is for doing FTP directly with Perl...basically system calls to the C library directly. With the right modules, you can do all that from Perl without having to resort to the back quotes.

Run via CLI

# ./myftp.pl

Sunday, June 29, 2008

Show HTML Tags Within a Blogger Post

Previously, I was having issues displaying HTML tags within a Blogger post. To get around that pesky issue, I used an underscore, e.g. <_head>,<_title>, <_file>, etc, or generated a jpg image of the example to demonstrate the use of a particular tag. But this action made it inconvenient to simply cut and paste without the arduous task of retyping or modification. Now I am using the textarea tag and it seems to be working fine with the Blogger platform.

Note: If you get the following error message when publishing/saving: "Your HTML cannot be accepted: Tag is not allowed: <_whatever_tag>", check the box to ignore.

Here is an example run that is followed by the parameters used for the textarea.




Wednesday, June 25, 2008

An Enhanced and More Powerful Syslog App - syslog-ng

We recently purchased a new network application/appliance.

As part of my normal practice, I wanted to configure the
appliance to duplicate its logs to our centralized syslog server.
With standard syslogd, you add one line to your configuration
file (syslog.conf) and restart the daemon.

But this appliance uses syslog-ng, an enhanced and more
powerful syslog application.

The syslog-ng configuration file (syslog-ng.conf) includes
four main components: source, filter, destination, and log.

1. source (required) - This tells syslog-ng the source of
the log data. This could be a network port, streams,
a file (/proc/kmsg).

2. filter (optional) - If you want to throw all your log
data into one file, you don't need a filter.

3. destination (required) - Syslog-ng needs to know what
to do with the data it reads from "source". Destination
can be a file, a remote server IP, a pipe, usertty, etc.

4. log (required) - This is the line that makes it all
happen by bringing the above items together.

This line basically says:
"look at all the logs coming from $source, pull
this $filter and save it in $destination."

NOTE: You can include multiple source, filter and
destination on this line.

For example:
I want to configure syslog-ng to send all logs to a
local file and to my Centralized Log Server (IP 1.2.3.4)

-----------------
# Solaris Configuration:

# SOURCE
# This source entry allows locally generated logs to be captured

source local { sun-streams("/dev/log" door("/etc/.syslog_door")); internal(); };

# FILTER (optional)
# I'm not defining any filter since I want everything.

# DESTINATION
# I want to send the logs via standard syslog udp port to IP# 1.2.3.4)
# and to a file locally, /var/log/everything.log.

destination logserver { udp("1.2.3.4"); };
destination localfile { file("/var/log/everything.log"); };

# LOG

log { source(local); destination(logserver); destination(localfile); };

---------------

After you edit your configuration file, you can verify the syntax using this command:

$ syslog-ng -s

If you don't have any errors, restart your syslog-ng daemon.
You should now be logging everything to the file /var/log/everything.log as well as to the remote log server.

Post provided by Mary M. Chaddock

Sunday, June 15, 2008

Goosh.org - NOT an Official Google Shell

After reviewing my statistics today, I found a couple referrals from this website, goosh.org. At first, I did not think much of its Spartan appearance (like I have room to talk). But after tinkering with it awhile, I realized it was pretty darn functional. As you can see below, it behaves similar to a UNIX shell.

By the way, the author of the utility states this is NOT an official Google product! As usual, here is an example run.

Goosh goosh.org 0.4.4-beta #1 Tue, 03 Jun 08 22:59:00 UTC Google/Ajax

Welcome to goosh.org - the unofficial google shell.

This google-interface behaves similar to a unix-shell.
You type commands and the results are shown on this page.

goosh is powered by google.

goosh is written by Stefan Grothkopp (email address deleted)
it is NOT an official google product!

Your language has been set to: en (use lang to change it)
Enter help or h for a list of commands.

guest@goosh.org:/web>
guest@goosh.org:/web> help

help

command aliases parameters function
web (search,s,w) [keywords] google web search
lucky (l) [keywords] go directly to first result
images (image,i) [keywords] google image search
wiki (wikipedia) [keywords] wikipedia search
clear (c) clear the screen
help (man,h,?) [command] displays help text
news (n) [keywords] google news search
blogs (blog,b) [keywords] google blog search
feeds (feed,f) [keywords] google feed search
open (o) open url in new window
go (g) open url
more (m) get more results
in (site) search in a specific website
load load an extension
video (videos,v) [keywords] google video search
read (rss,r) read feed of url
place (places,map,p) [address] google maps search
lang change language
addengine add goosh to firefox search box
translate (trans,t) [lang1] [lang2] google translation
ls [command] lists commands
cd change mode

- Enter green commands without parameters to change default mode.
- Anything that's not a command will search in current default mode.
- Aliases will expand to commands. Numbers will expand to corresponding search results.
- Use cursor up and down for command history.
- Enter keyword and hit the tab-key for tab-completion.

guest@goosh.org:/web> translate english spanish Father's Day
translating "Father's Day" from "english" to "spanish":

"Día del Padre"

guest@goosh.org:/web> t english german Father's Day
translating "Father's Day" from "english" to "german":

"Vatertag"

Wednesday, June 11, 2008

Configure Power Management with power.conf

I had a few (actually more than a few) in-house complaints regarding my personal workstation’s uptime schedule. The complaints were legitimate since the box goes largely unused. With today’s ($137/barrel) spiraling energy costs, I can understand the concern. So to quell the incessant complaints, I decided to better manage its power consumption - modified the /etc/power.conf file.

Here is an example.
# more /etc/power.conf
autopm default
# Auto-Shutdown Idle(min) Start/Finish(hh:mm) Behavior
autoshutdown 30 9:00 9:00 noshutdown
statefile /export/home/.CPR

Changed to: After 20 minutes of non-use, shutdown.
# vi /etc/power.conf
autopm default
# Auto-Shutdown Idle(min) Start/Finish(hh:mm) Behavior
autoshutdown 20 0:00 0:00 shutdown
statefile /export/home/.CPR
:wq!

Let power management know of the change
# /usr/sbin/pmconfig

Tuesday, June 03, 2008

General Purpose Debugger for Core File Analysis

One of my co-workers had an early morning interview for a Principal Systems Administration position. Per the job description, he thought the position dealt mostly with Windows-based systems and a little UNIX. But after chatting with him post-interview, it was apparent that it was the latter. He seemed a bit shell-shocked. Why? He said the much younger interviewer had a plethora of detailed questions related to UNIX commands. I don't think he prepared as well for the UNIX side as he did for the Windows side. Unfortunately, he was only given a couple days to prepare.

Here is one of several commands he kept asking me about.

What UNIX command do you use when you want to perform analysis on a core file?

Here are a couple examples of the general purpose debugger, adb.

# adb /apps/myapps/bin/myexecutable /apps/myapps/bin/core
# adb -k vmunix.n vmcore.n

Core files generate a lot of lines and you might be able to extract some of text-based lines with the strings commands.
# strings core | grep -i pattern

Search for other debuggers and then consult the man pages
# catman -w (if you don't have a windex)
# man -k debugger

By the way, Sun has a script, iscda.sh, to read core files via SunSolve.
# $HOME/iscda.sh vmunix.n vmcore.n

Wednesday, May 21, 2008

Creating an Encrypted DVD with Debian Linux

As a network security professional, I occasionally need to save data relating to an investigation to a DVD. The data is often sensitive and requires encryption.

I found great tutorials at HOWTO Burn Encrypted DVDs and HOWTO Compile an aespipe Program

Below is my brief step-by-step guide. (Detailed information can be found at the above links.)

Note: Requirements aespipe (I use Debian Linux, which would loop-aes-modules)

Step 1:
Create a directory with the files you want to save on CD (or DVD).
In this example, we'll create a directory named WALDO.

Step 2 (you will be prompted to enter a passphrase):

$ yes "" dd of=image.iso bs=512 count=16
$ head -c 2925 /dev/random uuencode -m - head -n 66 tail -n 65 \
gpg --symmetric -a dd of=image.iso conv=notrunc

Step 3:
$ mkisofs -quiet -r WALDO aespipe -K WALDO.iso -O 16 >> WALDO.iso

Step 4: Test it by mounting on loopback

$ mount -t iso9660 WALDO.iso /cdrom -o \
loop,encryption=AES128,gpgkey=WALDO.iso,offset=8192

Step 5: Burn the iso (k3b works fine)

Step 6: mount the cd via fstab entry or:
$ mount -t iso9660 /dev/cdrom /cdrom -o \
loop,encryption=AES128,gpgkey=/dev/cdrom,offset=8192

Post provided by Mary M. Chaddock

Sunday, May 18, 2008

Perform Elementary Encryption with tr Command

Reading the "Stars and Stripes" newspaper today, I ran across the popularly syndicated JUMBLE puzzle, which is a scrambled word game. Interestingly enough, the versatile UNIX tr command came to mind again. By providing a jumbled alphabet key, the UNIX tr command can perform an elementary encryption operation. Here is a simple example.

To "encrypt" the contents of mysysad.txt in uppercase.
# sh
# cat mysysad.txt | tr '[a-z]' '[A-Z]' | tr '[A-Z]' "PETRUSCMANFXZJOIVKBGWHDYLQ" > mysys.txt

# more mysys.txt
GMU GKPJBXPGU WGAXAGL IKOHARUB HUKBPGAXGL DAGMAJ WJAY.

To "decrypt" the contents of mysys.txt in lowercase (original state)
# cat mysys.txt | tr "PETRUSCMANFXZJOIVKBGWHDYLQ" '[a-z]'

Or use the echo command per Denis' (commenter) suggestion
# echo "GMU GKPJBXPGU WGAXAGL IKOHARUB HUKBPGAXGL DAGMAJ WJAY." | tr 'PETRUSCMANFXZJOIVKBGWHDYLQ' '[a-z]'

Friday, May 16, 2008

Using XAMPP From Apache Friends

Several months ago, I installed the latest and greatest version of Apache web server. In addition, I installed PHP and MySQL. Well, I found that effort a little trickier to tackle on my box. Fortunately, an acquaintance recommended using XAMPP from Apache Friends.

I found XAMPP easy to install, a time saver, and to use - just download, extract and start.

Available for the following platforms:

XAMPP for Linux
The distribution for Linux systems (tested for SuSE, RedHat, Mandrake and Debian) contains: Apache, MySQL, PHP & PEAR, Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm, zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl, FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.

XAMPP for Windows
The distribution for Windows 98, NT, 2000, 2003, XP and Vista. This version contains: Apache, MySQL, PHP + PEAR, Perl, mod_php, mod_perl, mod_ssl, OpenSSL, phpMyAdmin, Webalizer, Mercury Mail Transport System for Win32 and NetWare Systems v3.32, Ming, JpGraph, FileZilla FTP Server, mcrypt, eAccelerator, SQLite, and WEB-DAV + mod_auth_mysql.

XAMPP for Mac OS X
The distribution for Mac OS X contains: Apache, MySQL, PHP & PEAR, SQLite, Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, zlib, Ming, Webalizer, mod_perl, eAccelerator, phpSQLiteAdmin.
WARNING: This version of XAMPP is still in the first steps of development. Use at you own risk!

XAMPP for Solaris
The distribution for Solaris (developed and tested with Solaris 8, tested with Solaris 9) contains: Apache, MySQL, PHP & PEAR, Perl, ProFTPD, phpMyAdmin, OpenSSL, Freetype2, libjpeg, libpng, zlib, expat, Ming, Webalizer, pdf class.
WARNING: This version of XAMPP is still in the first steps of development. Use at you own risk!

Here is the download link for XAMPP and it is free of charge.

Thursday, May 15, 2008

UNIX From Command Prints Mailbox Header Lines

The /usr/ucb/from UNIX command prints out the mail header lines in your mailbox file. It shows you who the mail is from. Here is an example run for this command.

Display mail header lines in your mailbox file
# /usr/ucb/from
From root Sun Mar 16 03:15:01 2008
From root Sun Mar 23 03:15:00 2008
From root Sun Mar 30 03:15:01 2008
From root Sun Apr 6 03:15:01 2008
From root Sun Apr 13 03:15:01 2008
From esoft Thu May 15 19:50:10 2008

Display mail header for mail sent by sender
# /usr/ucb/from -s esoft
From esoft Thu May 15 19:50:10 2008

Display mail header lines for a user's mailbox file
# /usr/ucb/from soft
From soft Sun Feb 10 03:10:41 2008
From soft Sun Feb 10 03:15:01 2008
From soft Sun Feb 17 03:10:41 2008
From soft Sun Feb 17 03:15:01 2008
From soft Sun Feb 24 03:10:41 2008

Saturday, May 10, 2008

Protect your Site Against Questionable Redirects and Frames

After reviewing statistics for my topsite blog directory, I observed traffic from a website that uses redirects and frames to exploit my website with questionable advertisements (porn). Here is the format: http://????????.com/go/?/301??/http://www.topbloglists.com. I inserted the "?" as substitutes.

Obviously, I felt my site was being hijacked and I was miffed. But this was not the first time this happened to me.

Approximately two months ago, I emailed the webmaster three times requesting their members NOT be allowed to employ links that use frames to create banner-like ads above my pages. I never received a response to my emails, but the activity did stop until today.

Luckily, I found this script to deal with the issue. Place it within the <_head>. Here is the script's source along with a post on questionable linking.

Friday, May 09, 2008

Shell Based Random Number Generator

I observed a a few searches in my metadata stats for a shell based random generator. I know Korn, Bash, and Z Shell shells support a RANDOM variable. Depending on the shell, I will use a print and/or echo command to output its value. The pseudo-random generator outputs an integer between 0 and 32767 - yes, a very limited range. Here are a few examples for these three different shells.

Korn Shell
# ksh
# echo $RANDOM
23508
# echo $RANDOM
22618
# echo $RANDOM
1864
# echo $RANDOM $RANDOM
4958 29989
# print $RANDOM
30418
# print $RANDOM
4992
# print $RANDOM $RANDOM $RANDOM
29436 27342 12946

Seed the sequence of numbers
# RANDOM=100
# print $RANDOM
12662
# echo $RANDOM
23392
# RANDOM=100
# echo $RANDOM
12662
# echo $RANDOM
23392

Bash Shell
# bash
# echo $RANDOM
3107
# echo $RANDOM
7897

Z Shell
# zsh
# print $RANDOM
32274
# for i in {1..10}
for> do
for> print $RANDOM
for> done
10740
12659
9498
2798
3541
10384
21216
15221
22157
15198

Seed the sequence of numbers
# RANDOM=`date '+%H%S'`
# echo $RANDOM
12488
# echo $RANDOM
5266

Friday, May 02, 2008

Insightful Quotes by the Revered Physicist Albert Einstein

Here are some insightful quotes by the revered physicist Albert Einstein. I used an echo statement to act as a delimiter, especially towards the bottom of the list. I do not know who Kevin Harris is but it must have taken him awhile to compile this list.

echo "Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius -- and a lot of courage -- to move in the opposite direction."
echo "Imagination is more important than knowledge."
echo "Gravitation is not responsible for people falling in love."
echo "I want to know God's thoughts; the rest are details."
echo "The hardest thing in the world to understand is the income tax."
echo "Reality is merely an illusion, albeit a very persistent one."
echo "The only real valuable thing is intuition."
echo "A person starts to live when he can live outside himself."
echo "I am convinced that He (God) does not play dice."
echo "God is subtle but he is not malicious."
echo "Weakness of attitude becomes weakness of character."
echo "I never think of the future. It comes soon enough."
echo "The eternal mystery of the world is its comprehensibility."
echo "Sometimes one pays most for the things one gets for nothing."
echo "Science without religion is lame. Religion without science is blind."
echo "Anyone who has never made a mistake has never tried anything new."
echo "Great spirits have often encountered violent opposition from weak minds."
echo "Everything should be made as simple as possible, but not simpler."
echo "Common sense is the collection of prejudices acquired by age eighteen."
echo "Science is a wonderful thing if one does not have to earn one's living at it."
echo "The secret to creativity is knowing how to hide your sources."
echo "The only thing that interferes with my learning is my education."
echo "God does not care about our mathematical difficulties. He integrates empirically."
echo "The whole of science is nothing more than a refinement of everyday thinking."
echo "Technological progress is like an axe in the hands of a pathological criminal."
echo "Peace cannot be kept by force. It can only be achieved by understanding."
echo "The most incomprehensible thing about the world is that it is comprehensible."
echo "We can't solve problems by using the same kind of thinking we used when we created them."
echo "Education is what remains after one has forgotten everything he learned in school."
echo "The important thing is not to stop questioning. Curiosity has its own reason for existing."
echo "Do not worry about your difficulties in Mathematics. I can assure you mine are still greater."
echo "Equations are more important to me, because politics is for the present, but an equation is something for eternity."
echo "If A is a success in life, then A equals x plus y plus z. Work is x; y is play; and z is keeping your mouth shut."
echo "Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
echo "As far as the laws of mathematics refer to reality, they are not certain, as far as they are certain, they do not refer to reality."
echo "Whoever undertakes to set himself up as a judge of Truth and Knowledge is shipwrecked by the laughter of the gods."
echo "I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones."
echo "In order to form an immaculate member of a flock of sheep one must, above all, be a sheep."
echo "The fear of death is the most unjustified of all fears, for there's no risk of accident for someone who's dead."
echo "Too many of us look upon Americans as dollar chasers. This is a cruel libel, even if it is reiterated thoughtlessly by the Americans themselves."
echo "Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them!"
echo "No, this trick won't work...How on earth are you ever going to explain in terms of chemistry and physics so important a biological phenomenon as first love?"
echo "My religion consists of a humble admiration of the illimitable superior spirit who reveals himself in the slight details we are able to perceive with our frail and feeble mind."
echo "Yes, we have to divide up our time like that, between our politics and our equations. But to me our equations are far more important, for politics are only a matter of present concern. A mathematical equation stands forever."
echo "The release of atom power has changed everything except our way of thinking...the solution to this problem lies in the heart of mankind. If only I had known, I should have become a watchmaker."
echo "Great spirits have always found violent opposition from mediocrities. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence."
echo "The most beautiful thing we can experience is the mysterious. It is the source of all true art and all science. He to whom this emotion is a stranger, who can no longer pause to wonder and stand rapt in awe, is as good as dead: his eyes are closed."
echo "A man's ethical behavior should be based effectually on sympathy, education, and social ties; no religious basis is necessary. Man would indeeded be in a poor way if he had to be restrained by fear of punishment and hope of reward after death."
echo "The further the spiritual evolution of mankind advances, the more certain it seems to me that the path to genuine religiosity does not lie through the fear of life, and the fear of death, and blind faith, but through striving after rational knowledge."
echo "Now he has departed from this strange world a little ahead of me. That means nothing. People like us, who believe in physics, know that the distinction between past, present, and future is only a stubbornly persistent illusion."
echo "You see, wire telegraph is a kind of a very, very long cat. You pull his tail in New York and his head is meowing in Los Angeles. Do you understand this? And radio operates exactly the same way: you send signals here, they receive them there. The only difference is that there is no cat."
echo "One had to cram all this stuff into one's mind for the examinations, whether one liked it or not. This coercion had such a deterring effect on me that, after I had passed the final examination, I found the consideration of any scientific problems distasteful to me for an entire year."
echo "...one of the strongest motives that lead men to art and science is escape from everyday life with its painful crudity and hopeless dreariness, from the fetters of one's own ever-shifting desires. A finely tempered nature longs to escape from the personal life into the world of objective perception and thought."
echo "He who joyfully marches to music rank and file, has already earned my contempt. He has been given a large brain by mistake, since for him the spinal cord would surely suffice. This disgrace to civilization should be done away with at once. Heroism at command, how violently I hate all this, how despicable and ignoble war is; I would rather be torn to shreds than be a part of so base an action. It is my conviction that killing under the cloak of war is nothing but an act of murder."
echo "A human being is a part of a whole, called by us _universe_, a part limited in time and space. He experiences himself, his thoughts and feelings as something separated from the rest... a kind of optical delusion of his consciousness. This delusion is a kind of prison for us, restricting us to our personal desires and to affection for a few persons nearest to us. Our task must be to free ourselves from this prison by widening our circle of compassion to embrace all living creatures and the whole of nature in its beauty."
echo "Not everything that counts can be counted, and not everything that can be counted counts." (Sign hanging in Einstein's office at Princeton)

Copyright: Kevin Harris 1995 (may be freely distributed with this acknowledgement)

Thursday, April 24, 2008

Reset User Account Password Example for MySQL

Recently I upgraded a legacy application on my server. After the upgrade, I had to reset a user account's password to match the one in the application's configuration file. Luckily, MySQL provides a utility to handle this fairly straightforward task. Here is the syntax and a couple examples.

mysql> use mysql;
Database Changed
mysql> set password for 'elforum'@'localhost' = password('98m4@9er');
Query OK, 0 rows affected (0.00 sec)
mysql> set password for 'mysysad'@'localhost' = password('950v4.Kr');
Query OK, 0 rows affected (0.00 sec)

mysql> select user, password from user;
+---------------+-------------------------------------------+
| user | password |
+---------------+-------------------------------------------+
...
| elforum | *EAE7DE143B1B9598745AD571885A98E723ABE9056 |
| mysysad | *Ebe7D596878627EDD581EADEFSA98E723ABE9C58 |
...

Sunday, April 20, 2008

My SysAd Blog Changes Domain Name

I finally implemented the domain name, www.mysysad.com, for My SysAd Blog. I had been reluctant to change the name because I had heard nightmare stories where a site’s traffic dries up overnight. But apparently Blogger does a decent job forwarding requests to your new domain. I have not really noticed a drop off. Knock on wood though…

I found my domain registrar, yahoo, Advanced DNS settings to be somewhat limited. I had no problems setting up the canonical name (www.mysysad.com) to Google’s ghs.google.com, which is a load balanced server array, but setting up the A record for mysysad.com has been annoying. Unless the A record is pointing to an explicit hostname IP, yahoo will not allow it. I was trying to set it to ghs.google.com. Moreover, Blogger will not forward requests for mysysad.com to www.mysysad.com, even if told to do so in the publishing backend. It goes to the “parked page.” I had to set an explicit IP for Blogger to work on the non-www version. I sent yahoo an email about the aforementioned, but I have yet to receive a response, not even an automated acknowledgment. That has been the case in previous contact attempts, too (i.e. transferring domains). It appears I have two options: a 301 redirect or a new DNS host.

While visiting China in November 2007, I remember attempting to access esofthub.blogspot.com but was redirected to the Baidu.com search engine. But when I clicked on its link, it was blocked. I was later told the *.blogspot.com domain was blocked there. I wonder if that is still the case…

For the blogs linking back to me, I would greatly appreciate if you would change your link from http://esofthub.blogspot.com to http://www.mysysad.com. Thanks.

Here is a great resource regarding the aforementioned issue.
The Real Blogger Status

In particular
Google customer domain setup DNS referral
DNS host is crucial for custom domain
Use CNAME referral for custom domain
Custom domains using 301 redirect
Setting up custom domain here's advice

#####
Update: Three hours after this post, I received this message from Yahoo! I guess I won't be using Google's ghs.google.com - load balanced server array. Yahoo's solution was different from Bloggers. At any rate, thanks Heather. Here is the response from yahoo.
#####

Hello,

Thank you for writing to Yahoo! Domains.

I welcome the opportunity to assist you.

I understand from your email that your domain "mysysad.com" is not working without 'www'.

I realize that you have been greatly inconvenienced by this situation. I am glad to provide you further assistance.

With the help of your test permission, I accessed your account and found that you have set A records for your domain.

I further checked your account and found that you have also set CNAME records to "ghs.google.com". Due to this reason your website was not resolving.

I have rectified the problem and now your website is working fine without 'www' and showing all the contents as below:

"My SysAd Blog -- UNIX

This blog covers UNIX system administration HOWTO tips for using inline for loops, find command, UNIX scripting, configuration, SQL, various UNIX-based tools, and command line interface syntax. The UNIX OS supports tasks such as running hardware, device drivers, peripherals and third party applications. Share tips/comments. Read the comments. But most importantly: Read Disclaimer - Read Disclaimer.

Sunday, April 20, 2008

My SysAd Blog Changes Domain Name

I finally implemented the domain name, www.mysysad.com, for My SysAd Blog. I had been reluctant to change the name because I had heard nightmare stories where a site's traffic dries up overnight. But apparently Blogger does a decent job forwarding requests to your new domain. I have not really noticed a drop off. Knock on wood though..."

------------------------

In many cases, issues with your browser can be responsible for the difficulty. Clearing your browser's cache and deleting the cookie files on your computer can often resolve these issues.

Therefore, I would suggest you to clear cache and cookie of your browser.

To clear your cache:

1. Open Internet Explorer 7 and click on the "Tools" menu.
2. Select "Internet Options."
3. Click on the "General" tab if it isn't selected already.
4. Click on the "Delete..." button.
5. Under the heading "Temporary Internet files," click "Delete
Files..."
(Note that it can take up to 30 minutes for your computer to delete
your cache history.)
6. Click "OK" to exit.

To clear your cookies:

1. Click on "Tools" > "Internet Options" > "General" again.
2. Click the "Delete..." button.
3. Under the heading "Cookies," click on "Delete cookies..."
4. Click "Yes" for the "Delete all cookies in the Temporary Internet
Files folder?" prompt.
5. Click "Close" to exit.

I would also suggest you to replicate the issue in a different browser and in a different system.

Therefore, with the help of above given steps, you will be able to view your website without facing any problems.

However, if you feel your question was not addressed, please let us know by responding to this email. Please describe all of the actions you took that led up to the problem, the exact text of any error messages you received, and how often this occurs.

The more information we have, the better able we will be to investigate this issue.

I have tried my best to address your concerns and I hope my explanations are up to your satisfaction, as your satisfaction is my primary goal.

Please do not hesitate to reply if you need further assistance.

Regards,

Heather

Yahoo! Customer Care

For assistance with all Yahoo! services please visit:

http://help.yahoo.com/

Original Message Follows:
-------------------------

Yahoo Id: NO_WAY_SPAMMER
First Name: Roy
Last Name: Wood
Email Address: NO_WAY_SPAMMER at whatever
Domain Name: mysysad.com
Comments: I'm trying to add ghs.google.com as an A record for mysysad.com (points to my esofthub.blogspot.com account). But it's not working. It keeps failing because I'm trying to use Google's "ghs.google.com." as a destination. I want this config because it's a load balancing server array, not a single server. Can you make the modification? Most other web host allows this type of modification. I don't understand why Yahoo.com is limiting it. The only thing (extraneous ...) The www.mysysad.com works fine.
Subject: A Record
Browser: Internet Explorer
Operating System: Windows Vista
Email Tool: none
Site Building Tool: none
Internet Connection: Dial-up
Permit Test: yes

Friday, April 18, 2008

Create User Account Example for MySQL

Lately, I have been adding several user accounts to the mysql database. Since I have seen several queries via my metadata provider to create user accounts in MySQL, I have decided to add a post about it. There are three different methods that can be used to create user accounts and they are fairly straightforward.

mysql> use mysql;
Database changed

Method 1: (create user, password - no privileges)
mysql> CREATE USER 'esoft'@'localhost' IDENTIFIED BY '12wer56hi';
Query OK, 0 rows affected (0.16 sec)

--grant certain privileges
mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON *.* TO 'esoft'@'localhost';
Query OK, 0 rows affected (0.00 sec)

--grant all privileges
mysql> GRANT ALL ON *.* TO 'esoft'@'localhost';
Query OK, 0 rows affected (0.00 sec)


Method 2: (create user/password and grant all privileges at one fell swoop)
mysql> GRANT ALL ON *.* TO 'topblog'@'localhost' IDENTIFIED BY 'topblog123';
Query OK, 0 rows affected (0.00 sec)


Method 3: (Insert user, password and privileges in table)
mysql> INSERT INTO user (Host,User,Password)
-> VALUES('localhost','freeads',PASSWORD('adlists123'));
Query OK, 1 row affected, 3 warnings (0.01 sec)

mysql> INSERT INTO user (Host,User,Password,Select_priv,Insert_priv)
-> VALUES('localhost','softhub',PASSWORD('softhub126'),'Y','Y');
Query OK, 1 row affected, 3 warnings (0.00 sec)

mysql> INSERT INTO user (Host,User,Password,Select_priv,Insert_priv,Update_priv,Delete_priv,
-> Create_priv,Drop_priv)
-> VALUES('localhost','freebies',PASSWORD('afreeb456'), 'Y','Y','Y','Y','Y','Y');
Query OK, 1 row affected, 3 warnings (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

Note additional *_priv:
Select_priv
Insert_priv
Update_priv
Delete_priv
Create_priv
Drop_priv
Reload_priv
Shutdown_priv
Process_priv
File_priv
Grant_priv
References_priv
Index_priv
Alter_priv
Show_db_priv
Super_priv
Create_tmp_table_priv
Lock_tables_priv
Execute_priv
Repl_slave_priv
Repl_client_priv
Create_view_priv
Show_view_priv
Create_routine_priv
Alter_routine_priv
Create_user_priv
Event_priv
Trigger_priv

Tuesday, April 15, 2008

Create Database and Migrate Data Example for MySQL

Over the weekend, I was supposed to be preparing for my second Toastmaster's speech which is "organizing your speech." I really dislike public speaking and that was the primary reason I joined up - basically facing my fears. I did the “Icebreaker” speech about three months ago and decided it was time to do another one a couple weeks ago. Predictably, I found everything else in the world to do, except preparing for my speech.

All of sudden, I decided it was "time" to setup a MySQL server, Apache webserver, FTP server, PHP and another CMS interface. I have wanted to install another instance of my website on a local box, but I guess I just needed an impetus (i.e. speech preparation avoidance) to get it done. I performed the setup twice because I had some issues with the initial run and wanted to get it done right. I had enough time, right? Smile.

The part I didn't like was the data migration (always seems like dead time). But anyways, here is how I handled that part from an exported file. Make sure your user has database creation privileges.

Note: Used the "_" to get around Blogger's parser.

mysql -u database_user -p > c:_\tmp\adlistInfile.txt
Enter password: *********

Sample contents of adlistInfile.txt:
create database my_exampledb;
use my_exampledb
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
CREATE TABLE `ad_admin` (
...
...
PRIMARY KEY (`IdAd`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=5 ;

INSERT INTO `ad_admin` VALUES(3, 'exampleuser', '987...', '2008-04-12
22:59:06', '2008-04-12 22:57:09');
...

By the way, I did give my speech today. It was about how the housing, credit, and financial crises are contributing to a possible recession. After getting through the speech, I volunteered for another speech for the next meeting. Well, you know what that means…maybe it is time to build that "time converter" program I have been thinking about in C#.

Friday, April 11, 2008

Truncate Table Example for MySQL

I have been upgrading my phpbb forum from 2.X to 3.X. It has been a slog so far and mostly due to spammers. Before the 3.X converter would allow me to complete the conversion process, I had to delete most of the spammer usernames because they were essentially dups (e.g. User, USer, user, etc) but with different UID's . There were about 7,000 rows in the phpbb_user table - now there is a fraction of that left. Good.

Anyways, after exporting approximately 7000 rows to a file, I truncated the table. Here is an example.

TRUNCATE TABLE `phpbb_users`;

Here is the cleaned up (unique usernames) version of the file, which was re-ingested into the phpbb_users 2.X table.

INSERT INTO `phpbb_users` VALUES(2, 1, 'adam123', '49ad5...,NULL);
INSERT INTO `phpbb_users` VALUES(3, 1, 'laurahing', 'a3dcb4d2..., NULL);
INSERT INTO `phpbb_users` VALUES(4, 1, 'joshman', '49ad5b0771f..., NULL);
INSERT INTO `phpbb_users` VALUES(5, 0, 'ipsofacto', 'b63fc..., NULL);
INSERT INTO `phpbb_users` VALUES(6, 1, 'FitForFree', '04305e8e..., NULL);
INSERT INTO `phpbb_users` VALUES(7, 1, 'banchee', '8a645340...,NULL);
...

#####
I saw another meta data query asking how to limit the deletes by time for mysql. Here is a simple example.

DELETE FROM classified_ads WHERE user = 'esoft123'
ORDER BY timestamp_col LIMIT 10;

Saturday, April 05, 2008

Free Anti-virus Software Solution

If you are like me, you are always searching for ways to protect your personal computer. Probably, the first thing that comes to mind is viruses and worms.

Along with millions of other AVG users, I have been using their free anti-virus software version off and on since 1997. Usually, when something is for free, you get what you paid for - sub par performance. But with AVG, I can't complain too much about their free non commercial anti-virus solution. Why? It has been easy to use, consumes low system resources, automatic update functionality and provides real time protection. If you want more services, such as anti-spyware, anti-rootkit, anti-spam, firewall, web shield or 24/7 support, you will have to pay for them. The free version supports most Windows and Linux platforms. As usual, this is not a paid post and other free anti-virus solutions/suggestions are welcome.

Note: Per AVG's website: AVG Anti-Virus Free is only available for single computer use for home and non commercial use - for platform compatibility.

Tuesday, April 01, 2008

Create table and Insert into Examples for MySQL

A couple of days ago I was adding entries to my ban related tables via phpbb's administration tools. After awhile, I quickly tired of serially adding an entry and then submitting it. I decided to dump the three tables in question and then modify them by hand. Plus that, I wanted to review the MySQL syntax.

Here are a series of create and insert statements for MySQL. I modified some of the entry values with "x", "!", "?" as to not offend some readers.

SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
--
-- Table structure for table `phpbb_banlist`
--

CREATE TABLE `phpbb_banlist` (
`ban_id` mediumint(8) unsigned NOT NULL auto_increment,
`ban_userid` mediumint(8) NOT NULL default '0',
`ban_ip` varchar(8) NOT NULL default '',
`ban_email` varchar(255) default NULL,
PRIMARY KEY (`ban_id`),
KEY `ban_ip_user_id` (`ban_ip`,`ban_userid`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=97 ;

--
-- Dumping data for table `phpbb_banlist`
--

INSERT INTO `phpbb_banlist` VALUES(84, 0, '', '*@fromru.com');
INSERT INTO `phpbb_banlist` VALUES(5, 0, '', '*@mail.ru');
INSERT INTO `phpbb_banlist` VALUES(6, 0, '', '*@*.ru');
INSERT INTO `phpbb_banlist` VALUES(7, 0, '', '*@go2.pl');
...

CREATE TABLE `phpbb_disallow` (
`disallow_id` mediumint(8) unsigned NOT NULL auto_increment,
`disallow_username` varchar(25) NOT NULL default '',
PRIMARY KEY (`disallow_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=30 ;

INSERT INTO `phpbb_disallow` VALUES(1, '*porn*');
INSERT INTO `phpbb_disallow` VALUES(2, '*sex*');
INSERT INTO `phpbb_disallow` VALUES(3, '*xxxxx*');
INSERT INTO `phpbb_disallow` VALUES(4, '*co!!*');
INSERT INTO `phpbb_disallow` VALUES(5, '*axx*');
INSERT INTO `phpbb_disallow` VALUES(6, '*adult*');
INSERT INTO `phpbb_disallow` VALUES(7, '*viagra*');
INSERT INTO `phpbb_disallow` VALUES(8, '*pill*');
INSERT INTO `phpbb_disallow` VALUES(9, '*drug*');
INSERT INTO `phpbb_disallow` VALUES(10, '*pharm*');
...

-- Table structure for table `phpbb_words`
--

CREATE TABLE `phpbb_words` (
`word_id` mediumint(8) unsigned NOT NULL auto_increment,
`word` char(100) NOT NULL default '',
`replacement` char(100) NOT NULL default '',
PRIMARY KEY (`word_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=27 ;

--
-- Dumping data for table `phpbb_words`
--

INSERT INTO `phpbb_words` VALUES(1, 'xxxx', '***');
INSERT INTO `phpbb_words` VALUES(2, 'sh??', '****');
INSERT INTO `phpbb_words` VALUES(3, 'xxxch', '*****');
INSERT INTO `phpbb_words` VALUES(4, 'fxxke?', '******');
INSERT INTO `phpbb_words` VALUES(5, 'axx', '***');
INSERT INTO `phpbb_words` VALUES(6, '*turd*', '****');
...

Wednesday, March 19, 2008

Emoticons and Their Meanings


A co-worker of mine emailed me this table of emoticons. I thought it was a fairly comprehensive list until I did a brief Internet search. The list was just a snippet, especially in the chat room space. I rarely engage in chat activities (maybe an occasional MSN chat with a family member), so I had no idea how many emoticons were out there. I discovered that I have been misusing a couple, which probably prompted the email and subsequently the table.



Here are a few more reference links.
Emoticons & Smiley Page
List of Emoticons
Gmail Emoticons
Emoticons and Smileys 101
Wiki - List of Common Emoticons

Sunday, March 16, 2008

SSH Secure Shell for Workstations

A few years ago I took an Oracle database class at a university. I remember running SQL commands to perform a number of DBA tasks, such as creating databases, creating tables, creating procedures, altering tables, etc. via the command line. But in order to complete these tasks, we had to connect to the university's UNIX server via SSH. I remember using a nifty ssh client application. I found a link to its website while browsing my old coursework archive. At the time, I downloaded the "university use" copy, which was free, and it worked pretty well for the course.

Per the vendor's website, you can still download their SSH Secure Shell 3.2 non-commercial source code and there is also a Windows Client executable. Both are free of charge from various anonymous ftp sites around the globe for purposes of EVALUATION, NON-COMMERCIAL USE, and UNIVERSITY USE as defined in their license agreement.

Here is the link to the SSH Secure Shell for Workstations.

Other suggestions are always welcome.

Sunday, March 09, 2008

Modify Information in a Nisplus Table

The nistbladm command is used to modify information in a nisplus table. In this example, the passwd.org_dir table was modified. The login directory and shell was modified for the esoft user. Here is the syntax.

Prior to modification
# niscat passwd.org_dir | grep esoft
esoft:SNVE9mJSZ9ub6:1005:10:Test Account:/export/home/esoft:/bin/sh:13947::::::

Modify the user's home directory
# nistbladm -e home=/home/esoft '[name=esoft]'passwd.org_dir
# niscat passwd.org_dir | grep esoft
esoft:SNVE9mJSZ9ub6:1005:10:Test Account:/home/esoft:/bin/sh:13947::::::

Modify the user's shell
# nistbladm -e shell=/bin/zsh '[name=esoft]'passwd.org_dir
# niscat passwd.org_dir | grep esoft
esoft:SNVE9mJSZ9ub6:1005:10:Test Account:/home/esoft:/bin/zsh:13947::::::

###
Add a user
# nistbladm -a name=softhub uid=1000 gid=10 home=/home/softhub shell=/bin/zsh passwd.org_dir

Display the Structure of a Nisplus Table

Building on the last post, I am using the niscat -o flag to display the structure of a common nisplus table. In the example below, the run shows the passwd table and its specific metadata/attribute information. Here is the syntax.

# niscat -o passwd.org_dir
Object Name : "passwd"
Directory : "org_dir.esofthub.com."
Owner : "esoft.esofthub.com."
Group : "admin.esofthub.com."
Access Rights : ----rmcdrmcdr---
Time to Live : 12:0:0
Creation Time : Sun Feb 24 18:22:47 2008
Mod. Time : Sun Feb 24 18:22:47 2008
Object Type : TABLE
Table Type : passwd_tbl
Number of Columns : 8
Character Separator : :
Search Path :
Columns :
[0] Name : name
Attributes : (SEARCHABLE, TEXTUAL DATA, CASE SENSITIVE)
Access Rights : r---r---r---r---
[1] Name : passwd
Attributes : (TEXTUAL DATA)
Access Rights : ----rm--r---r---
[2] Name : uid
Attributes : (SEARCHABLE, TEXTUAL DATA, CASE SENSITIVE)
Access Rights : r---r---r---r---
[3] Name : gid
Attributes : (TEXTUAL DATA)
Access Rights : r---r---r---r---
[4] Name : gcos
Attributes : (TEXTUAL DATA)
Access Rights : r---rmcdrmcdr---
[5] Name : home
Attributes : (TEXTUAL DATA)
Access Rights : r---rmcdrmcdr---
[6] Name : shell
Attributes : (TEXTUAL DATA)
Access Rights : r---rmcdrmcdr---
[7] Name : shadow
Attributes : (TEXTUAL DATA)
Access Rights : ----------------

List Objects and Tables in Nisplus

I have had a few search queries (metadata) via MyBlogLog analytics from readers who were searching for commands to show Nisplus objects and tables. Frankly speaking, I neglected posting much about this legacy name service (earlier on) because I did not really think it was worthwhile. But apparently, there seems to be a decent number of organizations still using it. At any rate, here is an example run.

Show the objects
# nisls
esofthub.com.:
org_dir
groups_dir

Show the tables
# nisls org_dir
org_dir.esofthub.com.:
passwd
group
auto_master
auto_home
bootparams
cred
ethers
hosts
ipnodes
mail_aliases
sendmailvars
netmasks
netgroup
networks
protocols
rpc
services
timezone
client_info
auth_attr
exec_attr
prof_attr
user_attr
audit_user

Other posts on nisplus

Sunday, March 02, 2008

Add DES Credential For a Client Workstation

If you want to add a credential for a workstation, you will need to make an entry into the niscred.org_dir table on the server. This example demonstrates what is done on the server side and workstation side. There are third party tools out there to manage credentials, but personally I like using the command line. Here is what a colleague and I did to support a NIS+ server change.

On Server
C shell
# setenv PATH $PATH:/usr/lib/nis
Bourne or Korn Shell
# PATH=$PATH:/usr/lib/nis; export PATH
# nisclient -c -o -d esofthub.com esoft
# nisaddcred -p unix.esoft@esofthub.com -P esoft.esofthub.com. des
# nisgrpadm -a admin.esofthub.com esoft.esofthub.com.

On Workstation
C shell
# setenv PATH $PATH:/usr/lib/nis
Bourne or Korn Shell
# PATH=$PATH:/usr/lib/nis; export PATH
# nisclient -i -d esofthub.com -h esoftsvr -a IPADDRESS

Wednesday, February 27, 2008

Dump Sybase Database to File

I had a reader ask me offline how to transfer a legacy database to another instance of a database management system (DBMS) on a separate server/workstation. The reader was trying to extract historical statistics via a test database (on a test server) without affecting the production database. I recommended dumping the entire database to a flat file and then writing (tar) the file to tape. I was uncertain if my response answered the reader's initial question but this is one way I dealt with a relatively small database (less than 50 megabytes) a few years ago. By the way, the sequence below assumes the receiving Sybase database was appropriately named and sized when it was created.

Login into production DBMS
1> use master
2> go
1> dump database yourdb to "/tmp/mydatabase.dat"
2> go
1> quit
2> go

Archive flat file to tape (assumes a tape drive is attached)
# cd /tmp
# tar cvfp /dev/rmt/0 mydatabase.dat

Move tape media to receiving server/workstation (assumes a tape drive is attached)
# cd /tmp
--This should extract mydatabase.dat to the /tmp directory
# tar xvfp /dev/rmt/0
# chmod 777 mydatabase.dat

Login into your test server DBMS
1> use master
2> go
1> load database yourdb from "/tmp/mydatabase.dat"
2> go
1> online database yourdb
2> go
1> quit
2> go

Other Sybase posts

Sunday, February 24, 2008

Troubleshooting the "su: No shell" error

The other day we had a problem with a system account. At first we did not notice the “su: No shell” error on the console (headless server) but after a few reboots it was fairly evident. The message gave us enough feedback to determine the substitute user or su command was having a problem with a particular account. To ascertain which system account, we invoked a sequential step-through of the startup scripts.

In the end, it appears that a third party application used to manage NIS+ had locked and changed the account’s shell to something unknown (by design) due to multiple login failures. The account was restored to its original shell.

# su - esofthub -c "myscript"
su: No shell

View locked account
# niscat passwd.org_dir | grep esofthub
esofthub:*LK*:1005:10:esofthub test:/home/esofthub:/bin/sh.locked:13933::::::

Modify with third party application
After the modification
# su - esofthub -c "myscript"
Visit Ucertify's challenge winners' blogs: Ax0N and armando

For Files Only

If you are using the files repository and no third party software to manage your user information, modify the /etc/passwd file.

View locked account
# less /etc/shadow | grep esofthub
esofthub:*LK*:13933::::::
# less /etc/passwd | grep esofthub
esofthub:x:1005:10:esofthub test:/home/esofthub:/bin/sh.locked

Modify the account manually or admintool
# vi /etc/passwd
...
esofthub:x:1005:10:esofthub test:/home/esofthub:/bin/sh
...
:wq!

Change shell to C shell or any other shell if so desired
# passwd -r files -e esofthub
Old shell: /bin/sh
New shell: /bin/csh

Or
# admintool &

After the modification
# su - esofthub -c "myscript"
Visit Ucertify's challenge winners' blogs: Ax0N and armando

Monday, February 18, 2008

Using Z Shell Brace Expansion to Create Test Files

Here is a convenient way of creating test files using the powerful Z Shell. I have been using this shell for a short while, and I am quickly becoming a fan of it. I used it to support transfer speed tests. To support these tests, I created a specified number of files that varied in size (1MB, 5MB, 10MB, 50MB, 100MB, 500MB, etc). Here is a straightforward one-liner mkfile example of creating 50 x 12MB files and a few others using zsh’s brace expansion.

# zsh
# mkfile 12m {1..50}.tst
# ls -l
total 122960
-rw------T 1 root other 12582912 Feb 18 20:04 1.tst
-rw------T 1 root other 12582912 Feb 18 20:04 2.tst
-rw------T 1 root other 12582912 Feb 18 20:04 3.tst
-rw------T 1 root other 12582912 Feb 18 20:04 4.tst
-rw------T 1 root other 12582912 Feb 18 20:04 5.tst
...

Other examples...

# touch {1..5}.testfile
# ls -l
total 0
-rw-r--r-- 1 root other 0 Feb 18 20:07 1.testfile
-rw-r--r-- 1 root other 0 Feb 18 20:07 2.testfile
-rw-r--r-- 1 root other 0 Feb 18 20:07 3.testfile
-rw-r--r-- 1 root other 0 Feb 18 20:07 4.testfile
-rw-r--r-- 1 root other 0 Feb 18 20:07 5.testfile

# touch {6..10}.data
# ls -l
total 0
-rw-r--r-- 1 root other 0 Feb 18 20:30 1.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 10.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 2.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 3.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 4.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 5.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 6.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 7.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 8.data
-rw-r--r-- 1 root other 0 Feb 18 20:30 9.data

# ls -l {1..5}.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 1.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 2.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 3.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 4.data
-rw-r--r-- 1 root other 0 Feb 18 20:26 5.data

Wednesday, February 13, 2008

Permanently Remove Data on UNIX Hard Drives

It is fairly common for companies to dispose of their obsolete hard drives. However, most of them want to ensure all data is shredded from the hard drives. Finding a Windows-based wipe program was fairly easy, but finding a UNIX-based program took a little more searching. BCWipe is a program that will wipe a UNIX-based hard drive clean. The BCWipe website claims their multi-platform UNIX version is intended to give you a confidence that your deleted files cannot be recovered by an intruder. BCWipe repeatedly overwrites special patterns to the files to be destroyed.

Note: Most likely you will have to compile the source code for your particular platform architecture.

BCWipe for UNIX offers the following wiping schemes per their site.

1. US DoD 5220.22-M standard (7 passes with verification)
2. User-defined number of passes
3. Peter Gutmann's 35 pass scheme

BCWipe for UNIX is designed as a multi-platform solution. Here is their supported list of various UNIX flavors.

Linux 2.0-2.6
FreeBSD 3.0-4.6
OpenBSD 2.8
Solaris 8-10
Digital UNIX 4
SGI Irix 6.5 (wiping block devices was not tested)
IBM AIX 5
HP-UX 10, 11

Here is the download link for 30 day evaluation.
BCWipe Download

Saturday, February 09, 2008

Automounting a User’s Home Directory

A couple colleagues of mine were trying to execute a program on the server that required a special initialization environment, which was called from the /home/loginuser path. The login, loginuser, was not part of the server’s name service domain. It was a local account on a remote workstation. After a little discussion, they added this syntax to the /etc/auto_home file. Here is a run to illustrate the aforementioned.

# vi /etc/auto_home
# Home directory map for automounter
#
loginuser esoft:/export/home/USERS/&
#
* server:/export/home/USERS/&
#
+auto_home
:wq!

# automount -v
automount: /net mounted
automount: /home mounted
automount: /xfn mounted
automount: /export/opt mounted
automount: no unmounts

# cd /home/loginuser
# ls -a
. .. .cshrc myblog esoftfile topblog

Tuesday, February 05, 2008

Troubleshoot POP3 Mail Server with Telnet

I am finally getting an opportunity to write a post. I have been so busy with upgrades lately and had to put off writing for awhile.

The other day I had a number of users complaining about not being able to fetch mail to their mail client, MS Outlook. As usual, I attempted to duplicate the error. The error message was reporting unable to connect to the mail server. At that point, I decided to telnet the Post Office Protocol or POP3 port, 110, via the command line interface. Sure enough, I had a problem.

Note: The “before and after” command line examples are only for illustration purposes.

# telnet server 110
Trying 192.1xx.xx.xxx...
telnet: Unable to connect to remote host: Connection refused

I started thinking there was a problem with the inetd.conf file. After reviewing the file, I noticed the pop3 service was commented out. The appropriate change was made and inetd was restarted. Problem resolved.

# telnet server 110
Trying 192.1xx.xx.xxx...
Connected to server.
Escape character is '^]'.
+OK connected to pop3 on 3429

By the way, you can check out other popular port services, too.
# telnet server 6667
# telnet server 25

Tuesday, January 22, 2008

IT Certification Self-Help Portal

I found this technical self-help website, uCertify.com, very interesting and wanted to share it with some of the readers. The company has been online since 1999. They are offering PrepKits which are interactive software programs that help you learn, track your progress, identify areas for improvement and simulate the actual exam. I sampled a few of their demo quizzes, but I mainly focused on their database kits because I am thinking about an Oracle certification in the near-term. On my initial run through, I found the practice test questions to be relevant and comprehensive, not just some cheesy Q&A effort.

I downloaded their Oracle 10G kit and obtained a key for it. It was a quick download via VDSL and was extremely easy to setup. I did not have any problems obtaining a key from uCertify. For the premium version, I took a couple of its timed practice tests along with its timed final. I thought the final test was a bit more difficult than the practice tests which was probably by design. Also, I noticed there was a “learn” function for each test question, which was accompanied by a thorough explanation. Frankly speaking, I needed to use a “RE-learn” function on some of the questions. :) There was also a means to create your own tests, add your own questions, provide immediate feedback, tagging, print, review questions, and make notes online – this flexibility was a nice surprise.

One last thing, per their website, they say if you do not pass the certification on your first attempt, they will refund your money. Yes, I was looking for an asterisk after this statement and was pleasantly surprised not to find one.

Here is what you get with the sample version.

30 questions total (this includes the quiz questions)
30 diagnostic test questions
Create tests
22 study notes
Articles, HOWTO's, and study tips
Progress report

Here is an example of what you get with the premium version, which may vary from kit to kit.

301 test questions
3 full length practice tests
105 study notes
Create tests
Unlimited free upgrades for a period of one year from the date of purchase
24x7 technical services
100% money back guarantee
Articles, HOWTO's, and study tips
Provide discounts on all future purchases

The sample version did give me a decent idea of what the tests were all about. Their PrepKits are designed to help you certify on vendors such as Microsoft, Cisco, Oracle, Adobe and a few others.

By the way, this is NOT a paid post.

If you are interested in a free, fully functional certification kit of your choice, leave a helpful non-anonymous UNIX-related HOWTO comment here and I will choose a winner after about two weeks. This is a $10 to $100+ value depending on the selected kit.

Update from uCertify: Your readers can use our discount code given on your Blog and get 10% discount on the uCertify PrepKit of their choice. Please use the following Discount code: ESOHUB

Saturday, January 12, 2008

Split XML Records with Perl Script

A colleague, Mahlon Anderson, and I were thinking of ways of splitting up a fairly large XML file, which had approximately 27K records in it. I wanted to split this file into smaller ones, each having about 250-300 records, because my former web host service kept complaining about constant CPU quota overloads during uploads. A Perl based splitter script quickly came to mind.

With the web host service, I had plenty disk space and plenty bandwidth but limited CPU usage. Apparently, I didn’t notice that sticky point in the fine print while signing up for the service.

A different splitting implementation was later used as the permanent solution, but here is Mahlon's "quick and dirty" XML Perl splitter-- printed with his permission of course.

# vi split.pl
#!/usr/bin/perl
$file = @ARGV[0];

open(_FH, "< $file") or die "Unable to open file\n";

$count = 0;
$files_counter=1;
$max_records = 300;

while (_FH)
{
if($count == 0)
{
$filename = $file . "_part_" . $files_counter;
open(FH2, "> $filename") or die "Unable to open file: $filename\n";
$count++;
}

if (grep /<\/item>/, $_ )
{
$count++;
}

print FH2 $_;

if ($count == $max_records + 1)
{
$count = 0;
$files_counter++;
close(FH2);
}
}
:wq!

# ./split.pl bigxmlfile.xml

Thursday, January 10, 2008

FEATURE_ERROR_USER_OPEN_NO_ACCESS

As I do practically every morning along with millions of others around the world, I logged into my Yahoo.com email account to check mail. To my chagrin, I was unable to login, and to make matters worse, my user ID/password combination wasn't recognized by the system. My first thoughts were "CAPS LOCK," or forgotten (which I rarely do) password , or hacked, or TOS violations (on what basis??) or corrupted cookies – who the heck knows. Then I decided to have my password recovered to an alternate email address (gmail), but I was still darn sure I knew my password. For “you know what and grins,” I made an attempt to recover it. But my user ID wasn't even recognized by the system. Here is the message I received after entering my user ID and answering a question about ever using a credit card or not.

----
Sorry That You're Having Trouble Signing In

We know that not being able to sign in can be frustrating, so we'll try to make this as quick and easy as possible. To get started, enter your Yahoo! ID and let us know if you've ever used a credit card with Yahoo!.

FEATURE_ERROR_USER_OPEN_NO_ACCESS
----
I wasn't too sure what the aforementioned cryptic error message was all about but it didn't look promising.

So I decided to recreate the email account, maybe there was a simple glitch in the system. No joy because it's not available. Someone else is using it - Yes, it's ME!

After traversing Yahoo’s help pages for awhile, I finally found the customer care form and submitted my problem. I let them know the account was tied to my PAID Yahoo MyBlogLog Account (for meta data and stats) and I was NOT spamming or using the account for any illicit activities, so I asked them to please explain why my account has disappeared into the ether.

After all that, I tried logging in again but no joy.

So now I decided it was time to Google for the answer. Here is what I found from Yahoo's answers via the Google index.

“the solution for this problem is to go to the yahoo! India web page and try logging in through that ..........”

So I brought up the yahoo.co.in homepage and grudgingly logged in. Whoa! It worked.

Wednesday, January 09, 2008

Finding Open Files with lsof Command

When a file is in use by a process, it is possible to delete the file - OR at least it may appear that is the case. The filename is no longer visible via the ls command, but it is there until the process using it exits.

For example, let's say Sysadmin1 runs a sniffer process in the background to capture and save packets to a file. The capture file starts growing bigger over time. Instead of killing the process, he/she simply deletes the capture file, thinking this will recover the disk space. It doesn't. Believing everything is well, Sysadmin1 goes home.

Now Sysadmin2 shows up and notices the box is running out of disk space. Naturally, the admin wants to figure out what’s rapidly consuming disk space. The easiest way for the SysAd to locate the growing file is to use the lsof command.

Another instance the lsof would be helpful is when a filesystem refuses to unmount due to open files.

Here are a few practical examples of using the lsof command.

To list all the open files on the var filesystem:
# lsof +D /var

To list all open files in your current directory only:
# lsof +d .

To list all open Internet files:
# lsof -i

To list all files currently open by user joe:
# lsof -u joe

To list all files open by syslog-ng (this is a great quick way to find
logs!):
# lsof -c syslog-ng

To list all files open by pid:
# lsof -p PID

Note: There are additional parameters you can add to the command to narrow the listing to include or exclude types of files and much more!

# lsof -help

Post provided by Mary M. Chaddock