Friday, November 04, 2011

Restore MySQL Database via Command Line

This is mostly a note to myself. It is not really a tip.

Restoring a mysql database from the command line.

[root@server]# ls -la
total 326940
drwx------ 3 user1 usergrp 4096 Oct 29 12:10 .
drwxr-xr-x 3 root root 4096 Nov 4 05:22 ..
-rw-r--r-- 1 user1 usergrp 1239136 Oct 29 12:10 mysql_db.sql

[root@server]# pwd
/backups/db/backup
[root@server]# mysql --user=mysql_user --password=somepasswd mysql_backup < mysql_db.sql

Saturday, October 29, 2011

Sun StorageTek 6140 Cache

We have a Sun StorageTek 6140 Array attached to a couple NAS heads. We share out its file systems from the NAS. But it seemed the NAS was creating bottlenecks and hanging NFS. As usual, it turned out to be something else.

We observed slowness during high or bursty I/O operations. Short story...It was the 6140's cache. Make sure your cache batteries are good to go and up to date. They have a 3 year shelf life. It will save you a lot of frustration in the long-run.

Friday, June 17, 2011

HTML Symbol Entities issue on Blogger

I have received a few requests on how to deal with the HTML Symbol Entities issue on Blogger. There really isn't a problem because you can just click the box below for your post and your character(s) will display correctly.

ERROR
Your HTML cannot be accepted: Tag is broken: xxxxx



However, here are some good references for HTML Symbol Entities





Log an FTP Session with a Filter

A couple colleagues and I were looking for an effective way to tersely log the activities of an FTP effort. All we wanted was the file name and throughput rate. If you are Ftping hundreds or thousands of files, the first one (below) could be quite verbose, especially if you have a security banner notice. Here are a couple ideas that we considered. We went with the alternative (a lot less text-based overhead).

#!/bin/sh
ftp -nv some_host /tmp/myftplog ‹‹EOFTP
user some_user some_password
cd /some_dir/some_dir1/some_dir2
binary
put some_image.jpg
EOFTP

and its log...

$ more /tmp/myftplog
Connected to some_host.
220 ProFTPD x.x.x Server ready.
331 Password required for some_user
230 User some_user logged in
250 CWD command successful
200 Type set to I
200 PORT command successful
150 Opening BINARY mode data connection for some_image.jpg
226 Transfer complete
ftp: 26753 bytes sent in 0.00Seconds 26753000.00Kbytes/sec.
221 Goodbye.

###ALTERNATIVE###

#!/bin/sh
ftp -n some_host /tmp/myftplog ‹‹EOFTP
user some_user some_password
cd /some_dir/some_dir1/some_dir2
binary
verbose
put some_image.jpg
EOFTP

and its log...

$ more /tmp/myftplog
Verbose mode On .
200 PORT command successful
150 Opening BINARY mode data connection for some_image.jpg
226 Transfer complete
ftp: 26753 bytes sent in 0.00Seconds 26753000.00Kbytes/sec.
221 Goodbye.

Display it...

$ tail -f /tmp/myftplog

Saturday, March 19, 2011

The Importance of Library Level Integration in Open Source Environment

By Jonathan Flack

Open Systems Engineer, Likewise Software

As an Open Systems Engineer at Likewise Software I routinely encounter unique customer problems. Most of these problems require a clever solution which tends to be specific to the customer site.

Earlier today, however, I got a query from an Ubuntu user that really made me consider how important library level integration by application developers can be when administering an open source environment. A lot of vendors out there provide free solutions without being open source, and a lot of these solutions solve one problem or another in your environment, but it's rare to come across a piece of software that really cleanly integrates into your deployed OS in a way that provides a multitude of very clean solutions to everyday problems.

This user had a simple Linux application for which he needed to verify user authentication by simply passing the username and password to generate a pass/fail response. The application was neither pam/nsswitch integrated or GSS-enabled (built with GSSAPI support).

The user's Linux environment was already authenticating to Active Directory using Likewise Open, our open source agent which allows user authentication against Microsoft's Active Directory. As a result, I know the user would have access to a fully functional Kerberos KDC.

Anyone who has integrated Kerberos in a large environment before knows configuration can be a very painful experience. Likewise Open however, properly configures the client side kerberos and server side DNS automatically during domainjoin, so this little trip down nightmare alley is completely avoided. We are also assured that the configuration is correct.

So the only thing left to do is leverage kinit to authenticate the user against AD's KDC.

The specifics of the code in his application are not relevant, but you can see a simple example of this working using kinit from the command line:

Positive Authentication -

[root ~]# kinit joesmith@MYDOMAIN.COM
Password for joesmith@MYDOMAIN.COM: ************ <== Correct Password
[root ~]# echo $?
0

Negative Authentication -

[root ~]# kinit joesmith@MYDOMAIN.COM
Password for joesmith@MYDOMAIN.COM: *^^^***^*** <== Incorrect Password
[root ~]# echo $?
1

This shows how tools which properly integrate across multiple subsystems ease the workload on already overtasked admins. It also clarifies the importance of open-standards based integration. By integrating directly with pam, nsswitch and Kerberos, Likewise-Open allowed him to leverage existing machine configurations and his AD authentication to easily solve a problem unique to his custom application.

One of the great side benefits is knowing that any other kerberized application, like Firefox or OpenSSH, will authenticate using the user's AD credentials as well.

This kind of elegant solution has been rare in large heterogeneous environments, but more and more open source developers are striving to achieve a high level of standards based integration without forcing closed source components on their end users. This is one of the clear long-lasting benefits of the open source movement and I'm very pleased to see more companies making this as part of their products' value proposition.