So from time to time I remove storage from Linux servers and don’t want to reboot the server so I run the following command works in RHEL and SLES:
echo 1 > /sys/block/device-name/device/delete For exampleecho 1 > /sys/block/sde/device/delete
Installing new versions of Java on RHEL
RHEL includes the alternatives command providing the ability to point your users to different versions of software while not changing their links to the command. For example if you wanted a specific version of JAVA this can be done with PATH changes or alternatives
man alternatives
for exact info.
For Java
/usr/sbin/alternatives --install /usr/bin/java java /location_to_new_java /usr/sbin/alternatives --config java
Repeat for javac
Finally, set the environment for everyone on the machine by creating a java.sh script in /etc/profile.d:
#!/bin/sh export JAVA_HOME=/usr/java/jdk export JRE_HOME=$JAVA_HOME/jre export J2RE_HOME=$JAVA_HOME/jre export PATH=$JAVA_HOME/bin:$JRE_HOME/bin:$J2RE_HOME/bin:$PATH
Find HBA WWID in RHEL
Finding information about your fibre channel cards in RHEL is pretty easy with qlogic cards look at:
cat /sys/class/fc_host/host*/
files in here provide a log of info WWID’s are stored in:
cat /sys/class/fc_host/host*/port_name
Backup and restore your mbr (master boot record)
In Linux making block level copies of area’s is easy with the magical dd utility. So to backup the mbr (first 512 bytes) use this command (assuming your boot drive is hda)
dd if=/dev/hda of=/root/mbr_backup bs=512 count=1
Now in /root/mbr_backup you have a complete copy of your mbr. BS means byte size and count means only (once) first 512.
To delete the mbr (not the partition table):
dd if=/dev/zero of=/dev/hda bs=446 count=1
To delete the mbr and partition:
dd if=/dev/zero of=/dev/hda bs=512 count=1
Restore the mbr:
dd if=/root/mbr_backup of=/dev/hda bs=512 count=1
Locked file how to find
Well I run into this issue a lot. I cannot unmount a partition.. or I cannot open a file because it’s locked and in use. How do I see what has that file or mount locked? Well since everything in Linux is a file you can list open files … which will show you what processes have certain files locked this is done with the lsof command.
For example on my Mythbox I want to see what has the /storage partition locked I would issue:
[root@linuxmonkey2 ~]# lsof | grep storage
mysqld 2285 mysql 13u REG 253,0 124 325498 /var/lib/mysql/mythconverg/storagegroup.MYD
mysqld 2285 mysql 57u REG 253,0 5120 325424 /var/lib/mysql/mythconverg/storagegroup.MYI
gnome-key 2887 mythtv mem REG 253,0 40808 502127 /usr/lib/libhal-storage.so.1.0.0
mythbacke 7126 root 18w REG 253,2 1492874876 1523719 /storage/recordings/1007_20100421150000.mpg
From that you can see mysql, gnome-key and mythbackend all have open files inside storage I would have to kill them before unmounting.
How to Mount a logical volume
I have finally converted to logical volumes which leaves me learning a whole new world. I was moving some data (500GB’s) between machines using a USB drive and found that the logical volume on the drive would not quickly mount via traditional mount /dev/sd… command. So here is the process to mount a LVM.
1. Scan for the new volume (Assuming you added it after boot)
vgscan
2. Activate the volume
vgchange -a y VolumeName
3. Display the volume and confirm it’s active
lvdisplay
4. Mount the volume via it’s volume name
mount /dev/mapper/VolumeName /destination_mount_point
Fedora Rescue Mode read only file systems
So you forgot to edit your fstab before you rebooted and now your stuck in read only / file system land… here’s the solution
Repair filesystem # mount -w -o remount /
Enjoy.
Postfix Hide hostnames and subdomains from your relay
So your setting up a mail relay or mail agent and your want to strip off the hostname or subdomain before the message gets to the internet: for example your relay gets it as root@max.blog.jgriffiths.org but you want it to look like root@jgriffiths.org well this is really simple with postfix. Just load up your main.cf and add the following line
masquerade_domains = jgriffiths.org
This will strip off everything after jgriffiths.org. You can add additional domain by placing spaces between hosts.
Block outgoing smtp except to an approved relay in iptables
Just like most sysadmins I have to deal with developers who want to zip off a quick email after their application finishes processing, sounds good right? Yes it is… but the internet is not a happy place and spam is around every corner. I avoid getting tagged as spam your systems email should really be sent via an internal relay. The internal relay should be registered with an MX entry in DNS to get the clear from all SPAM applicances and filtering. As such I want to use iptables to stop outgoing smtp requests unless they go to my central relay (123.123.123.123)
-A OUTPUT -p tcp -d 123.123.123.123 --dport 25 -m state --state NEW -j ACCEPT
-A OUTPUT -p tcp –dport 25 -m state —state NEW -j DROP
Works great… if you use a local mail programs you might want to add this line first
-A OUTPUT -p tcp -d 127.0.0.1 –dport 25 -m state –state NEW -j ACCEPT
Oracle 11gR2 Rac GNS iptables
Well here goes another Oracle 11gR2 note for you all out there. Let me just say Oracle’s documentation either does not exist or is so buried it’s impossible to find on this topic with 11gR2.
As always I want to lock down the system as much as possible which requires iptables. Early in the process I gave up any chance of locking down communication between nodes and interconnects and focused on internal connections. Like always any client needs to be able to talk to port 1521 TCP but GNS + 11Gr2 adds some new ports:
As may be aware GNS provides it’s own VIP equiped DNS server for it’s delegated subdomain. So it’s critical that you open up DNS to your DNS systems. So you need to open up 53 udp
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
You might want to add a source port and lock it to your dns systems.
Otherwise it should work (providing your open up iptables between nodes)