I have been working on other things which are not Linux related so obvious things have reached the area of “oh….the answer is……”
A question was raised about a Linux virtual machine using DHCP. I remembered it wasn’t but I blanked on where to look for the answer.
Simply look in the file: /etc/sysconfig/network-scripts/ifcfg-eth0
Look for:
BOOTPROTO=dhcp
ONBOOT=yes
That shows DHCP is in use.
One system had an issue with the secondary drive. The monitoring system reported it was in a Read-Only state. Suspecting a bad superblock as they happen from time to time; I gave the system a reboot.
As expected; I received:
*** An error occurred during the file system check. *** Dropping you to a shell; the system will reboot. *** When you leave the shell. Give root password for maintenance (or type Control-D) (repair file system)#
fdisk -l
In my situation, I was interested in this part:
Disk /dev/cciss/c0d1: 146.7 GB, 146778685440 bytes 255 heads, 63 sectors/track, 17844 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/cciss/c0d1p1 * 1 17844 143331898+ 83 Linux
If you have multiple partitions, you can verify the label as a precaution (that is if it’s still intact) by using the e2label command. For example:
e2label /dev/cciss/c0d1p1
Having verified the partition, it’s time to restore the superblock by using backup. This is accomplished by using the mke2fs command. Note: if the OS is running, you will need to unmount the drive.
Example:
mke2fs -n /dev/cciss/c0d1p1
It will list output (I forgot to copy it), but at the bottom you will see:
Superblock backups stored on blocks: (various numbers)
It doesn’t matter which one you choose; I picked the third one. To start the restore of the superblock; enter:
e2fsck -y -b <block number> /dev/your drive path
The “-y” option is a good idea if your partition is large. Otherwise, you will find yourself pressing the “y” key many many times.
Once it’s completed, reboot the system.
Don’t be surprised if it doesn’t solve it on the first pass. Simply re-list the backup superblocks and use a different one for the e2fsck command. In my situation, it took three attempts.
Much as I would like to impress you with my knowledge, I have to give people their acknowledgments for reviewing their blog and site for review.
I had a request to identify the model of a server running Redhat. There is the asset database but I wanted a faster solution.
A quick Google search and I found the answer.
Log into the server and SU to root.
# dmidecode | grep -A3 '^System Information'
System Information Manufacturer: HP Product Name: ProLiant DL360 G7 Version: Not Specified
A recent audit found the homepage of an Apache server with phpinfo() information displaying. Phpinfo() is a valuable debugging tool as it contains all EGPCS (Environment, GET, POST, Cookie, Server) data. Really useful for debugging and information gathering if you want to attack a system.
If you are not used to handling Apache, the obvious question is what to do?
The server in question for whatever reason; didn’t have a regular home page. Probably a test environment or a “quick fix” for a problem.
The obvious solution is to get this information out of the home page. A quick examination of the index.php file showed:
<?php phpinfo(); ?>
It would be simple to disable phpinfo() or remove the entry but the resulting page would be blank and to some in the PHP world; this is the “White Page of Death” which could cause confusion and waste time.
Since there wasn’t a home page; a simple print command was used to display a message. For this example “hello:”
<?php
print("Hello");
?>
This eliminates the problem but we can go further by disabling phpinfo(). This is accomplished by a change in the php.ini file.
; This directive allows you to disable certain functions for security reasons. ; It receives a comma-delimited list of function names. This directive is ; *NOT* affected by whether Safe Mode is turned On or Off. ; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.disable-functions disable_functions = phpinfo
This requires restarting httpd.
phpinfo() can be restarted by simply placing a “;” in the disable_functions line and restarting httpd.
Audit answered; now back to our regularly scheduled entertainment.
A user reported he could not execute the top command.
I accessed his system and found top worked. However, if I used to the su command to become the user, top would fail with a segmentation fault. To add to the oddness was a strange message: Cannot get binary type. Odd messages such as this can fill a person with dread as it could mean somebody messed up their profile. A debugging task that is rarely fun or rewarding.
I checked the PATH and found it was in order.
For fun; I reloaded procps.
I even checked security settings.
Still the segmentation faults continued.
At this point; I asked a few people and checked the Net and didn’t get any obvious answers.
I tried another system with the users account and though it pulled an error at login, it did run top.
What could be wrong? Do I need to reload the system?
I checked the users profile and didn’t see anything obvious. I happened to run ls -la and one thing did catch my attention. There was a file called .toprc. I renamed it and top worked!
It turns out you can have an RC file for top. I didn’t know that as my need for top is usually the load on the system…..
Every once in awhile I have the need to access a system in single user mode. Especially, when the root password isn’t what it’s supposed to be or for some reason a root login dumps me back to the login prompt.
Sometimes I forget the option to enable the single user due to multiple systems and rarely needing to use it.
Single-user mode boots the computer to runlevel 1 which means you will have access to your local file systems but not the network.
To get to single use mode you simply follow these steps which I found here:
a to append the line.single as a separate word (press the Spacebar and then type single). Press Enter to exit edit mode.After that press the “b” key to boot the system which should go through process and then leave you with a root prompt. There you can change the root password, edit config files, etc.
I had a request on how to restart the three LSF services from a script. The person worked on the farm team and did not relish the idea of using remote desktop or VNC.
I thought about a Powershell script or using a batch script to run the PsService from sysinternals. It looked simple as the command is as follows:
psservice \\<computer> -u <domain\username> -p password stop service <service name>
psservice \\<computer> -u <domain\username> -p password start service <service name>
I contacted the user and asked a couple more questions and learned she wanted to run the script from Linux. Of course this required a change in my approach as I like to keep things as simple as possible especially when a user will write their own script. I decided to abandon windows scripts and find away to see if Linux could handle this via the windows management interface.
Looking around the Net, I found a way I didn’t even consider. Simply install the Samba-Common. This offers the Net utility(or as close to it as possible) for the Linux host. The particular command in question is Net RPC service command:
To list out the services on a Windows computer:
net rpc service list -I <IP Address> -U “<domain\username>%<password>”
If you wish to use the command line; simply remove “%<password>” and you will be prompted for a password.
To start or stop a service; you would enter:
net rpc service {start|stop} <Service Name> -I <IP Address> -U “<domain\username>%<password>”
Again, if you wish to use the command line, simply remove “%<password>” and you will be prompted for a password.
The account used will have to have local admin privileges so if you decide to script it, secure the file to yourself since the password will be plain text.
Much as I would like to impress you with my great knowledge; there was a sense of urgency to the request so I went to the Net and I did get help from the following sites so credit must be given where credit is due.
techdork 