Tuesday, June 28, 2011

Solaris Tips

SUN Free Software

Unter http://www.sunfreeware.com findet man "ready to use" Software für SUN Solaris, wie beispielsweise TOP, AMANDA, GCC, GDB etc. Download via FTP von: «ftp://nce.sun.ch/pub/freeware/sparc/7»

 PCNFS installieren

CD-ROM Solaris Intranet Extension (siehe auch Solaris Server Intranet Extension Installation)
su
cd /cdrom/cdrom0/nfsc/sparc
pkgadd -d `pwd`

Installation of Oracle 11g Release 2 on Solaris 10 x86_64

This paper (HOWTO) describes step-by-step installation of Oracle 11g release 2 (11.2.0.1.0) database software on Solaris 10 x86_64. 

This paper covers following steps:


Mount an ISO image on a Solaris filesystem with lofiadm

Many software packages can be downloaded in the form of an ISO image. Rather than burning the image to a CD-ROM to access its contents, it is easy to mount the image directly into the filesystem using the lofiadm and mount commands.


Given an ISO image in /export/temp/software.iso, a loopback file device (/dev/lofi/1) is created with the following command:
lofiadm -a /export/temp/software.iso /dev/lofi/1
The lofi device creates a block device version of a file. This block device can be mounted to /mnt with the following command:
mount -F hsfs -o ro /dev/lofi/1 /mnt
These commands can be combined into a single command:
mount -F hsfs -o ro `lofiadm -a /export/temp/software.iso` /mnt

Friday, June 24, 2011

FreeBSD Package Management (ports, pkg_*) Basics

After this short guide you will be proficient with installing, deleting, and upgrading software in FreeBSD
I just started using FreeBSD (4 shinny new 6.0 cds just arrived in the mail, hot off the press). The part that I was most interested in is its package management. I've come from the land of Linux... Gentoo (portage: based on ports), Arch Linux (pacman: i686 binary package manager), all the rpm based systems, and Debian's package management concoction. Portage and pacman have won me over and after a day of working with FreeBSD there is room for a little ports in my life. This is my cheat sheet for getting started with ports and FreeBSD package management. I obtained most of this information from the FreeBSD documentation on Installing Applications: Packages and Ports.

OpenBSD Pf Firewall "how to"

The default firewall for OpenBSD as of v3.0 is called "packet filter" or more commonly referred to as pf. Pf is a BSD licensed stateful packet filter written by Daniel Hartmeier.
History of PF
PF was originally designed as replacement for Darren Reed's IPFilter, from which it derives much of its rule syntax. IPFilter was removed from OpenBSD's CVS tree due to OpenBSD developers' problems with its license. Specifically, Reed distributed some versions of his software with the license clause, "Derivative or modified works are not permitted without the author's prior consent." Due to this, the OpenBSD team decided to replace the software. This decision became the subject of wrangling among the parties involved, degenerating into a discussion that failed to reach mutual understanding. On the subject, OpenBSD project leader Theo de Raadt wrote, "Software which OpenBSD uses and redistributes must be free to all... for any purpose including... modification."
PF has since evolved quickly and now has several advantages over other available firewalls. Network Address Translation (NAT) and Quality of Service (QoS) have been integrated into PF, QoS by importing the ALTQ queuing software and linking it with PF's configuration. Features such as pfsync and CARP for failover and redundancy, authpf for session authentication, and ftp-proxy to ease firewalling the difficult FTP protocol, have also extended PF.
One of the many innovative feature is PF's logging. Logging is configurable per rule within the pf.conf and logs are provided from PF by a pseudo-network interface called pflog. Logs may be monitored using standard utilities such as tcpdump, which in OpenBSD has been extended especially for the purpose, or saved to disk in a modified tcpdump/pcap binary format using the pflogd daemon. Wikipedia "History of pf"

Thursday, June 16, 2011

Adding a Hard Drive in Linux

Adding New Drives

There are many reasons why you would need to add a new drive to your Linux box. You might have out-grown your current space limitations, or you may want to add a separate drive for a specific project or service. In any case, if you follow this guide, you should have no problems. First, you must be familiar with the naming scheme Linux uses for your drives. For purposes if this article, everything highlighted in blue is the command you must type at the terminal prompt. Anything hightlighted in red indicates changes made by a previous command or something you should pay special attention to. Anything highlighted in green is simply the standard output from a terminal or issued command. The machine used for this guide is running Red Hat Entperise Linux.

Conventional Naming

This article assumes you know the difference between primary, extended and logical partitions. In the following example, I added a SCSI hard drive with one primary partition. With that being said, I'll continue explaining the naming scheme. Linux gives each drive a 3 letter name followed by a partition number. If you are using IDE drives, these will all be named hd**. Where hd denotes the drive and the next two variables are aassociated with IDE order (primary master, primary slave, etc) and partition number. So, your primary master drive will always be named hda. If you are using SCSI drives, everything remains the same except instead of using hd, drives are named sd**. Your SCSI primary master drive will always be named sda. All of these devices reside under the/dev portion of your Linux file system. For instance, as root, you can issue the following command to view the naming combinations possible for your system. Remember, in this example, I am using SCSI hardware. If you are using IDE, simply use hd is place of sd here. 


Linux ate my RAM

What's going on?

Linux is borrowing unused memory for disk caching. This makes it looks like you are low on memory, but you are not! Everything is fine!

Why is it doing this?

Disk caching makes the system much faster! There are no downsides, except for confusing newbies. It does not take memory away from applications in any way, ever!

What if I want to run more applications?

If your applications want more memory, they just take back a chunk that the disk cache borrowed. Disk cache can always be given back to applications immediately! You are not low on ram!

Do I need more swap?

No, disk caching only borrows the ram that applications don't currently want. It will not use swap. If applications want more memory, they just take it back from the disk cache. They will not start swapping.

How do I stop Linux from doing this?

You can't disable disk caching. The only reason anyone ever wants to disable disk caching is because they think it takes memory away from their applications, which it doesn't! Disk cache makes applications load faster and run smoother, but it NEVER EVER takes memory away from them! Therefore, there's absolutely no reason to disable it!

Why does top and free say all my ram is used if it isn't?

This is just a misunderstanding of terms. Both you and Linux agrees that memory taken by applications is "used", while memory that isn't used for anything is "free".But what do you call memory that is both used for something and available for applications?
You would call that "free", but Linux calls it "used".


Memory that isYou'd call itLinux calls it
taken by applicationsUsedUsed
available for applications, and used for somethingFreeUsed
not used for anythingFreeFree


This "something" is what top and free calls "buffers" and "cached". Since your and Linux's terminology differs, you think you are low on ram when you're not.

How do I see how much free ram I really have?

Too see how much ram is free to use for your applications, run free -m and look at the row that says "-/+ buffers/cache" in the column that says "free". That is your answer in megabytes:

$ free -m
             total       used       free     shared    buffers     cached
Mem:          1504       1491         13          0         91        764
-/+ buffers/cache:        635        869
Swap:         2047          6       2041
$

If you don't know how to read the numbers, you'll think the ram is 99% full when it's really just 42%.

How can I verify these things?

See this page for more details and how you can experiment with disk cache.

Overview of memory management

Traditional Unix tools like 'top' often report a surprisingly small amount of free memory after a system has been running for a while. For instance, after about 3 hours of uptime, the machine I'm writing this on reports under 60 MB of free memory, even though I have 512 MB of RAM on the system. Where does it all go?

The biggest place it's being used is in the disk cache, which is currently over 290 MB. This is reported by top as "cached". Cached memory is essentially free, in that it can be replaced quickly if a running (or newly starting) program needs the memory.

The reason Linux uses so much memory for disk cache is because the RAM is wasted if it isn't used. Keeping the cache means that if something needs the same data again, there's a good chance it will still be in the cache in memory. Fetching the information from there is around 1,000 times quicker than getting it from the hard disk. If it's not found in the cache, the hard disk needs to be read anyway, but in that case nothing has been lost in time.

Monday, June 13, 2011

Getting PHP running with Apache

The #debian IRC channel on freenode very often sees people who don't know how to get PHP running with Apache. This is nearly always caused by missing packages - particularly the Apache mod_php module.
It is very simple to get a basic setup running - depending on the version of Apache and PHP you want (and are available for your Debian distribution stable/testing/unstable).
Some useful commands for searching for packages are:
apt-cache search apache
apt-cache search php
You should decide whether you wish to use Apache 1.x or Apache 2.x - and install the relevant package if you don't already have it present e.g:
apt-get install apache2
Decide if you want PHP4 or PHP5. (PHP5 is available for testing/unstable, but isn't included in the Sarge release). If you chose PHP4 you'd install it with:
apt-get install php4
Once you've installed the appropriate PHP package you'll need to get the matching Apache module - the actual name will depend on what versions you have chosen - but - for this example you'd run:
apt-get install libapache2-mod-php4
Without this last package PHP will not be handled by Apache!
If you install the PHP4 or PHP5 modules for Apache2 then they will automatically enable themselves. If they didn't you would need to manually enable them using the a2enmod tool:
# a2enmod php4
This module is already enabled!
(Or "a2enmod php5" for PHP5.)
There are lots of other PHP libraries for the various dependencies - database interfaces, XML handling etc etc. If you need to do something that PHP doesn't cope with - try using the "apt-cache search" command to see if there is a module for it.
Note - this is not meant to be an exhaustive guide - just something that we can point people to as a starting point :)

Installing Perl modules from CPAN

There are several ways to get Perl modules from CPAN installed on your unix-based system. Keep in mind that there is always more than one way to do it with Perl, and this is no different. Before embarking upon any installation, it's a good idea to download the module, unzip it and check out the documentation. In general, though, most modules are installed in the same method.
The simplest way to get Perl modules installed is to use the CPAN module itself. If you are the system administrator and want to install the module system-wide, you'll need to switch to your root user. To fire up the CPAN module, just get to your command line and run this: 

perl -MCPAN -e shell
If this is the first time you've run CPAN, it's going to ask you a series of questions - in most cases the default answer is fine. Once you find yourself staring at the cpan> command prompt, installing a module is as easy as install MODULE::NAME - for example, to install the HTML::Template module you'd type:

cpan> install HTML::Template

Thursday, June 9, 2011

Using mdadm to send e-mail alerts for RAID failures

Environment

Novell SUSE Linux Enterprise Desktop 10
Novell SUSE Linux Enterprise Server 10
Novell SUSE Linux Enterprise Server 10 Service Pack 1
Novell SUSE Linux Enterprise Desktop 10 Service Pack 1

Situation

Mdadm is a command line utility that can be used to create, manage, and monitor Linux software RAID devices.
This TID will explain how to use mdadm to monitor and report issues with a software raid configuration in SLE Linux. This document is not intended to explain software raid setup in SLE Linux. The setup steps for mdadm are for use after a system has an active software raid setup.

Tuesday, June 7, 2011

Install mod_security Core Rule Set in Ubuntu 11.04

Update the apaches.conf file with this content

Include conf.d/*.conf
Include conf.d/security
Include conf.d/localized-error-pages
Include conf.d/charset
Include conf.d/other-vhosts-access-log

Include conf.d/crs/activated_rules/*.conf

Thursday, June 2, 2011

Snort startup script for Ubuntu

#! /bin/sh
### BEGIN INIT INFO
# Provides:          Snort
# Required-Start:    $local_fs $remote_fs $syslog $network mysql
# Required-Stop:     $local_fs $remote_fs $syslog $network mysql
# Default-Start:     2 3 4 5
# Default-Stop:      S 0 1 6
# Short-Description: Init script to start the Snort daemon
# Description:       Provides Snort service on startup and terminates
#                    on shutdown. Snort is an IDS or IPS. This script
#                    assumes that snort is installed in /usr/sbin and
#                    that it's main snort.conf file is in /etc/snort.
#                    The service will be started as a daemon, listening
#                    on eth0 and will also start quietly. If you require
#                    something other than this, you will have to edit
#                    the script accordingly.
#                    USE AT YOUR OWN RISK, YMMV. THIS SCRIPT COMES WITH
#                    ABSOLUTELY NO WARRANTY WHATSOEVER.
# License:           GPLv2 see http://www.gnu.org/licenses/gpl-2.0.txt
### END INIT INFO


# Author: Nigel Houghton <nigel.houghton@sourcefire.com>


PATH=/usr/sbin:/usr/bin:/sbin:/bin
DESC="Snort service for IDS or IPS"
NAME=snort
CONFIG="/usr/local/snort/etc/snort.conf"
INTERFACE="eth0"
DAEMON=/usr/local/snort/bin/$NAME
DAEMON_ARGS="-c $CONFIG -i $INTERFACE -qD -A fast -l /var/log/snort"
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME


# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 1


# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME


# Load the VERBOSE setting and other rcS variables
[ -f /etc/default/rcS ] && . /etc/default/rcS


# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions


#
# Function that starts the daemon/service
#
do_start()
{
        # Return
        #   0 if daemon has been started
        #   1 if daemon was already running
        #   2 if daemon could not be started
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null || return 1
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_ARGS || return 2
}


#
# Function that stops the daemon/service
#
do_stop()
{
        # Return
        #   0 if daemon has been stopped
        #   1 if daemon was already stopped
        #   2 if daemon could not be stopped
        #   other if a failure occurred
        start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
        RETVAL="$?"
        [ "$RETVAL" = 2 ] && return 2
        start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
        [ "$?" = 2 ] && return 2
        # Many daemons don't delete their pidfiles when they exit.
        if [ -f "$PIDFILE" ]; then
                rm -f $PIDFILE
        fi
        return "$RETVAL"
}


#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
        start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
        return 0
}


case "$1" in
        start)
        [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
        do_start
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;


        stop)
        [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
        do_stop
        case "$?" in
                0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
                2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
        esac
        ;;


        restart|force-reload)
        log_daemon_msg "Restarting $DESC" "$NAME"
        do_stop
        case "$?" in
                0|1)
                do_start
        case "$?" in
                0) log_end_msg 0 ;;
                1) log_end_msg 1 ;; # Old process is still running
                *) log_end_msg 1 ;; # Failed to start
        esac
        ;;


        *)
        # Failed to stop
        log_end_msg 1
        ;;


        esac


        ;;


        *)
        echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
        exit 3
        ;;
esac


$ sudo chmod +x /etc/init.d/snort
$ sudo update-rc.d snort start 37 S . start 37 0 . start 37 6 .