IPMI

The Intelligent Platform Management Interface (IPMI) is an industry standard that defines interfaces to the TT platform management subsystem. It include remotely accessing the platform through standard messaging channels such as IPMI Over Serial, LAN, or Serial Over LAN (SOL) connections,as well as generating and sending a Platform Event Trap (PET) when a monitored event condition occurs.IPMI configuration can be carried out by different software programs and utilities both graphical user interface (GUI) and command-line interface (CLI) options available. Configuration can be divided into the following categories:

• Configuration of a LAN connection for IPMI messaging and alerting: Includes enabling IPMI communication over a LAN connection, selecting the source for the remote-access IP address (statically assigned or obtained using the Dynamic Host Configuration Protocol), assigning a static IP address, choosing the highest privilege level allowed on the connection, and configuring virtual LAN (VLAN) settings and the baseboard management controller encryption key.

• Configuration of a serial connection for IPMI messaging and alerting: Includes setting the connection mode, baud rate, flow control, terminal mode, and highest privilege level allowed on the connection

• Configuration of a SOL connection: Includes enabling SOL and configuring the baud rate and settings for how characters should be accumulated and sent

• Configuration of IPMI remote-access users: Includes enabling users; assigning usernames, passwords, and privileges on each connection channel (LAN and serial); and enabling SOL payloads on the LAN connection

• Configuration of Platform Event Filters (PEFs): Includes enabling PEF alerting on the LAN connection, selecting actions to take, and configuring alert destinations

• Restoration of IPMI configuration parameters: Returns these parameters to the reconfigured default values

Introduction to Dump

Dump: Smart Archiver for Filesystems, not FilesThere are other popular tools to manage backup archives such as cpio, tar and afio.
These utilities handle files as the target to be archived and they are capable of excluding specific files and/or directories from the target.
They can even create a single archive that contains files from multiple filesystems.In contrast, dump handles a physical filesystem as an archiving target and the restore command usually uses the archive to restore the filesystem as it was dump’ed.
Each file is managed by the i-node number and basically, dump cannot exclude specific files from the archive (actually, you may do so in a different manner.

Dump is indeed a simplistic and primitive tool, but it does come with a brilliant feature for incremental archiving. It identifies newly created or modified files after the previous backup and efficiently stores them to an archive very fast.
For example, suppose a file ‘foo’ was backed up during the last archiving and removed afterwards. On the next incremental archiving, dump puts the record in the archive as ‘there used to be a file foo, but it was removed’.
If you use tar for your regular incremental backup tasks and attempt a full restoration one day, you may run out of the disk space by trying to restore a large number of files that had already been removed.
With dump, you will never face such a problem.In summary, it would be fair to say² Cpio, tar or afio is suitable for archiving specific files or directories.² Dump is suitable for archiving whole filesystems.Just pick a right tool for you job.

Dump and Restore

The dump(8) and restore(8) commands have traditionally been used on the BSD systems to backup and restore filesystems. Dump backups a filesystem as a whole into an “archive”, and restore retrieves files from it. Although the archive may be created as a regular file on a regular filesystem, it is usually stored on an external backup device such as a magnetic tape. Some features are implemented in dump to support such devices.

Using Yum

•Install/Remove /Update
yum install package …..
Yum will check the repository for the package if it finds the package it will install the latest version, pulling in dependencies if needed.
yum remove package ….
Yum will remove the package named by you from your system. If any other package depends on the package then yum will prompt you and gives the option to remove those package too. –yum update package ……
•yum check the repository for the updated version of the package and then install them. If when no package are specified then yum search for updates to all of your currently installed packages.

What yum ?

•Development of the RPM cemented the future of linux by greatly simplifying installation of the software. As the operating system became more complex, RPM began to show few weakness, primarily its inability to resolve dependencies.

•To solve this problem of dependency resolution and package location, volunteer programmers at duke University developed Yellow dog Update, Modifier or YUM for short.

•The yum-*.rpm is required to use yum command

•The yum will be working on the repository.

•What is repository ?

–The repository is the location where the software or rpms are stored.

–The repository can be created on any linux box it needs createrepo*.rpm

–#createrepo –v directory path (-v verbose )

RPM Verification

•Installed RPM file verification :

•rpm –V verifies installed RPM against the RPM database
•rpm –Va verifies all installed RPMS against the RPM database
•rpm –Vp .i386.rpm

•Signature Verification before package install
•rpm –import RPM –GPG-KEY

•By default when the linux is install in the system the GPG-KEY for the redhat is stored in /etc/pki/rpm-gpg
•rpm –qa gpg-pubkey

RPM Queries

Syntax
rpm –q what_packages what_information
Or rpmquery
Installed Package Options :


rpm –qa queries all installed packages
rpm –qf filename #shows owning package
rpm –qi package_name #general information
rpm –ql package_name # lists files in package

Upgrading software

Normally when you need to Upgrade the software we use rpm –U .


When rpm –U is used for the software it will save the old config file as *.rpmsave.
But make a Note when you try to upgrade the kernel the old kernel will be deleted.


Do not use rpm –U or rpm –F for kernel software Upgradation.
Always use rpm –ivh kernel-version.acrh.rpm


Boot and test the new kernel

Installing and Removing software

Primary RPM options


Install : rpm -i , -- install
Upgrade : rpm -U , --upgrade
Freshen : rpm -F , --freshen
Erase : rpm -e , --erase
Output Options :
-v for verbose mode
-h for hash mode

Package Management in Linux

RPM – (Redhat Package Manager )


The Software to installed using RPM is distributed through rpm package files
Rpm packages are named as Name–version–release.Architecture.rpm

The version refers to the open source version of the project
The release refers to Redhat internal patches to the open source code

HOW TO INSTALL AND TEST SAMBA

1. Obtaining and Installing Samba
Binary packages of Samba are included in almost any Linux or UNIX distribution.
There are also some packages available at the Samba home page.
Refer to the manual of your operating system for details on installing packages
for your specific operating system.

1. Configuring Samba (smb.conf)
Samba's configuration is stored in the smb.conf file, which usually resides
in /etc/samba/smb.conf or /usr/local/samba/lib/smb.conf. You can
either edit this file yourself or do it using one of the many graphical tools
that are available, such as the Web-based interface SWAT, that is included
with Samba.

 

Everything is Linux: Implementing Quotas for User

Everything is Linux: Implementing Quotas for User

Some Terms in quota

 

Hard Block Limit - The absolute maximum amount of disk space that a user or group can use. Once this limit is reached, no further disk space can be used.

Soft Block Limit -  the maximum amount of disk space that can be used. However, unlike the hard limit, the soft limit can be exceeded for a certain amount of time. That period is called Grace Period.

Grace Period – It can be expressed in seconds, minutes, hours,
      days, weeks, or months.

     If any of the values are set to 0, that limit is not set.

Implementing Quotas for User

#  edquota username
 
   
     Perform this step for each user who needs a quota.

    For example , output will be as follows,
Disk quotas for user testuser (uid 501): Filesystem blocks soft hard inodes
      soft hard /dev/VolGroup00/LogVol02  440436  0  0  37418  0  0

 

The text editor defined by the EDITOR environment variable is used by edquota.

Configuring Disk Quotas

1. Enable quotas per file system by modifying the /etc/fstab file.
2. Remount the file systems.
3. Create the quota database files and generate the disk usage table.
4. Assign quota policies.

   Each of these steps is discussed in detail in the following sections.

Disk Quotas

Main Points about Disk Quotas

Disk space can be restricted by implementing disk quotas.

It alert a system administrator before a user consumes too much disk space or a partition becomes full.

Disk quotas can be configured for individual users as well as user groups.

In addition, quotas can be set not just to control the number of disk blocks consumed but to control the number of inodes.

Because inodes are used to contain file-related information, this allows control over the number of files that can be created.

Secure Shell

Normally for logging in to any Linux  PCs, we use Telnet or ftp.But Communication will be happen in normal text mode.Any network hackers or network sniffers can hack our password.

Best method of logging remotely is Secure Shell(ssh).

In ssh login , Communication is happened through encrypted form.

Through this ssh connection, we can able to login to any Linux box without password also if configured.

This ssh service is run by sshd daemon.This is the daemon which is enabled by default.

Command Syntax : # ssh linux.test.com (where linux.test.com is the remote server)

After this command execution ,it will ask to add the generated  RSA key to  the file known_hosts in ~/.sshd/ Give yes to that line.then it will ask for password. Give password of root.

Now you are connected to remote linux server.

Even 

a.We can copy files from remote server and vice versa without logging in .

b.We can login without passwords.

These two will be discussed in coming post.

VNC configuration in RHEL 4 and RHEL 5

First enable service "vncserver" on Server
#chkconfig vncserver on

Restart the service
#service vncserver start

#vncserver
New ':1 (root)' desktop is Server_Ip_Address:1

Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/Server_Ip_Address:3.log

#vncpasswd
Password:
Verify:

# vim /root/.vnc/xstartup
The entry should look like as follows,

#!/bin/sh

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
#xsetroot -solid grey
#vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
twm &


Now u can view through vnc viewer using Server_Ip_Address:1

What is in /etc/fstab?

The file fstab contains descriptive information about the various file systems. It is the duty of the system administrator to properly create and main-tain this file. fstab can be modified by special utils (e.g. fstab-sync). Each filesystem is described on a separate line; fields on each line are separated by tabs or spaces. Lines starting with # are comments. The order of records in fstab is important because fsck, mount, and umount sequentially iterate through fstab doing their thing.

The first field, (fs_spec), describes the block special device or remote filesystem to be mounted.
A block special device node (like /dev/cdrom or /dev/sdb7. For procfs, use proc.

The second field, (fs_file), describes the mount point for the filesystem. For swap partitions, this field should be specified as none.

The third field, (fs_vfstype), describes the type of the filesystem. Linux supports lots of filesystem types, such as adfs, affs, autofs, coda, coher-ent, cramfs, devpts, efs, ext2, ext3, hfs, hpfs, iso9660, jfs, minix, msdos, ncpfs, nfs, ntfs, proc, qnx4, reiserfs, romfs, smbfs, sysv, tmpfs, udf,ufs, umsdos, vfat, xenix, xfs, and possibly others.

For the filesystems currently supported by the running kernel, see /proc/filesystems. An entry swap denotes a file or partition to be used for swapping, cf. swapon (8). An entry ignore causes the line to be ignored.This is useful to show disk partitions which are currently unused.

The fourth field describes the mount options associated with the filesystem. By Default, it will be defaults.

The fifth field is used for these filesystems by the dump command to determine which filesystems need to be dumped. If the fifth field is not present, a value of zero is returned and dump will assume that the filesystem does not need to be dumped.

The sixth field is used by the fsck program to determine the order in which filesystem checks are done at reboot time. The root filesystem should be specified with a fs_passno of 1, and other filesystems should have a fs_passno of 2. Filesystems within a drive will be checked sequentially, but filesystems on different drives will be checked at the same time to utilize parallelism available in the hardware. If the sixth field is not present or zero, a value of zero is returned and fsck will assume that the filesystem does not need to be checked.

What is Iptables ?

iptables - Administration tool for IPv4 packet filtering and NAT

Iptables  is  used  to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.  Several different tables may be defined.Each table contains a number of built-in chains and may also contain user-defined chains.

Each chain is a list of rules which can match a set of packets.  Each rule specifies what to do with a packet that matches.  This is called a  target,which may be a jump to a user-defined chain in the same table.

A  firewall  rule  specifies  criteria for a packet, and a target.  If the packet does not match, the next rule in the chain is the examined; if it does match, then the next rule is specified by the value of the target, which can be the name of a user-defined chain or one of the  special  values  ACCEPT,DROP, QUEUE, or REJECT

Some Basic Commands in Linux

Basics commands in Linux

The ls command

ls        -----      Command is equivalent of the DOS dir command. It lists the files and subdirectories contained within the present directory.

Some possible flags which can be used with the ls command are:

ls -a                List all files including hidden files which starts with.(Dot).these hidden files will not be displayed with simple ls command

ls | more         Lists files and directories page after page on keystroke. The above command actually is a combination of two commands. It introduces a new concept called 'Piping'. It is done using the logical OR or | character found just above the Enter key on your keyboard. In Linux it is possible to give the output of one command to another command as an input. The ls command lists files & subdirectories and the more commands divides its input into page length views. Thus piping the ls output to more results in page length views of files and subdirectories.

ls –R            It lists the files and subdirectories of a directory and further lists the contents of each subdirectory recursively. The output of this command is usually large and is best seen when piped through more.

pwd            The pwd or the present working directory command gives you the path to the directory in which you presently are. It is used without flags simply as 'pwd'

su                Many times you might have logged in as a normal used and might need to be root to install a software or for some other small task. You could logout then login as root complete the work logout and login back as a normal user. Instead, you can just use the su command. The format is:

su username
e.g.: su root

When you 'su' to become root from a normal user, you are asked for the root password. But if you are root, you can use 'su' to become any user without using a password. Once your work is finished, use 'exit' to become yourself.

whoami     It will tell you which user you are logged in as. Useful when you have used 'su' many times and now don't know who you are.

cp              This one copies files / directories from one place to another its syntax is

cp source_file_with_path destination_path

e.g.: cp /home/bala/secret.txt /ftp/pub

This would make a copy of secrets.txt from /home/bala to /ftp/pub.

cp –i         Interactive copying, prompts before overwriting files or directories

cp -l source_file_with_path destination_path

Makes a link (shortcut) to the source_file at the destination path instead of actually copying it there.

cp –p        Preserve file attributes while copying if possible

cp –R       Copy Recursively. Used when copying directories. This command also copies the contents of the subdirectories.

cp –u       Update i.e. Copy only if the source file is newer than the destination file or the destination file does not exist.

rm           The rm command is used to remove or delete files or directories. Its general format is:

rm -flag file_or_directory_with_path

Eg: rm /home/bala/recycle.txt

Some flags which can be used with the rm command are

rm -v test.txt

Remove verbosely, explain what is being done.

rm -r directory

Remove the directory and its contents recursively.

mkdir                 This command is used to create new a new directory. Its syntax is

mkdir -optional_flag directory_name

The possible flags are

mkdir -v directory_name

Tell what is going on.

mkdir -p directory_with_path

This is a cool command. Suppose you need a directory named data  within another directory called report in /usr/local and the parent directory report itself does not exist, then you can use :

mkdir -p /usr/local/report/data

This command creates the report directory and the data subdirectory in one go.

man         For someone new to linux, the man command is one of the most important commands. The syntax is:

man command_name

Suppose you have not understood fully one of the above commands or want to find out about a new command you have learnt, the man command provides a manual for that command