LINUX AND VMWARE STUFF

This Blog is to share our knowledge and expertise on Linux System Administration and VMware Administration

Thursday, October 26, 2017

How to Covert the Time Zone in Linux Server?

Thursday, October 26, 2017 0
Below steps are used to Covert the GMT time zone UTC time zone.

1. Check the current Time zone.

[root@testserver ~]# date
Tue Feb  7 07:51:59 GMT+6 2017

2. List the available Time zone (Check the UTC is abavilable or not)

[root@testserver ~]# ls /usr/share/zoneinfo/Etc/
Linvirtshell.com

 3. Copy the UTC Time Zone file to /etc/localtime & run the date command to verify.

[root@testserver ~]# cp /usr/share/zoneinfo/Etc/UTC /etc/localtime
cp: overwrite `/etc/localtime'? y
[root@testserver ~]#
[root@testserver ~]# date -u
Tue Feb  7 13:52:32 UTC 2017
[root@testserver ~]# date
Tue Feb  7 13:52:33 UTC 2017

 Some special case (RHEL 6.9), need to update the /etc/sysconfig/clock file as well.

 [root@testserver ~]#cat  /etc/sysconfig/clock
ZONE="Asia/Kuala_Lumpur"

Hope it helps
Tags # Linux General Continue Reading
By v�o l�c No comments:
Labels:

Wednesday, October 25, 2017

How to get the huge files size & name with single command in Linux Server?

Wednesday, October 25, 2017 0

Use the below command to get the huge file size and name.

root@testserver:~# /usr/bin/find / -xdev -type f -size +1024 -ls | awk '{print $7,"",$11}' |sort -m | awk '{print $1/1024/1024,"","MB","",$2}' |sort -rn -k 1

45.284  MB  /var/cache/apt/pkgcache.bin
45.264  MB  /var/cache/apt/srcpkgcache.bin
39.8765  MB  /var/lib/apt/lists/in.archive.ubuntu.com_ubuntu_dists_xenial_universe_binary-amd64_Packages
39.7197  MB  /var/lib/apt/lists/in.archive.ubuntu.com_ubuntu_dists_xenial_universe_binary-i386_Packages
26.518  MB  /var/cache/apt/archives/libpython2.7-dev_2.7.12-1ubuntu0~16.04.1_amd64.deb
24.7127  MB  /usr/lib/x86_64-linux-gnu/libicudata.so.55.1
22.3409  MB  /var/lib/apt/lists/in.archive.ubuntu.com_ubuntu_dists_xenial_universe_i18n_Translation-en
21.4124  MB  /usr/lib/gcc/x86_64-linux-gnu/5/cc1plus
19.9162  MB  /usr/lib/gcc/x86_64-linux-gnu/5/cc1
19.4404  MB  /usr/lib/python2.7/config-x86_64-linux-gnu/libpython2.7.a
19.1068  MB  /usr/lib/gcc/x86_64-linux-gnu/5/lto1
18.8433  MB  /usr/lib/python2.7/config-x86_64-linux-gnu/libpython2.7-pic.a
18.7048  MB  /usr/lib/snapd/snapd
14.6835  MB  /usr/bin/snap
....
...
..
.
Hope it helps.
Tags # Linux General Continue Reading
By v�o l�c No comments:
Labels:

Tuesday, October 24, 2017

How to solve the Error "sendmail dead but subsys locked" sm-client (pid 28752) is running?

Tuesday, October 24, 2017 0
 Error "sendmail dead but subsys locked" sm-client (pid  28752) is running - This is because of 2 MTA (Mail Transfer Agent) were sunning same time. Something is trying to start the postfix service also cause this issue.

[root@testserver ~]# /etc/init.d/sendmail status
sendmail dead but subsys locked
sm-client (pid  28752) is running...
First check postfix is running on the server

[root@testserver ~]# /etc/init.d/postfix status
-b (pid  1765) is running...
[root@testserver ~]#

Try to stop the service if not able to bring down the service & kill the process. Then restart the sendmail service.

[root@testserver ~]# /etc/init.d/postfix stop
Shutting down postfix:                                     [FAILED]
[root@testserver ~]#

[root@testserver ~]# ps -ef | grep -i postfix
root      1765     1  0 Jun09 ?        00:02:06 /usr/libexec/postfix/master
postfix   1772  1765  0 Jun09 ?        00:00:03 qmgr -l -t fifo -u
root     25822 24576  0 16:56 pts/7    00:00:00 grep -i postfix

[root@testserver ]# kill -9 1765
[root@testserver ]#

[root@testserver ]# /etc/init.d/sendmail restart
Shutting down sm-client:                                   [  OK  ]
Shutting down sendmail:                                    [  OK  ]
Starting sendmail:                                         [  OK  ]
Starting sm-client:                                        [  OK  ]
[root@testserver ]#

[root@testserver ]# /etc/init.d/sendmail status
sendmail (pid  28421) is running...
sm-client (pid  28429) is running...

Hope it helps
Tags # Linux Troubleshooting Continue Reading
By v�o l�c No comments:
Labels:

Monday, October 23, 2017

Multipath Queries & Multipath Command Options in Linux Server

Monday, October 23, 2017 0
You can use the -l and -ll options of the multipath command to display the current multipath configuration.

The -l option displays multipath topology gathered from information in sysfs and the device mapper.

The -ll option displays the information the -l displays in addition to all other available components of the system.

When displaying the multipath configuration, there are three verbosity levels you can specify with the -v option of the multipath command. Specifying -v0 yields no output. Specifying -v1 outputs the created or updated multipath names only, which you can then feed to other tools such as kpartx. Specifying -v2 prints all detected paths, multipaths, and device maps.

The following example shows the output of a multipath -l command.

# multipath -l

3600d0230000000000e13955cc3757800 dm-1 WINSYS,SF2372
size=269G features='0' hwhandler='0' wp=rw
|-+- policy='round-robin 0' prio=1 status=active
| `- 6:0:0:0 sdb 8:16  active ready  running
`-+- policy='round-robin 0' prio=1 status=enabled
  `- 7:0:0:0 sdf 8:80  active ready  running

The following example shows the output of a multipath -ll command.

# multipath -ll

3600d0230000000000e13955cc3757801 dm-10 WINSYS,SF2372
size=269G features='0' hwhandler='0' wp=rw
|-+- policy='round-robin 0' prio=1 status=enabled
| `- 19:0:0:1 sdc 8:32  active ready  running
`-+- policy='round-robin 0' prio=1 status=enabled
  `- 18:0:0:1 sdh 8:112 active ready  running
3600d0230000000000e13955cc3757803 dm-2 WINSYS,SF2372
size=125G features='0' hwhandler='0' wp=rw
`-+- policy='round-robin 0' prio=1 status=active
  |- 19:0:0:3 sde 8:64  active ready  running
  `- 18:0:0:3 sdj 8:144 active ready  running

Useful multipath Command Options

Option                Description
-l                    Display the current multipath configuration gathered from sysfs and the   device mapper.
-ll                   Display the current multipath configuration gathered from sysfs, the device mapper, and all other available components on the system.
-f device         Remove the named multipath device.
-F                   Remove all unused multipath devices.
-w device        Red Hat Enterprise Linux 6.6 and later) Remove the wwid of the specified device from the wwids file.
-W                  Red Hat Enterprise Linux 6.6 and later) Reset the wwids file to include only the current multipath devices.
Tags # DM Multipath Continue Reading
By v�o l�c No comments:
Labels:

Saturday, October 21, 2017

How to limit yum so that it lists or installs only Security Updates in Linux Server?

Saturday, October 21, 2017
Install the yum-security plugin

It is now possible to limit yum to install only security updates  using Red Hat Enterprise Linux 5,6, and 7. To do so, simply install the yum-security plugin:

For Red Hat Enterprise Linux 7

The plugin is already a part of yum itself, no need to install anything.

For Red Hat Enterprise Linux 6

# yum install yum-plugin-security

For Red Hat Enterprise Linux 5

# yum install yum-security

Alternatively, download the yum-security package from the Red Hat Network (RHN) and manually install it on the system.

For Red Hat Enterprise Linux 6 and 7

Using yum-security plugin

To list all available erratas without installing them, run:

# yum updateinfo list available

To list all available security updates without installing them, run:

# yum updateinfo list security all
# yum updateinfo list sec

To get a list of the currently installed security updates this command can be used:

# yum updateinfo list security installed

For Red Hat Enterprise Linux 5

Using yum-security plugin

To list all available erratas without installing them, run:

# yum list-sec

To list all available security updates without installing them, run:

# yum list-security --security

For both Red Hat Enterprise Linux 5, 6, and 7

To list all available security updates with verbose descriptions of the issues they apply to:

# yum info-sec

Run the following command to download and apply all available security updates from Red Hat Network hosted or Red Hat  Network Satellite:

# yum -y update --security

NOTE: It will install the last version available of any package with at least one security errata thus can install non-security erratas if they provide a more updated version of the package.

To only install the packages that have a security errata use
# yum update-minimal --security -y

yum-security also allows installing security updates based on the CVE reference of the issue. To install a security update  using a CVE reference run:

# yum update --cve <CVE>

e.g.

# yum update --cve CVE-2008-0947

Viewing available advisories by severities:

# yum updateinfo list

This system is receiving updates from RHN Classic or RHN Satellite.
RHSA-2014:0159 Important/Sec. kernel-headers-2.6.32-431.5.1.el6.x86_64
RHSA-2014:0164 Moderate/Sec.  mysql-5.1.73-3.el6_5.x86_64
RHSA-2014:0164 Moderate/Sec.  mysql-devel-5.1.73-3.el6_5.x86_64
RHSA-2014:0164 Moderate/Sec.  mysql-libs-5.1.73-3.el6_5.x86_64
RHSA-2014:0164 Moderate/Sec.  mysql-server-5.1.73-3.el6_5.x86_64
RHBA-2014:0158 bugfix         nss-sysinit-3.15.3-6.el6_5.x86_64
RHBA-2014:0158 bugfix         nss-tools-3.15.3-6.el6_5.x86_64

If you want to apply only one specific advisory:

# yum update --advisory=RHSA-2014:0159

However, if you would like to know more information about this advisory before to apply it:

# yum updateinfo RHSA-2014:0159

For more commands consult the manual pages of yum-security with

# man yum-security

If you face any missing dependency issue while applying security patches on system then refer to yum update --security fails with missing dependency errors.
Tags # Linux General Continue Reading
By v�o l�c
Labels:

Friday, October 20, 2017

How to solve the issue with Large Number of LUNs in Linux server?

Friday, October 20, 2017 0
When a large number of LUNs are added to a node, using multipathed devices can significantly increase the time it  takes for the udev device manager to create device nodes for them. If you experience this problem, you can correct  it by deleting the following line in /etc/udev/rules.d/40-multipath.rules:

KERNEL!="dm-[0-9]*", ACTION=="add", PROGRAM=="/bin/bash -c '/sbin/lsmod | /bin/grep ^dm_multipath'", RUN+="/sbin/multipath -v0 %M:%m"

This line causes the udev device manager to run multipath every time a block device is added to the node. Even with this line removed, the multipathd daemon will still automatically create multipathed devices, and multipath will still be called during the boot process for nodes with multipathed root file systems. The only change is that multipathed devices will not be automatically created when the multipathd daemon is not running, which should not be a problem for the vast majority of multipath users.
Tags # DM Multipath Continue Reading
By v�o l�c No comments:
Labels:

How to enable log for chroot sftp users in Linux Server?

Friday, October 20, 2017 0
Follow the below steps to enable logs for chroot sftp users

1. Take the backup of /etc/ssh/sshd_config

2. Add the below settings to sshd_config

Subsystem       sftp   internal-sftp  -f LOCAL6 -l INFO

  Match group sftpgroup
  ChrootDirectory /home/%u
  KbdInteractiveAuthentication no
  PasswordAuthentication no
  AllowTCPForwarding no
  X11Forwarding no
  Subsystem       sftp  internal-sftp -f LOCAL6 -l INFO

Save & Exit the sshd configuration.

3. Take the back of /etc/sysconfig/rsyslog & add the below entry.

SYSLOGD_OPTIONS="-m 0 -a /home/sftpuser/dev/log"

4. Create sftp.log file under /etc/rsyslog.d & add the below entry (This is used for create sockets)

# create additional sockets for the sftp chrooted users
module(load="imuxsock")
input(type="imuxsock" Socket="/path/to/somedirectory/dev/log" CreatePath="on")
input(type="imuxsock" Socket="/path/to/anotherdirectory/dev/log" CreatePath="on")

# log internal-sftp activity to sftp.log
if $programname == 'internal-sftp' then /var/log/sftp/sftp.log
& stop

5. Create dev directory under /home/sftpuser user

6. Now restart both sshd & rsyslog service

7. Now chroot sftp users activity logs are enabled & available under /var/log/sftp/

Hope it helps.
Tags # Linux General Continue Reading
By v�o l�c No comments:
Labels:

Thursday, October 19, 2017

Kernel: WARNING calibrate_APIC_clock: the APIC timer calibration may be wrong appear on Guest 5.x Linux VM's

Thursday, October 19, 2017 0
This was due to the MAX_DIFFERENCE parameter value (in the APIC calibration loop) of 1000 cycles being too aggressive for virtual guests. APIC (Advanced Programmable Interrupt Controllers) and TSC (Time Stamp Counter) reads normally take longer than 1000 cycles when performed from inside a virtual guest, due to processors being scheduled away from and then back onto the guest. With this update, the MAX_DIFFERENCE parameter value has been increased to 10,000 for virtual guests.

These messages can be stopped by adding ‘apiccalibrationdiff=10000’ to guest kernel in /etc/grub.conf.
Tags # Linux Troubleshooting Continue Reading
By v�o l�c No comments:
Labels: