Category Archives: Bash - Page 2

too many files in directory to delete?

find . -name ‘*.net*’ | xargs rm

change *.net to whatever is necessary.

this will iterate through each file name and apply RM to it.

rm -f * will not work where there are too many files as it simply appends each file name to form a massive string.

xfs Maintenance

http://st-on-it.blogspot.com.au/2008/02/how-to-defragment-your-xfs-partition.html

http://serverfault.com/questions/406069/why-are-my-xfs-filesystems-suddenly-consuming-more-space-and-full-of-sparse-file

nmap port scanning

nmap -p80 10.1.1.0/24 -oG – | grep 80/open

Will display all ports in the /24 that have port 80 open

Rackable IPMI reset

Rackable half size servers pack unbelievable punch per $$$. However finding resources for these servers is almost impossible.

We came across a number of these and had a very hard time cracking the IPMI. Below are the steps to reset the password of the IPMI so you can gain access via the web console.

1. Power on the server and go into the bios and setup the BMC/IPMI LAN config.
2. Plug a cat 5 cable into IPMI port.
3. Load whatever flavour of linux you like onto the server.
4. log into the server and make sure the ipmi drivers are loaded, if there aren’t then ->

modprobe ipmi_msghandler
modprobe ipmi_devintf
modprobe ipmi_si

run lsmod, and make sure the modules have loaded.

then simply run

ipmitool -I open lan set 1 password NEWPASSWORD
ipmitool -I open user set password 2 NEWPASSWORD

this should reset both of the passwords for the root user to NEWPASSWORD

open a web browser and point it to the IPMI IP address you setup in Step 1.

Log in with your new credentials!!!

Resources:
http://serverfault.com/questions/85042/is-it-possible-to-reset-the-password-on-a-supermicro-ipmi-interface
http://techpubs.sgi.com/library/tpl/cgi-bin/getdoc.cgi/linux/bks/SGI_Admin/books/Guide_AdminXE_AG/sgi_html/ch01.html#Z1165360258tls

Xenserver LVM over iSCSI

Trying to reclaim space from that VM you deleted several months ago?

This is a known issue with Xenserver and iSCSI when snapshots are used.

The short answer is that if you allow your SR to fill up too much, the automatic coalesce leaf operations performed by XS will not be able to be performed as a certain amount of space is required for this function to reclaim space.

The basic rule is that there must be Double the VM size of free space on the SR available for the coalesce function to work.

So if you delete a 100GB VM, you MUST have at least 200GB of free available space on the SR.

minimal centos

Remove those ugly useless packages from your CentOS 6 Server!

http://kyotera.net/2012/02/extra-packages-in-minimal-installation-of-centos-6-2/

Using parted to create partitions

http://blog.derakkilgo.com/2010/06/12/warning-the-resulting-partition-is-not-properly-aligned-for-best-performance/

Start all VMs on HOST boot

place the following in /etc/rc.local

sleep 30
xe vm-start tags=autostart –multiple

mark all VMs with autostart tag and they’ll be started!

IPoIB tuning

startup script

in cron
@reboot /etc/path_to_script

script..
#!/bin/bash

echo “connected > /sys/class/net/ib0/mode”
echo “connected > /sys/class/net/ib0/mode”

ibconfig ib0 mtu 65520
ibconfig ib1 mtu 65520

#make sure sdp is loaded… just in case!
/sbin/modprobe ib_sdp

#TCP Tuning for IPOIB
/sbin/sysctl -w net.ipv4.tcp_timestamps=0
/sbin/sysctl -w net.ipv4.tcp_sack=0
/sbin/sysctl -w net.core.netdev_max_backlog=250000
/sbin/sysctl -w net.core.rmem_max=16777216
/sbin/sysctl -w net.core.wmem_max=16777216
/sbin/sysctl -w net.core.rmem_default=16777216
/sbin/sysctl -w net.core.wmem_default=16777216
/sbin/sysctl -w net.core.optmem_max=16777216
/sbin/sysctl -w net.ipv4.tcp_mem=”16777216 16777216 16777216″
/sbin/sysctl -w net.ipv4.tcp_rmem=”4096 87380 16777216″
/sbin/sysctl -w net.ipv4.tcp_wmem=”4096 65536 16777216″

Centos 6 SFTP chroot Jail

User and Group setup

First you will want to establish the sftponly group

groupadd sftponly

Then create the user with the correct home directories and group

useradd -d /var/www/vhosts/bob -s /bin/false -G sftponly bob

Don’t forget at this point to also add password to these new accounts.

SSHd configuration changes

Now we need to make changes in /etc/ssh/sshd_config to enable SFTP chroot jails in SSH.

Comment out the following line in /etc/ssh/sshd_config:

Subsystem sftp /usr/lib/openssh/sftp-server

and replace it with this line:

Subsystem sftp internal-sftp

Then add the following set of lines to the very bottom of the file:

Match Group sftponly

ChrootDirectory /var/www/vhosts/%u

X11Forwarding no

AllowTCPForwarding no

ForceCommand internal-sftp

This creates a special login group that then chroot jailed all users in that group into their own home directory.

Once these file changes are saved you will need to restart SSHd for the changes to take effect, using the following command:

service sshd restart

Permissions cleanup and testing

Last issue to address is the permissions settings, for this example the directories /var/www/vhosts/bob and /var/www/vhosts/ted should both be owned by root. The directory /var/www/vhosts/ted/site1 should be owned by ted and the directory /var/www/vhosts/bob/site1 should be owned by bob.