jump to navigation

LVM: Duplicate VGName – Howto Rename 31 May 2016

Posted by Maulvi Bakar in : Linux,System,Unix , add a comment

xsshot4d33ca58bce04.png.pagespeed.gp+jp+jw+pj+js+rj+rp+rw+ri+cp+md.ic.ECGX3Ynr_FI have an interesting problem. One of my Virtual Machine was compromised with a trojan/virus. The VM was relatively new with no exposed services to public facing interface except for SSH. It was a CentOS 7 , newly installed with nothing configured on it. I did made sure to update it to the latest updates, thinking it was just fine, I let it at default which by vendor’s default settings – only the SSH is enabled.

A few days later, the VM was compromised.  The tell-tale sign?  The VM was extremely sluggish and my home internet connectivity was sluggish as well. A simple “top” command shows that there are processes running in the background consuming obscene amount of available resources. It seems that this troan/virus is conducting a DDOS uti;izing my resources turning my VM into into a mindless zombie botnet. The process-name? It was randomly generated name. Killing and deleting them will only cause them to regenerate itself.

My first reaction was to take the VM offline.

Since this is a new system, I find it easier to rebuild the system from scratch. I took the VM’s existing disk-image offline and assigned a new one to itand proceeded to install the OS onto it.

Once done, I re-attached the old disk-image back to the VM.

As I rebuild the VM’s OS using the same details, unfortunately, the old disk-image and the new disk-image shares the same LVM Volume Group Name. While I was lucky the VM boots-up finne, I supposed it is due to the new disk-image being the first diskdetected by the OS, mounts fine but the old disk-image’s Volume Group was not.

The “lvcan” commands shows the Volume was inactive –
# lvscan
ACTIVE ‘/dev/centos_vg01/swap’ [2.00 GiB] inherit
ACTIVE ‘/dev/centos_vg01/root’ [7.53 GiB] inherit
inactive ‘/dev/centos_vg01/swap’ [1.00 GiB] inherit
inactive ‘/dev/centos_vg0/root’ [8.47 GiB] inherit

Using the command “vgdisplay”, I acquire the UUID of the Volume Group that I wanted to rename, the it is a simple command of “vgrename”
# vgrename gUgqiK-6KKe-DH70-5Zsr-KMu6-ooQm-BSwlJB centos_vg01_old
Volume group “centos_vg01” successfully renamed to “centos_vg01_old”

Upon the next reboot, both Volume Groups were detected normally –
# lvscan
ACTIVE ‘/dev/centos_vg01/swap’ [2.00 GiB] inherit
ACTIVE ‘/dev/centos_vg01t/root’ [7.53 GiB] inherit
ACTIVE ‘/dev/centos_vg01_old/swap’ [1.00 GiB] inherit
ACTIVE ‘/dev/centos_vg01_old/root’ [8.47 GiB] inherit

Enjoy!

Apache – Directory Listings and Non-Listing Exclusions 5 July 2013

Posted by Maulvi Bakar in : Linux,System,Unix , add a comment

Apache HTTP Server

To display directory listings in a folder, the ‘Options‘ directive is ‘Indexes‘. Usually we include ‘FollowSymLinks‘ as well so that Symbolic Links specified on OS level are honoured. The code syntax is as follows –

Options Indexes FollowSymLinks
IndexIgnore .htacccess privatefolder

Notice that there’s the ‘IndexIgnore‘ directive. This directive will tell apache which files or directories to ignore when listing.

Enjoy!

Lord of the OS 29 May 2013

Posted by Maulvi Bakar in : Linux,Society,System,Unix , add a comment

Recently I visited a friend who is an average computer user. As we were talking he mentioned that he had recently installed Windows 8 on his PC. He told me how happy he was with this operating system and showed me the Windows 8 DVD. To his surprise I threw it into his microwave oven and turned it on. Instantly he got very upset, because the DVD had become precious to him, but I told him: ‘Do not worry, it is unharmed.’ After a few minutes I took the CD out, gave it to him and said: ‘Take a close look at it.’ To his surprise the DVD was quite cool to hold and he remarked that it seemed to be heavier than before. At first he could not see anything, but on the inner edge of the central hole he saw an inscription, an inscription finer than anything he had ever seen before. The inscription shone piercingly bright, and yet remote, as if out of a great depth:

12413AEB2ED4FA5E6F7D78E78BEDE820945092OF923A40EElOE5 I OCC98D444AA08EI

‘I cannot understand these fiery letters,’ he said in a timid voice.
‘No but I can,’ I said. ‘The letters are HEX, of an ancient mode, but the language is that of Microsoft, which I shall not utter here. But in common English this is what it says:

One OS to rule them all, One OS to find them,
One OS to bring them all and in the darkness bind them

It is only two lines from a verse long known in System-lore:

Three OS’s from corporate-kings in their towers of glass,
Seven from valley-lords where orchards used to grow,
Nine from dotcoms doomed to die,
One from the Dark Lord Gates on his dark throne
In the Land of Redmond where the Shadows lie.
One OS to rule them all, One OS to find them,
One OS to bring them all and in the darkness bind them,
In the Land of Redmond where the Shadows lie.

Solaris Ping Results 17 February 2011

Posted by Maulvi Bakar in : Unix,Work , add a comment

Ever tried to ping a host on a Solaris machine?

$ ping pong

pong is alive

You’ll get a plain ‘is alive’ results. If you need packets received and timing information, you have to add the option -s like thus –

user@tennis:/usr/sbin > ping -s pong

PING pong: 56 data bytes
64 bytes from pong (x.x.x.x): icmp_seq=0. time=0. ms
64 bytes from pong (x.x.x.x): icmp_seq=1. time=0. ms
64 bytes from pong (x.x.x.x): icmp_seq=2. time=2. ms
64 bytes from pong (x.x.x.x): icmp_seq=3. time=0. ms
64 bytes from pong (x.x.x.x): icmp_seq=4. time=0. ms
64 bytes from pong (x.x.x.x): icmp_seq=5. time=0. ms

----pong PING Statistics----
6 packets transmitted, 6 packets received, 0% packet loss
round-trip (ms) min/avg/max = 0/0/2

Funny Solaris trying not to conform with the rest of the *NIX community.

Enjoy!

Customizing the Bash Prompt 19 December 2010

Posted by Maulvi Bakar in : Linux,Unix,Work , add a comment

If you’re on Linux, most of the time the current existing bash prompt is fine. Other types of UNIX, in my case is Solaris, is somewhat spartan in appearance. You’ll either get a boring ‘$’ or ‘#’ or simply a display of version.

The table below are the various options available –

Personally, I just wanted to duplicate the bash prompt on Linux into Solaris. All I did was thus in the “/etc/profile” –

export PS1
PS1='[\u@\h:\w]\$ '

Remember to use single quotes ” ‘ ” rather than the double quotes. Otherwise the “\$” will not work.

Enjoy!

Howto: Disable GUI Desktop on Solaris 10

Posted by Maulvi Bakar in : Unix,Work , add a comment

My life seems to be centered around *NIX. After many false start, I am about to embark on a serious Solaris journey.

*NIX politics aside. I’ve formed judgment already, but I reserve publishing it at the moment. For the time being, enough said – it is a pure workplace choice.

# date;uname -a;uptime
Sun Dec 19 14:27:32 MYT 2010
SunOS solaris 5.10 Generic_142910-17 i86pc i386 i86pc
2:27pm up 25 min(s), 1 user, load average: 0.01, 0.11, 1.05

By default, Oracle Solaris 10 will start with Gnome/CDE GUI interface upon start-up. To disable GUI, especially if you intend to run a headless server, do this –

# /usr/dt/bin/dtconfig -d

To enable it again, simply –

# /usr/dt/bin/dtconfig -e

Enjoy!

HPUX Breaking Mirror and Extending LVM 2 June 2009

Posted by Maulvi Bakar in : Unix,Work , add a comment

I’m learning new things nowadays..  Particularly HPUX.  Not really my cup of tea since it not open-source but interesting enough though.

We had one machine with mirrored harddisks with one being faulty that needs removal.

Break mirror procedure..

1. Remove the mirror on the Logical Volume affected within the Volume Group
lvreduce -m 0 /dev/vg01/lvol1 /dev/dsk/c2t0d0
lvreduce -m 0 /dev/vg01/lvol2 /dev/dsk/c2t0d0

2. Now remove the Volume Group from the Physical Volume that is targeted for removal
vgreduce /dev/vg01 /dev/dsk/c2t0d0

3. Finally remove the Physical Volume from the Physical Disk
pvremove /dev/rdsk/c2t0d0
Please note the ‘r’.. ‘r’ stands for physical disk, while the one without is the physical volume..

Restore mirror procedure…

1. First, let’s verify things
ioscan -funC disk
pvdisplay /dev/dsk/c1t0d0        # get lvm info of existing disk.
pvdisplay /dev/dsk/c2t0d0        # get err, no lvm def on it, raw disk.

2. Now we create the Physical Volume within the Physical Disk and extend the Volume Group onto it.
pvcreate /dev/rdsk/c2t0d0        # add physical disk to be used by LVM
vgextend /dev/vg01 /dev/dsk/c2t0d0    # incorporate new disk to existing vg00

2a. If you’re recreating a bootable disk, the commands below must be used instead –

pvcreate -B /dev/rdsk/c2t0d0        # add physical disk to be used by LVM and make it bootable
vgextend /dev/vg01 /dev/dsk/c2t0d0    # incorporate new disk to existing vg00
mkboot -a "hpux -lq /stand/vmunix" /dev/dsk/c2t0d0     # install the bootloader

3. Check and verify!
strings /etc/lvmtab            # see new disk used by lvm

4. The next steps will actually perform the mirror, and it will fail if -m mirroring option is not activated with valid license
lvextend -m 1 /dev/vg01/lvol1 /dev/dsk/c2t0d0    # add mirror for lvol1
lvextend -m 1 /dev/vg01/lvol2 /dev/dsk/c2t0d0    # add mirror for lvol2

Enjoy!

Changing user’s file ownership across the board 25 December 2008

Posted by Maulvi Bakar in : Linux,Unix,Work , add a comment

The guys from the promised database lands had their systems acting funny.  After investigation, they found out that, their files was having the wrong group ownership.

There’s a total of 70,000 files involved.  Promised lands or not, manually changing 70,000 files (and folders) is not a good prospect.  Well, I could go through the individual sub-folders but I would need to work from the last in-depth sub-folders and work my way out.  Even that does not guarantee accuracy, since there might be sub-folders with multiple owners which I’m not suppose to touch.  When that happen, then I have to go through it manually looking at each files and folders individually – not good.

There has to be a short-cut.

I know I can locate all the files that needs to be changed it’s ownership by using the following commands –
find ./ -user someuser -group wronggroup -print

It’ll list all the relevant files and sub-folders. At first, maybe I’ll output it into a file, all the results. Manipulate the file into an executable. Append each lines with a “chgrp correctgroup” and have something like – “chgrp correctgroup ./to/the/path/of/the/file”.

I am smart, hey! 😉

Let’s prove that I can be smarter  😛

Vanity and pride are different things, though the words are often used synonymously. A person may be proud without being vain. Pride relates more to our opinion of ourselves; vanity, to what we would have others think of us.

Jane Austen

No, I’m just trying to figure out the best way of doing things.

“xargs -t <commands>”

xargs is a command of Unix and most Unix-like operating systems. It is useful when one wants to pass a large number of arguments to a command. Arbitrarily long lists of parameters can't be passed to a command, so xargs will break the list of arguments into sublists small enough to be acceptable.

xargs - build and execute command lines from standard input

The “-t” is for the verbose option. It’ll spew out the output of the commands being executed.

Basically, every time the output of the earlier “find”, it’ll append the extra commands specified and have it executed. Voila, no need to make a separate executable. My solution is thus –

find ./ -user someuser -group wronggroup -print | xargs -t chgrp correctgroup

Happy 4th Anniversary to myself  😉

Merry Christmas everyone!

Enjoy!

Linux NFS Server, AIX NFS Client 31 July 2008

Posted by Maulvi Bakar in : Linux,Unix,Work , 3 comments

Hmmm..

We have a Linux NFS machine to extend the AIX Server’s chronic acute harddisk space shortage syndrome. Somehow, AIX Client could not mount the shared NFS folder from the Linux Server.

Apparently, AIX uses high ports to establish the connectivity to NFS Server. Linux NFS Server requires low ports (below 1024). So, you have to force AIX to use those reserved ports to establish the connection.

nfso -o nfs_use_reserved_ports=1

Then, the normal ‘mount’ should work from AIX after the medicine 😛

Enjoy

unknown nfs status return value: -1 11 December 2007

Posted by Maulvi Bakar in : Linux,System,Unix,Work , 1 comment so far

I’m trying to mount an NFS export from an AIX machine to a Linux client.

Had encountered the above problem.  Apparently the NFS exports on AIX requires the client’s hostname and IP address within the /etc/hosts file.

Enjoy!

π