Wednesday, July 27, 2011

How to assign a password/encrypt a file?


bash-3.00$ uname -n

Solaris-VM-01

bash-3.00$ cat /etc/release

Solaris 10 5/09 s10x_u7wos_08 X86

Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.

Use is subject to license terms.

Assembled 30 March 2009

bash-3.00$ /usr/ucb/whoami

che

bash-3.00$ mkdir test

bash-3.00$ cd test/

bash-3.00$ pwd

/export/home/che/test


Whenever a file is created through ‘cat’, ‘touch’ commands and ‘vi’ editor (even with other editors) the format of the file is ascii text and hence the content of the file can be viewed htrough ‘cat’ command nor through editors like vi, gedit etc.

For eg:

bash-3.00$ vi file1

welcome to the world of Unix

~

:wq!

bash-3.00$ ls -l

total 2

-rw-r--r-- 1 che unix 29 Jul 26 12:40 file1

bash-3.00$ file file1

file1: ascii text

bash-3.00$ cat file1

welcome to the world of Unix


We can encrypt the file by the following:

bash-3.00$ vi -C test_file1

Enter key:

The DHCP server's configuration information is stored in the /etc/inet/dhcpsvc.conf file. This file is created when the configuration

commands are run and should never be edited manually. This file was the /etc/default/dhcp file prior to the Solaris 9 OS.

~

:wq!

bash-3.00$ file test_file1

test_file1: data


-C option prompts for password and the same has to be issued.


NOTE:

Now even the file is created through vi – editor, the format file is changed and remain in the format: data.

bash-3.00$ vi -x test_file2

Enter key:

The broadcast address for an interface is related to the netmask. If the netmask is changed, the boradcast address must also be changed to

reflect the new network. The simplest way to do this is to use the broadcast + argument to the ifconfig command.

~

:wq!

bash-3.00$ file test_file2

test_file2: data

-x option can also be used for the same purpose.

–x option prompts for password and the same has to be issued.


Once the file in encrypted by using –C and –x options respectively, the contents of the file cannot be viewed normally by the owner of the file and also by root user.

For eg:

bash-3.00$ cat test_file1

￿LO]$d|￿@oQH=￿ -￿￿65￿￿]￿￿￿>￿ZY{￿8￿￿￿￿￿￿￿￿n￿<" ￿￿￿￿￿￿￿1

￿￿2￿0b￿￿E1￿￿

_￿VF* ￿￿￿￿L<￿￿h1￿￿￿￿?￿￿￿￿￿D￿￿￿ ￿￿￿￿￿u­￿7z5;￿￿￿6￿L

m￿￿￿￿￿￿￿C￿}￿` ￿;Y%7￿￿*A￿￿￿

￿￿￿￿7￿￿￿ ￿z￿￿#￿V ￿￿4￿i ￿bash-3.00$

bash-3.00# cat test_file1

￿LO]$d|￿@oQH=￿ -￿￿65￿￿]￿￿￿>￿ZY{￿8￿￿￿￿￿￿￿￿n￿<" ￿￿￿￿￿￿￿1

￿￿2￿0b￿￿E1￿￿

_￿VF* ￿￿￿￿L<￿￿h1￿￿￿￿?￿￿￿￿￿D￿￿￿ ￿￿￿￿￿u­￿7z5;￿￿￿6￿L

m￿￿￿￿￿￿￿C￿}￿` ￿;Y%7￿￿*A￿￿￿

￿￿￿￿7￿￿￿ ￿z￿￿#￿V ￿￿4￿i ￿bash-3.00#

bash-3.00# vi test_file1

"test_file1" [Incomplete last line] 1 line, 257 characters (3 null)

\260LO]$d|\351@oQH=\357 -\336\27765\330\350]\264\225\323>\307ZY{\2118\305\237\352\235\345^V\253\320\317n\276^Y^E<"^U \306\305\261\223\317\313\2421^K\204\3252\3360b\210\253E1\213\203^L_\371VF^G*^T\204\203\220^O\357L<\244\245h1\357\330\201^V\325?\356\253\255\353\227D\227\202\364^Y

^H\270\346\365\233\344u^_\3507z5^Z^Y;\310\204\273^X6\347L^M^L\324^?^W\340^UD^M\313}\375\310\300^M\321V2\303K8^M\355\251\373\2379^Y\350\233\330\341x.[\273fX\355^A,\336\335\254\261\321\320hn\315\253`\252^C\255\224J\204\315\320\211\216\365\206^VX\317\217p^Mm\313\317\371\255\343\260\315C\313}^X\234`^U\221;Y%7\337\356*A\267\352\236^D\372\250^?^Z\326\2347\323\250\303^S\357z\255\276#\372V ^Y\330\3124\367i \270

:q!


We know, ‘strings’ command can be used to view the content of the file in the format : data.

For eg,

bash-3.00$ file /var/adm/wtmpx

/var/adm/wtmpx: data

bash-3.00$ strings /var/adm/wtmpx |more

system boot

run-level S

run-level S

run-level S

run-level 3

zsmon

PM10

.startd

co10

.startd

co10

0LOGIN

co10console

LOGIN

console

root

console

root

pts/3

:0.0

run-level 5

root

console

root

pts/3

(Output truncated)

But, whilst the files are encrypted even ‘strings’ command cannot display the desired output.

For eg:

bash-3.00$ strings test_file2

LO]!

bash-3.00$ strings test_file1

LO]$d|

@oQH=

Hence to view the contents of the file –C or –x option has the used through vi editor along with the encrypted key.


For eg:

bash-3.00# /usr/ucb/whoami

root

bash-3.00# uname -n

Solaris-VM-01

bash-3.00# vi -x test_file1

Enter key:

"test_file1" 2 lines, 257 characters

The DHCP server's configuration information is stored in the /etc/inet/dhcpsvc.conf file. This file is created when the configuration

commands are run and should never be nedited manually. This file was the /etc/default/dhcp file prior to the Solaris 9 OS.

:q!

It works...!!!

Posted by at 5 comments:

Wednesday, July 20, 2011

What is Minfree space?


File system minfree space:

1. The portion of a file system that is reserved and held back from users.

2. It is accessible by root.

3. On large file systems, the minfree is automatically determined so that disk space is not wasted.

4. A thumb rule is to use default 10% minfree value for file systems upto 1GB and then adjust the minfree value so that your minfree area is no larger than 100MB>

5. Note: As for performance, applications do not complain about the lower minfree value.


To view the minfree value of a slice:

# fstyp -v /dev/dsk/c0t12d0s0 | grep -i min

minfree 10% maxbpg 2048 optim time


To change the minfree value:

# tunefs -m 1 /dev/dsk/c0t12d0s0

minimum percentage of free space changes from 10% to 1%

In the same way, the minfree space can be increased.

Posted by at 1 comment:

How to assign a password to a group?


Let’s view the existing users and groups they belong to.
‘listusers’ display the existing users.

bash-3.00# listusers
castro
che
noaccess No Access User
nobody NFS Anonymous Access User
nobody4 SunOS 4.x NFS Anonymous Access User


“id –a” displays the user id and the groups, group id the user belong to.
bash-3.00# id -a castro
uid=101(castro) gid=101(solaris) groups=101(solaris)

bash-3.00# id -a che
uid=100(che) gid=100(unix) groups=100(unix)



From the above output, we found the user ‘che’ belong to the group ‘unix’ and the user ‘castro’ belongs to the group solaris.

User name -> Group name
Che -> unix
Castro -> solaris

Now we login as user ‘che’ create files, directories and view the permissions of those files & directories.


bash-3.00# su - che
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ pwd
/export/home/che
$ touch one two
$ mkdir three four
$ ls -l
total 12
drwxr-xr-x 2 che unix 512 Jul 19 14:33 four
-rw-r--r-- 1 che unix 136 Jul 6 12:15 local.cshrc
-rw-r--r-- 1 che unix 157 Jul 6 12:15 local.login
-rw-r--r-- 1 che unix 174 Jul 6 12:15 local.profile
-rw-r--r-- 1 che unix 0 Jul 19 14:33 one
drwxrwsrwx 7 che solaris 512 Jul 6 12:21 test
drwxr-xr-x 2 che unix 512 Jul 19 14:33 three
-rw-r--r-- 1 che unix 0 Jul 19 14:33 two



Now we login as user ‘castro’ create files, directories and view the permissions of those files & directories.


bash-3.00# su - castro
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ pwd
/export/home/castro
$ touch file1 file2
$ mkdir dir1 dir2
$ ls -l
total 10
drwxr-xr-x 2 castro solaris 512 Jul 19 14:34 dir1
drwxr-xr-x 2 castro solaris 512 Jul 19 14:34 dir2
-rw-r--r-- 1 castro solaris 0 Jul 19 14:34 file1
-rw-r--r-- 1 castro solaris 0 Jul 19 14:34 file2
-rw-r--r-- 1 castro solaris 136 Jul 6 12:15 local.cshrc
-rw-r--r-- 1 castro solaris 157 Jul 6 12:15 local.login
-rw-r--r-- 1 castro solaris 174 Jul 6 12:15 local.profile



Now as user ‘che’ let us try to append the file ‘/export/home/castro/file1’
bash-3.00# su - che
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
bash-3.00$ cat >> /export/home/castro/file1
bash: /export/home/castro/file1: Permission denied


But, the error was thrown, stating Permission denied.


Now, as user ‘castro’ let us change the permission of the file ‘file1’

bash-3.00# su - castro
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ chmod 774 file1
$ ls -l | grep file1
-rwxrwxr-- 1 castro solaris 0 Jul 19 14:34 file1



Now from the above output, we observe that the permission of the file1 is changed.
Now again as user ‘che’ let’s try updating the file ‘file1’.
bash-3.00# su - che
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
bash-3.00$ cat >> /export/home/castro/file1
bash: /export/home/castro/file1: Permission denied



Again the same error is thrown, since the user ‘che’ does not belong to the group ‘solaris’.
Hence we are left with the following option:
1. We can add the user to the group ‘soalris’.
2. We can provide complete permission 777 to the file ‘file1’.
3. Assign a password to a group, can share the same with the user ‘che’.
We choose the option 3.

Now let’s discuss the process of assigning password to a group.

bash-3.00# grep solaris /etc/group
solaris::101:


From the above output we found, no password is assigned to the group

We don’t have any command to assign a password to a group.
Hence,
1. We assign a password to a user.
2. Copy the encrypted password from the file /etc/shadow
3. Copy the same to the second file of the file /etc/group against the group ‘solaris’ and save.

bash-3.00# passwd che
New Password:
Re-enter new Password:
passwd: password successfully changed for che
bash-3.00# grep che /etc/shadow
che:D2pXcjc4IYtbg:15174::::::


Now copy the encrypted password of the user ‘che’ and paste the same to the second filed of the file /etc/group against the group ‘solaris’ and save.

bash-3.00# vi /etc/group
root::0:
other::1:root
bin::2:root,daemon
sys::3:root,bin,adm
adm::4:root,daemon
uucp::5:root
mail::6:root
tty::7:root,adm
lp::8:root,adm
nuucp::9:root
staff::10:
daemon::12:root
sysadmin::14:
smmsp::25:
gdm::50:
webservd::80:
postgres::90:
nobody::60001:
noaccess::60002:
nogroup::65534:
unix::100:
solaris: D2pXcjc4IYtbg:101::10:
:wq!
bash-3.00# grep solaris /etc/group
solaris:D2pXcjc4IYtbg:101:



Now as user ‘che’, we try login to the group ‘solaris’
‘newgrp” fulfill our need.
Whilst executing the command, it prompts for the password, now issue the password and try updating the file ‘file1’.

bash-3.00# su - che
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
bash-3.00$ newgrp solaris
newgrp: Password:
$ cat >> /export/home/castro/file1
welcome to the world of unix
have a great day
It work's
$


Now no error is thrown.

Let’s check whether the file is updated from the user ‘castro’ login –
bash-3.00# su - castro
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ cat file1
welcome to the world of unix
have a great day
It work's
$


The file is updated.



NOTE:
Where in Linux, we are provided with the command ‘gpasswd’ to assign password to a group.
[root@redhat5vm1 ~]# uname -a
Linux redhat5vm1 2.6.18-8.el5 #1 SMP Fri Jan 26 14:15:21 EST 2007 i686 i686 i386 GNU/Linux
[root@redhat5vm1 ~]# gpasswd solaris
Changing the password for group solaris
New Password:
Re-enter new password:
Posted by at 1 comment:

Saturday, July 9, 2011

Error: VxVM vxdg WARNING V-5-1-9668 CmdLog: write failed - No space left on device




Now our task is to increase size to two volumes mount06 and mount07 by 800 Mb each.
Even if we have enough space to the disk group ORADG, if we execute the command

# vxresize -g ORADG mount06 +800m
# vxresize -g ORADG mount07 +800m


VxVM vxresize WARNING V-5-1-9668 CmdLog: write failed - No space left on device
VxVM vxprint WARNING V-5-1-9668 CmdLog: write failed - No space left on device
VxVM vxassist WARNING V-5-1-9668 CmdLog: write failed - No space left on device


is thrown.


Will the size of the volumes can be increased!?

Yes. It can be since we have enough space left on the specified disk group.
Only the Volume Manager command cannot be logged due to insufficient space on /var file system.


root:Solrais-VM-box-1# df -F vxfs -h
Filesystem size used avail capacity Mounted on

/dev/vx/dsk/ORADG/mount01
10G 5G 5G 50% /Oradg/ mount01
/dev/vx/dsk/ORADG/u07
9.0G 8.9G 131M 99% /Oradg/ mount07
/dev/vx/dsk/ORADG/mount02
10G 5G 5G 50% /Oradg/mount02
/dev/vx/dsk/ORADG/mount04
10G 5G 5G 50% /Oradg/mount04
/dev/vx/dsk/ORADG/u06
9.0G 9.0G 37M 100% /Oradg/mount06
/dev/vx/dsk/ORADG/u03
10G 5G 5G 50% /Oradg/mount03

(Output truncated…)


root:Solrais-VM-box-1# vxdg list
VxVM vxdg WARNING V-5-1-9668 CmdLog: write failed - No space left on device
NAME STATE ID
ORADG enabled,cds 123456789.52


root:Solrais-VM-box-1# vxassist -g ORADG maxsize
VxVM vxassist WARNING V-5-1-9668 CmdLog: write failed - No space left on device
Maximum volume size: 3950592 (1929Mb)



root:Solrais-VM-box-1# vxdg -g ORADG free
VxVM vxdg WARNING V-5-1-9668 CmdLog: write failed - No space left on device
DISK DEVICE TAG OFFSET LENGTH FLAGS
SAN_DISK_1 san_disk_1 san_disk _313 1115805824 3949696 -
SAN_DISK_2 san_disk _2 san_disk _235 301891584 352 -
SAN_DISK_3 san_disk _3 san_disk _230 150896640 368 -
SAN_DIS _4 san_disk _4 san_disk _249 1119727616 1344 -




root:Solrais-VM-box-1# vxprint -hvt mount06
VxVM vxprint WARNING V-5-1-9668 CmdLog: write failed - No space left on device
Disk group: ORADG

V NAME RVG/VSET/CO KSTATE STATE LENGTH READPOL PREFPLEX UTYPE
PL NAME VOLUME KSTATE STATE LENGTH LAYOUT NCOL/WID MODE
SD NAME PLEX DISK DISKOFFS LENGTH [COL/]OFF DEVICE MODE
SV NAME PLEX VOLNAME NVOLLAYR LENGTH [COL/]OFF AM/NM MODE
SC NAME PLEX CACHE DISKOFFS LENGTH [COL/]OFF DEVICE MODE
DC NAME PARENTVOL LOGVOL
SP NAME SNAPVOL DCO
EX NAME ASSOC VC PERMS MODE STATE

v mount06 - ENABLED ACTIVE 18874368 SELECT - fsgen
pl mount06-01 mount06 ENABLED ACTIVE 18874368 CONCAT - RW
sd SAN_DISK_1 mount06-01 SAN_DISK_1 81788928 18874368 0 san_disk _230 ENA


root:Solrais-VM-box-1# vxprint -hvt mount07
VxVM vxprint WARNING V-5-1-9668 CmdLog: write failed - No space left on device
Disk group: ORADG

V NAME RVG/VSET/CO KSTATE STATE LENGTH READPOL PREFPLEX UTYPE
PL NAME VOLUME KSTATE STATE LENGTH LAYOUT NCOL/WID MODE
SD NAME PLEX DISK DISKOFFS LENGTH [COL/]OFF DEVICE MODE
SV NAME PLEX VOLNAME NVOLLAYR LENGTH [COL/]OFF AM/NM MODE
SC NAME PLEX CACHE DISKOFFS LENGTH [COL/]OFF DEVICE MODE
DC NAME PARENTVOL LOGVOL
SP NAME SNAPVOL DCO
EX NAME ASSOC VC PERMS MODE STATE

v mount07 - ENABLED ACTIVE 18874368 SELECT - fsgen
pl mount07-01 mount07 ENABLED ACTIVE 18874368 CONCAT - RW
sd SAN_DISK_2 mount07-01 SAN_DISK_2 100663296 18874368 0 san_disk _2 ENA







# vxresize -g ORADG mount06 +800m
root:Solrais-VM-box-1# vxresize -g ORADG mount06 +800m
VxVM vxresize WARNING V-5-1-9668 CmdLog: write failed - No space left on device
VxVM vxprint WARNING V-5-1-9668 CmdLog: write failed - No space left on device
VxVM vxassist WARNING V-5-1-9668 CmdLog: write failed - No space left on device


root:Solrais-VM-box-1# df -h -F vxfs
Filesystem size used avail capacity Mounted on

/dev/vx/dsk/ORADG/mount01
10G 5G 5G 50% /Oradg/mount01
/dev/vx/dsk/ORADG/mount07
9.0G 8.9G 131M 99% /Oradg/mount07
/dev/vx/dsk/ORADG/mount02
10G 5G 5G 50% /Oradg/mount02
/dev/vx/dsk/ORADG/mount04
10G 5G 5G 50% /Oradg/mount04
/dev/vx/dsk/ORADG/mount06
9.8G 9.0G 787M 93% /Oradg/mount06
/dev/vx/dsk/ORADG/mount03
10G 5G 5G 50% /Oradg/mount03

(Output truncated…)


# vxresize -g ORADG mount07 +800m
root:Solrais-VM-box-1# vxresize -g ORADG mount06 +800m
VxVM vxresize WARNING V-5-1-9668 CmdLog: write failed - No space left on device
VxVM vxprint WARNING V-5-1-9668 CmdLog: write failed - No space left on device
VxVM vxassist WARNING V-5-1-9668 CmdLog: write failed - No space left on device


# vxresize -g ORADG mount07 +800m

root:Solrais-VM-box-1# df -h -F vxfs
Filesystem size used avail capacity Mounted on

/dev/vx/dsk/ORADG/mount01
10G 5G 5G 50% /Oradg/mount01
/dev/vx/dsk/ORADG/mount07
9.8G 8.9G 881M 92% /Oradg/mount07
/dev/vx/dsk/ORADG/mount02
10G 5G 5G 50% /Oradg/mount02
/dev/vx/dsk/ORADG/mount04
10G 5G 5G 50% /Oradg/mount04
/dev/vx/dsk/ORADG/mount06
9.8G 9.0G 787M 93% /Oradg/mount06
/dev/vx/dsk/ORADG/mount03
10G 5G 5G 50% /Oradg/mount03

(Output truncated…)



Note: Image - Sun Fire 3500 Front Pane
Posted by at 4 comments:
Subscribe to: Posts (Atom)