DNS in rhel6/Centos6

DNS in rhel6

For configuring DNS in rhel6 follow these simple steps.

Step 1 : Install the appropiate packages for DNS

#yum install bind* -y

Step 2: Set the hostname temp and permanent.

#hostname mail.xyz.com

Step 3: Now open /etc/named.conf (this file is used to configure the the primary and slave zone area).

Step 4: Now write on line

listen on port 53 { 127.0.0.1; any; };

zone "xyz.com" IN {
type master;
file "xyz.f"; #used for forward file
};

// I am choosing IP of class c 192.168.0.10

zone "0.168.192.in-addr.arpa" IN {
type master;
file "xyz.r"; #for reverse file
};

Save this file and move for detail zone configration.

Step 5: Go to /var/named and copy named.* to /var/named/chroot/var/named. Now create a new file (xyz.f) and write these lines.

$TTL 86400 #this number is in seconds
@ IN SOA mail.xyz.com. root.mail.xyz.com. (
0123
86400
86400
86400
86400
)
@ IN NS mail.xyz.com.
mail.xyz.com. IN A 192.168.0.10

Step 6: Now create a new reverse file (xyz.r) and write this.

$TTL 86400 #this number is in seconds

@ IN SOA mail.xyz.com. root.mail.xyz.com. (
0123
86400
86400
86400
86400
)
@ IN NS mail.xyz.com.
mail.xyz.com. IN A 192.168.0.10
10 IN PTR mail.xyz.com.

Step 7: Now run some command to check your dns server is working or not.

#chgrp named /var/named/chroot/var/named/*

To provide the control to named user.

#service named restart
#chkconfig named on

#dig mail.xyz.com

if the answer section comes that means your dns is working fine and if not you must made an mistake.

Do edit your resolve.conf file to tell which dns server to check. Entry will be
nameserver <Ip where ur dns exist>

Note: Do check your selinux and firewall before use.

Disable PING (ICMP) Response On Linux System

Disable PING (ICMP) Response On Linux System

You can setup kernel variable to drop all ping packets. Type the following command at shell prompt:

[root@siddhesh ~]#echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all

This instructs the kernel to simply ignore all ping requests (ICMP type 0 messages).

[root@siddhesh ~]#echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all

This instructs the kernel to allow all ping requests from remote.

You can add following line to /etc/sysctl.conf file to make this changes permanently.

[root@siddhesh ~]#vi /etc/sysctl.conf
net.ipv4.icmp_echo_ignore_all = 1

Enable user authentication for single user mode

Enable user authentication for single user mode

By default you will be automatically logged in to single user mode as root, this can be security risk so better to enable a user login add the single user mode.
RHEL/CentOS & most of the unix OS allows access from the console into single user mode without a password. This is handy when things get messed up preventing access to the auth subsystems. To accomplish the same behavior under Ubuntu, edit the /etc/inittab file and change the line.

Step 1 : Edit /etc/inittab file
[root@siddhesh ~]# vi /etc/inittab


Step 2 : Add following entry at end of the file
sum:S:wait:/sbin/sulogin


Step 3 : Save & Exit this file.


Try booting your machine in level 1 to check this security feature.

SARG

SARG

SARG – Squid Analysis Report Generator Configuration is a tool that allow you to view “where” your users are going to on the Internet. SARG provides many information about Squid users activities like, times, bytes, sites, etc…

Download latest version of SARG from here. 
# wget http://downloads.sourceforge.net/project/sarg/sarg/sarg-2.3.1/sarg-2.3.1.tar.gz?r=http%3A%2F%2Fsarg.sourceforge.net%2Fsarg.php&ts=1291380140&use_mirror=biznetnetworks

You need to update sarg.conf for your proxy logs details. 
# vim /usr/local/sarg/sarg.conf

You can generate sarg report just by running command sarg on shell. Once successfully completion of command you will be able to view squid reports using your web browser.

Now open http://192.168.100.101/squid-reports/ (192.168.100.101 is squid proxy server) in your browser.

You can write bash script to generate reports & trunk old access.log to avoid regenerating old data. And to get data date-wise.

DHCP Server Configuration on Linux

DHCP Server Configuration on Linux 
The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol used on IP networks. Computers that are connected to IP networks must be configured before they can communicate with other computers on the network. DHCP allows a computer to be configured automatically, eliminating the need for intervention by a network administrator. It also provides a central database for keeping track of computers that have been connected to the network. This prevents two computers from accidentally being configured with the same IP address.
Install dhcp server,
# yum install dhcp* -y

copy sample configuration file & make suitable changes for your network.
# cp /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample /etc/dhcpd.conf
# cat /etc/dhcpd.conf

ddns-update-style interim;
ignore client-updates;
subnet 192.168.100.0 netmask 255.255.255.0
{
# — default gateway
option routers 192.168.100.1;
option subnet-mask 255.255.255.0;
option nis-domain "LinuxArticles.org";
option domain-name “LinuxArticles.org”;
option domain-name-servers 192.168.100.1;
option time-offset -18000; # Eastern Standard Time
#option ntp-servers 192.168.100.1;
# option netbios-name-servers 192.168.100.1;>br>
# — Selects point-to-point node (default is hybrid). Don’t change this unless
# — you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 192.168.100.10 192.168.100.254;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
host ns
{
next-server server1.linuxarticles.org;
hardware ethernet 11:3A:46:78:AB:CD;
fixed-address 122.169.104.71;
}
}

Finally Save and exit the file and restart dhcp service.
# service dhcpd start

set up sendmail server in AIX

Here is how I have set up sendmail to a notes server - it takes you step by step:

Ensure that ‘sendmail’ is running on the system:

    Run both commands:

    lssrc –s sendmail

    ps –ef |grep sendmail

- If ‘sendmail’ is not running start via:

startsrc -s sendmail -a "-bd -q30m"

- Ensure that ‘sendmail’ is running:

ps –ef |grep sendmail

This should echo:

root  5704     1   0 11:08:42      -  0:00 sendmail: accepting connections on port 25

- Ensure that the ‘sendmail’ daemon is started on reboot, comment in the ‘sendmail’ startup line in ‘/etc/rc.tcpip’

vi /etc/rc.tcpip

Comment in the following line:

start /usr/lib/sendmail "$src_running" "-bd -q${qpi}"

- Create an ‘/etc/netsvc.conf’ file, this is to tell sendmail to use ‘/etc/hosts’ for name resolution not DNS (default):

vi /etc/netsvc.conf

Add the following:

hosts=local,bind4

- Change the permissions on the ‘/etc/netsvc.conf’ file to lock down root only access:

chmod 600 /etc/netsvc.conf

- Add into the ‘/etc/hosts’ file the IP address and hostname of the Lotus Notes server. If you wish to check the hostname of the server use telnet to connect to port 25 of the server:

telnet <IP address of Lotus Notes server> 25

N.B. Type: quit to close the session

Add the IP and hostname into ‘/etc/hosts’:

vi /etc/hosts

-    Copy away the original ‘/etc/sendmail.cf’ file

cp /etc/sendmail.cf /etc/sendmail.cf.orig

- Edit the ‘/etc/sendmail.cf’ and make the following changes:

Vi /etc/sendmail.cf

Change:

#DwYourHostName

To:

Dw<hostname of local server>

Change:

# "Smart" relay host (may be null)
# Relay host to forward outgoing mail not in the local domain to.
# To forward ALL mail to this relay host, uncomment the appropriate
# rule in ruleset 0, as indicated by the ruleset's comments.
#DSmailer:relayhostname
DS

To:

# "Smart" relay host (may be null)
# Relay host to forward outgoing mail not in the local domain to.
# To forward ALL mail to this relay host, uncomment the appropriate
# rule in ruleset 0, as indicated by the ruleset's comments.
#DSmailer:relayhostname
DS<hostname of Lotus Notes Server>
    
Save the file.
 
- Refresh the ‘sendmail’ daemon to pick up the new changes to the ‘/etc/sendmail.cf’ file

refresh –s sendmail

It will take a few minutes for the ‘ps’ process to return:

root  5704     1   0 11:08:42      -  0:00 sendmail: accepting connections on port 25

    In the interim period the following will be displayed via ‘ps’:
    
root  5704     1   0 11:08:42      -  0:00 /usr/lib/sendmail –bd –q30

-    If there is only one recipient per mail the configuration is complete, test via:

echo “test” |sendmail –v <email address of recipient>

i.e.

echo “test” |sendmail –v paulsharpe-deacon@hsbc.com

N.B. Any non local mail is sent to the relayhost i.e. the notes server for processing.

- If there is more than one recipient per mail, configure a ‘sendmail’ alias:

-    Configure the ‘/etc/aliases’ file with the e-mail addresses of all recipients of the e-mail:

vi /etc/aliases

TEST:paul@hsbc.com,steve@hsbc.com

- Get the ‘sendmail’ daemon to re-read the ‘/etc/aliases’ file:

sendmail –bi  

- Now test the handshaking between the server and the Lotus Notes server:

echo “test” |sendmail –v <alias name>@<hostname of local machine>

i.e.

echo “test” |sendmail –v TEST@notesserver

VSFTPD – Creating Virtual Users on Linux

VSFTPD – Creating Virtual Users on Linux 

Virtual Users means, there is no need to create system users or physical user accounts, users can be maintained using htpasswd. Using virtual users, they can get access to same ftp files via Apache.

Download and Install pam-pam_pwdfile from here.

# wget ftp://ftp.pbone.net/mirror/ftp.pld-linux.org/dists/2.0/PLD/i386/PLD/RPMS/pam-pam_pwdfile-0.99-2.i386.rpm

# rpm -ivh pam-pam_pwdfile-0.99-2.i386.rpm

Now, append following lines to /etc/pam.d/vsftpd.pwd.

# vim /etc/pam.d/vsftpd.pwd

auth required pam_listfile.so item = user sense = deny file = /etc/vsftpd/ftpusers onerr = succeed

auth required pam_pwdfile.so pwdfile /etc/vsftpd/vsftpd_pwdfile

# pam_pwdfile doesn’t come with account, so we just permit, on success:

account required pam_permit.so

Save and exit the file.

Now configure FTP configuration file,

# vim /etc/vsftpd/vsftpd.conf

# we’re running standalone

listen = YES

# enable virtual users:

anonymous_enable = NO

local_enable = YES

guest_enable = YES

# Where the accounts are located..

guest_username = ftp

user_sub_token = $USER

local_root = /home/LinuxFTP/store/$USER

chroot_local_user = YES

# allow writing

write_enable = YES

local_umask = 022

virtual_use_local_privs = YES

# some general options

dirmessage_enable = YES

hide_ids = YES

connect_from_port_20 = YES

# here we define OUR pam config [see above]

pam_service_name = vsftpd.pwd

# more verbose logging

xferlog_enable = YES

log_ftp_protocol = YES

setproctitle_enable = YES

#banner

ftpd_banner = “Welcome to LinuxArticles.org.”

Save and exit the file.

Restart FTP service and make it available across reboot.

# service vsftpd restart ; chkconfig vsftpd on

Finally, create new password file & user.

# htpasswd -c -b /etc/vsftpd/vsftpd_pwdfile username password

Extract A File From RPM

Extract A File From RPM 

RPM is a powerful Package Manager, which can be used to build, install, query, verify, update, and erase individual software packages. A package consists of an archive of files and meta-data used to install and erase the archive files. The meta-data includes helper scripts, file attributes, and descriptive information about the package. Packages come in two varieties: binary packages, used to encapsulate software to be installed, and source packages, containing the source code and recipe necessary to produce binary packages.

Sometimes we need a particular file from rpm. To get it, we have to install that rpm. But using this Article, you might not install rpm to get particular file.

By mistake I have deleted /sbin/poweroff file from system. Now we need to find out which rpm contains /sbin/poweroff

# yum whatprovides /sbin/poweroff

systemd-sysvinit-10-2.fc14.1.i686 contains /sbin/poweroff in Fedora 14.

Now, if you try to install that package using yum, we will get “Package systemd-sysvinit-10-2.fc14.1.i686 already installed and latest version”.

To restore /sbin/poweroff, all we need is systemd-sysvinit-10-2.fc14.1.i686.rpm and rpm2cpio, this is bundled with rpm-x.x.x…i386.rpm.

# rpm -ql rpm | grep rpm2cpio

/usr/bin/rpm2cpio

/usr/lib/rpm/rpm2cpio.sh

/usr/share/man/ja/man8/rpm2cpio.8.gz

/usr/share/man/ko/man8/rpm2cpio.8.gz

/usr/share/man/man8/rpm2cpio.8.gz

/usr/share/man/pl/man8/rpm2cpio.8.gz

/usr/share/man/ru/man8/rpm2cpio.8.gz

# rpm2cpio systemd-sysvinit-10-2.fc14.1.i686.rpm | cpio -idmv

# cp sbin/poweroff /sbin/

Note: There is another way to install systemd-sysvinit-10-2.fc14.1.i686.rpm by forcefully installing it.

# rpm -ivh systemd-sysvinit-10-2.fc14.1.i686.rpm –force

MySQL – Basic Commands To Know

MySQL – Basic Commands To Know 

MySQL is a simple SQL shell (with GNU read line capabilities). It supports interactive and non interactive use. When used interactively, query results are presented in an ASCII-table format. When used non interactively (for example, as a filter), the result is presented in tab-separated format. The output format can be changed using command options.

After Installation of MySQL on Linux System, start it by,

# /etc/init.d/mysql restart or # service mysqld start

Default MySQL configuration file my.cnf is located in /etc/ or in /etc/mysql..

# cat /etc/my.cnf

Generally, root user of MySQL does not have password. To assign password,

# mysqladmin -u root password “LinuxArticles#123″

To login to your MySQL database you need to specify the username, “-p” will ask you the password

# mysql -u root -p

After successfully login, you will be in mysql command line interface.

mysql>

Before starting any project or after fresh installation, we required to create database to store data.

mysql> create database LinuxArticles.org;

After creating databases, list all by,

mysql> show databases;

To use particular database from above list,

mysql> use LinuxArticles.org;

To list all tables of selected DB,

mysql> show tables;

For some reason, if you want to delete created database,

mysql> drop database LinuxArticles.org;

To delete Table from selected Database,

mysql> drop database Table_Name;

Create a new User for Database and grant permission,

mysql> grant all on LinuxArticles.org.* to linuxart@localhost identified by ‘UserPassword@123′;

To take MySQL Database backup,

# mysqldump -u linuxart -p LinuxArticles.org > Backup_File.sql

For some reason, to restore a MySQL Database backup,

# mysql -u linuxart -p LinuxArticles.org < Backup_File.sql

mysqladmin – To change root password

mysqladmin – To change root password 
To setup root password for first time, use mysqladmin command at shell prompt as follows:

# mysqladmin -u root password NEWPASSWORD

However, if you want to change (or update) a root password, then you need to use the following command:

# mysqladmin -u root -p’OLDPASSWORD’ password NEWPASSWORD

For example, If the old password is xyz123, you can set the new password to 123456, enter:

# mysqladmin -u root -p’xyz123′ password ’123456′

Recover MySQL root Password

Recover MySQL root Password 

Do you lost or forgot mysql root password ? No problem…! You can recover MySQL database server password with following steps.

First Stop mysql service.

# /etc/init.d/mysqld stop

Start MySQL server without password:

# mysqld_safe – -skip-grant-tables &

Connect to mysql server using mysql client:

# mysql -u root

Setup new MySQL root user password

mysql> use mysql;
mysql> update user set password=PASSWORD(“NEW-PASSWORD”) where User=’root’;
mysql> flush privileges;
mysql> quit

Finally restart MySQL Server and test it.

# /etc/init.d/mysqld restart

# mysql -u root -p

Disable PING response in Linux

Disable PING response in Linux

Ping is used to check how many systems are up. Most of the hackers are using ping for finding the hackable machine. The hacking chances can be reduced by turning off ping response.

For RHEL/Cent OS/Fedora Linux, open terminal as a root and execute,

# sysctl -a | grep icmp

net.netfilter.nf_conntrack_icmp_timeout = 30
net.ipv4.icmp_echo_ignore_all = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1 

net.ipv4.icmp_errors_use_inbound_ifaddr = 0
net.ipv4.icmp_ratelimit = 1000
net.ipv4.icmp_ratemask = 6168
net.ipv6.icmp.ratelimit = 1000

To turn off ping, net.ipv4.icmp_echo_ignore_all = 0 is useful.

# sysctl -w net.ipv4.icmp_echo_ignore_all=1

Now try to ping your system from another system. It will not work. To enable it again,

# sysctl -w net.ipv4.icmp_echo_ignore_all=0

For Ubuntu, ping can be disable by adding following line to /etc/init.d/networking

# echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all

to re-enable

# echo 0 >/proc/sys/net/ipv4/icmp_echo_ignore_all

Note: This is not permanent, to make it permanent, add to /etc/sysctl.conf.

# vim /etc/sysctl.conf

net.ipv4.icmp_echo_ignore_all=1

Or

net.ipv4.icmp_echo_ignore_all=0 

Commands never to forget by AIX admin.

Commands never to forget by AIX admin.

To apply a TL while you are doing clonning

# alt_disk_copy -I acNgXY -P all -b update_all -l /fixpackfs/AIX_fix_packs/5300-08-10-1015 -d hdisk1


smitty alt_mksysb To run an alternate mksysb
smitty alt_clone To run an alternate rootvg on disk


# alt_disk_copy -d hdisk1 To clone a rootvg on hdisk1
# alt_disk_copy -e /etc/exclude.rootvg -d hdisk1 To clone a rootvg on hdisk1 with exclude some of the files
# alt_rootvg_op -X altinst_rootvg To de-clone a rootvg
# alt_rootvg_op -q -d hdisk0 To determine the boot disk for a volume group with multiple PV
# alt_rootvg_op -v alt_disk_530 -d hdisk2 To modify an alt_disk_install volume group name
# alt_rootvg_op -W -d hdisk0 To "wake up" an original rootvg after booting from the new alternate disk
# alt_rootvg_op -S -t To "put to sleep" a volume group that had experienced a "wake-up"
# alt_rootvg_op -d "hdisk3 hdisk4" -b update_all -l /updates To update the alternate rootvg to the latest fileset levels available in /updates and install them into the alternate root volume group


To create a bff image# gencopy -X -b "-qv" -d /fixpackfs/AIX_fix_packs/5300-09-00-0846 -t /usr/sys/inst.images -f File 2>&1
OR
smitty bffcreate


# lslpp –l To see what maintenance level your filesets
# lslpp –f To list the individual files that are installed with a particular fileset
# lslpp -h bos.sysmgt.trace To list the installation and update history of filesets
# instfix -T -d /dev/cd0 To list fixes that are on a CD-ROM
# instfix -ik IY73748 To determine if APAR IX75893 is installed
# instfix -aik IY73748 To examine information about APAR IX75893 and what it does
# instfix -i | grep ML To list what maintenance levels have been installed
# instfix -k IY73748 -d /dev/cd0 To install APAR IY73748 from /dev/cd0


smitty show_apar_stat Show the apar statistic
smitty update_by_fix. To install the fixes using SMIT
smitty update_all To install all new fixes that are available from IBM


smitty assist To call the Configuration Assistant
smitty alt_install To create alternate installation disk
smitty alt_clone To clone your rootvg to a new disk
smitty alt_mksysb To create the alternate mksysb system




# lppchk -c X11.adt.include Check to ensure all fileset are installed correctly

# lppchk -l X11.adt.include Verifies the symbolic link for filesets
# lppchk –v How to verify if all filesets are correctly installed
# mkitab "xcmd:2:respawn:find / -type f > /dev/null 2>&1" Add a record named xcmd on the /etc/inittab
# lsitab xcmd Show the new record with the lsitab
# rmitab xcmd To delete this record from the /etc/inittab file
# chitab "xcmd:2:once:find / -type f > /dev/null 2>&1" Change the action field on the record xcmd from respawn to once


# bootlist -m normal –o To display a boot list
# bootlist -m normal cd0 hdisk0 To make changes to your normal boot list
# bootlist -m normal -f filename To make changes to your normal boot list using file


# cat /etc/.init.state Identifying the current run level


# odmget -q "type LIKE lv*" PdDv To interrogate ODM PdDv class about all objects
# odmget lpp|head -30 To interrogate the lpp class


Configuration Commands

# mknfs –N To start the NFS daemons immediately
#startsrc -g nfs System Resource Controller to start


smitty mknfsexp To export the directory
smitty rmnfsexp Un-export an NFS directory
smitty mknfsmnt To establish predefined mounts through SMIT
smitty chnfsexp Changing an exported file system


# showmount -e It shows what is exported by current server
# showmount -e servername It shows what is exported by servername
# /usr/sbin/exportfs –a Tells the kernel to reread the exportfs file, that have edited
# exportfs -i /dirname Exporting an NFS directory temporarily
# exportfs -u /dirname Un-export the file system on the server
# umount /backup To unmount an explicitly or automatically mounted NFS


# cat /etc/netsvc.conf The default hostname resolution order specification


smit mkroute To add a route to the private network through the gateway
smit mktcpip To change or set IP addresses


# lsdev -Cc if To identify network interfaces on your server
# ifconfig –a To identify all network interfaces configured on your server
# ifconfig Interface To get information about one specific network interface
# ifconfig tr0 up To activate a network interface using ifconfig
# ifconfig tr0 10.1.2.3 netmask 255.255.255.0 up To activate a network interface and assign IP and netmask
# ifconfig Interface down To deactivate an interface
# ifconfig tr0 delete To delete the network address from tr0
# ifconfig tr0 detach To remove the interface tr0 from the network interface list
# ifconfig tr0 10.1.2.3 mask 255.255.255.0 alias To bind the IP address of 10.1.2.3 to tr0 as a alias
# ifconfig tr0 10.1.2.3 mask 255.255.255.0 delete When this alias is no longer required, you can remove it
# ifconfig en0 mtu 2000 To change the MTU size of tr1


Adding network adapter# lscfg |grep -i adapter network adapters on your system
# lsdev -Cc if interfaces are already on the system
Shut down and power off the system
Physically install the new network adapter
Power on the system in normal mode
# cfgmgr


Removing network adapter# ifconfig Interface down Deactivate all network interface definitions for the network adapter
# ifconfig Interface detach Remove (detach) all network interface definitions
# rmdev -l Interface –d Delete the network interface definitions
# rmdev -l Adapter –d Delete the network adapter definition
# shutdown -F now Shutdown the system
Physically remove the network adapter
Power on the system


Smitty chgenet To change the media speed for an Ethernet adapter


# pg /etc/swapspaces All paging related information is listed in this file
# lsps –a To display all info about paging space
# lsps –s To see the total paging space used by system
# chps -s 3 hd6 To increase the size of hd6
# chps -d 1 hd6 To decrease the size of hd6
# migratepv -l hd6 hdisk0 hdisk1 To move the default (hd6) paging space from hdisk0 to hdisk1
# swapoff DeviceName To deactivate paging space
# swapon DeviceName To activate the paging space
# rmps paging03 To removed paging space


Reducing the size of hd6 paging space: this is applicable only on below version 5L# mkps -a -n -s 30 rootvg hdisk0 Create a temporary paging space on rootvg
# chps -a n hd6 to deactivate the hd6 paging spaces


Change the paging space entry in the /sbin/rc.boot from swapon /dev/hd6 to swapon /dev/paging00


# sysdumpdev –l to check the primary dump device designation
# sysdumpdev -P -p /dev/paging00 change it to some other paging space
# bosboot -d /dev/hdisk0 –a Create a bootable image with the bosbootcommand
# shutdown –r shutdown the operating system and reboot
# rmps hd6 After the system reboots, remove the hd6 paging space
# mklv -t paging -y hd6 rootvg 30 Create a new paging space LV of the size 120 MB for the hd6
# sysdumpdev -P -p /dev/hd6 Change the primary dump device designation


Change the paging space entry in the /sbin/rc.boot file from swapon /dev/paging00 to swapon /dev/hd6


# bosboot -d /dev/hdisk0 –a Create a bootable image with the bosbootcommand
# chps -a y hd6 to make the new hd6 paging space automatically activate when reboot
# shutdown –r Reboot the system
# rmps paging00 After the system reboots, remove the temporary paging space


# lsdev -P –H To list all devices in the Predefined Devices object class
# lsdev -C –H To list all the devices in the Customized Devices object class
# lsdev -C -c adapter -S a To list the adapters that are in the Available state
# lsdev -P -r class To list all the classes of supported devices on your system
# lsdev -C -c disk To show the disk drives on your system


# lscfg To display the system configuration
# lscfg -v -p -l rmt0 To display the VPD for about rmt0
# lscfg -v -p -l ent2 To obtain the physical location and firmware version of eth0


# lsattr -l rmt0 –D To list the default attribute values for the tape device rmt0
# lsattr -l rmt0 -E To list the current attribute values for the tape device rmt0
# lsattr -l scsi0 -a bus_intr_lvl –E To list the current value of the bus_intr_lvl attribute
# lsattr -l scsi0 -a bus_intr_lvl –D To list the default value of the bus_intr_lvl attribute


# chdev -l ent0 -a media_speed=100_Full_Duplex -P Change the media_speed forcefully to 100_Full_Duplex
# chdev -l ent0 -a media_speed=Auto_Negotiation Change to auto negotiate for speed duplex


# mkdev -l rmt0 To make the predefined rmt0 tape device available to use


# rmdev -l rmt0 To make available rmt0 to defined state
# rmdev -dl rmt0 To unload the device configuration from the ODM
# chdev -l rmt0 -a attr=value To change the attribute of the rmt0 device

smitty devices Smit screen to configure devices
smitty chdev Smit screen to change device attribute
smitty rmdev Smit screen to remove the device configuration from ODM


# lssrc -a List all services and their status
# startsrc -g Start network service group
# startsrc -s Start network service subsystem
# stopsrc -g Stop network service group


# /usr/lib/errdemon To start the error daemon
# /usr/lib/errdemon –l To determine the path to your system's error log file
# /usr/lib/errdemon -s 2000000 To change the maximum size of the error log file
# /usr/lib/errdemon -B 16384 To change the size of the error log device driver's


# errpt To display a complete summary report of the errors
# errpt –a To display a detailed report of all the errors encountered
# errpt -a -j E19E094F To display a detailed report of all errors logged error identifier E19E094F
# errpt -a -s 0828093001 Displaying the errors by time reference
# errlogger Testing use of errlogger command To log operator messages to the system error log
# errclear 0 Deletes all entries from the error log
# errclear -d S 0 To delete all entries in the error log classified as software errors
# errinstall Installs messages in the error logging message sets
# errupdate Updates the Error Record Template repository


# bindprocessor –q Query the available processors
# smtctl -m off -w now To turn off simultaneous multithreading immediately
# smtctl -m on -w boot To turn on simultaneous multithreading after the next reboot


# chdev -l hdisk7 -a pv=yes Assigning a PVID to a physical volume
# chdev -l hdisk7 -a pv=clear Clears the PVID from the physical volume


Reconfiguring a system from a 32-bit to a 64-bit kernel
To identify the type of system hardware you have, either 32-bit or 64-bit, execute the bootinfo -ycommand. If the command returns a 32, you cannot use the 64-bit kernel.64-bit kernel information stored in the /usr/lib/boot.
unix_mp 32-bit kernel for multiprocessor systems
unix_64 64-bit kernel for 64-bit processor systems


# ln -sf /usr/lib/boot/unix_64 /unix
# ln -sf /usr/lib/boot/unix_64 /usr/lib/boot/unix
# bosboot -ad /dev/ipldevice
bosboot: Boot image is 23137 512 byte blocks.
# shutdown -r
# ls -al /unix
lrwxrwxrwx 1 root system 21 Nov 11 11:30 /unix -> /usr/lib/boot/unix_64


Logical Volume Management Commands

# lspv hdisk2 To display detailed information about a physical volume
# lspv -l hdisk0 To display the names of all the lv that have at least one partition on pv
# lspv -p hdisk0 To display the allocation of PPs to logical volumes
# lspv -M hdisk0|more To display the layout of a physical volume
# chpv -an hdisk2 Disabled the ability to allocate new free physical partitions
# chpv -ay hdisk2 To turn on the allocation permission
# chpv -vr hdisk3 Makes hdisk3 unavailable
# chpv -va hdisk3 Makes hdisk3 available again
# chpv -c hdisk1 To clear the boot record located on physical volume hdisk1
# chpv -hy hdisk3 To define hdisk3 as a hot spare
#chpv -hn hdisk3 To remove hdisk3 from the hot spare pool
# migratepv hdisk1 hdisk5 Migrates the data from hdisk1 to hdisk5
# migratelp testlv/1/2 hdisk5/123 Migrates the data from the second copy of the logical partition number 1 of logical volume to hdisk5 on physical partition 123.
# lquerypv -M hdisk0 To find the LTG size for a physical disk


# lsvg To display all volume groups known to a system
# lsvg –o To display all active volume groups
# mkvg -y vg1 -s64 -V99 hdisk4 Creating an original volume group
# mkvg -B -y vg2 -s 128 -f -n -V 101 hdisk6 Creating a big volume group
# mkvg -S -y testvg -s 1 -f hdisk3 hdisk4 hdisk5 Creating a scalable volume group
# lsvg testvg To display details about a specific volume group
# lsvg -l rootvg To display logical volumes contained in a volume group
# lsvg -p test1vg To display all physical volumes contained in a volume group
# chvg -ay newvg Testvg to be activated automatically the next time the system is restarted
# chvg -an newvg Not be activated automatically next time the system is restarted
# chvg -Qn testvg To turn off the quorum
# chvg -Qy testvg To turn on the quorum
# chvg -hn test1vg Changes the hot spare policy of the volume group
# chvg -sy test1vg Changing synchronization policy of a volume group
# chvg -hy test1vg Changes the hot spare policy of the volume group
# chvg -hn test1vg Changes the hot spare policy of the volume group to no
# chvg -t 16 testvg Change the maximum number of physical partitions per physical volume
# chvg -G db2vg Changing a volume group format
# chvg -L 128 testvg Change the LTG size for the testvg volume group
# chvg -P 2048 testvg Changing the maximum number of physical partitions
# chvg -v 4096 testvg Changing the maximum number of logical volumes
# chvg –u Remove the lock of volume group
# extendvg test1vg hdisk7 Extend a volume group with hdisk7
# extendvg -f test1vg hdisk4 Extend a volume group with hdisk4 forcefully
# reducevg testvg hdisk7 Reduce volume group with hdisk7
# reducevg -d testvg hdisk7 Reduce volume group with hdisk7 forcefully
# synclvodm testvg To synchronize ODM to contain the latest LVM information for VG
# exportvg testvg To export the volume group testvg
# importvg -y testvg hdisk7 Import volume group testvg using hdisk7
# varyoffvg testvg Varyoff volume group
# varyonvg testvg Varyon volume group
# syncvg -p hdisk4 hdisk5 To synchronize the copies located on pv hdisk4 and hdisk5
# syncvg -v testvg To synchronize the all physical partitions from volume group testvg
# mirrorvg rootvg To mirror a rootvg on another disk


Mirroring a rootvg

# bootinfo –s hdisk1 To check the size of disk
# bootinfo –s hdisk0 To check the size of disk
# extendvg rootvg hdisk1 To add a new disk to rootvg
# Mirrorvg rootvg hdisk1 To mirror a rootvg on hdisk1
# bosboot –ad /dev/hdisk1 To create boot logical volume on hdisk1
# bootlist –m normal hdisk0 hdisk1 To set the bootlist


# splitvg -y newvg -c 1 test1vg To split a volume group
# joinvg test1vg To rejoin the two copies of the volume group test1vg


# lslv lv1 To display details about a specific logical volume
# lslv -l lv1 Displays a LV on which disk and In Band policies
# lslv -m lv1 To display LPs and PPs number
# mklv -y lv3 -t jfs2 -a im test1vg 10 hdisk5 Create a logical volume
# extendlv lv05 3 Extend a logical volume with 3 PP
# rmlv lv7 Remove a logical volume
# rmlv -f lv1 Remove a logical volume without confirming
# chlv -x 1000 lv1 Sets the maximum number of logical partitions allocated to LV


# cplv -v dumpvg -y lv8 lv1 To copy LV lv1 to the dumpvg volume group under the name of lv8
# mklvcopy -k lv1 3 hdisk7 & To create and synchronize extra copies of logical partitions
# splitlvcopy -y copylv testlv 2
# rmlvcopy testlv 2 hdisk6

HACMP interview questions

HACMP interview questions

a. What characters should a hostname contain for HACMP configuration?
The hostname cannot have following characters: -, _, * or other special characters.

b. Can Service IP and Boot IP be in same subnet?
No. The service IP address and Boot IP address cannot be in same subnet. This is the basic requirement for HACMP cluster configuration. The verification process does not allow the IP addresses to be in same subnet and cluster will not start.

c. Can multiple Service IP addresses be configured on single Ethernet cards?
Yes. Using SMIT menu, it can be configured to have multiple Service IP addresses running on single Ethernet card. It only requires selecting same network name for specific Service IP addresses in SMIT menu.

d. What happens when a NIC having Service IP goes down?
When a NIC card running the Service IP address goes down, the HACMP detects the failure and fails over the service IP address to available standby NIC on same node or to another node in the cluster.

e. Can Multiple Oracle Database instances be configured on single node of HACMP cluster?
Yes. Multiple Database instances can be configured on single node of HACMP cluster. For this one needs to have separate Service IP addresses over which the listeners for every Oracle Database will run. Hence one can have separate Resource groups which will own each Oracle instance. This configuration will be useful if there is a failure of single Oracle Database instance on one node to be failed over to another node without disturbing other running Oracle instances.

f. Can HACMP be configured in Active - Passive configuration?
Yes. For Active - In Passive cluster configuration, do not configure any Service IP on the passive node. Also for all the resource groups on the Active node please specify the passive node as the next node in the priority to take over in the event of failure of active node.

g. Can file system mounted over NFS protocol be used for Disk Heartbeat?
No. The Volume mounted over NFS protocol is a file system for AIX, and since disk device is required for Enhanced concurrent capable volume group for disk heartbeat the NFS file system cannot be used for configuring the disk heartbeat. One needs to provide disk device to AIX hosts over FCP or iSCSI protocol.

h. Which are the HACMP log files available for troubleshooting?

Following are log files which can be used for troubleshooting:
1. /var/hacmp/clverify/current//* contains logs from current execution of cluster verification.
2. /var/hacmp/clverify/pass//* contains logs from the last time verification passed.
3. /var/hacmp/clverify/fail//* contains logs from the last time verification failed.
4. /tmp/hacmp.out file records the output generated by the event scripts of HACMP as they execute.
5. /tmp/clstmgr.debug file contains time-stamped messages generated by HACMP clstrmgrES activity.
6. /tmp/cspoc.log file contains messages generated by HACMP C-SPOC commands.
7. /usr/es/adm/cluster.log file is the main HACMP log file. HACMP error messages and messages about HACMP related events are appended to this log.
8. /var/adm/clavan.log file keeps track of when each application that is managed by HACMP is started or stopped and when the node stops on which an application is running.
9. /var/hacmp/clcomd/clcomd.log file contains messages generated by HACMP cluster communication daemon.
10. /var/ha/log/grpsvcs. file tracks the execution of internal activities of the grpsvcs daemon.
11. /var/ha/log/topsvcs. file tracks the execution of internal activities of the topsvcs daemon.
12. /var/ha/log/grpglsm file tracks the execution of internal activities of grpglsm daemon.

How to rotate sudo log

How to rotate sudo log?
Scenario : Sudo log files will keep the activities of sudo users and their login status in /var/log/sudolog.

Tested platform : RHEL 5
Solution :

1. Create a sudo log file and put it in /etc/sudoers. Then rotate it for 90 days. As an example :

$touch /var/log/sudolog

2. vi /etc/sudoers and add following lines :

-----
Defaults !syslog
Defaults logfile = /var/log/sudolog
-----

Then save it.

3. Rotating this log file :

vi /etc/logrotate.d/sudolog and put following :

------
/var/log/sudolog {
rotate 90
size 5M
postrotate
/usr/bin/killall -HUP syslogd
endscript
}
------

4. Now restart syslogd :

$service syslogd restart

This will keep maximum 5MB file of 90 different copies. Old copy will be removed first.

Which command will provide IO details of all processes in the system?

Which command will provide IO details of all processes in the system?

You can execute following command to get the details :

for i in {1..65353}; do if [ -f /proc/$i/io ] ; then echo "---------------------------------------------------"; echo "Process name :" ; cat /proc/$i/cmdline; echo "PID : $i" ; echo "IO Details:" ; cat /proc/$i/io ; fi; done           

   -------------->provide IO details of all processes in the system?

Difference between prefork MPM and worker MPM in apache

Difference between prefork MPM and worker MPM in apache

What are MPM? 
'Multi Processing Modules' aka MPM are modules that extends apache's capability to implement a hybrid multi-process multi-threaded server.

The default MPM for Unix is the Prefork module.
The Worker MPM was introduced in Apache2.

MPM uses a multi-process and multi-threaded structure.
Multi-process --> multi PIDs (use 'ps -aef' to find out)
Multi-thread --> more connections per PID. (use 'lsof' to find out. 'netstat -an' don't really see everything.)

The parent process (the one belonging to root) is started up which in turn start up the child processes.

Each child process creates a fixed number of threads as specified in the ThreadsPerChild directive.

Apache always try to maintain a pool of spare threads, which stand ready to serve incoming requests. The number of processes that will initially launched is set by the StartServers directive. Apache will try to keep the number of spare threads within the boundaries specified by MinSpareThreads and MaxSpareThreads.

The maximum number of clients that may be served simultaneously will equal to the maximum total number of threads in all processes. This is set using MaxClients directive.

Therefore, no of processes or PIDs you can have is

no of processes = MaxClients / ThreadsPerChild

Comparing Worker MPM and Prefork MPM,

Worker MPM
- worker MPM uses multiple child processes with many thread each.
- Each thread handle one connection at a time.
- Good for high-traffic, smaller memory footprint.

Prefork MPM
- prefork MPM uses multiple child processes with one thread each.
- Each process handle one connection at a time. uses more memory.
- Good for non-thread-safe third party modules.

Prefork MPM is prefered for better compatibility with older softwares or for better stability although it uses more memories.

Note that we can have one and only MPM module loaded in apache at any one time.

How to check which MPM is compiled?

# httpd -l
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c

Reference: http://httpd.apache.org/docs/2.0/mod/worker.html

How to install and configure sendmail?

How to install and configure sendmail?

1. Install :

#yum install sendmail*
#yum install m4*

2.
vi /etc/mail/sendmail.mc

Make commented like to accept all network :

----
dnl # DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
----

save this file.

3. Execute following command :

#m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

4. Dont forget to add the following line to your /etc/hosts.allow file:

----
sendmail: ALL
----

5. Set DAEMON to yes in /etc/sysconfig/sendmail

----
DAEMON=yes
QUEUE=1h
----

5. Do following :

#chkconfig sendmain on
#service sendmail start

Testing :

1. Check whether port listens :

#netstat -tulpn | grep 25
#telnet localhost 25
#telnet IP 25

2. Above are fine then send a mail :

#echo test | mail -s test-subject -v


Note : sendmail configurations files are inside /etc/mail/. Log is inside /var/log/maillog.

How sendmail works?

How sendmail works?
Outbound email :

1. MUA passes the email to sendmail , which creates in the /var/spool/mqueue (mail queue) directory two files that hold the message while sendmail processes it.
2. To create a unique filename for a particular piece of email, sendmail generates a random string and uses that string in filenames pertaining to the email.
3. The sendmail daemon stores the body of the message in a file named df (data file) followed by the generated string.
4. It stores the headers and other information in a file named qf (queue file) followed by the generated string.
5. If a delivery error occurs, sendmail creates a temporary copy of the message that it stores in a file whose name starts with tf (temporary file) and logs errors in a file whose name starts xf .
6. Once an email has been sent successfully, sendmail removes all files pertaining to that email from /var/spool/mqueue .

Incoming email :

1. By default, the MDA stores incoming messages in users' files in the mail spool directory, /var/spool/mail , in mbox format. Within this directory, each user has a mail file named with the user's username. Mail remains in these files until it is collected, typically by an MUA. Once an MUA collects the mail from the mail spool, the MUA stores the mail as directed by the user, usually in the user 's home directory hierarchy.

mbox versus maildir :

1. The mbox format stores all messages for a user in a single file. To prevent corruption, the file must be locked while a process is adding messages to or deleting messages from the file; you cannot delete a message at the same time the MTA is adding messages. A competing format, maildir , stores each message in a separate file. This format does not use locks, allowing an MUA to read and delete messages at the same time as new mail is delivered. In addition, the maildir format is better able to handle larger mailboxes

Mail logs :

# cat/var/log/maillog
...
Mar 3 16:25:33 MACHINENAME sendmail[7225]: i23GPXvm007224:
to=, ctladdr=
(0/0), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30514,
dsn=2.0.0, stat=Sent


Each log entry starts with a timestamp, the name of the system sending the email, the name of the mail server ( sendmail ), and a unique identification number. The address of the recipient follows the to= label and the address of the sender follows ctladdr= . Additional fields provide the name of the mailer and the time it took to send the message. If a message is sent correctly, the stat= label is followed by Sent .

Aliases and Forwarding :

Three files can forward email: .forward (page 634), aliases (discussed next ), and virtusertable (page 640). Table 20-1 on page 640 compares the three files.
Table 20-1. Comparison of forwarding techniques


.forward aliases virtusertable

Controlled by non root user root root

Forwards email
addressed to "non root user" "Any real or virtual user on the local system" "Any real or virtual user on any domain recognized by sendmail"

Order of precedence Third Second First

/etc/aliases

Most of the time when you send email, it goes to a specific person; the recipient, user@system , maps to a specific, real user on the specified system. Sometimes you may want email to go to a class of users and not to a specific recipient. Examples of classes of users include postmaster , webmaster , root , and tech_support . Different users may receive this email at different times or the email may be answered by a group of users. You can use the /etc/aliases file to map inbound addresses to local users, files, commands, and remote addresses.

Each line in /etc/aliases contains the name of a local pseudouser, followed by a colon , whitespace, and a comma-separated list of destinations. The default installation includes a number of aliases that redirect messages for certain pseudousers to root . These have the form

system: root


Sending messages to the root account is a good way of making them easy to review. However, because root 's email is rarely checked, you may want to send copies to a real user. The following line forwards mail sent to abuse on the local system to root and alex :

abuse: root, alex


You can create simple mailing lists with this type of alias. For example, the following alias sends copies of all email sent to admin on the local system to several users, including Zach, who is on a different system:

admin: sam, helen, mark, zach@redhat.com


You can direct email to a file by specifying an absolute pathname in place of a destination address. The following alias, which is quite popular among less conscientious system administrators, redirects email sent to complaints to /dev/null where they disappear:

complaints: /dev/null


You can also send email to standard input of a command by preceding the command with a pipe character ( | ). This technique is commonly used with mailing list software such as Mailman. For each list it maintains, Mailman has entries, such as the following entry for mylist , in the aliases file:

mylist: "|/usr/lib/mailman/mail/mailman post mylist"


newaliases

After you edit /etc/aliases , you must either run newaliases as root or restart sendmail to recreate the aliases.db file that sendmail reads.

praliases

You can use praliases to list aliases currently loaded by sendmail :

# /usr/sbin/praliases| head-5
postmaster:root
daemon:root
adm:root
lp:root
shutdown:root


~/.forward

Systemwide aliases are useful in many cases, but non root users cannot make or change them. Sometimes you may want to forward your own mail: Maybe you want mail from several systems to go to one address or perhaps you just want to forward your mail while you are working at another office for a week. The ~/.forward file allows ordinary users to forward their email.

Lines in a .forward file are the same as the right column of the aliases file explained previously: Destinations are listed one per line and can be a local user, a remote email address, a filename, or a command preceded by a pipe character ( | ).

Mail that you forward does not go to your local mailbox. If you want to forward mail and keep a copy in your local mailbox, you must specify your local username preceded by a backslash to prevent an infinite loop. The following example sends Sam's email to himself on the local system and on the system at tcorp.com :

$ cat ~sam/.forward
sams@tcorp.com
\sam


Related Programs

sendmail

The sendmail package includes several programs. The primary program, sendmail , reads from standard input and sends an email to the recipient specified by its argument. You can use sendmail from the command line to check that the mail delivery system is working and to email the output of scripts.

mailq

The mailq utility displays the status of the outgoing mail queue and normally reports there are no messages in the queue. Messages in the queue usually indicate a problem with the local or remote sendmail configuration or a network problem.

# /usr/bin/mailq
/var/spool/mqueue is empty
Total requests: 0


mailstats

The mailstats utility reports on the number and sizes of messages sendmail has sent and received since the date it displays on the first line:

# /usr/sbin/mailstats
Statistics from Sat Dec 24 16:02:34 2005
M msgsfr bytes_from msgsto bytes_to msgsrej msgsdis Mailer
0 0 0K 17181 103904K 0 0 prog
4 368386 4216614K 136456 1568314K 20616 0 esmtp
9 226151 26101362K 479025 12776528K 4590 0 local
============================================================
T 594537 30317976K 632662 14448746K 25206 0
C 694638 499700 146185


In the preceding output, each mailer is identified by the first column, which displays the mailer number, and by the last column, which displays the name of the mailer. The second through fifth columns display the number and total sizes of messages sent and received by the mailer. The sixth and seventh columns display the number of messages rejected and discarded respectively. The row that starts with T lists the column totals, and the row that starts with C lists the number of TCP connections.

Setting Up a Backup Server

You can set up a backup mail server to hold email when the primary mail server experiences problems. For maximum coverage, the backup server should be on a different connection to the Internet from the primary server.

Setting up a backup server is easy. Just remove the leading dnl from the following line in the backup mail server's sendmail.mc file:

dnl FEATURE('relay_based_on_MX')dnl


DNS MX records (page 726) specify where email for a domain should be sent. You can have multiple MX records for a domain, each pointing to a different mail server. When a domain has multiple MX records, each record usually has a different priority; the priority is specified by a two-digit number, where lower numbers specify higher priorities.

When attempting to deliver email, an MTA first tries to deliver email to the highest-priority server. If that delivery attempt fails, it tries to deliver to a lower-priority server. If you activate the relay_based_on_MX feature and point a low-priority MX record at a secondary mail server, the mail server will accept email for the domain. The mail server will then forward email to the server identified by the highest-priority MX record for the domain when that server becomes available.


Other Files in /etc/mail :

The /etc/mail directory holds most of the files that control sendmail . This section discusses three of those files: mailertable , access , and virtusertable .
mailertable : Forwards Email from One Domain to Another

When you run a mail server, you may want to send mail destined for one domain to a different location. The sendmail daemon uses the /etc/mail/mailertable file for this purpose. Each line in mailertable holds the name of a domain and a destination mailer separated by whitespace; when sendmail receives email for the specified domain, it forwards it to the mailer specified on the same line. Red Hat enables this feature by default: Put an entry in the mailertable file and restart sendmail to use it.

The following line in mailertable forwards email sent to tcorp.com to the mailer at bravo.com :

$ cat /etc/mail/mailertable
tcorp.com smtp:[bravo.com]


The square brackets in the example instruct sendmail not to use MX records but rather to send email directly to the SMTP server. Without the brackets, email could enter an infinite loop.

A period in front of a domain name acts as a wildcard and causes the name to match any domain that ends in the specified name. For example, .tcorp.com matches sales.tcorp.com , mktg.tcrop.com , and so on.

The sendmail init script regenerates mailertable.db from mailertable each time you run it, as when you restart sendmail .
access : Sets Up a Relay Host

On a LAN, you may want to set up a single server to process outbound mail, keeping local mail inside the network. A system that processes outbound mail for other systems is called a relay host . The /etc/mail/access file specifies which systems the local server relays email for. As configured by Red Hat, this file lists only the local system:

$ cat /etc/mail/access
...
# by default we allow relaying from localhost...
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY


You can add systems to the list in access by adding an IP address followed by whitespace and the word RELAY . The following line adds the 192.168. subnet to the list of hosts that the local system relays mail for:

192.168. RELAY


The sendmail init script regenerates access.db from access each time you run it, as when you restart sendmail .
virtusertable : Serves Email to Multiple Domains

When the DNS MX records are set up properly, a single system can serve email to multiple domains. On a system that serves mail to many domains, you need a way to sort the incoming mail so that it goes to the right places. The virtusertable file can forward inbound email addressed to different domains ( aliases cannot do this).

As sendmail is configured by Red Hat, virtusertable is enabled. You need to put forwarding instructions in the /etc/mail/virtusertable file and restart sendmail to serve the specified domains. The virtusertable file is similar to the aliases file (page 633), except the left column contains full email addresses, not just local ones. Each line in virtusertable starts with the address that the email was sent to, followed by whitespace and the address sendmail will forward the email to. As with aliases , the destination can be a local user, an email address, a file, or a pipe symbol ( | ), followed by a command.

The following line from virtusertable forwards mail addressed to zach@tcorp.com to zcs , a local user:

zach@tcorp.com zcs


You can also forward email for a user to a remote email address:

sams@bravo.com sams@tcorp.com


You can forward all email destined for a domain to another domain without specifying each user individually. To forward email for every user at bravo.com to tcorp.com , specify @bravo.com as the first address on the line. When sendmail forwards email, it replaces the %1 in the destination address with the name of the recipient. The next line forwards all email addressed to bravo.com to tcorp.com , keeping the original recipients' names :

@bravo.com %1@tcorp.com


Finally you can specify that email intended for a specific user should be rejected by using the error namespace in the destination. The next example bounces email addressed to spam@tcorp.com with the message 5.7.0:550 Invalid address :

spam@tcorp.com error:5.7.0:550 Invalid address

firmware of Ethernet(NIC) and firmware that comes along with Linux kernel

I would like to just clarify about the firmware of Ethernet(NIC) and firmware that comes along with Linux kernel. Both are two different but their aim is same. Hardware vendor deploys firmware(certain amount of code or program to interact with hardware) in NVRAM (non-volatile RAM not normal RAM). Once we attach the NIC with machine it'll be automatically activated. We can view its version like :

#ethtool -i eth0

Now kernel also contains firmware. This will be loaded in RAM and will override on vendor provided firmware. So, this firmware will be taking care of NIC now. Most of the kernel contains such firmware for NIC. Only difference is that it won't show in "ethtool -i eth0" output.

How to check details of the rpm pacakge which is yet not installed?

How to check details of the rpm pacakge which is yet not installed?
Pass "-qpil" to rpm command. As an example :

#rpm -qpil tftp-0.49-7.el6.x86_64.rpm

Name : tftp Relocations: (not relocatable)
Version : 0.49 Vendor: Red Hat, Inc.
Release : 7.el6 Build Date: Mon 18 Jul 2011 03:10:21 PM EDT
Install Date: (not installed) Build Host: x86-002.build.bos.redhat.com
Group : Applications/Internet Source RPM: tftp-0.49-7.el6.src.rpm
Size : 46554 License: BSD
Signature : (none)
Packager : Red Hat, Inc.
URL : http://www.kernel.org/pub/software/network/tftp/
Summary : The client for the Trivial File Transfer Protocol (TFTP)
Description :
The Trivial File Transfer Protocol (TFTP) is normally used only for
booting diskless workstations. The tftp package provides the user
interface for TFTP, which allows users to transfer files to and from a
remote machine. This program and TFTP provide very little security,
and should not be enabled unless it is expressly needed.
/usr/bin/tftp
/usr/share/doc/tftp-0.49
/usr/share/doc/tftp-0.49/CHANGES
/usr/share/doc/tftp-0.49/README
/usr/share/doc/tftp-0.49/README.security
/usr/share/doc/tftp-0.49/README.security.tftpboot
/usr/share/man/man1/tftp.1.gz

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

To check details of installed package :

#rpm -qi tftp-0.49-7.el6.x86_64

Name : tftp Relocations: (not relocatable)
Version : 0.49 Vendor: Red Hat, Inc.
Release : 7.el6 Build Date: Mon 18 Jul 2011 03:10:21 PM EDT
Install Date: Fri 19 Aug 2011 06:02:18 PM EDT Build Host: x86-002.build.bos.redhat.com
Group : Applications/Internet Source RPM: tftp-0.49-7.el6.src.rpm
Size : 46554 License: BSD
Signature : (none)
Packager : Red Hat, Inc.
URL : http://www.kernel.org/pub/software/network/tftp/
Summary : The client for the Trivial File Transfer Protocol (TFTP)
Description :
The Trivial File Transfer Protocol (TFTP) is normally used only for
booting diskless workstations. The tftp package provides the user
interface for TFTP, which allows users to transfer files to and from a
remote machine. This program and TFTP provide very little security,
and should not be enabled unless it is expressly needed

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Show dependencies of a RPM package : 

#rpm -qp -requires .rpm