Archive for April, 2010

iSCSI SAN for CentOS 5.4


Well I guess I could have used OpenFiler for this… BUT here are a few steps to creating your own SAN-type-thing on CentOS 5.4…

#!/bin/bash
# iSCSI SAN for CentOS5.4
cd /usr/src
# Get the iscsi package
wget http://sourceforge.net/projects/iscsitarget/files/iscsitarget/1.4.20/iscsitarget-1.4.20.tar.gz/download
yum -y install kernel-devel openssl-devel gcc rpm-build make automake autoconf # you may already have these, this was a newer build for me so I didn’t…
tar -xzvf iscsitarget-1.4.20.tar.gz
cd iscsitarget-1.4.20
make
make install

# Name the disk
echo “Ok, I am going to name the disk for you”
echo “iqn.`date -I`.`hostname |awk -F “.” ‘{print $1’}`-sanhead” # awk only needed if u use FQDN’s
echo “BUT… you need to tell me what disk to use…”
df -h
echo “Type in the full path to your disk, i.e.(/dev/<md3>)”
read dname
touch /etc/initiators.allow
idname=”`echo iqn.`date -I`.`hostname |awk -F “.” ‘{print $1’}`-sanhead:$dname`”
echo “$idname 192.168.11.0/24” >> /etc/initiators.allow
touch /etc/initiators.deny
echo “ALL:ALL” >> /etc/initiators.deny
touch /etc/ietd.conf
echo “Target iqn.`date -I`.`hostname |awk -F “.” ‘{print $1’}`-sanhead:$dname” >> /etc/ietd.conf
echo ”        IncomingUser <uname>    <passwd>” >> /etc/ietd.conf
echo ”        OutgoingUser <uname>    <passwd>” >> /etc/ietd.conf
echo ”        Lun 0 Path=/dev/SAN/diskname,Type=fileio,IOMode=wb” >> /etc/ietd.conf
echo ”        Alias iSCSI for diskname” >> /etc/ietd.conf
echo ”        ImmediateData Yes” >> /etc/ietd.conf
echo ”        MaxConnections 1″ >> /etc/ietd.conf
echo ”        InitialR2T Yes” >> /etc/ietd.conf
yum -y install iscsi-initiator-utils open-iscsi
echo “InitiatorName=iqn.2010-04.factslx01-sanhead:factslx01” >> /etc/iscsi/initiatorname.iscsi
# /etc/iscsi/iscsid.conf
mv /etc/iscsi/iscsid.conf /etc/iscsi/iscsid.conf.bak
touch /etc/iscsi/iscsid.conf
chmod 600 /etc/iscsi/iscsid.conf
echo “# Default Settings” /etc/iscsi/iscsid.conf
echo “# Default Settings” /etc/iscsi/iscsid.conf
echo “#node.startup = automatic” /etc/iscsi/iscsid.conf
echo “#node.session.timeo.replacement_timeout = 120” /etc/iscsi/iscsid.conf
echo “#node.conn[0].timeo.login_timeout = 15” /etc/iscsi/iscsid.conf
echo “#node.conn[0].timeo.logout_timeout = 15” /etc/iscsi/iscsid.conf
echo “#node.conn[0].timeo.noop_out_interval = 5” /etc/iscsi/iscsid.conf
echo “#node.conn[0].timeo.noop_out_timeout = 5” /etc/iscsi/iscsid.conf
echo “#node.session.err_timeo.abort_timeout = 15” /etc/iscsi/iscsid.conf
echo “#node.session.err_timeo.lu_reset_timeout = 20” /etc/iscsi/iscsid.conf
echo “#node.session.initial_login_retry_max = 8” /etc/iscsi/iscsid.conf
echo “#node.session.cmds_max = 128” /etc/iscsi/iscsid.conf
echo “#node.session.queue_depth = 32” /etc/iscsi/iscsid.conf
echo “#node.session.iscsi.InitialR2T = No” /etc/iscsi/iscsid.conf
echo “#node.session.iscsi.ImmediateData = Yes” /etc/iscsi/iscsid.conf
echo “#node.session.iscsi.FirstBurstLength = 262144” /etc/iscsi/iscsid.conf
echo “#node.session.iscsi.MaxBurstLength = 16776192” /etc/iscsi/iscsid.conf
echo “#node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144” /etc/iscsi/iscsid.conf
echo “#discovery.sendtargets.iscsi.MaxRecvDataSegmentLength = 32768” /etc/iscsi/iscsid.conf
echo “#node.conn[0].iscsi.HeaderDigest = None” /etc/iscsi/iscsid.conf
echo “#node.session.iscsi.FastAbort = Yes” /etc/iscsi/iscsid.conf
echo “#” /etc/iscsi/iscsid.conf
echo “# Custom Settings” /etc/iscsi/iscsid.conf
echo “node.startup = automatic” /etc/iscsi/iscsid.conf
echo “node.session.auth.authmethod = CHAP” /etc/iscsi/iscsid.conf
echo “node.session.auth.username = <uname>” /etc/iscsi/iscsid.conf
echo “node.session.auth.password = <passwd>” /etc/iscsi/iscsid.conf
echo “node.session.auth.username_in = <uname>” /etc/iscsi/iscsid.conf
echo “node.session.auth.password_in = <passwd>” /etc/iscsi/iscsid.conf
echo “node.session.timeo.replacement_timeout = 120” /etc/iscsi/iscsid.conf
echo “node.conn[0].timeo.login_timeout = 15” /etc/iscsi/iscsid.conf
echo “node.conn[0].timeo.logout_timeout = 15” /etc/iscsi/iscsid.conf
echo “node.conn[0].timeo.noop_out_interval = 10” /etc/iscsi/iscsid.conf
echo “node.conn[0].timeo.noop_out_timeout = 15” /etc/iscsi/iscsid.conf
echo “node.session.initial_login_retry_max = 10” /etc/iscsi/iscsid.conf
echo “node.session.cmds_max = 128” /etc/iscsi/iscsid.conf
echo “node.session.queue_depth = 32” /etc/iscsi/iscsid.conf
echo “node.session.iscsi.InitialR2T = No” /etc/iscsi/iscsid.conf
echo “node.session.iscsi.ImmediateData = Yes” /etc/iscsi/iscsid.conf
echo “node.session.iscsi.FirstBurstLength = 262144” /etc/iscsi/iscsid.conf
echo “node.session.iscsi.MaxBurstLength = 16776192” /etc/iscsi/iscsid.conf
echo “node.conn[0].iscsi.MaxRecvDataSegmentLength = 131072” /etc/iscsi/iscsid.conf
echo “discovery.sendtargets.iscsi.MaxRecvDataSegmentLength = 32768” /etc/iscsi/iscsid.conf
echo “node.session.iscsi.FastAbort = No” /etc/iscsi/iscsid.conf
echo “# EOF” /etc/iscsi/iscsid.conf
service iscsi start
i=”`ifconfig |grep -v 127.0.0.1|grep “inet addr:” |awk -F “:” ‘{print $2}’|cut -c 1-14`”
iscsiadm -m discovery -t st -p $i # IP for iSCSI host
iscsiadm -m node -p $i -T iqn.`date -I`.`hostname |awk -F “.” ‘{print $1’}`-sanhead:$dname –login

So there it is !!! Now go use OpenFiler… LOL -> http://www.openfiler.com/

, , , , , , , , , ,

2 Comments

Solaris 10 in jail


Well I took a stab @ this one last week… although it seems to be lacking in one respect… It is a good start.  If you didn’t already notice, I have decided to start mocking up scripts from the steps I am taking to perform these little diddy’s to complete the automation/repetitive goal of administration.

#!/bin/sh
# Solaris FTP chroot jail
cd /
mkdir /ftpjail
cd /ftpjail
mkdir -p dev etc etc/ftpd etc/default usr/bin usr/sbin usr/lib/security usr/lib/locale usr/lib/security/sparcv9 usr/lib usr/share/lib/zoneinfo upload ftpuser
chmod 100 usr/sbin
chmod 444 dev etc/default usr/share usr/share/lib usr/share/lib/zoneinfo
chmod 555 etc etc/ftpd usr usr/bin usr/lib usr/lib/locale usr/lib/security
chmod 777 upload
ln -s usr/bin bin
cd /ftpjail/dev
mknod conslog c 21 0
mknod null c 13 2
mknod zero c 13 12
mknod tcp c 42 0
mknod ticlts c 105 2
mknod ticotsord c 105 1
mknod udp c 41 0
chmod 666 conslog null tcp ticlts ticotsord udp zero
cd ..
# vi etc/group
# “etc/group” [New file]
touch etc/group
echo “other::1:root” >> etc/group
echo “ftp::30000:” >> etc/group
#
# vi etc/pam.conf
# “etc/pam.conf” [New file]
touch etc/pam
echo “ftp auth required /usr/lib/security/pam_unix.so.1” >> etc/pam.conf
echo “ftp account required /usr/lib/security/pam_unix.so.1” >> etc/pam.conf
echo “ftp session required /usr/lib/security/pam_unix.so.1” >> etc/pam.conf
#
# vi etc/passwd
# “etc/passwd” [New file]
touch etc/passwd
echo “root:x:0:1:::” >> etc/passwd
echo “ftp:x:30000:30000::/upload:/bin/false” >> etc/passwd
echo “ftpuser:x:30000:30000::/ftpuser:/bin/sh” >> etc/passwd
#
# vi etc/shadow
# “etc/shadow” [New file]
touch etc/shadow
echo “root:*LK*:6445::::::” >> etc/shadow
echo “ftp:*LK*:13651::::::” >> etc/shadow
echo “ftpuser:cdHH60rUQrF3Q:13651::::::” >> etc/shadow # passwd = “ftpuser”
#
# vi etc/shells
# “etc/shells” [New file]
touch etc/shells
echo “/bin/sh” >> etc/shells
#
# vi etc/ftpd/ftpaccess
# “etc/ftpd/ftpaccess” [New file]
touch etc/ftpd/ftpaccess
echo “hostname ftpserver” >> etc/ftpd/ftpaccess
echo “defaultserver private” >> etc/ftpd/ftpaccess
echo “class   all   real,guest,anonymous  *” >> etc/ftpd/ftpaccess
echo “# all the following default to “yes” for everybody” >> etc/ftpd/ftpaccess
echo “delete          no      real,guest,anonymous” >> etc/ftpd/ftpaccess
echo “overwrite       no      real,guest,anonymous” >> etc/ftpd/ftpaccess
echo “rename          no      real,guest,anonymous” >> etc/ftpd/ftpaccess
echo “chmod           no      real,guest,anonymous” >> etc/ftpd/ftpaccess
echo “umask           no      real,guest,anonymous” >> etc/ftpd/ftpaccess
echo “# specify the upload directory information” >> etc/ftpd/ftpaccess
echo “upload  /       *       no” >> etc/ftpd/ftpaccess
echo “upload  /       /upload yes” >> etc/ftpd/ftpaccess
echo “greeting terse” >> etc/ftpd/ftpaccess
echo “noretrieve” >> etc/ftpd/ftpaccess
echo “#allow-retrieve /upload/” >> etc/ftpd/ftpaccess
echo “defumask 777” >> etc/ftpd/ftpaccess
#
useradd ftpuser
sed -i ‘s/ftpuser:*LK*:::::::/ftpuser:cdHH60rUQrF3Q:14722::::::/’ /etc/shadow
echo “/usr/sbin/in.ftpd -P 2020 -p 2021 -S -u 022 -W -a -Q” >> usr/bin/runme
#
cd /ftpjail/etc
chmod 444 group pam.conf passwd shadow shells /ftpjail/etc/ftpd/ftpaccess
chmod 100 /ftpjail/usr/bin/runme
#
cp -p /etc/default/init default/init
cp /usr/bin/sh /ftpjail/usr/bin/sh; chmod 111 /ftpjail/usr/bin/sh
cp /usr/sbin/in.ftpd /ftpjail/usr/sbin/in.ftpd; chmod 6100 /ftpjail/usr/sbin/in.ftpd; chown 30000:30000 /ftpjail/usr/sbin/in.ftpd
cp -rp /usr/lib/locale/* /ftpjail/usr/lib/locale
cp -rp /usr/share/lib/zoneinfo/* usr/share/lib/zoneinfo
cd /ftpjail/usr/lib
cp -p /usr/lib/libbsm.so.1 .
cp -p /usr/lib/libc.so.1 .
cp -p /usr/lib/libcmd.so.1 .
cp -p /usr/lib/libdl.so.1 .
cp -p /usr/lib/libgen.so.1 .
cp -p /usr/lib/libmd5.so.1 .
cp -p /usr/lib/libmp.so.2 .
cp -p /usr/lib/libnsl.so.1 .
cp -p /usr/lib/libpam.so.1 .
cp -p /usr/lib/libresolv.so.2 .
cp -p /usr/lib/libsecdb.so.1 .
cp -p /usr/lib/libsocket.so.1 .
cp -p /usr/lib/ld.so.1 .
cp -p /usr/lib/nss_user.so.1 .
cp -p /usr/lib/nss_files.so.1 .
chmod 555 *
cd /ftpjail/usr/lib/security
cp -p /usr/lib/security/crypt_bsdbf.so.1 .
cp -p /usr/lib/security/crypt_bsdmd5.so.1 .
cp -p /usr/lib/security/crypt_sunmd5.so.1 .
cp -p /usr/lib/security/pam* .
cd /ftpjail/usr/lib/security/sparcv9
cp -p /usr/lib/security/sparcv9/* .
# Give out the ‘ls’ command
cp /usr/bin/ls /ftpjail/usr/bin/ls; chmod 111 /ftpjail/usr/bin/ls
# Test commands
# chroot /ftpjail /usr/bin/sh
# If the above is successful, start up the server:
chroot /ftpjail /usr/bin/sh -c runme
# Check to see if the server has started:
ps -ef|grep ftpd
#
# ftp 192.168.11.34 2021
# login ftpuser/ftpuser
# EOF

So that’s basically it…

, , , , , , ,

Leave a comment

In The Dark?


Are we all just in the dark?

Trying desperately to make our mark?

On society that cares not for your merit, only judging as a financial parrot?

Do what I do, do what I say

How can we ever grow this way?

I would postulate that all of the understanding that we need is standing within our grasp yet we will never reach out and take hold of it.  Try to imagine your vision of a perfect world… whats in it?  Money, fame, peace, love, etc… You must first let go of everything you know, yourself, your loved ones, even Christ asked us to do this.  Not by way of abandonment, but simply by way of selflessness.  If the greater good called you, would you answer?  If you answered what would your answer be?  Who of us is ready to lay down our prized worldly possessions to benefit the world?  The depth to which we take this as a serious notion translates to our defined actions in this material world.  If you KNEW that there were more to existence after corporeal death, would you be doing what you are doing today?  How do we strive to know this?  Can we attain that plane of knowledge?  Clearly all of this plagues me every moment of my futile existence… Is it truly better to just remain oblivious to all things unknown, never to postulate any alternatives?  Sadly it would appear so.  However, for all I know, this level of suffrage is exactly what we are meant to experience.  Was not the Tree of Knowledge, the test, the test unto which we failed by our own blind curiosity?  What then must be the punishment for deliberately seeking such knowledge?  I would most certainly accept madness in my endless pursuit of likely unattainable knowledge than blindly walk of the cliff with a smile on my face…

But truthfully, aren’t I still in the dark?

, , , , , , , ,

Leave a comment

Gnostic Doctors


Something to ponder for the day… or a lifetime…

God is love, but Love itself cannot be perfect unless it has those upon whom it can be lavished and by whom it can be returned.  Therefore He put forth of Himself into matter and He limited His glory, in order that through this natural and slow process of evolution we might come into being; and we in turn according to His will are to develop until we reach even His own level, and then the very Love of God itself will become more perfect, because it will then be lavished on those, His own children, who will fully understand and return it, and so His great scheme will be realized and His Will will be done.

, , , , , , , , ,

Leave a comment

Solaris 10 – n- NFS


I fired out an NFS share from a Solaris 10 box today for a Windows and Linux share… I thought I would post my “quick -n- dirty” steps… The Windows share required the installation of the UNIX for Windows tools… it comes on the CD 🙂

Add the new filesystems you want to share:
sunblade # cat /etc/dfs/sharetab
/a              –       nfs     rw      FACTS
/export/home    –       nfs     rw      FACTS
/usr6           –       nfs     rw      FACTS_TEST

execute “shareall” @ the command line:

execute /etc/init.d/nfs.server start <– ensure changes are taken

On the server you want to mount on:
create the mount points on / :

drwxrwxrwx  14 root     root         512 Sep  1 16:12 a_sunblade
drwxr-xr-x  44 root     root        1024 Feb 10 16:22 usr6_sunblade

then mount the filesystems you want:
# mount sunblade:/a /a_sunblade
# mount sunblade:/usr6 /usr6_sunblade
# df -h |grep sunblade
sunblade:/a             17G    10G   7.0G    60%    /a_sunblade
sunblade:/usr6          33G    17G    16G    52%    /usr6_sunblade

fstab entry for NFS mount:
[root@centOS54 /]# cat /etc/fstab
/dev/VolGroup00/LogVol00 /                       ext3    defaults        1 1
LABEL=/boot             /boot                   ext3    defaults        1 2
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
/dev/VolGroup00/LogVol01 swap                    swap    defaults        0 0
SFX4140P:/export/home   /SFX4140P               nfs     rsize=8192,wsize=8192,timeo=14,intr <– this one

, , , , , ,

Leave a comment

WordPress Automation


OK so I had a few minutes to spare today and I  decided to finalize this mini-automation script for WordPress installs.  Keep in mind that  the assumption is made that you have used Virtualmin to create the preliminary aspects, vhost, mysql, doc root, etc… If not… this ain’t gonna work as it is.  I guess I could work up a more in-depth script to include these aspects, in fact that is how I started this idea in the first place, but the aspects of virtualmin really are pretty extensive and since I am using that to manage the vhosts anyway I just skipped that part, I mean why try to improve on a great integration aspect, besides it is unlikely I could do it better anyway.  I would however like to translate this piece into a Perl mod to be added to the virtualmin GUI, that would be a cool improvement.

#/bin/bash

#

echo “Make sure you have created this VHost using virtualmin FIRST…”

sleep 5

echo “OK… moving on then”

sleep 2

echo “Enter the name of your new site, then press [ENTER}”

read newblog

# You need these if you are NOT using virtualmin FIRST !!

# mkdir /var/www/html/$newblog

# useradd -c ‘$newblog user’ -p ‘$newblog’ $newblog

# chown -R $newblog:$newblog $newblog

cd /home/$newblog/public_html

wget http://www.wordpress.org/latest.tar.gz

tar xzf latest.tar.gz

rm -Rf latest.tar.gz

mv wordpress/* .

rm -Rf wordpress

chmod 777 .

# Link the themes & plugins from the default repo

# This makes the assumption that you actually HAVE a repo for themes and plugins…

# If you don’t this ain’t gonna do what we need it to !!

cd /home/$newblog/public_html/wp-content

mv themes bak.themes # <– Just in case we hose everything 😦

# Make the link directorie(s), if necessary and link ’em up

mkdir -p /var/www/repo/themes

ln -s /var/www/repo/themes /home/$newblog/public_html/wp-content/themes

mv plugins bak.plugins

mkdir -p /var/www/repo/plugins

ln -s /var/www/repo/plugins /home/$newblog/public_html/wp-content/plugins

cd ../

cp wp-config-sample.php wp-config.php

#

#

# Final directions

# Open the editor if needed but SED will do what you need

# vi wp-config.php

sed -i ‘s/putyourdbnamehere/’$newblog’/’ wp-config.php

sed -i ‘s/usernamehere/’$newblog’/’ wp-config.php

sed -i ‘s/yourpasswordhere/’$newblog’/’ wp-config.php

chown -R $newblog:$newblog *

# EOF

If you need webmin/virtualmin/cloudmin (I HIGHLY recommend them) you can spin this off:

# Virtualmin/Webmin/Cloudmin Installation

# cd /usr/src

# wget http://software.virtualmin.com/gpl/scripts/install.sh

# sh install.sh

# wegt http://cloudmin.virtualmin.com/gpl/scripts/cloudmin-gpl-redhat-install.sh

# sh cloudmin-gpl-redhat-install.sh

And that’s it! Just navigate to your new URL (assuming that you made the proper DNS entries…) and configure WordPress from its admin console.  I also thought this tutorial on SED was pretty useful although what I used here is very basic, just in case you need something more.

http://www.grymoire.com/Unix/Sed.html

Happy Blogging 🙂

, , , , , , , , , ,

3 Comments

in Addition…


In addition to the singular use of binaural exposure… Some as yet unknown combination of stimuli may in fact represent the true key to unlocking the final step to achieve a pure sense of harmony.  By this I mean that if in fact we are able to “tune” ourselves to the state of the Universe instead of constantly being at odds within the great “chord” of life, finally resolving the dissonant chord and coming into perfect harmony with everything.  What a path toward achievement that would be indeed.  I find it odd that a major focus has not been placed upon this thought methodology.  I have read and seen evidence to support that our aura, a vibration that we all exude, can be manipulated to in fact cure illness… Even if this is totally ludicrous, why haven’t we formally disproved it?  Why are we content to simply accept that it is non-viable?  This I do not understand.  I will continue to work on this topic and expose myself to these experiments and post the results as they are achieved.  I can already say that binaural auditory exposure absolutely has an impact on your state of mind.  To expound on this,  at the very least i have been able to consistently achieve what is refereed to as the “theta” state of brainwave activity, most closely associated with the REM dream state.   From only a 30 minute exposure I have NEVER been able to remain conscious throughout the entire duration of exposure.  Obviously this is not the desired result, in fact maintaining consciousness while simultaneously maintaining the theta brainwave state is the desired conclusion, however my experiences still support a conclusion of success.  other people I have made the recommendation of binaural exposure have had similar results.  I postulate that complete sensory exposure would yield profound results.  The correct combination may be an abstract to say the least, however like all things scientific, experiment is the key to realized success.  I guess I will have to be the proverbial “guinea pig” here.

, , , , , , , ,

Leave a comment