Beginner's Forum

How to disable the direct root login through SSH in solaris server

February 26, 2015 Sreehari CK Leave a comment

How to disable the direct root login through SSH in solaris server.
==================================================
Here we are going to discuss that how we can disable the direct root login through ssh in a server.

For achiving this goal we need to edit the sshd configuration file in the server

Steps
===========

1.Take the back up of /etc/ssh/sshd_config file

2.change the PermitRootLogin entry from yes to no

Before the change
==============

bash-3.00# cat /etc/ssh/sshd_config | grep -i permit
# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK
PermitEmptyPasswords no
# Are root logins permitted using sshd.
PermitRootLogin yes

bash-3.00#

After the change
=============

# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK
PermitEmptyPasswords no
# Are root logins permitted using sshd.
PermitRootLogin no
bash-3.00#

3. Restart the sshd service in the server

bash-3.00# svcadm restart svc:/network/ssh:default
After restting the ssh service the root login will be disabled.

Below are some session logs for your better understanding.

================================================

bash-3.00# uname -a
SunOS unknown 5.10 Generic_141445-09 i86pc i386 i86pc
bash-3.00# cat /etc/ssh/sshd_config | grep -i permit
# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK
PermitEmptyPasswords no
# Are root logins permitted using sshd.
PermitRootLogin yes
bash-3.00# cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config_orig
bash-3.00# vi /etc/ssh/sshd_config
“/etc/ssh/sshd_config” 156 lines, 5026 characters
#
# Copyright 2009 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident “@(#)sshd_config 1.9 09/04/30 SMI”
#
# Configuration file for sshd(1m)

# Protocol versions supported
#
# The sshd shipped in this release of Solaris has support for major versions
# 1 and 2. It is recommended due to security weaknesses in the v1 protocol
# that sites run only v2 if possible. Support for v1 is provided to help sites
# with existing ssh v1 clients/servers to transition.
# Support for v1 may not be available in a future release of Solaris.
#
# To enable support for v1 an RSA1 key must be created with ssh-keygen(1).
# RSA and DSA keys for protocol v2 are created by /etc/init.d/sshd if they
# do not already exist, RSA1 keys for protocol v1 are not automatically created.

# Uncomment ONLY ONE of the following Protocol statements.

# Only v2 (recommended)
Protocol 2

# Both v1 and v2 (not recommended)
#Protocol 2,1

# Only v1 (not recommended)
#Protocol 1

# Listen port (the IANA registered port number for ssh is 22)
Port 22

# The default listen address is all interfaces, this may need to be changed
# if you wish to restrict the interfaces sshd listens on for a multi homed host.
# Multiple ListenAddress entries are allowed.

# IPv4 only
#ListenAddress 0.0.0.0
# IPv4 & IPv6
ListenAddress ::

/permit
# Maximum number of retries for authentication
# Default is 6. Default (if unset) for MaxAuthTriesLog is MaxAuthTries / 2
MaxAuthTries 6
MaxAuthTriesLog 3

# Are logins to accounts with empty passwords allowed.
# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK
# to pam_authenticate(3PAM).
PermitEmptyPasswords no

# To disable tunneled clear text passwords, change PasswordAuthentication to no.
PasswordAuthentication yes

# Use PAM via keyboard interactive method for authentication.
# Depending on the setup of pam.conf(4) this may allow tunneled clear text
# passwords even when PasswordAuthentication is set to no. This is dependent
# on what the individual modules request and is out of the control of sshd
# or the protocol.
PAMAuthenticationViaKBDInt yes

# Are root logins permitted using sshd.
# Note that sshd uses pam_authenticate(3PAM) so the root (or any other) user
# maybe denied access by a PAM module regardless of this setting.
# Valid options are yes, without-password, no.
PermitRootLogin no

# sftp subsystem
Subsystem sftp /usr/lib/ssh/sftp-server
# SSH protocol v1 specific options
#
# The following options only apply to the v1 protocol and provide
# some form of backwards compatibility with the very weak security
# of /usr/bin/rsh. Their use is not recommended and the functionality
# will be removed when support for v1 protocol is removed.

# Should sshd use .rhosts and .shosts for password less authentication.
IgnoreRhosts yes
RhostsAuthentication no

# Rhosts RSA Authentication
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts.
“/etc/ssh/sshd_config” 156 lines, 5025 characters
bash-3.00# cat /etc/ssh/ssh
ssh_config ssh_host_dsa_key ssh_host_dsa_key.pub ssh_host_rsa_key ssh_host_rsa_key.pub sshd_config sshd_config_orig
bash-3.00# cat /etc/ssh/sshd_config | grep -i permit
# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK
PermitEmptyPasswords no
# Are root logins permitted using sshd.
PermitRootLogin no
bash-3.00# svcadm restart svc:/network/ssh:default
bash-3.00#

=========================================================

Hope you this helped you.

Thanks !!!

Solaris
UNIX

How to create a ufs filesystem on a newly added disk in Solaris

January 12, 2015 Sreehari CK Leave a comment

Let’s here discuss how to create a new Filesystem on a newly added disk in Solaris. Below is the scenario shown with examples.

1. Once disk is added in the server ,check if it is visible in OS by running the below command

bash-3.00# echo | format
Searching for disks…done
AVAILABLE DISK SELECTIONS:
0. c0d1 <DEFAULT cyl 2607 alt 2 hd 255 sec 63>
/pci@0,0/pci-ide@7,1/ide@1/cmdk@1,0
Specify disk (enter its number): Specify disk (enter its number):
bash-3.00# Read more

2. If it is not visible in the OS run the below command to scan the newly added hardware.

bash-3.00# devfsadm ===>(it works only for Solaris 10 and later versions. The older versions you need to perform a reconfigure reboot)

3. Check the format command again to confirm the disk is showing in the OS.

bash-3.00# echo | format
Searching for disks…done
AVAILABLE DISK SELECTIONS:
0. c0d1 <DEFAULT cyl 2607 alt 2 hd 255 sec 63>
/pci@0,0/pci-ide@7,1/ide@1/cmdk@1,0
1. c1t0d0 <DEFAULT cyl 1303 alt 2 hd 255 sec 63>
/pci@0,0/pci15ad,1976@10/sd@0,0
Specify disk (enter its number): Specify disk (enter its number):
bash-3.00#

========================================================================================

4. Now we can partition the disk

bash-3.00# format
Searching for disks…done
AVAILABLE DISK SELECTIONS:
0. c0d1 <DEFAULT cyl 2607 alt 2 hd 255 sec 63>
/pci@0,0/pci-ide@7,1/ide@1/cmdk@1,0
1. c1t0d0 <DEFAULT cyl 1303 alt 2 hd 255 sec 63>
/pci@0,0/pci15ad,1976@10/sd@0,0
Specify disk (enter its number): 1
selecting c1t0d0
[disk formatted]

FORMAT MENU:
disk – select a disk
type – select (define) a disk type
partition – select (define) a partition table
current – describe the current disk
format – format and analyze the disk
fdisk – run the fdisk program
repair – repair a defective sector
label – write label to the disk
analyze – surface analysis
defect – defect list management
backup – search for backup labels
verify – read and display labels
save – save new disk/partition definitions
inquiry – show vendor, product and revision
volname – set 8-character volume name
!<cmd> – execute <cmd>, then return
quit
format> format> p ===> “P” is used for partition
WARNING – This disk may be in use by an application that has
modified the fdisk table. Ensure that this disk is
not currently in use before proceeding to use fdisk. ===> if we get this error do fdisk on the disk

format> fdisk
No fdisk table exists. The default partition for the disk is:

a 100% “SOLARIS System” partition

Type “y” to accept the default partition, otherwise type “n” to edit the
partition table.
y
format> p
PARTITION MENU:
0 – change `0′ partition
1 – change `1′ partition
2 – change `2′ partition
3 – change `3′ partition
4 – change `4′ partition
5 – change `5′ partition
6 – change `6′ partition
7 – change `7′ partition
select – select a predefined table
modify – modify a predefined partition table
name – name the current table
print – display the current table
label – write partition map and label to the disk
!<cmd> – execute <cmd>, then return
quit
partition>
partition> print ===> print is used to print the current partition table on the disk available
Current partition table (original):
Total disk cylinders available: 1302 + 2 (reserved cylinders)

Part Tag Flag Cylinders Size Blocks
0 unassigned wm 0 0 (0/0/0) 0
1 unassigned wm 0 0 (0/0/0) 0
2 backup wu 0 – 1301 9.97GB (1302/0/0) 20916630
3 unassigned wm 0 0 (0/0/0) 0
4 unassigned wm 0 0 (0/0/0) 0
5 unassigned wm 0 0 (0/0/0) 0
6 unassigned wm 0 0 (0/0/0) 0
7 unassigned wm 0 0 (0/0/0) 0
8 boot wu 0 – 0 7.84MB (1/0/0) 16065
9 unassigned wm 0 0 (0/0/0) 0

partition>

partition> 0 ===> creating 0th partition in this disk
Part Tag Flag Cylinders Size Blocks
0 unassigned wm 0 0 (0/0/0) 0

Enter partition id tag[unassigned]: ? ===> ? mark is for help
Expecting one of the following: (abbreviations ok):
unassigned boot root swap
usr backup stand var
home alternates reserved

Enter partition id tag[unassigned]: var
Enter partition permission flags[wm]: ?
Expecting one of the following: (abbreviations ok):
wm – read-write, mountable
wu – read-write, unmountable
rm – read-only, mountable
ru – read-only, unmountable

Enter partition permission flags[wm]: wm
Enter new starting cyl[1]: ?
Expecting an integer from 0 to 1301
Enter new starting cyl[1]: 1
Enter partition size[0b, 0c, 1e, 0.00mb, 0.00gb]: 4g
partition> print
Current partition table (unnamed):
Total disk cylinders available: 1302 + 2 (reserved cylinders)

Part Tag Flag Cylinders Size Blocks
0 var wm 1 – 523 4.01GB (523/0/0) 8401995 ===> we have var partition created in 0th slice now.
1 unassigned wm 0 0 (0/0/0) 0
2 backup wu 0 – 1301 9.97GB (1302/0/0) 20916630
3 unassigned wm 0 0 (0/0/0) 0
4 unassigned wm 0 0 (0/0/0) 0
5 unassigned wm 0 0 (0/0/0) 0
6 unassigned wm 0 0 (0/0/0) 0
7 unassigned wm 0 0 (0/0/0) 0
8 boot wu 0 – 0 7.84MB (1/0/0) 16065
9 unassigned wm 0 0 (0/0/0) 0

partition>
partition> label ===> label is used to write the partition table with the new entry.
Ready to label disk, continue? yes

partition> q ===>q is used to quit the menu.
=======================================================================================

5. Now we can format the disk with UFS file system

bash-3.00# newfs /dev/rdsk/c1t0d0s0 ===>newfs is the command used to create the filesystem. Default filesystem will be UFS.
newfs: construct a new file system /dev/rdsk/c1t0d0s0: (y/n)? y ===> we can create filesystem only in rawdisks (rdsk).
Warning: 2998 sector(s) in last cylinder unallocated
/dev/rdsk/c1t0d0s0: 8401994 sectors in 1368 cylinders of 48 tracks, 128 sectors
4102.5MB in 86 cyl groups (16 c/g, 48.00MB/g, 5824 i/g)
super-block backups (for fsck -F ufs -o b=#) at:
32, 98464, 196896, 295328, 393760, 492192, 590624, 689056, 787488, 885920,
7472672, 7571104, 7669536, 7767968, 7866400, 7964832, 8063264, 8161696,
8260128, 8358560
bash-3.00#
==========================================================================================
6. Now we can mount the filesystem as /var

bash-3.00# mount /dev/dsk/c1t0d0s0 /var ===> for mounting you should use “dsk” naming format (/dev/dsk/c1t0d0s0 )
bash-3.00# df -h /var
Filesystem size used avail capacity Mounted on
/dev/dsk/c1t0d0s0 3.9G 4.0M 3.9G 1% /var
bash-3.00#

Now you can make the entry permanent in /etc/vfstab

=============================================================================================

Hope this will help you. For more posts on Solaris you may click here

Thank you!!!

Solaris
UNIX

EMC VMAX3 in 3D

January 4, 2015 Vipin V.K Leave a comment

EMC introduced VMAX3 series in the mid of 2014, which is an Enterprise Data Service Platform rather than a storage system. My eyes got stuck on a YouTube video from EMC which shows the 3D view of the components and features.

I wanted to share it with you, which resulted in this post. Here is it for you…

https://www.youtube.com/watch?v=2-RbWm_Gcgo

VMAX3 introduced 3 new models of VMAX – VMAX 100K, 200K and 400K – with the new HYPERMAX Operating System and Dynamic Virtual Matrix architecture. You may read more from the below links, from experts and EMC Elects..

New EMC VMAX³ – Industry’s First Enterprise Data Service Platform – Official Press Release

The VMAX3: Why Enterprise Class is Still Very Relevant – By Jason Nash

EMC Announces Next-Generation VMAX Storage Array – By Dave Henry

Symmetrix offers a new kind of MAXimum Virtualisation (VMAX) -By Rob Koper

VMAX 3 – The all-new Enterprise Data Service Platform..! Part-I – By Vipin V.K

EMC ANNOUNCE VMAX3 – By Roy Mikes

EMC announces its next Generation VMAX Array – By Mark May

EMC Announces VMAX Family Re-architected for Enterprise Data Services and Hybrid Clouds -By StorageReview.com

Just a few posts which I found interesting. You may suggest the links to more value added posts on VMAX3 in the comments section. We will try to add the link here for other’s reference.

You may find more EMC VMAX posts here. Thank You.

EMC
STORAGE

Creating and deleting a hard link in Linux

January 3, 2015 Vipin V.K One comment

In one of our recent post (click here to read) we discussed about soft links . Now in this post we will discuss how to create and delete a hard link in Linux.

Hard links are also shortcuts used in Linux, but it is bit different from Soft Links. In case of a hard link, no new Inode will be created. If you are creating a hardlink to a fie with inode number 123456, hard link will use the same Inode. In case of soft links, a new Inode will be created for the link. Data can still be accessed via link even if the original file is deleted or moved to a different location. Read more

Here Let us see the commands and some examples of them.

Syntax :

ln sourcefile linkfile #ln command is used for hard link creation with this syntax.

Examples :

[root@bforum test]# cat >> testfile #Created a file named testfile for use in next steps
this is a test file

[root@bforum test]# ls -li

30760 -rw-rw-r– 1 admin admin 20 Jan 3 11:39 testfile #Listing with inode number (30760)

[root@bforum test]#ln testfile testlink #Created a link named testlink

[root@bforum test]# ls -li

30760 -rw-rw-r– 1 admin admin 20 Jan 3 11:39 testfile #Both files with same inode number

30760 -rw-rw-r– 1 admin admin 20 Jan 3 11:39 testlink

[root@bforum test]#more testlink #Source being accessed via link.
this is a test file

[root@bforum test]#rm -rf testfile #Deleting the source file

[root@bforum test]#more testlink #Actual content via link even after source deletion.
this is a test file

[root@bforum test]#

Now let us see the link removal. unlink command can be used to remove a link.

Syntax :

unlink linkname

Example

[root@bforum test]#unlink testlink

[root@bforum test]#

Thus we have tried creating and deleting a hard link in Linux. Hope this was helpful for you.

For more posts on Linux please click here. We are happy to have your suggestions/queries in the comments section below.

LINUX
UNIX

Login issue on local zone – Solaris

January 3, 2015 Sreehari CK Leave a comment

There are number of occassions we have seen that /tmp has been configured as swap space in solaris boxes. Application team most of the time uses /tmp for log creation purpose since they might not be aware of this issue.
Below is one example that I faced in my solaris box.

The host which created trouble for me was a local zone .Applicaton team reported login issue while connecting to the local zone.
When i checked swap utilization was 100% since application logs are writing on the /tmp FS.

df -h /tmp
Filesystem size used avail capacity Mounted on
swap 2.0G 1.9G 100M 100% /tmp

So i have logged in to the console of the local zone by using zloign -C “zonename” and deleted the files occupying /tmp and thus fixed the issue

root@myzone /root>zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / native shared
1 zone1 running /zones/zone1 native shared
2 zone2 running /zones/zone2 native excl
root@myzone/root>zlogin -C zone1
[Connected to zone ‘zone1’ pts/2]
Last login: Thu Jan 1 06:03:35 from myzone

Take a deep breath

***** You are logging into a Production zone *****

root@zone1 /root>cd /tmp
root@zone1 /tmp>ls -ltr
total 400
-rw-r—– 1 root sys 72 Jul 17 06:32 csn.4742
drwxrwxr-x 2 root root 337 Jul 17 06:45 HPOM
-rw-r–r– 1 adm adm 0 Jul 24 02:00 disktacct.0724
-rw-r–r– 1 adm adm 0 Jul 31 02:00 disktacct.0731
-rw-r–r– 1 adm adm 0 Aug 7 02:00 disktacct.0807
-rw-r–r– 1 adm adm 0 Aug 14 02:00 disktacct.0814
-rw-r–r– 1 adm adm 0 Aug 21 02:00 disktacct.0821
-rw-r–r– 1 adm adm 0 Aug 28 02:00 disktacct.0828
-rw-r–r– 1 adm adm 0 Sep 4 02:00 disktacct.0904

-rw-r–r– 1 adm adm 0 Sep 11 02:00 disktacct.0911
-rw-r–r– 1 adm adm 0 Sep 18 02:00 disktacct.0918
-rw-r–r– 1 adm adm 0 Sep 25 02:00 disktacct.0925
-rw-r–r– 1 adm adm 0 Oct 2 02:00 disktacct.1002
-rw-r–r– 1 adm adm 0 Oct 9 02:00 disktacct.1009
drwxr-xr-x 2 root root 189 Oct 9 08:40 IDR_21533
-rw-r–r– 1 adm adm 0 Oct 16 02:00 disktacct.1016
-rw-r–r– 1 adm adm 0 Oct 23 02:00 disktacct.1023
-rw-r–r– 1 adm adm 0 Oct 30 02:00 disktacct.1030
-rw-r–r– 1 root root 353 Nov 5 22:19 special_admin
-rw-r–r– 1 root root 5 Nov 5 22:29 optFS
-rw-r–r– 1 root root 5 Nov 5 22:29 varFS
-rw-r–r– 1 root root 119207 Nov 5 22:29 pkglist.out
-rw-rw-r– 1 root root 304 Nov 5 22:31 admin
-rw-r–r– 1 adm adm 0 Nov 6 02:00 disktacct.1106
-rw-r–r– 1 adm adm 0 Nov 13 02:00 disktacct.1113
-rw-r–r– 1 adm adm 0 Nov 20 02:00 disktacct.1120
-rw-r–r– 1 adm adm 0 Nov 27 02:00 disktacct.1127
-rw-r–r– 1 adm adm 0 Dec 4 02:00 disktacct.1204
-rw-r–r– 1 adm adm 0 Dec 11 02:00 disktacct.1211
drwx—— 2 root root 117 Dec 14 23:43 hsperfdata_root
-rw-r–r– 1 adm adm 0 Dec 18 02:00 disktacct.1218
-rw-r–r– 1 adm adm 0 Dec 25 02:00 disktacct.1225
-rw-r–r– 1 adm adm 0 Jan 1 02:00 disktacct.0101
-rw-rw-r– 1 root root 10 Jan 1 06:58 gmmon_boot.tmp

root@zone1 /tmp>

Identify the files which can be removed and run the rm or mv command against them.

root@zone1 /tmp>df -h .
Filesystem size used avail capacity Mounted on
swap 2.0G 216K 2.0G 1% /tmp
root@zone1 /tmp>

You can get the swap location reconfigured to avoid similar issues in future.

Hope this helped you. For more posts on Solaris please click here

Solaris
UNIX

Creating and removing a Symbolic link (soft link) in Linux

January 3, 2015 Vipin V.K One comment

Symbolic links or soft links are like shortcuts in Windows systems. We use these to point/redirect to another file/directory. Links are a mandatory in some cases where we need a shortcut to actual data, in our day-to-day tasks. With soft links, we can even point to a directory – which is not possible with hard links. Hard links are discussed in another post, which can be accessed by clicking here.

Let us see how can we create a soft link, how to use it and how can we remove/delete the link below. Read more

Symbolic link can be created by running the ln -s command. Let us see the syntax and example for creating a link.

Syntax :

ln -s target source(linkname)

Example :

[root@bforum test]#ln -s /home/beginnersforum/linux testlink #A link to linux directory will be created with name testlink

[root@bforum test]#ls -l

lrwxrwxrwx 1 root root 26 Jan 1 2015 testlink -> /home/beginnersforum/linux

[root@bforum test]

Here in the above example, we have created a link named testlink to the directory /home/beginnersforum/linux. Now accessing the testlink will redirect us to the linux directory as required.

Now we will see how we can remove the link,. The command will be unlink for removing the link. Below are the syntax and example for the command.

Syntax :

unlink linkname

Example :

[root@bforum test]#ls -l

lrwxrwxrwx 1 root root 26 Jan 1 2015 testlink -> /home/beginnersforum/linux

[root@bforum test]#unlink testlink #Removing the link named testlink

[root@bforum test]#ls -l

[root@bforum test]#

Thus in the above unlink command example, we have removed the link named testlink which was created in our previous example.

For more options with these commands, you may refer to the man pages (man ln, man unlink).

That’s it..! We are done with creation and deletion of soft links. Hope this helped you.

For more posts on Linux please click here. We are happy to have your suggestions/queries in the comments section below.

LINUX
UNIX

Happy New Year 2015…!!!

December 30, 2014 Vipin V.K Leave a comment

It was a perfect year – 2014 – for us, where we started this great initiative.We will be keeping this momentum going in the coming years, with more value added posts and more…

Tomorrow is always a hope for doing something better.

We from Beginner’s Forum, wish you all our readers a Happy New Year 2015..!!!

MISC

How to resize a linux filesytem without Data Loss

November 29, 2014 Tech Admin Leave a comment

Today i’m going to show you how to resize a filesystem without data loss.This can be quite useful, if you do not use the LVM technology.

Note:- Before doing this in live enviornment, kindly test it in your testbox
Here i’m using my susebox .
Tools Used :- fdisk, umount, fsck, tune2fs, e2fsck, resize2fs.

I’m going to resize the /dev/sdb1 in this tutorial. ( if your partition is named diferently, kindly replace it) Read more

In the above screenshot, you can able to see the harddisk size, mount point etc.

So /dev/sdb harddisk is of 16GB size

/dev/sdb1 is 8.7 GB . and it’s mounted to /testdir directory.

To extend the size of /dev/sdb1 , the filesystem should be unmounted. Here /dev/sdb1 is mounted on /testdir, run the umount command to unmount the same.

Now run fsck -n /dev/sdb1 for checking the filesystem.

Then we need to remove the journal from the filesystem , this will bring ext2 filesystem to /dev/sdb1

Now run e2fsck to check the filesystem,

Now we can resize the filesystem using resize2fs tool.

Resize2fs can resize ext2 file systems, but not ext3 file systems, that’s why we changed /dev/sdb1 to ext2 by removing journel from it.

8.7GB is the size of /dev/sdb1 (check the above df -h screenshot). Now we are going to extend the /dev/sdb1 from 8.7 GB to 15 GB .

Note :- In case of shrinking data , don’t make it smaller than 1.9GB (space used as per df-kh output), you will lose data!

So we are going to run resize2fs /dev/sdb1 15000M

Kindly note the number of blocks (384000) and their size (4k). We need it later..

Now we are going to delete the partition /dev/sdb1 using fdisk tool

” Dont worry about your data 🙂 ”

Next we will create a new /dev/sdb1 partition. It was a primary partition earlier, so choose p again, and again it is our partition no. 1:

Then comes the important part,

Size of the partition:-

The First Cylinder is not an issue , it’s default (1). But in the case of Last Cylinder , we don’t have the value , So we can specify the size in kilobyes (K) .

We can calculate the size like this ,

Last Cylinder Size = The amount of blocks from the resize2fs output * the size of block

// amount of blocks = 384000 .

// Size of block = 4k

Last Cylinder Size = 384000 * 4k = 1536000K

Apply this with +1536000K and write the partition using ‘w’

Then run fsck -n /dev/sdb1.

Then create the journal on our new /dev/sdb1, thus turning it into an ext3 partition again:

Check the size of filesystem,

Check with df -h and you are good to mount the filesystem.

Hope this helped.

LINUX
UNIX

Brocade SAN switch zoning via CLI

November 23, 2014 Vipin V.K Leave a comment

We had discussed zoning in Cisco switch recently, in one of our posts. Now we will discuss the same on a Brocade switch via CLI. As we already discussed, the 3 components (zones, aliases and zoneset) remains the core here also. For reading bit more on this, you may read the previous post.

Now let’s directly come in to the commands for various steps.

We have the new HBA connected to the switch, we can ensure the successful connectivity by running switchshow command. This will show all the ports and the connected device WWNs, you can check the port number if you are aware of, or by finding the WWN (you may do a grep for the WWN).

Else if you are not aware of the switch and port on fabric on which the HBA is attached to, you may run nodefind. nodefind 10:xx:xx:xx:xx:xx:xx:01 will list the port details.

Now we can create the alias for the HBA (BForum_HBA1) and the storage port (VNX_SPA3). Below are the commands,

alicreate “BForum_HBA1″,”10:xx:xx:xx:xx:xx:xx:01”
alicreate “VXN_SPA3″,”50:06:xx:xx:xx:xx:xx:02”

For adding a WWN to an existing alias (adding a WWN – 10:xx:xx:xx:xx:xx:xx:02 to the alias BForum_HBA2 for example) you may run,

aliadd “BForum_HBA2″,”10:xx:xx:xx:xx:xx:xx:02”

Now we will be creating the zone for the HBA and storage port,

zonecreate “BForum_HBA1_VNX_SPA3″,”BForum_HBA1;VNX_SPA3”

We can add an alias to an existing zone by running the zoneadd command in similar way as we used aliadd command.

We can create zone config with the below command. This will add the zone to the cfg too..

cfgcreate “BForum_SAN1_CFG”,”BForum_HBA1_VNX_SPA3″

we should use the cfgadd command to add a new zone to an existing cfg as shown below,

cfgadd “BForum_SAN1_CFG”,”BForum_HBA1_VNX_SPB2“

Thus we have the zones created and added to the (existing/new) config. Now we should save the config to memory to ensure this will be loaded in the next reboot of the switch also. The cfgsave command will do it for us.

We can now enable the zone config to make it in effect.

cfgenable BForum_SAN1_CFG

Yes we are all set. The server and storage now should be able to communicate. Some other useful commands are,

cfgshow BForum_SAN1_CFG #Shows the config BForum_SAN1_CFG in detail

cfgdisable BForum_SAN1_CFG #Disables the config BForum_SAN1_CFG

cfgremove “BForum_SAN1_CFG”,”BForum_HBA1_VNX_SPB2” #Removes the zone BForum_HBA1_VNX_SPB2 from config BForum_SAN1_CFG

cfgactvshow #Shows the current active config

alishow BForum_HBA1 #Shows the alias BForum_HBA1

zoneshow BForum_HBA1_VNX_SPA3 #Shows the zone BForum_HBA1_VNX_SPA3 details

More in coming posts. You may click here for SAN switch related posts. Thanks for reading..

Cisco MDS SAN switch Zoning via CLI

November 21, 2014 Vipin V.K One comment

Here let’s discuss the steps to complete the zoning of a new server in Cisco MDS FC switch. In our previous post we had discussed the initialization procedure for a new MDS switch – may be helpful for you. The process of zoning will have 3 components, namely aliases, zones and zoneset (or zone configuration).

If you have a Brocade switch, you may refer to this post which explains zoning in a Brocade switch via CLI.

An alias is a name assigned to the WWN numbers which makes it easy to use/remember. WWN numbers Read more

– identity for a device, will have numbers separated by colon (:), for e.g, 10:ab:cd:ef:12:34:56:78 – are harder to be remembered.

A zone will be containing multiple objects which defines a communication path. In a zoning enabled switch, any two WWNs or port which are not having a common zone (which are not part of a single zone together) will not be able to communicate each other. We will create a Zone and will add the objects (WWNs, aliases or ports) to it.

A zoneset or a zone configuration is a collection of a set of zones in a switch/fabric. It makes easy to manage the zones. We will define an active configuration in switch/fabric and will add the zones, which need to be active, to this configuration.
Now let’s discuss the commands.

First we will create an alias for the new server HBA and the storage port to which it need to communicate.

#conifg -t

BForum_SAN01(config)# fcalias name BForum_HBA1 vsan 20 # This will create an alias with name BForum_HBA1

BForum_SAN01(config-alias)# member pwwn 10:xx:xx:xx:xx:xx:xx:01 # Adds the WWN to this alias

BForum_SAN01(config-alias)#exit

BForum_SAN01(config)# fcalias name VNX_SPA3 vsan 20

BForum_SAN01(config-alias)# member pwwn 50:xx:xx:xx:xx:xx:xx:01

BForum_SAN01(config-alias)#exit

Now we have the aliases ready. We can now create a zone for these two objects and add them. We will create a zone named ‘BForum_HBA1_VNX_SPA3’ which will be containing the host HBA (BForum_HBA1) and the storage port (VNX_SPA3).

BForum_SAN01(config)# zone name BForum_HBA1_VNX_SPA3 vsan 20

BForum_SAN01(config-zone)# member fcalias BForum_HBA1

BForum_SAN01(config-zone)# member fcalias VNX_SPA3

BForum_SAN01(config-zone)# exit

Zone too is ready now. Assuming we don’t have an existing configuration, we will be creating a zone config here. If you are already having a zoneset, you can use the zoneset name here in the below command.

BForum_SAN01(config)#zoneset name BForum_SAN01_Config VSAN 20

BForum_SAN01(config-zoneset)# member BForum_HBA1_VNX_SPA3

BForum_SAN01(config-zoneset)# exit

Now we have the zoneset created and zones added to it. We are good to activate the new zoneset.

BForum_SAN01(config)# zoneset activate name BForum_SAN01_Config VSAN 20

To verify the active zoneset, you may run the command show active zoneset

In case if you have to deactivate the zoneset, you may run the command,

BForum_SAN01(config)# no zoneset activate name BForum_SAN01_Config VSAN 20

We can save the running config to start-up config by running copy run start command. Now we have the zoning completed for one of the HBA of the new server. We will have to do the zoning for both the HBAs and should use multiple storage ports for redundancy.

You may click here for SAN switch related posts.

Hope this post was helpful for you. More, in coming posts, your thoughts in comments below… 🙂

« 1 … 5 6 7 8 »