A few weeks back I helped a friend build PHP on a server with a non-standard directory structure. Changing the structure to use common defaults wasn’t an option, so we needed to adjust the PHP configure script to point to the pertinent places. Here is what we came up with:
$ export CPPFLAGS="-I/home/apps/include -I/home/apps/include/mysql"
$ export LDFLAGS="-L/home/apps/lib -L/home/apps/lib/mysql"
$ ./configure --prefix=/home/apps/sfw/php-5.1.4 --with-apxs2=/home/apps/httpd/bin/apxs --with-libxml=/home/apps --with-libxml-dir=/home/apps --with-mysql=/home/apps --with-zlib=/home/apps
This will build PHP using an apxs utility that resides in /home/apps/bin/apxs, and will look for the MySQL, libxml and zlib libraries and headers in /home/apps/lib and /home/apps/include.
Periodically I need to access a Windows share from a Solaris or Linux box. If Samba is installed on the system, this is easy to do with the smbclient utility. To access the Windows server named “milton” from the command line, you can run smbclient with the “-U” option, the name of the user to authenticate with, and the name of the server and share to access:
$ smbclient -U "domain\matty" //milton/foo
In this example, I am authenticating as the user matty in the domain “domain,” and accessing the share foo on the server milton. If smbclient is unable to resolve the server, you will need to make sure that you have defined a WINS server, or the server exists in the lmhosts file. To define a WINS server, you can add a line similar to the following (you can get the WINS server by looking at ipconfig /all on a Windows desktop, or by reviewing the LAN traffic with ethereal) to the smb.conf file:
wins server = 1.2.3.4
If you don’t want to use WINS to resolve names, you can add an entry similar to the following to the lmhosts file:
192.168.1.200 milton
Once you are connected to the server, you will be greeted with a “smb: >” prompt. This prompt allows you to feed commands to the server, such as “pwd,” “dir,” “mget,” and “prompt.” To retrieve all of the files in the directory foo1, I can “cd” into the foo1 directory, use “prompt” to disable interactive prompts, and then run “mget” to retrieve all files in that directory:
smb: > pwd Current directory is \server1 oo
smb: > dir
received 10 entries (eos=1) . DA 0 Mon May 22 07:19:21 2006 .. DA 0 Mon May 22 07:19:21 2006 foo1 DA 0 Sun Dec 11 04:51:12 2005 foo2 DA 0 Thu Nov 9 09:48:40 2006 < ….. >
smb: > cd foo1
smb: oo1> prompt prompting is now off
smb: oo1> **mget
received 38 entries (eos=1) getting file foo1yikes.tar of size 281768 as yikes.tar 411.3 kb/s) (average 411.3 kb/s) < ….. >
smb: oo1> exit
The smbclient manual page documents all of the available commands, and provides a great introduction to this super useful utility. If you bump into any issues connecting to a remote Windows server, you can add “-d” and a debug level (I like debug level 3) to the smbclient command line. This is perfect for debugging connectivity issues.
I managed a fair number of Dell and Sun servers that use LSI Logic RAID controllers. To ensure that a disk failure in one of our servers is quickly located and fixed, I started poking around the web this week to locate a tool that was capable of monitoring our RAID controllers and disk drives. My searches led me to the mpt-status utility, which is an opensource tool for monitoring LSI Logic RAID controllers.
Mpt-status is a relatively simple utility, and can be run without any options to report the status of all LSI Logic RAID controllers and the disk drives that live behind those controllers:
$ mpt-status
ioc0 vol_id 0 type IM, 2 phy, 136 GB, state OPTIMAL, flags ENABLED ioc0 phy 0 scsi_id 0 SEAGATE ST3146707LC D704, 136 GB, state ONLINE, flags NONE ioc0 phy 1 scsi_id 1 SEAGATE ST3146707LC D704, 136 GB, state ONLINE, flags NONE
This will print the status of the controller and each disk drive, along with the drive manufacturer, the size of each disk drive, and the SCSI target number. To get similar information in a parseable format, the mpt-status “-s” option can be used:
$ mpt-status -s
log_id 0 OPTIMAL phys_id 0 ONLINE phys_id 1 ONLINE
The servers I plan to use mpt-status on run Redhat Linux, so I created an RPM specification file to assist with building and deploying the package. I also incorporated a RAID controller monitoring script into the RPM, which will install itself into /etc/cron.daily/checklsi.sh, and run daily to check the status of the controllers and disk drives. Viva la monitoring!
I previously discussed using pca to get security updates. One thing I didn’t realize at the time was pca’s ability to list or install only the patches that are classified as security and reliability updates. This ability to filter patches is accomplished by adding the “r” (reliability updates) or “s” (security updates) character to one of the available patch group operands (e.g., missing, installed, all, total, unbundled, bad). The following example shows how the “r” and “s” characters can be used to list all patches that are classified as security and reliability updates:
$ pca -l missingrs
Using /var/tmp/patchdiag.xref from Jan/26/07
Host: tigger (SunOS 5.10/Generic_118833-24/sparc/sun4u)
Patch IR CR RSB Age Synopsis
------ -- - -- --- --- -------------------------------------------------------
118666 09 < 10 -S- 16 J2SE 5.0: update 10 patch (5.0u10)
118667 09 < 10 -S- 16 J2SE 5.0: update 10 patch (5.0u10), 64bit
119213 10 < 11 -S- 17 NSS_NSPR_JSS 3.11.4: NSPR 4.6.4 / NSS 3.11.4 / JSS 4.2.4
119254 32 < 34 RS- 2 SunOS 5.10: Install and Patch Utilities Patch
119850 21 < 22 R-- 18 SunOS 5.10: mpt driver & picl plugins patch
120719 01 < 02 RS- 16 SunOS 5.10 : SunFreeware gzip patch
120824 -- < 07 R-- 12 SunOS 5.10: SunBlade T6300 & Sun Fire (T1000, T2000) platform patc
121118 08 < 10 R-- 25 SunOS 5.10: Sun Update Connection System Client 1.0.8
122032 02 < 03 R-- 16 SunOS 5.10: Update timezones patch
124943 -- < 01 -S- 16 SunOS 5.10: SunFreeware gzip man pages patch
124997 -- < 01 RS- 10 SunOS 5.10: /usr/bin/tip patch
If you want to install all of the available security and reliability updates, you can specify the “r” or “s” character as part of the installation process:
$ pca -i missingrs
Using /var/tmp/patchdiag.xref from Jan/26/07
Host: tigger (SunOS 5.10/Generic_118833-24/sparc/sun4u)
Patch IR CR RSB Age Synopsis
------ -- - -- --- --- -------------------------------------------------------
118666 09 < 10 -S- 16 J2SE 5.0: update 10 patch (5.0u10)
Download 1/11: done
Install 1/11: done
118667 09 < 10 -S- 16 J2SE 5.0: update 10 patch (5.0u10), 64bit
Download 2/11: done
Install 2/11: done
119213 10 < 11 -S- 17 NSS_NSPR_JSS 3.11.4: NSPR 4.6.4 / NSS 3.11.4 / JSS 4.2.4
Download 3/11: done
Install 3/11: done
< ..... >
I wish I would have noticed this earlier, since it would have saved me having to write a shell wrapper. :)
One nifty feature that recently made it’s way into OpenBSD is the ability to remotely update packages with the pkg_add utility. This is accomplished by adding the URL of a remote repository to the PKG_PATH variable, and then running pkg_add with the “-u” (update packages) and optional “-v” (verbose output) and “-i” (interactice installation) options:
$ export PKG_PATH="ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/"
$ pkg_add -uvi</strong>
Candidates for updating curl-7.15.3 -> curl-7.15.1 curl-7.15.3
Ambiguous: curl-7.15.3 could be curl-7.15.1 curl-7.15.3
Choose one package
0:
1: curl-7.15.1
2: curl-7.15.3
Your choice: 2
Looking for updates: complete
Running the equivalent of pkg_add -r curl-7.15.3
parsing curl-7.15.3
Already installed: curl-7.15.3
This is a super useful feature for busy admins, and will definitely make my life easier!