I have used nohup(1) for years to startup processes, and to ensure they keep running when my shell exits. When a shell exits, each child process will receive a SIGHUP signal, which causes the process to exit if a signal handler is not installed to deal with the SIGHUP signal. When a command is invoked with the nohup(1) utility, the signal disposition for SIGHUP is set to ignored, allowing the process to continue executing when the shell exits. We can see this with the Solaris “psig” command:
$ ssh oscar &
[1] 958
$ psig 958 | grep HUP
HUP default
The psig utility indicates that the SIGHUP disposition is set to the default, which will cause the process to terminate when we exit the shell. When the same command is invoked with the nohup utility, we can see that the signal disposition for SIGHUP is set to ignored:
$ nohup ssh oscar &
[2] 967
$ psig 967 | grep HUP
HUP ignored
Solaris is an amazing Operating system, and allows the signal dispositions of running processes (and process groups!!) to be set on the fly. This is accomplished with nohup’s “-p” and “-g” options:
$ ssh -p 443 oscar &
[1] 1081
$ psig 1081 | grep HUP
HUP default
$ nohup -p 1081
Sending output to nohup.out
$ psig 1081 | grep HUP
HUP ignored
While this isn’t the best example, hopefully you get the point. Sessions, process groups, process group leaders and controlling terminals are really neat concepts, and explained on pages 677 - 700 of Solaris Systems Programming (ISBN: 0201750392). This is an INCREDIBLE book, and sits next to my lazy boy for easy reference.
The netstat utility provides a command line interface to retrieve system routing tables, connection states, and network statistics. Two of the available statisticss, “tcpPassiveOpens” and “tcpActiveOpens,” provide data on the number of new connections to a server (tcpPassiveOpens), and the number of connections initiated by the server (tcpActiveOpens). Both statistics counters can be retrieved with netstat’s “-s” option, and a simple while loop allows a SysAdmin to get a high level view of TCP connections to and from a server:
while :
> do
> netstat -s | egrep '(tcpPassiveOpens|tcpActiveOpens)'
> sleep 10
> done
tcpActiveOpens = 6228 tcpPassiveOpens = 75
tcpActiveOpens = 6228 tcpPassiveOpens = 75
tcpActiveOpens = 6228 tcpPassiveOpens = 76
tcpActiveOpens = 6228 tcpPassiveOpens = 85
tcpActiveOpens = 6228 tcpPassiveOpens = 140
tcpActiveOpens = 6228 tcpPassiveOpens = 197
tcpActiveOpens = 6228 tcpPassiveOpens = 255
This is kinda fun to run on super busy web servers!!!
When I get deploy new Fujitsu and Sun hardware, I always run VTS (Validation Test Suite) on the hardware platforma. VTS performs rigorous hardware testing, and usually finds faults in components that are faulty out of the box. The VTS commands are available in “/opt/SUNWvts/bin.”
The VTS tools rely on the RPC framework ( grumble ), so you need to make sure rpcbind is running prior to invoking the various utilities. To start the VTS GUI, you can execute the “sunvts” or “fjvts” utility:
$ sunvts &
To get a curses based display, you can pass the “-t” option to the “sunvts” or “fjvts” utility:
$ sunvts -t
Once the display appears, I usually navigate to “set_options” -> “Test_Execution” and enable the “Verbose” and “Run On Error” options. The “Run On Error” option allows the validation test suite to continue operating if it finds an error. The “Verbose” option causes a plethora of information to be printed to the console display. Once these items are enabled, you can hit “start,” and watch the test suite leep into action. I find it useful to tail(1) /var/adm/messages while VTS is running. This will allow you to see hardware error discovery as it happen.
Name-based virtual hosts allow a web server to host multiple domain names (www.daemons.net, mail.daemons.net, blatch.daemons.net) from one IP address. This allows a web hosting infrastructure to conserve IP address space, and simplify namespace management.
Apache name-based virtual hosts are configured with the “NameVirtualHost” and “VirtualHost” directives, and rely on the HTTP “Host:” header attribute. This attribute is required in HTTP 1.1, and should be present with every request. The following example grabs /index.html using the HTTP/1.1 protocol:
$ telnet www.daemons.net 80
Trying 66.36.244.105...
Connected to www.daemons.net.
Escape character is '^]'.
GET / HTTP/1.1
Host: www.daemons.net
HTTP/1.1 200 OK
Date: Thu, 24 Feb 2005 16:33:23TGMT:00-04:00
Server: Apache/2.0.52
Last-Modified: Sun, 20 Jun 2004 14:39:21 GMT
ETag: "d54a2-912-c108d840"
Accept-Ranges: bytes
Content-Length: 2322
Content-Type: text/html
[ ... ]
Based on this output, it looks like my friend Clay needs to obscure his “Server:” header. Server identification is controlled with the “ServerTokens” directives.
The Solaris package commands (e.g., pkgproto, pkgadd, pkgtrans ) operate on two package formats. The first format is the “datastream” format. Packages created as datastream formatted packages use a single self contained file. This file includes the binary contents, application configuration files, and metadata to describe the package and installation process. The second format is the “file system format.” File system formatted packages contain hierarchical directory structures with all of the binaries, configuration, and metadata to describe the packages.
Both package formats can be installed with the pkgadd(1m) utility, and serve a unique purpose. Datastream formatted files are usually easier to distribute, since an archiving tool is removed from the installation/bundling process. File system formatted packages are nice to use with Solaris Jumpstart post install scripts, and make locating individual files within a package much easier.
The Solaris pkgtrans utility allows you to convert between both formats relatively easily. The following example takes a datastream formatted package, and converts it to a file system formatted package:
$ pkgtrans -o /tmp/RICHPse /var/tmp RICHPse
When pkgtrans is invoked with the “-s” option, packages can be converted from file system to datastream format:
$ pkgtrans -s /tmp /var/tmp/RICHPse.pkg RICHPse
A lot of people complain about Sun packages, but I find them easy to build, manage, and support.