Saturday, August 02, 2008

Moved into

Vinay has now moved into which is now powered by wordpress for these reasons. ATAD will be continued in a blog of its own, for which more contributors are welcome :)

I had a nice time here and will see you folks at, welcome !!

Thursday, July 31, 2008

ATAD #8 - Package Management Systems

A Software Package is usually a software program that provides some functionality bundled with metadata that contains information about the package. And a Package Management System as defined by wikipedia is a collection of tools to automate the process of installing, upgrading, configuring, and removing software packages from a computer. The package management system is more common in unix and unix-like operating systems to operate with multiple packages. A few significant benefits of such a system are

- maintains a Repository of packages available for the running system (OS and Architecture specific) and resolves dependencies among various packages.
- looks up the repository and automatically downloads the requested packages and its dependencies when installation is triggered.
- can be used to easily upgrade the system to a defined release or level.
- system administrators can create repositories of packages which can be pulled by users, thus allowing easy maintenance of systems across the network and centrally stored packages to reduce memory requirements.

Common Package Management Systems are yum (Yellowdog Update Modifier) that is distributed with Fedora and apt (Advanced Packaging Tool) that's distributed with Ubuntu.


Tuesday, July 29, 2008

ATAD #7 - The network administration tool

If my previous post gave you an opinion that configuring networking on Linux is a head spinning task, im sorry; the Network Administraton Tool that is bundled with most of the newer linux distro is there just to make this task easy for you. You should be able to launch the GUI based tool from the 'System' drop down menu and in RedHat the system-config-network command can be used.

The following types of interfaces can be configured using the network administraton tool.
- Ethernet
- modem
- xDSL
- token ring
- wireless devices
- device aliases and profiles

Points worth a note:
- 'Export' your original networking configuration before editing them, so you can recover from a mistake by importing back the settings. Most of the network administrator tools provide this option.
- 'Save' your settings after editing and 'Activate' the interface after they are created.
- When interface aliases are configured, DHCP will not work with the interface and its aliases


Sunday, July 27, 2008

ATAD #6 - Specifying Networking Options

The /etc/sysconfig/network-scripts/ contains configuration scripts for each network interface, and its important not to confuse this with the /etc/sysconfig/networking/ directory that is used by the Network Administration Tool (system-config-network) whose contents should _not_ be edited manually. Each NIC has its corresponding configuration file /etc/sysconfig/network-scripts/ifcfg-eth(x) which allows the administrator to control the functioning of each interface individually.

Two or more network interfaces can be coupled to act as one to increase bandwidth and provide redundancy by creating a bonding interface using the bonding kernel module . Bonding options can be specified in the kernel module's configuration file /etc/modprobe.conf, but however IMHO it seems better organized to use the bonding device's own configuration file /etc/sysconfig/network-scripts/ifcfg-bond(n) instead.

A nice thing to know while changing the speed or duplex settings is that it requires disabling autonegotiation. This needs to be stated first, as the option entries are order-dependent in the ETHTOOL_OPTS= configuration parameter.

ETHTOOL_OPTS="autoneg off speed 1000 duplex full"

Furthur reading: ethtool, modprobe.conf


Friday, July 25, 2008

ATAD #5 - What’s that SysRq key on your keyboard?

The SysRq key is used to give input to the operating system without interfering with the software running (or rather hanged, which you can figure out later in the post) on your system. In essence it's a BIOS routine that triggers INIT 15, bypassing INIT 9 from reading the scan code, and thus the key pressed thereafter is not stored in the keyboard buffer, and to which the kernel will respond to. This will work unless the kernel is completely locked up, in which case you can give another try after tapping the Alt keys a couple of times or will have to head to the nearest "power" button.

In the Linux world the Alt + SysRq key is termed the Magic SysRq key that can be used to fix or debug a frozen system.

It's required to turn on SysRq in order to use it. So make sure this is done after your system installation in case you forecast (pun intended) a system hang. You can do this by setting the kernel parameter, which is in extension of my previous post on linux proc fs

# echo 1 > /proc/sys/kernel/sysrq

On X86 machines you can press ALT-SysRq-(command) to send useful commands (also listed in the wiki article) to the kernel.

ALT-SysRq-C can be used to manually trigger a 'C'rashdump when the system has hanged.

ALT-SysRq-REISUB can be used to manually trigger a neat and safe reboot when your machine has hanged, instead of pounding on the power button and risking HDD problems in the event where data is being written when the system hanged. Its easier remembered as BUSIER spelled in reverse.

And here is what's happening under the hood
R turns off keyboard raw mode and sets it to XLATE / gives back control of the keyboard
E send a SIGTERM to all processes, except for init.
I send a SIGKILL to all processes, except for init
S attempt to sync all mounted filesystems
U mounts all filesystem as read-only to prevent a fsck at reboot
B reboots the system no matter what


Thursday, July 24, 2008

ATAD #4 - Where is your OS bootable partition?

The /boot/ partition (or) directory contains static files, like the kernel, that are required to boot the system properly.

The /boot/ partition _can_not_ be on a logical volume group because the boot loader can not read it. If the root / partition is on a logical volume, then its required to create a separate /boot/ partition which is not a part of a volume group. If you are making a RAID partition of /boot/, you must choose RAID level 1, and it must use one of the first two drives (IDE first, SCSI second). Source [RHEL deployment guide]

A neat description of the boot process can be found here

Btw just noticed that MS Windows does support the use of "/" and "\" to traverse across directories. neato. :)


Wednesday, July 23, 2008

ATAD #3 - linux Access Control Lists (ACLs)

File permissions on linux are traditionally Read (r), Write (w), and Execute (x) permissions associated with users and groups. Providing appropriate permissions, especially as an ordinary user, is more often complicated than we think.

Let me illustrate this with an example. User "tom" creates a file named "hoohaha" and wants to give "dick" and "harry" permissions to read and execute it. Ofc this is fairly simple if dick and harry were exclusively part on one group. What if that group dosent exist? tom will have to ask the "already overloaded" system administrator to create a group consisting of just dick and harry. This, like you can see dosent sound too good.

To overcome this limitation, Linux has implemented support for Access Control Lists (ACLs). ACLs serve as an extension to traditional Unix permissions, giving end-users the ability to specify special access rights to a file and provide desired users and groups with appropriate permissions. To use ACLs you should have at least kernel version 2.6.x (some manual steps are required with older kernel versions), a filesystem that supports ACL, and additional user tools to create, view and modify ACLs. ext3 filesystems natively support ACLs, and support can be added to ext2 filesystem by performing some additional steps. ACL support is native on RHEL5, Fedora 9, Ubuntu Fiesty and SuSE 8.1 (there would be more).

The setfacl utility sets ACLs for files and directories, and getfacl can be used to determine the existing ACLs for a file or directory. The cp and mv commands do preserve the ACLs. tar and dump dont, so use star instead.

tom $ getfacl hoohaha
# file: hoohaha
# owner: tom
# group: tom

The requirement is realized when tom sets ACLs for the file hoohaha
tom $ setfacl -m user:dick:rx hoohaha
tom $ setfacl -m user:harry:rx hoohaha