Network

Checking network interface up or not on solaris
netstat -k qfe0 | grep link_up
netstat -k hme0 | grep link_up
dladm show-link

Checking network status in linux
ip link show
ip addr show

ethtool eth0 | egrep ‘Speed|Duplex|Link’

All the Ether net cards are up and running fine.

[root@ampf48-itd1531 ~]# cat /sys/class/net/eth0/operstate
up
[root@ampf48-itd1531 ~]# cat /sys/class/net/eth1/operstate
up
[root@ampf48-itd1531 ~]# cat /sys/class/net/eth2/operstate
up

[Network ETHO ]

to check errors
tcpdump -i eth1
tcpdump -i eth2
ethtool -S eth0
ethtool -S eth1

network setting
netstat -i
netstat -r
netstat -rnv

service –status-all
netstat -tulpn
chkconfig –list

ALL NETWORKING COMMANDS

hostname —– hostname / domain name and ip address
netstat —-network connections and routing tables
netstat -l —- list only listening ports
ping — test network connections
ifconfig —–getting network confguration
nslookup —–query dns lookup name
telnet —– communicate with other hostname
traceroute —-outing steps that packet takes to get to network host

to add routes
# route add -net 192.168.55.0 netmask 255.255.255.0 gw 192.168.1.254 dev eth2
example

Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.55.0 192.168.1.254 255.255.255.0 UG 0 0 0 eth2

and check in this file for eth2
cat /etc/sysconfig/network-scripts/route-eth2
for eth 1
cat /etc/sysconfig/network-scripts/route-eth1
To add routes

route -n

vi /etc/sysconfig/network

GATEWAY=192.168.1.254

You can add additional static route for eth0 by editing /etc/sysconfig/network-scripts/route-eth0 file as follows:

10.0.0.0/8 via 10.10.29.65

The above config sets static routing for network 10.0.0.0/8 via 10.9.38.65 router.
Debian / Ubuntu Linux persistence static routing configuration

Edit /etc/network/interfaces file, enter:
# vi /etc/network/interfaces

Append the following in eth0 section:

up route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.254
down route del -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.254

Save and close the file.
Generic method to add persistent static routing on Linux

The following method works with almost all Linux distributions.

Edit /etc/rc.d/rc.local or /etc/rc.local, enter
# vi /etc/rc.local

Append the following line:

/sbin/ip route add 192.168.1.0/24 dev eth0

Save and close the file.
———————————-
Verify newly added route ip in the Linux kernel routing table

To verify new routing table, enter:
# ip route list

OR
# route -n
—————–
Verify new route

Use the ping command to verify connectivity to your router or external network:
# ping your-router-ip-here
# ping your-ISPs-Gateway-ip-here
# ping 192.168.1.254
# ping http://www.cyberciti.biz
######################################
ip checking

ifcongig eth0
hostname -i
[root@pyr-inf-dgs01 ~]# dig pyr-inf-dgs01

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.3 <<>> pyr-inf-dgs01
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44723
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;pyr-inf-dgs01. IN A

;; Query time: 0 msec
;; SERVER: 20.155.8.52#53(20.155.8.52)
;; WHEN: Tue Aug 18 21:30:06 2015
;; MSG SIZE rcvd: 31

=======================================================

xRHEL 7 Network device naming change

Red Hat Enterprise 7 is based on fedora 19 and upstream of kernel 3.10

Ever wanted to change back to the default network device name like “ethX”

This is based on VMware installation i have the default nic name as”en01677736″
[root@eSuareznotes01 ~]# ip addr show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777736: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:92:78:40 brd ff:ff:ff:ff:ff:ff
inet XX.X.XX.XX/24 brd 10.0.10.255 scope global dynamic eno16777736
valid_lft 85931sec preferred_lft 85931sec
inet6 fe80::20c:29ff:fe92:7840/64 scope link
valid_lft forever preferred_lft forever

[root@eSuareznotes01 ~]# vi /etc/default/grub

GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=”$(sed ‘s, release .*$,,g’ /etc/system-release)”
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT=”console”
GRUB_CMDLINE_LINUX=”rd.lvm.lv=rootvg/usrlv rd.lvm.lv=rootvg/swaplv crashkernel=auto vconsole.keymap=us rd.lvm.lv=rootvg/rootlv vconsole.font=latarcyrheb-sun16 rhgb quiet”
GRUB_DISABLE_RECOVERY=”true”

Look for this line “GRUB_CMDLINE_LINUX” and add the following: “net.ifnames=0 biosdevname=0”

Should look like this:
GRUB_CMDLINE_LINUX=”rd.lvm.lv=rootvg/usrlv rd.lvm.lv=rootvg/swaplv crashkernel=auto vconsole.keymap=us rd.lvm.lv=rootvg/rootlv vconsole.font=latarcyrheb-sun16 rhgb quiet net.ifnames=0 biosdevname=0”

[root@eSuareznotes01 ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file …
Found linux image: /boot/vmlinuz-3.10.0-121.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-121.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-df30d92ad3eb414583d85bb471003eb4
Found initrd image: /boot/initramfs-0-rescue-df30d92ad3eb414583d85bb471003eb4.img
done

If you didn’t put any names during the installation, you will need to rename the interface files by renaming the file /etc/sysconfig/network-scripts/ifcfg-*.

[root@eSuareznotes01 ~]# mv /etc/sysconfig/network-scripts/ifcfg-eno16777736 /etc/sysconfig/network-scripts/ifcfg-eth0
[root@eSuareznotes01 ~]# shutdown -r now

After system reboot

[root@eSuareznotes01 ~]# ip addr show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:92:78:40 brd ff:ff:ff:ff:ff:ff
inet 10.0.10.77/24 brd 10.0.10.255 scope global dynamic eth0
valid_lft 86141sec preferred_lft 86141sec
inet6 fe80::20c:29ff:fe92:7840/64 scope link
valid_lft forever preferred_lft forever

Advertisements

HBA Failed issue or alert

Provide fiber switch and port details for HBA2 on cscmhs-dr2 server.

cscmhs-dr2.chntva1-dc2.cscehub.com# luxadm -e port
/devices/pci@9,600000/SUNW,qlc@2/fp@0,0:devctl CONNECTED
/devices/pci@8,700000/lpfc@2/fp@0,0:devctl NOT CONNECTED
cscmhs-dr2.chntva1-dc2.cscehub.com#

cscmhs-dr2.chntva1-dc2.cscehub.com# luxadm -e dump_map /devices/pci@9,600000/SUNW,qlc@2/fp@0,0:devctl
Pos AL_PA ID Hard_Addr Port WWN Node WWN Type
0 1 7d 0 21000003ba8c36b5 20000003ba8c36b5 0x1f (Unknown Type,Host Bus Adapter)
1 ef 0 ef 21000004cfcbbec6 20000004cfcbbec6 0x0 (Disk device)
2 e8 1 e8 21000004cfcbd608 20000004cfcbd608 0x0 (Disk device)
cscmhs-dr2.chntva1-dc2.cscehub.com#

check powerpath or multipath in linux

powermt display dev=all
/etc/powermt display dev=all

aonaum-usa181.mdc-dc1.cscehub.com# /etc/powermt display dev=all
Pseudo name=emcpower0a
CLARiiON ID=APM00145221389 [AONAUM-USA181]
Logical device ID=6006016045203B001F04106E09C1E411 [GB3-LUN_106]
state=alive; policy=CLAROpt; priority=0; queued-IOs=0;
Owner: default=SP A, current=SP A Array failover mode: 4
==============================================================================
————— Host ————— – Stor – — I/O Path — — Stats —
### HW Path I/O Paths Interf. Mode State Q-IOs Errors
==============================================================================
2304 pci@8,700000/fibre-channel@3 c2t0d0s0 SP A3 active alive 0 2
2304 pci@8,700000/fibre-channel@3 c2t1d0s0 SP B2 active alive 0 0
2305 pci@8,700000/fibre-channel@4 c3t0d0s0 SP A2 active alive 0 2
2305 pci@8,700000/fibre-channel@4 c3t1d0s0 SP B3 active alive 0 0

Crontab

[root@ct11oagapp002 ~]# cat /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# For details see man 4 crontabs

# Example of job definition:
# .—————- minute (0 – 59)
# | .————- hour (0 – 23)
# | | .———- day of month (1 – 31)
# | | | .——- month (1 – 12) OR jan,feb,mar,apr …
# | | | | .—- day of week (0 – 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed

Back up checking

Back up checking
——————–
check avagent status
cd /etc/init.d
./avagent status
./avagent restart when agent is in hung state
check logs below
tail /usr/local/avamar/var/avagent.log

[root@cscgsapndc562 ~]# service avagent start
avagent Info <5008>: Logging to /usr/local/avamar/var/avagent.log
avagent Info <5417>: daemonized as process id 24387
avagent Info: Client Agent started.

Activate avamar agent using this command
/usr/local/avamar/etc/avregister.d register <MCS> <Domain> or /usr/local/avamar/bin/avregister
MCS : Master server ; Domain : ex :metlife.com

/usr/local/avamar/bin
./avregister
update like this

We have tested the connectivity, All looks good. Seems Like agent went into hung status. We have restarted the agent.
Please re-initiate the backup and let us know the status.

[root@som-cgc-app-505 ~]# telnet cscavasom001.amer.csc.com 28001
Trying 20.25.215.134…
Connected to cscavasom001.amer.csc.com.
Escape character is ‘^]’.

****** Current MCS name ‘cscavasom001.amer.csc.com’ ******

2016-07-12 10:36:33 avagent Info <7502>: Registration of client /TCH/CapGroup/som-cgc-app-505.somma1-dc2.cscehub.com with MCS cscavasom001.amer.csc.com:28001 successful.
2016-07-12 10:36:33 avagent Info <5928>: Registration of plugin 1001 Unix successful.
2016-07-12 10:36:33 avagent Info <5928>: Registration of plugin 1023 update successful.
2016-07-12 10:36:33 avagent Info <5619>: Registration of client and plugins complete.
2016-07-12 10:36:33 avagent Info <7189>: first work request delayed for 180 seconds.
[root@som-cgc-app-505 ~]#

or

cd /usr/openv/netbackup
ls
cat bp.conf
cd bin
ls
./bpclntcmd -pn

What is SUID and SGID?

SUID:
This is a abbreviation used for Set User ID which means that you are assigning a special permission on a user owner of any particular file or directory.

Now what does it means and why do we use SUID?
Assigning a user SUID means that you are giving him additional permission i.e user owner permission over the normal permission which he already has to
run any executable file inside some directory on with the suid is applied.

Let me be more clear about the above statement with an example:
By default there are a number of executable binary files in Linux which we use as commands which has to be run only as a super user i.e.
root user but what if a normal user is allowed to run those commands.
Now in that case even if you have given him sudo access he won’t be able to run those commands as these are predefined to be run only as root and no one else.

For example :
mount, umount,ping, passwd, chage etc.

Now the above mentioned commands can only be run as a super user. So when you check the permission of these commands
# ls -l /bin/ping
-rwsr-xr-x. 1 root root 36892 Jul 19 2011 /bin/ping

# ls -l /bin/mount
-rwsr-xr-x. 1 root root 73996 Dec 8 2011 /bin/mount

# ls -l /bin/ping
-rwsr-xr-x. 1 root root 36892 Jul 19 2011 /bin/ping

Now as you see in the user permission section additional small (s) is there at the place of execute permission

This means that all these commands have SUID set on it and if a normal user is given sudo permission to run these commands,
they will run it as user owner’s permission which in all the above case is root.

Why do we use SUID?
I hope I have explained this part above but still let me add a description with another example.
Now there is some executable file whose owner is Deepak and it can only be run by deepak but still you want Amit to run the file,
so in that case instead of changing the owner of that file I will assign a SUID on it so that Amit can also run that file using Deepak’s permission.
So this is going to remove the complexity part and not only Amit any other random user who is allowed to run that file will run the same using
ownership of deepak as I do not need to change the owner every time for some one to run the same executable file.
Assigning SUID permission
There are two ways to assign suid

Octal (4)
Symbolic (u+s)

Octal method:
# chmod 4755 /myscrip.sh
# ls -l
-rwsrw-rw-. 1 root root 0 Oct 16 11:33 /myscript.sh
Symbolic method:
# chmod u+s /myscript.sh

# ls -l
-rwsrw-rw-. 1 root root 0 Oct 16 11:34 /myscript.sh

Removing SUID permission
Octal method:
# chmod 0755 /myscript.sh

# ls -l
-rwxrw-rw-. 1 root root 0 Oct 16 11:35 /myscript.sh
Symbolic method:
# chmod u-s /myscript.sh

# ls -l
-rwxrw-rw-. 1 root root 0 Oct 16 11:36 /myscript.sh

Understanding the difference between Capital (S) and small (s) in SUID
There might be time when you see a capital S and a small s after applying SUID on any file or directory
Now it does not makes much difference on its working but instead it tells you something about the permission currently applied on the file.

If the file where you are assigning SUID has user executable permission then after applying SUID you will get a small (s) but if the user doe not have execute permission before you apply SUID then you will end up with capital (S) after applying SUID.

Let me show you the same with an example

Before applying SUID without executable permission on user owner
# chmod 655 /myscript.sh

# ls -l-rw-rw-rw-. 1 root root 0 Oct 16 11:35 /myscript.sh

After applying SUID without executable permission on user owner
# chmod 4655 /myscript.sh

# ls -l
-rwSrw-rw-. 1 root root 0 Oct 16 11:35 /myscript.sh

Before applying SUID with executable permission on user owner
# chmod 755 /myscript.sh

# ls -l
-rwxrw-rw-. 1 root root 0 Oct 16 11:36 /myscript.sh

After applying SUID with executable permission on user owner
# chmod 4755 /myscript.sh

# ls -l
-rwsrw-rw-. 1 root root 0 Oct 16 11:36 /myscript.sh

So I hope you have got my point of view and must have understood the difference between capital (S) and small (s)

Finding all the executable files with SUID

# find / -perm +4000

where +4000 is the ID we use for assigning permission in octal method.

=======================================================================

 

SGID:
This is an abbreviation used for Set Group ID. This is a permission assigned to any file or directory to give normal group members
additional authority of running that file with a privilege of group owner.

This is something very similar to which I explained here for SUID with a little difference that this time you are assigning permission
to a complete group and its group members instead of assigning the permission to one particular user.

For example you have some executable file and you want all the group members of sysadmin to be able to execute it but that file can only be run
as root so you assign a SGID over that file and now all the members of sysadmin team will be able to run the file with the permission of root.
Assigning SGID permission :
There are two ways to assign SGID

Octal (2)
Symbolic (g+s)

Octal (2) :
# chmod 2755 /myscript.sh

# ls -l
-rwxr-sr-x. 1 root root 0 Oct 16 11:33 /myscript.sh

Symbolic (g+s) :
# chmod g+s /myscript.sh

# ls -l
-rwxr-sr-x. 1 root root 0 Oct 16 11:33 /myscript.sh

Removing SGID permission
Octal (2) :
# chmod 0755 /myscript.sh

# ls -l
-rwxr-xr-x. 1 root root 0 Oct 16 11:33 /myscript.sh

Symbolic (g-s) :
# chmod g-s /myscript.sh

# ls -l
-rwxr-xr-x. 1 root root 0 Oct 16 11:33 /myscript.sh

Understanding difference between Capital (S) and small (s) in SGID
Now when you assign SGID permission you might sometimes see a Capital (S) instead of a small (s) in the group permission section.
This does not makes much difference instead if gives you an additional information if that file is having group executable permission or not.
If you get Capital S it means there is not executable permission and the same if you have small s it means the file is having group executable permission.

For example:
Before applying SGID without executable permission on user owner
# chmod 655 /myscript.sh
# ls -l
-rwxrw-rw-. 1 root root 0 Oct 16 11:35 /myscript.sh

After applying SGID without executable permission on user owner
# chmod 2655 /myscript.sh
# ls -l
-rwxrwSrw-. 1 root root 0 Oct 16 11:35 /myscript.sh

Before applying SGID with executable permission on user owner
# chmod 755 /myscript.sh
# ls -l
-rwxrwxrw-. 1 root root 0 Oct 16 11:36 /myscript.sh

After applying SGID with executable permission on user owner
# chmod 2755 /myscript.sh
# ls -l
-rwxrwsrw-. 1 root root 0 Oct 16 11:36 /myscript.sh

So I hope you have got my point of view and must have understood the difference between capital (S) and small (s)

Finding all the executable files with SGID
# find / -perm +2000