Wednesday, July 23, 2014

Enable Remote SSH Login

to enable remote SSH root login:
1. Change the file /etc/ssh/sshd_config with PermitRootLogin no to replace PermitRootLogin yes.
2. restart the service:
#svcadm restart svc:/network/ssh:default
Posted by at No comments:

Wednesday, July 9, 2014

SNMP for Solaris 10 hosts

Here are some notes on how to enable the SMA SNMP agent in Solaris 10. There is also some info on how to extend it and how to use it to send traps to a central management station. Note that SMA is a limited version of Net-SNMP. For those who want the extra functions available in Net-SNMP, there is some info about that at the end. I will also describe how to parse the system log for errors and send SNMP traps for selected events.

Installation

Sun's System Management Agent consist of the following packages which are available on the Solaris 10 DVD: SUNWsmagt, SUNWsmapi, SUNWsmcmd, SUNWsmdoc and SUNWsmmgr. Install them with the pkgadd command.
Configuration files and mibs will be located under /etc/sma/snmp. Commands can be found at /usr/sfw/bin and /usr/sfw/sbin. The daemon is controlled by SVM and the service is called svc:/application/management/sma:default

Configuration

All configuration of SMA is done in the files snmp.conf and snmpd.conf located in /etc/sma/snmp. snmp.conf is for general configuration such as defining the locations of mibs, port numbers, etc. If you are using the default, you don't have to touch this file.
snmpd.conf is the configuration file that defines how the SNMP agent operates. Here you setup things such as access control, extensions, and some simple monitoring. There is a script, /usr/sfw/bin/snmpconf that can be used to set it up. As an example, download and have a look at this snmpd.conf file that has some Basic configuration and comments.
To enable sending traps for a limited number of events, such as file disk fill-ups, high load averages or for example when a monitor directive exceeds a certain limit (please see snmpd.conf), you have to add trapsink and/or trap2sink directives that define the IP address of the host that is to receive the traps. trapsink is for SNMPv1 traps and trap2sink is for SNMPv2c traps.

Startup

You start the agent with svcadm enable sma and the daemon logs to /var/log/snmp.log . You should be able to test that it is working with the following command: /usr/sfw/bin/snmpget -v 1 -c public localhost sysDescr.0 . This should give you a similar output to uname -snrvm

Extension

SMA can be extended so that it acts as a kind of proxy between other agents and the management station. For example, if you want snmpd to communicate with the Fault Manager Daemon, add the following line to snmpd.conf:
dlmod sunFM /usr/lib/fm/sparcv9/libfmd_snmp.so.1
Also make sure that the file SUN-FM-MIB.mib exists in the mibs directory and that FMD is running.
To check that it works you can run /usr/sfw/bin/snmpwalk -v 2c -c public localhost sunFmModuleTable. This should give you the same information as fmadm config.

Open source Net-SNMP

As mentioned above, SMA is Sun's version of the open source Net-SNMP which can be found at http://net-snmp.sourceforge.net . One thing Net-SNMP can do but not SMA is to monitor the link status of network interfaces. If you want to do this, you will have to download and install Net-SNMP. You can find it in pkg format at http://www.sunfreeware.com . Net-SNMP installs under /usr/local so it can co-exist with SMA but it is recommended that you at least disable SMA to avoid confusion.
To monitor network interfaces, add the directive
linkUpDownNotifications yes
to snmpd.conf

Monitor logfiles

Net-SNMP has a very basic ability to match strings in a logfile and send traps when a matching string appears. The logmatch directive in snmpd.conf handles this. You will also need a monitor entry to send the trap when the logmatch triggers. It could look something like this:
logmatch CRITICAL /var/adm/messages 60 kern.crit
monitor -u sysadm -r 60 -o logMatchFilename "Log Match" != logMatchCurrentCount
The first line defines a rule where the file /var/adm/messages is scanned every 60 seconds for lines with the string "kern.crit"
If such a line appears, the OID logMatchCurrentCount will be raised. This will trigger the monitor directive that will send a trap to the management station defined in the trapsink directive.
If you want to do some serious logfile monitoring, I recommend that you install the SEC perl script that can be downloaded from http://www.estpak.ee/~risto/sec/ . This will monitor the logfiles of your choice and when a match is found it can use the snmptrap command to send a trap to the management station. SEC uses a rules file to define what to look for and what actions to take. An example could look like this:
sec.rules:
type=single
continue=dontcont
ptype=regexp
pattern=^\S+\s+\d+\s+\S+\s+(\S+).*(kern.crit)..(.*)$
desc=Received critical kernel event from $1
action=shellcmd /usr/sfw/bin/snmptrap -v 2c -c public 192.168.0.2 "" SMA-NOTIFICATION-MIB::statusChange \
hostName s "$1" moduleName s "SEC log monitor" statusOID o ".1.3.6.1.4.1.42.2.2.4.3.0" statusOIDcontext s "" \
status s "$2" description s "$0"
This will scan a logfile for lines containing the pattern defined on the pattern= line. Basically anything that contains kern.crit with some words before and after. When it appears SEC will execute the command specified on the action= line. The snmptrap command will send an SNMPv2c trap to the address 192.168.0.2 with the content that follows on the rest of the line. The variables $0, $1 and $2 is taken from the pattern. $0 is the whole log entry, $1 will be the hostname extracted from the log entry and $2 is the string kern.crit.
Posted by at No comments:

Tuesday, July 8, 2014

How to Display Disk Slice Information in Solaris

You might need to display disk slice information if the disk is intended to be used for the ZFS root pool. It must also include a SMI label.

  1. Become an administrator.
  2. Invoke the format utility.
    # format
    A numbered list of disks is displayed.
  3. Type the number of the disk for which you want to display slice information.
    Specify disk (enter its number):1
  4. Select the partition menu.
    format> partition
  5. Display the slice information for the selected disk.
    partition> print
  6. Exit the format utility.
    partition> q
format> q
  7. Verify the displayed slice information by identifying specific slice tags and slices.
    If the screen output shows that no slice sizes are assigned, the disk probably does not have slices.
Example 11-3 Displaying Disk Slice Information
The following example displays slice information for a disk with a VTOC label.
# format
Searching for disks...done
Specify disk (enter its number):3
Selecting c2t3d0
format> partition
partition> print
Current partition table (c2t3d0):
Total disk cylinders available: 14087 + 2 (reserved cylinders)

Part      Tag    Flag     Cylinders         Size            Blocks
  0       root    wm       0 - 14086      136.71GB    (14087/0/0) 286698624
  1       swap    wu       0                0         (0/0/0)             0
  2     backup    wu       0 - 14086      136.71GB    (14087/0/0) 286698624
  3 unassigned    wm       0                0         (0/0/0)             0
  4 unassigned    wm       0                0         (0/0/0)             0
  5 unassigned    wm       0                0         (0/0/0)             0
  6        usr    wm       0                0         (0/0/0)             0
  7 unassigned    wm       0                0         (0/0/0)             0
partition> q
format> q
The following example shows the slice information for a disk with an EFI label.

# format
Searching for disks...done
Specify disk (enter its number): 3
selecting c2t3d0
[disk formatted]
format> partition
partition> print
Current partition table (default):
Total disk sectors available: 286722878 + 16384 (reserved sectors)

Part      Tag    Flag     First Sector         Size         Last Sector
  0        usr    wm                34      136.72GB          286722911    
  1 unassigned    wm                 0           0               0    
  2 unassigned    wm                 0           0               0    
  3 unassigned    wm                 0           0               0    
  4 unassigned    wm                 0           0               0    
  5 unassigned    wm                 0           0               0    
  6 unassigned    wm                 0           0               0    
  7 unassigned    wm                 0           0               0    
  8   reserved    wm         286722912        8.00MB          286739295
partition> q
format> q
Posted by at No comments:

Some useful Commands in Solaris 10

if you ever needed to create an empty file with certain size, then all you have to do is to use this command:

dd if=/dev/zero of=FILE_NAME bs=BLOCK_SIZE count=NUMBER_OF_BLOCKS

where FILE_NAME is the name of target file and NUMBER_OF_BLOCKS is number of blocks per file, the size of the file is going to be created based on this formula:

File size = NUMBER_OF_BLOCKS x BLOCK_SIZE

as an example:

dd if=/dev/zero of=test_for_download bs=1024 count=1048576
------------------------------------------------------------------------------------------------------------

 if you ever need to create shortcut for a certain directory in Solaris, use ln command:

 ln -s dir_to_link_to link_name
Posted by at No comments:

Wednesday, July 2, 2014

Enable Disk Monitor in CentOS 5.10

To enable disk monitoring in PRTG, first make sure that all disks/partitions are being included in the /etc/snmp/snmpd.conf using this format:

disk  PATH  [MIN=DEFDISKMINIMUMSPACE]

where PATH:  mount path to the disk in question.
and  MIN:  Disks with space below this value will have the Mib's errorFlag set

example:   

disk / 10000

after finishing restart snmp service using this command

service snmpd restart

to verify the configurations try snmpwalk:

snmpwalk -v 2c localhost -c <community string> .1.3.6.1.4.1.2021.9

Posted by at No comments:
Subscribe to: Posts (Atom)