#!/bin/ksh # Written by John Rigler # 10/04/2006 # Figure out what parameter was given case "$1" in fscsi?*) CMD="fscsi" ;; fcs?*) CMD="fcs" ;; *) CMD="usage";; esac # Get fcs if you were given fscsi if [[ $CMD = fscsi ]] then lsdev -Cl $1 | cut -c 18-22 | read FCSNO lsdev -Cc adapter | grep $FCSNO | read FCS TRASH fi if [[ $CMD = fcs ]] then FCS=$1 fi # Run it if [[ $CMD != usage ]] then lscfg -vl $FCS | grep Network | read LINE for SNIPPET in 29-30 31-32 33-34 35-36 37-38 39-40 41-42 43-44 do echo $LINE | cut -c $SNIPPET done | xargs -n8 | sed 's/\ /:/g' else echo "Usage: $0 fcs# or fscsi# <---- will return WWPN" fi
Category Archives: AIX
Setup dsh and dcp
dsh is an extension of ssh which allows you to run commands in parallel on a number of serves at once.
To set up dsh to work, first set the following variables:
export DSH_LIST=/etc/dsh.hosts
export DSH_NODE_RSH=/usr/bin/ssh
export DSH_NODE_RCP=/usr/bin/scp
export DCP_DEVICE_RCP=/usr/bin/scp
export DCP_NODE_RCP=/usr/bin/scp
/etc/dsh.hosts is just a list of fully qualified host names.
Also, pipe your dsh results into ‘dshbak -c’ and it will organize them nicely for you.
planarmap – tells you what is where
code:
lsdev -Cc adapter | grep "^ent" | while read A B do lscfg -vl $A done | grep Network | cut -c 37- | tr 'A-Z' 'a-z' | while read MAC do echo $MAC | cut -c 1-4 | read MAC1 echo $MAC | cut -c 5-8 | read MAC2 echo $MAC | cut -c 9-12 | read MAC3 echo $MAC1.$MAC2.$MAC3 done
example:
$ planarmap 001.DQDGMFC------------------------------------------ ---pci25--------------------------------------------- pci29 sisscsia0 PCI-X Ultra320 SCSI Adapter T7 pci30 ent0 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902) T6 pci30 ent1 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902) ---pci26--------------------------------------------- C3-T1 pci31 fcs0 FC Adapter C4-T1 pci32 fcs1 FC Adapter ---pci27--------------------------------------------- pci33 sisscsia1 PCI-X Ultra320 SCSI Adapter
readmacs – tells you the mac addresses of your real interfaces
lsdev -Cc adapter | grep "^ent" | while read A B do lscfg -vl $A done | grep Network | cut -c 37- | tr 'A-Z' 'a-z' | while read MAC do echo $MAC | cut -c 1-4 | read MAC1 echo $MAC | cut -c 5-8 | read MAC2 echo $MAC | cut -c 9-12 | read MAC3 echo $MAC1.$MAC2.$MAC3 done
How to set up ssh to allow you to run remote commands
Configuration for ssh is done in two places:
- In the /etc/ssh directory as root
- In the user’s .ssh subdirectory
From a system perspective, /etc/ssh/sshd_config may need to be changed in order to restrict ssh version 1, allow root login (PermitRootLogin) or make other various changes. The sshd daemon can be restarted without disrupting current connections. In /etc/ssh is also a file called ssh_known_hosts. If you will be using ssh as the root user, I recommend making a symbolic link between root’s known_hosts file and this one. Then make sure and connect to any new hosts as root before connecting as a user. In this way, you will maintain a global known_hosts command and individual users will not have to maintain their individual host lists.
From a user perpective, ssh is set up by creating a public and private key pair with the ssh-keygen command:
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/username/.ssh/id_rsa): Created directory '/home/username/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/username/.ssh/id_rsa. Your public key has been saved in /home/username/.ssh/id_rsa.pub. The key fingerprint is: 45:36:66:b8:39:bc:e0:84:ae:eb:50:e3:28:ec:47:0a username@hostname $ cd .ssh $ ls -l total 16 -rw------- 1 username staff 1675 Nov 24 12:40 id_rsa -rw-r--r-- 1 username staff 401 Nov 24 12:40 id_rsa.pub
The file ‘id_rsa’ is your private key and should be kept on any system that is trying to ssh out. The file ‘id_rsa.pub is your public key. Give this to other people so that they can put in into a file on their side called ‘authorized_keys’. If you want to test ssh by connecting to yourself, simply move or copy ‘id_rsa.pub’ to ‘authorized_keys’. At this point you should be able to test ssh by connecting to yourself:
$ pwd /home/username/.ssh $ ls -la total 16 drwx------ 2 netiq staff 256 Nov 24 12:50 . drwxr-xr-x 3 netiq staff 256 Nov 24 12:47 .. -rw------- 1 netiq staff 1675 Nov 24 12:47 id_rsa -rw-r--r-- 1 netiq staff 401 Nov 24 12:47 id_rsa.pub $ mv id_rsa.pub authorized_keys $ ssh localhost The authenticity of host 'localhost (127.0.0.1)' can't be established. RSA key fingerprint is 3b:4b:af:d1:b3:ec:51:83:96:48:ea:8e:09:83:d4:80. Are you sure you want to continue connecting (yes/no)?yes Warning: Permanently added 'localhost,127.0.0.1' (RSA) to the list of known hosts. Last unsuccessful login: Mon Nov 24 12:43:24 CST 2008 on ssh from 10.32.12.45 Last login: Mon Nov 24 12:48:14 CST 2008 on /dev/pts/1 from 10.32.12.45 ********************************************************** * * * * * Welcome to AIX Version 5.3! * * * * * * Please see the README file in /usr/lpp/bos * * for information pertinent to * * this release of the AIX Operating System. * * * * * ********************************************************** $ exit Connection to localhost closed.
Generally you will no only connect to yourself, but you will also not use the name ‘localhost’. After running this test, however, you will have created a new file called ‘known_hosts’ that contains a bit of data which describes this server. This is a human-readable file that will collect information about all of the servers that you connect to. This is the file that is over-ridden by /etc/ssh/ssh_known_hosts.
Once ssh is configured, scp and sftp will also work. If you are a micro-focus cobol user, you might see a different ‘scp’ which will seem wierd, simply change your path to fix this or fully qualify scp:
psoft$scp PVER1 GERR00Not enough parameters psoft{fsprd75}$whence scp /usr/lpp/cobol/bin/scp psoft$/usr/bin/scp usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-S program] [[user@]host1:]file1 [...] [[user@]host2:]file2
Comparing Linux to AIX (linux.com)
Interesting look at what Linux could improve about usability and AIX could learn about default security.
mapgfs command
#!/bin/ksh ## This command simply maps powerdisk devices to filesytem names ## and nsd devices and then runs the mmlsdisk command for each ## If you aren't using emc, change DISKEXCLUDE function callMmlsdisk { # Run mmlsdisk and lspv for each record and merge the results /usr/lpp/mmfs/bin/mmlsdisk $DEVICE | grep nsd | while read NSD RESTOFLINE do lspv | grep $NSD | grep $DISKEXCLUDE echo $RESTOFLINE done | xargs -n 10 | awk '{print $1,"\t",$6,"\t",$3}' } # Initial variables TEMPFILESYSTEMS=/tmp/$$filesystems FILESYSTEMRECORD=/tmp/$$fsrecord DISKEXCLUDE=power # Create a mmfs only version of /etc/filesystems grep -p "= mmfs" /etc/filesystems > $TEMPFILESYSTEMS # Now create a format which grabs two lines and merges them down to one line # here is an example: # /dir/dbf: dev = /dev/dbf1 # /dir/log: dev = /dev/log1 # /dir/sys: dev = /dev/sys1 egrep ":|/dev" $TEMPFILESYSTEMS | xargs -n4 > $FILESYSTEMRECORD # Use only the first and last line, loop to print awk '{ print $1,$4}' $FILESYSTEMRECORD | while read FSNAME DEVICE do echo # space to divide records echo $FSNAME ---FG------NSD--------- # Heading callMmlsdisk $DEVICE done # Remove temporary files rm $TEMPFILESYSTEMS $FILESYSTEMRECORD
Use putty and vnc to forward a linux desktop to a Window in XP
For this you will need the VNC viewer, I use vnc-4.0-x86_win32_viewer.exe. I configure putty for port forwarding and then I open a window to the server that I want to connect to:
Next I set up the vnc viewer to use my forwarded port:
Finally, I have to make sure vnc on the server is lined up with the port I think it is:
This command must be run:
vncserver -geometry 1280×1024 -localhost
When I ran it, it actually connected to port 5, not 2. You only know this by looking in a log file. Kill the session on 5 and clean up on /tmp files (or change your putty forwarding to be 5905 instead of 5902:
vncserver -geometry 1280x1024 -localhost Warning: nad0019linux01:1 is taken because of /tmp/.X11-unix/X1 Remove this file if there is no X server nad0019linux01:1 New 'X' desktop is nad0019linux01:2 Starting applications specified in /home/jrigler/.vnc/xstartup Log file is /home/jrigler/.vnc/nad0019linux01:2.log
~/.vnc/xstartup (this gets run remotely when you connect, in this case, it starts gnome)
#!/bin/sh xrdb $HOME/.Xresources gnome
You may also have to reset your vnc password on the server with the vncpasswd command.
Thats it. It allows me to have a linux graphical environment (gnome) hosted on a pSeries Partition that I can get at from my Windows laptop. I have two screens and can fill one with linux and when my mouse goes over there, everything works. The only thing I can’t do is cut and paste into Windows:
Setup NTP date sync
Make sure you set up ntp to work and then just run it every time. Use dsh date to check that you are working. Below is a configuration file to be put into /etc/rc.d/rc2.d as Sntpd and Kntpd:
#!/bin/ksh ################################################## # name: Xntpd # purpose: script that will start or stop the time daemon. Configure it in /etc/ntpd.conf ################################################## case "$1" in start ) startsrc -s xntpd ;; stop ) stopsrc -s xntpd ;; * ) echo "Usage: $0 (start | stop)" exit 1 esac
/etc/ntp.conf
# @(#)48 1.2 src/tcpip/etc/ntp.conf, ntp, tcpip510 2/16/96 10:16:34 # # COMPONENT_NAME: ntp # # FUNCTIONS: none # # ORIGINS: 27,176 # # # (C) COPYRIGHT International Business Machines Corp. 1996 # All Rights Reserved # Licensed Materials - Property of IBM # US Government Users Restricted Rights - Use, duplication or # disclosure restricted by GSA ADP Schedule Contract with IBM Corp. # # # # # Default NTP configuration file. # # Broadcast client, no authentication. # #broadcastclient driftfile /etc/ntp.drift tracefile /etc/ntp.trace server mydomaincontroller01 server mydomaincontroller02 peer mypeer01 peer mypeer02
To sync to the ntp server immediately and only if xntpd isn’t running:
ntpdate mydomaincontroller01
Make sure system will boot OK
1. bosboot -ad /dev/hdisk5 root@nad0019aixd09/dev> bootlist -m normal -o hdisk5 blv=hd5 bootlist -m normal -o ln rhdisk5 ipldevice ( use ln to create a copy of the raw devices if necessary) These need to all exist and point to rootvg, rhd5, and rhdiskX ( being whereever the boot image is): root@nad0019aixd09/dev> ls -l | grep -i ipl crw-rw---- 1 root system 10, 0 Jan 11 2006 IPL_rootvg crw-rw---- 2 root system 10, 1 Apr 23 13:02 ipl_blv crw------- 2 root system 20, 6 Apr 23 12:19 ipldevice root@nad0019aixd09/dev> ipl_varyon -i PVNAME BOOT DEVICE PVID VOLUME GROUP ID hdisk2 NO 00033f6a7c51d6bd0000000000000000 00cdeaea00004c00 hdisk4 NO 00cdeaea38c938d20000000000000000 00cdeaea00004c00 hdisk5 YES 00033f6a7c4c17d40000000000000000 00cdeaea00004c00 <--- this one is important