Topics: Red Hat

Red Hat Enterprise Linux links

Official Red Hat sites:

Other Red Hat related sites:

Topics: Red Hat, System Administration

Red Hat: Creating a backup to ISO images

The following procedure describes how to create a full system backup, using MondoRescue, to ISO images, that can later be burnt to DVD, and used to recover the entire system.

First, set up the REPO for MondoResuce:

# cd /etc/yum.repos.d/
# wget ftp://ftp.mondorescue.org/rhel/7/x86_64/mondorescue.repo
Install MondoRescue:
# yum install mondo
Answer "y" to everything.

You will need a destination to put the ISO files in. For example a remote NFS mount on a separate server is a good choice, so the backup is not locally on the same system.

Edit /etc/mindi/mindi.conf, to allow for a larger RAM disk. Mindi is used by Mondo. Wihout it, Mindi will exit saying it ran out of space. Add to mindi.conf:
EXTRA_SPACE=240000
BOOT_SIZE=240000
Now run the MondoRescue backup:
# mondoarchive -O -V -i -s 4480m -d /target -I / -T /tmp
You can also add the -E option to tell MondoRescue to exclude certain folders.

The -s option tells MondoResuce to make ISO images of DVD size 4480m.

The command says it will log to /var/log/mondoarchive.log. A /var/log/mindi.log is also written. It will also indicate the number of media images to be created. Let it run, and your backup is successful.

Topics: Red Hat

Using Wodim to write an ISO image to DVD

Wodim is an easy tool to write an ISO image to DVD, and it's included with Red Hat.

In order to write an ISO image to DVD, first start off by making sure what the device is of the DVD burner. Most often, it is /dev/sr0. To validate this, run:

# ls -als /dev/sr0
If that's the correct device, all you need is an ISO image. Let's say, your ISO image is located in /path/to/image.iso. In that case, use the following command to write the ISO image to DVD:
# wodim dev=/dev/sr0 -v -data /path/to/image.iso

Topics: Red Hat

Red Hat Cluster Suite commands

Red Hat cluster controls the startup and shutdown of all application components on all nodes within a cluster. To check the status of the cluster, to start, stop or failover resource groups Red Hat cluster's standard commands can be used.

Following is a list of some of cluster commands.

  • To check cluster status: clustat
  • To start cluster manager: service cman start (do on both nodes right away with in 60 seconds)
  • To start cluster LVM daemon: service clvmd start (do on both nodes)
  • To start Resource group manager: service rgmanager start (do on both nodes)
  • To enables and starts the user service: clusvcadm -e service_name (check with clustat for available service names in your cluster)
  • To disable and stops the user service: clusvcadm -d service_name (check with clustat for available service names in your cluster)
  • To stop Resource group manager: service rgmanager stop
  • To stop cluster LVM daemon: service clvmd stop
  • To stop cluster manager: service cman stop (Do not stop CMAN at the same time on all nodes)
  • To relocate user service: clusvcadm -r service_name (check with clustat for available service names in your cluster)
  • To relocate user service: clusvcadm -r service_name (check with clustat for available service names in your cluster)

Topics: Red Hat

How to Mount and Unmount an ISO Image in RHEL

An ISO image or .iso (International Organization for Standardization) file is an archive file that contains a disk image called ISO 9660 file system format. Every ISO file have .ISO extension has defined format name taken from the ISO 9660 file system and specially used with CD/DVD Roms. In simple words an iso file is a disk image.

Typically an ISO image contains installation of software such as, operating system installation, games installation or any other applications. Sometimes it happens that we need to access files and view content from these ISO images, but without wasting disk space and time in burning them on to CD/DVD.

This article describes how to mount and unmount an ISO image on RHEL to access and list the content of ISO images.

To mount an ISO image, you must be logged in as root user and run the following commands from a terminal to create a mount point.

# mkdir /mnt/iso
Once you created mount point, use the mount command to mount an iso file. We'll use a file called rhel-server-6.6-x86_64-dvd.iso for our example.
# mount -t iso9660 -o loop /tmp/Fedora-18-i386-DVD.iso /mnt/iso/
After the ISO image mounted successfully, go the mounted directory at /mnt/iso and list the content of an ISO image. It will only mount in read-only mode, so none of the files can be modified.
# cd /mnt/iso
# ls -l
You will see the list of files of an ISO image, that we have mounted in the above command.

To unmount an ISO image, run the following command from the terminal as root:
# umount /mnt/iso

Topics: Red Hat, System Administration

Increase the size of a tmpfs file system

On Linux systems, a tmpfs filesystem keeps the entire filesystem (with all its files) in virtual memory. All data is stored in memory, which means the data is temporary and will be lost after a reboot. If you unmount the filesystem, all data in the file system is gone. You can also a lot of installations using a tmpfs for /tmp and hence anything written to /tmp is wiped after a reboot.

To increase the size, do the following:

Modify /etc/fstab line to look something like this:

none /raw tmpfs defaults,size=2G 0 0
Then, re-mount the file system:
# mount -o remount /raw # df -h
Note: Be careful not to increase it too much as the system will use up real memory.

Topics: AIX, Monitoring, Networking, Red Hat, Security, System Administration

Determining type of system remotely

If you run into a system that you can't access, but is available on the network, and have no idea what type of system that is, then there are few tricks you can use to determine the type of system remotely.

The first one, is by looking at the TTL (Time To Live), when doing a ping to the system's IP address. For example, a ping to an AIX system may look like this:

# ping 10.11.12.82
PING 10.11.12.82 (10.11.12.82) 56(84) bytes of data.
64 bytes from 10.11.12.82 (10.11.12.82): icmp_seq=1 ttl=253 time=0.394 ms
...
TTL (Time To Live) is a timer value included in packets sent over networks that tells the recipient how long to hold or use the packet before discarding and expiring the data (packet). TTL values are different for different Operating Systems. So, you can determine the OS based on the TTL value. A detailed list of operating systems and their TTL values can be found here. Basically, a UNIX/Linux system has a TTL of 64. Windows uses 128, and AIX/Solaris uses 254.

Now, in the example above, you can see "ttl=253". It's still an AIX system, but there's most likely a router in between, decreasing the TTL with one.

Another good method is by using nmap. The nmap utility has a -O option that allows for OS detection:
# nmap -O -v 10.11.12.82 | grep OS
Initiating OS detection (try #1) against 10.11.12.82 (10.11.12.82)
OS details: IBM AIX 5.3
OS detection performed.
Okay, so it isn't a perfect method either. We ran the nmap command above against an AIX 7.1 system, and it came back as AIX 5.3 instead. And sometimes, you'll have to run nmap a couple of times, before it successfully discovers the OS type. But still, we now know it's an AIX system behind that IP.

Another option you may use, is to query SNMP information. If the device is SNMP enabled (it is running a SNMP daemon and it allows you to query SNMP information), then you may be able to run a command like this:
# snmpinfo -h 10.11.12.82 -m get -v sysDescr.0
sysDescr.0 = "IBM PowerPC CHRP Computer
Machine Type: 0x0800004c Processor id: 0000962CG400
Base Operating System Runtime AIX version: 06.01.0008.0015
TCP/IP Client Support  version: 06.01.0008.0015"
By the way, the example for SNMP above is exactly why AIX Health Check generally recommends to disable SNMP, or at least to dis-allow providing such system information trough SNMP by updating the /etc/snmpdv3.conf file appropriately, because this information can be really useful to hackers. On the other hand, your organization may use monitoring that relies of SNMP, in which case it needs to be enabled. But then you stil have the opportunity of changing the SNMP community name to something else (the default is "public"), which also limits the remote information gathering possibilities.

Topics: Red Hat, System Administration

RHSM: Too many content sets for certificate

How to fix subscription-manager error "Too many content sets for certificate Red Hat Enterprise Linux Server" using RHN and be able to revert back to Red Hat Subscription Management after updating.

Step 1: Clean up the subscription-manager if needed:

# subscription-manager unsubscribe --all
# subscription-manager unregister
# subscription-manager clean
Step 2: Register to Red Hat Network (RHN) using rhn_register:
# rhn_register
Note: You will need your RH login and password to complete the wizard.

Step 3: Validate RHN registration of the system:
# yum repolist
Note: Look at Loaded plugins in the output and "rhnplugin" should be listed.

Step 4: Update subscription-manager* and python-rhsm* packages: # yum list updates subscription-manager* python-rhsm* Note: The output may vary depending on your system and installed packages.

Example output below:
Updated Packages
python-rhsm.x86_64 1.12.5-2.el6 rhel-x86_64-server-6
subscription-manager.x86_64 1.12.14-9.el6_6 rhel-x86_64-server-6
subscription-manager-firstboot.x86_64 1.12.14-9.el6_6 rhel-x86_64-server-6
subscription-manager-gnome.x86_64 0.99.19.4-1.el6_3 rhel-x86_64-server-6
# yum update subscription-manager* python-rhsm*
Note: Answer the questions when prompted. Validate the updates were applied successfully by examining the output.

Step 5: Unregister from RHN in preparation to register with subscription-manager:
  1. In the online Red Hat Portal, login.
  2. Access Subscription Management.
  3. Access RHN Classic Management -> All Registered Systems.
  4. Click on System Entitlements (you need to see check boxes next to systems).
  5. Select the check box next to the system you are working on.
  6. Click the "Unentitle" button at bottom middle of page.
  7. Validate the entitlement has been removed for the system.
  8. Perform the below command on the system's CLI:
    # rm /etc/sysconfig/rhn/systemid
Step 6: Register system with subscription-manager:

Note: Validate that no subscriptions are showing active.
# subscription-manager list --available
Note: A message similar to below should be displayed.
This system is not yet registered. Try 'subscription-manager register --help' for more information.
Register the system using your credentials to RHSM:
# subscription-manager register --username=xxxxxx --password='xxxxxx'
Note: You will need your Red Hat Portal Username and Password for the account the system will be registered under. Make note of the ID that the system will be registered when this command returns.

Validate that the subscription-manager plugin is loaded
# yum repolist
Look at Loaded plugins in the output where "subscription-manager" should be listed.

Validate that subscriptions are showing available now:
# subscription-manager list --available
Validate the Subscription Name, SKU, Contract, Account and Pool ID are showing up correctly. Make note of the "Pool ID" that will be required to subscribe in the next task. Register the system using one of the pools above:
# subscription-manager subscribe --pool='[POOL_ID_Number]'
Note: Where "[POOL_ID_Number]" should be obtained from the preceding task.

Make sure a message stating "Successfully attached a subscription for" the system is shown.

Step 7: Validate that the system is now consuming a subscription:
# subscription-manager list --consumed
Validate the Subscription Name, SKU, Contract, Account and Pool ID are correct.
# subscription-manager list
Note: The Status should show "Subscribed".

Step 8: Validate in Red Hat Portal that the new system shows up as well.

In Red Hat Portal:
  1. In the online Red Hat Portal, login.
  2. Access Subscription Management.
  3. Access Red Hat Subscription Management -> Subscriber Inventory -> Click on Systems.
  4. Examine the Systems inventory to validate the new system is now visible and shows a subscription attached.

Topics: AIX, Red Hat, Security, System Administration

System-wide separated shell history files for each user and session

Here's how you can set up your /etc/profile in order to create a separate shell history file for each user and each login session. This is very useful when you need to know who exactly ran a specific command at a point in time. For Red Hat Linux, put the updates in either /etc/profile or /etc/bashrc.

Put this in /etc/profile on all servers:

# HISTFILE
# execute only if interactive
if [ -t 0 -a "${SHELL}" != "/bin/bsh" ]
then
 d=`date "+%H%M.%m%d%y"`
 t=`tty | cut -c6-`
 u=`who am i | awk '{print $1}'`
 w=`who -ms | awk '{print $NF}' | sed "s/(//g" | sed "s/)//g"`
 y=`tty | cut -c6- | sed "s/\//-/g"`
 mkdir $HOME/.history.$USER 2>/dev/null
 export HISTFILE=$HOME/.history.$USER/.sh_history.$USER.$u.$w.$y.$d
 find $HOME/.history.$USER/.s* -type f -ctime +91 -exec rm {} \; \
  2>/dev/null

 H=`uname -n | cut -f1 -d'.'`
 mywhoami=`whoami`
 if [ ${mywhoami} = "root" ] ; then
  PS1='${USER}@(${H}) ${PWD##/*/} # '
 else
  PS1='${USER}@(${H}) ${PWD##/*/} $ '
 fi
fi

# Time out after 60 minutes
# Use readonly if you don't want users to be able to change it.
# readonly TMOUT=3600
TMOUT=3600
export TMOUT
For AIX, put this in /etc/environment, to turn on time stamped history files:
# Added for extended shell history
EXTENDED_HISTORY=ON
For Red Hat, put this in /etc/bashrc, to enable time-stamped output when running the "history" command:
HISTTIMEFORMAT='%F %T '; export HISTTIMEFORMAT
This way, *every* user on the system will have a separate shell history in the .history directory of their home directory. Each shell history file name shows you which account was used to login, which account was switched to, on which tty this happened, and at what date and time this happened.

Shell history files are also time-stamped internally. For AIX, you can run "fc -t" to show the shell history time-stamped. For Red Hat, you can run: "history". Old shell history files are cleaned up after 3 months, because of the find command in the example above. Plus, user accounts will log out automatically after 60 minutes (3600 seconds) of inactivity, by setting the TMOUT variable to 3600. You can avoid running into a time-out by simply typing "read" or "\" followed by ENTER on the command line, or by adding "TMOUT=0" to a user's .profile, which essentially disables the time-out for that particular user.

One issue that you now may run into on AIX, is that because a separate history file is created for each login session, that it will become difficult to run "fc -t", because the fc command will only list the commands from the current session, and not those written to a different history file. To overcome this issue, you can set the HISTFILE variable to the file you want to run "fc -t" for:
# export HISTFILE=.sh_history.root.user.10.190.41.116.pts-4.1706.120210
Then, to list all the commands for this history file, make sure you start a new shell and run the "fc -t" command:
# ksh "fc -t -10"
This will list the last 10 commands for that history file.

Topics: Red Hat, System Administration

Install GNOME GUI on RHEL 7 Linux Server

If you have performend a RHEL 7 Linux Server installation and did not include Graphical User Interface (GUI) you can do it later directly from command line using yum command and selecting an appropriate installation group. To list all available installation groups on Redhat 7 Linux use:

# yum group list
From the above list select Server with GUI installation group:
# yum groupinstall 'Server with GUI'
Just because gnome desktop environment is a default GUI on RHEL 7 linux system the above command will install gnome. Alternatively, you can run the below command to only install core GNOME packages:
# yum groupinstall 'X Window System' 'GNOME'
Once the installation is finished, you need to change system's runlevel to runlevel 5. Changing runlevel on RHEL 7 is done by use of systemctl command. The below command will change runlevel from runlevel 3 to runelevel 5 on RHEL 7:
# systemctl enable graphical.target --force
Depending on your previous installations you may need to accept Redhat License after you reboot your system. Once you boot to your system you can check GNOME version using:
# gnome-shell --version
Source: http://linuxconfig.org/install-gnome-gui-on-rhel-7-linux-server.

Number of results found for topic Red Hat: 49.
Displaying results: 1 - 10.