Skip to content

Category: Maintanence

Thuban reboot issues

Published by jweisber on 2007-07-22

Thuban as the server, is more sensitive to rebooting than other machines. Therefore do not reboot thuban unless absolutely necessary.

If it is rebooted, be sure that it has exported all the shared disks for use on other astro net clients. To check that this has successfully happened, log in to another desktop and try cd-ing to various shared disks like /data/psrdata and /docs and so on. If thuban has NOT mounted these disks for sharing, then James Fuller says to enter the following command on thuban:

(as root):# /usr/sbin/exportfs -a

–Joel

User Login Problem and Fix

Published by admin-joel on 2006-08-18

This week we experienced some login failures with the astro network. The symptoms were as follows. The user could not log in as himself/herself under our linux boxes. However, root login continued to be successful. Errors in /var/log/messages indicated an error which suggested the ldap server could not be contacted.

To fix this problem, we first looked at /etc/ldap.conf which had a line like “host 127.0.0.1″ which was not the proper configuration for our network(the ldap server is ldap.carleton.edu”.

To fix this we reinstalled the carletonldapauth rpm located in /etc/secret/RPMS/.

However, this did not fix our error. The error we were now getting in /var/log/messages was an invalid credentials error when trying to bind with the ldap server. After calling ITS admins to see the logs on the server side of things we noted that our astro machines were trying to bind to the ldap server as root. This is incorrect. After discussing the matter further we determined that a newer version of carletonldapauth had been created which was not on the astro network.

This should have been installed automatically by our scripts that we run on the astro network. However, ITS had recently changed the cert on the server which broke our updates. After installing the new cert(located in /etc/secret/RPMS), installing some missing packages on some of the machines(openssl-perl) and installing the new carletonldapauth everything is back to normal.

Configure astro network client

Published by jweisber on 2006-07-27

OUT OF DATE as of 2008-11-01.

OUT OF DATE as of 2008-11-01.

Steps to configure an astronomy department linux client computer.

  1. Install Redhat Enterprise Linux AS 4
  2. Install redhat keys from:
    http://rhn.carleton.edu/pub/RedHat/keys.html
  3. Add line to /etc/hosts
    137.22.6.54 algol.physics.carleton.edu algol
  4. Add to /etc/fstab:
    algol:/home /home nfs defaults 1 1
    algol:/etc/secret /etc/secret nfs defaults 1 1
  5. Add computer’s IP address to Algol’s /etc/exports file and then run:
    /usr/sbin/exportfs -a
    on Algol
  6. Install Carleton RPM for LDAP auth:
    rpm -i –force carletonldapauth-1.00-3.es40+fc2.noarch.rpm
  7. Put mntdrives and umntdrives scripts in /usr/local/bin available on /etc/secret/RPMS/mntdrive_scripts (mntdrives.tar.gz)
  8. Make collab scripts runnable:
    chmod u=rwxs,g=rxs,o=rxs /usr/bin/smbmnt
    chmod u=rwxs,g=rxs,o=rxs /usr/bin/smbumount
  9. cp /etc/secret/RPMS/cron_scripts/redhat_update.cron /etc/cron.daily
  10. /etc/cron.daily/redhat_update.cron
  11. cp /etc/secret/RPMS/cron_scripts/get_account_info.cron /etc/cron.hourly
  12. /etc/cron.hourly/get_account_info.cron
  13. Set up printer for computers in Olin 304 and 311 (see separate “printer setup” post)
  14. test

add new user MUST BE ON THUBAN:

Published by jweisber on 2006-07-27


0. For all newusers:

  • MAKE SURE YOU ARE ROOT ON THUBAN.
  • Inform newuser that they are responsible for reading the document /docs/linux/ourhints/newusers which gives some hints and rules for users.
  • Ask their supervisor what principal group they should belong to. Otherwise the script defaults to giving them a principal group with the same name as their user name. JMW thinks this is useless though he might be wrong. A good choice for Joel’s students is “pulsar”.

Steps 1 through 4 are for adding a linux account for a Carleton user with a Carleton username and password. If the person in question is not a member of the Carleton Community, skip straight to step 5.

  1. At the sh prompt, type “useradd -g pulsar <username>”.
  2. Then type “edquota <username>which brings up a vi session, and set the block soft quota to 200000, and the block hard quota to 240000. To do this type ‘i’ (w/o quotes) to insert text into the file, change the values and hit <escape>. Then type “:wq” (w/o quotes) to save the file and exit vi. Do not change any other fields or numbers. Just replace the 0 under “soft quota” with 200000 and the 0 under “hard quota” with 240000.
  3. Then edit /etc/passwd, find <username>’s entry, and enter their full name in the 5th field and change their login shell to ‘/bin/tcsh’.
  4. Go to astro-server list, login, and add <username>@carleton.edu to the list. Then you are done. The user will need to wait 15 minutes for the changes to propagate to the other Astro machines. They should then be able to log in. If user has no carleton account, follow these directions instead of the above:

  5. Determine the alien user’s uid. By convention, Carleton reserves all uid/gid values of 15000+ for Carleton ldap authenticated user accts. So we must choose an unallocated uid for the new user with a value between 500 and 14999. Look at /etc/passwd to find the next available uid larger than 500 and less than 14999. Then open a shell as root on thuban and issue these commands:
  6. adduser <username> -g pulsar -u <uid>”, replacing <username> with the user’s id and <uid> with the uid you’ve just chosen.
  7. passwd <username>” to set the password to a password of your choice.
  8. Then edit /etc/passwd, find <username>’s entry, and enter their full name in the 5th field and change their login shell to ‘/bin/tcsh’.
  9. Then type “edquota <username>which brings up a vi session, and set the block soft quota to 200000, and the block hard quota to 240000. To do this type ‘i’ (w/o quotes) to insert text into the file, change the values and hit <escape>. Then type “:wq” (w/o quotes) to save the file and exit vi. Do not change any other fields or numbers. Just replace the 0 under “soft quota” with 200000 and the 0 under “hard quota” with 240000.
  10. Go to astro-server list, login, and add alien’s email address to the list.
  11. You will then need to wait 15 minutes for the changes to propagate throughout the system. Notify alien of new account and whatever password you set it to. The first thing s/he should do when logging in is change his password(using the passwd command ON THUBAN) to something s/he will remember.

Useful 1-line commands: repquota,lsraid,rpcinfo,du,clear

Published by jweisber on 2006-07-27

One-liners

  • repquota /home
    report on quota usage in /home directory
  • lsraid -A -a /dev/md0
    report on state of RAID array
  • rpcinfo -p
    To see what’s running
  • du -h max-depth=1 /home
    List space occupied on home
  • clear && tail /etc/secret/logs/*.log -n 3
    Show the last action taken on astro network machines

 

 

Converting RAID to LVM-on-RAID

Published by admin-joel on 2006-05-05

OUT OF DATE as of 2008-11-01.

We decided to convert the Raid1 array to LVM instead of a monolithic partition. This will make life easier.

Commands:

  1. pvcreate /dev/md0
    makes a physical volume out of the RAID array device
  2. vgcreate VolGroup01 /dev/md0
    creates a new volume group to which we can add logical volumes
  3. Use Redhat Logical Volume Management tool to create partitions on the new device
    • /docs (5 gigs)
    • /home (50 gigs)
    • /etc/secret (10 gigs)
    • /data (399 gigs)
  4. Modified /etc/exports on Algol to export the new partitions
  5. Modified /etc/fstab on the client computers to use the new partitions
  • mkdir /docs
  • mkdir /data
  • added lines to /etc/fstab:
    algol:/data /data nfs defaults 1 1
    algol:/docs /docs nfs defaults 1 1
  1. Un-tarred the backups from /bkup, which I created with the command:
    cd /bkup & tar -czvpf home.tgz /home
  2. Untar by going to desired directory and running:
    tar -xzvpf /bkup/secret.tgz
    Both of these commands put the directory INTO the desired directory. Once unpacked, it’s necessary to move the contents to the proper location.
  3. Modified /etc/cron.weekly/quotacheck.cron to be:
    #!/bin/bash
    # Update the database that keeps track of quotas
    # Created by Mark Knight (4.13.06)
    # Modified by Mark Knight (5.06.06)
    quotaoff -a
    quotacheck -agum
    quotaon -a

    exit 0

  4. Also, had to modify /etc/fstab to add quotas back on to the new mount line for /home

All in all, not that hard. The permissions are all correct, so hopefully this was just as easy & painless as I think it was.

RAID

Published by admin-joel on 2006-04-13

OUT OF DATE as of 2008-11-01.

The state of the RAID-1 array can be checked with: lsraid -A -a /dev/md0