Solaris: Remove / uninstall the software / package

last updated in Categories Howto, Solaris, UNIX

You need to use pkgrm command which will remove a previously installed or partially installed package from the system. A check is made to determine if any other packages depend on the one being removed. If a dependency exists, the action taken is defined in the admin file.

The default state for the command is in interactive mode, meaning that prompt messages are given during processing to allow the administrator to confirm the actions being taken. Non-interactive mode can be requested with the -n option.

pkgrm command syntax

Use the following command syntax
pkgrm packagename
The following example removes SUNWgtar (GNU Tar):
pkgrm SUNWgtar

The following example removes all instances of SUNWjunk:
# pkgrm -R /export/root/client1 SUNWjunk*

Where,

  • -R root_path : Defines the full path name of a directory to use as the root_path . All files, including package system information files, are relocated to a directory tree starting in the specified root_path .

See the pkgrm(1M) man page for information and options:
man 1 pkgrm

Solaris: How do I setup a default static route / static router IP address?

last updated in Categories Solaris, Sys admin, Tip of the day, Tips, UNIX

/etc/defaultrouter is the configuration file for default router under Solaris os. The /etc/defaultrouter file can contain the IP addresses or hostnames of one or more default routers, with each entry on its own line. If you use hostnames, each hostname must also be listed in the local /etc/hosts file, because no name services are running at the time that defaultrouter is read.

The default routes listed in this file replace those added by the kernel during diskless booting. An empty /etc/defaultrouter file will cause the default route added by the kernel to be deleted.

(1) First login to Solaris box as a root user:
# su
The /etc/defaultrouter is configuration file for default router under Sun Solaris. Open the file /etc/defaultrouter and add the router IP address:
# vi /etc/defaultrouter
Append IP address:
192.168.1.254
Restart the Solaris network with following command:
# /etc/init.d/network restart
(3) Or you can add the router IP to default route table as follows:
# route add default 192.168.1.254
Output:

add net default: gateway 192.168.1.254

Finally use nslookup and ping command to check network settings:
$ ping 192.168.1.254
$ nslookup nixcraft.com

Solaris UNIX: How to Setup DNS Client configuration / name server

last updated in Categories Solaris, Sys admin, Troubleshooting, UNIX

So how do you set DNS namserver under Sun Solaris UNIX system? The resolver is a set of routines in the C library that provide access to the Internet Domain Name System (DNS). The resolver configuration file contains information that is read by the resolver routines the first time they are invoked by a process. The file is designed to be human readable and contains a list of keywords with values that provide various types of resolver information.

Internet address (in dot notation) of a name server that the resolver should query. Up to MAXNS (currently 3, see ) name servers may be listed, one per keyword. If there are multiple servers, the resolver library queries them in the order listed. To configure Solaris nameserver edit or modify /etc/resolv.conf file.

DNS Client Setup

First Create the file called /etc/resolv.conf – which includes the primary and secondary DNS server IP address for Solaris system, it can be your own DNS server or your ISPs DNS server:
# touch /etc/resolv.conf

Open /etc/resolv.conf using vi text editor:
# vi /etc/resolv.conf
Add the following lines to it:

search nixcraft.in
nameserver 202.54.1.30
nameserver 202.54.1.18

Where,

  • nameserver IP : It is IP of first DNS server
  • search nixcraft.in : Default domain name to search. For example, if you type command nslookup www, it will search it as www.nixcraft.in

2) Enable the name resolving using DNS as follows:
# cp /etc/nsswitch.dns /etc/nsswitch.conf
3) Test new name server by running the nslookup command as follows:
# nslookup nixcraft.in
OR
# /usr/sfw/sbin/nslookup nixcraft.in
Output:

Server:  gwbsd2vsnl.nixcraft.in
Address:  192.168.1.202

Non-authoritative answer:
Name:    nixcraft.in
Address:  202.71.128.225

Linux or UNIX Recover deleted files – undelete files

last updated in Categories Backup, Data recovery, Linux, Sys admin, Tips, UNIX

If you rum rm command accidentally and deleted important a file, recovery becomes critical under Linux and/or UNIX oses.

Since Linux is multiuser and multitasking operating system other users/process can overwrite deleted file disk space. So you need to take down system to single user mode.

First use wall (only the super-user can write on the terminals of users) command write a message to all users, then use init (process control initialization) command to take system to single user mode.

Procedure

Following are generic steps to recover text files.

First use wall command to tell user that system is going down in a single user mode:
# wallOutput:

System is going down to .... please save your work.

Press CTRL+D to send message.

Next use init 1 command to take system to a single user mode:
# init 1

Using grep (traditional UNIX way) to recover files

Use following grep syntax:
grep -b ‘search-text’ /dev/partition > file.txt
OR
grep -a -B[size before] -A[size after] ‘text’ /dev/[your_partition] > file.txt
Where,

  • -i : Ignore case distinctions in both the PATTERN and the input files i.e. match both uppercase and lowercase character.
  • -a : Process a binary file as if it were text
  • -B Print number lines/size of leading context before matching lines.
  • -A: Print number lines/size of trailing context after matching lines.

To recover text file starting with “nixCraft” word on /dev/sda1 you can try following command:
# grep -i -a -B10 -A100 'nixCraft' /dev/sda1 > file.txt

Next use vi to see file.txt. This method is ONLY useful if deleted file is text file. If you are using ext2 file system, try out recover command. .

See also:

How to: Troubleshoot UNIX / Linux BIND DNS server problems

last updated in Categories BIND Dns, CentOS, Debian Linux, FreeBSD, Gentoo Linux, GNU/Open source, Howto, Linux, OpenBSD, RedHat/Fedora Linux, Suse Linux, Sys admin, Troubleshooting, Tuning, UNIX

BIND is the Berkeley Internet Name Domain, DNS server. It is wildly used on UNIX and Linux like oses. You can use following tools to troubleshoot bind related problems under UNIX or Linux oses.

Task: Port 53 open and listing requests

By default BIND listen DNS queries on port 53. So make sure port 53 is open and listing user requests. by running any one of the following tests. See if you can telnet to port 53 from remote computer:
$ telnet remote-server-ip 53
OR
telnet ns1.nixcraft.org domain
Output:

Trying 192.168.0.5...
Connected to ns1.nixcraft.org.
Escape character is '^]'.

If you cannot connect make sure firewall is not blocking your requests. Next use netstat command to list open and listing port 53 on server itself:
$ netstat -tulpn | grep :53
OR
# netstat -atve
Output:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode
tcp        0      0 ns1.nixcraft.org:domain *:*                     LISTEN      named      10386
tcp        0      0 rhx.test.com:domain     *:*                     LISTEN      named      10384
tcp        0      0 *:ssh                   *:*                     LISTEN      root       1785
tcp        0      0 rhx.test.com:rndc       *:*                     LISTEN      named      10388
tcp        0      0 rhx.test.com:smtp       *:*                     LISTEN      root       1873
tcp        0      0 ns1.nixcraft.org:ssh    w2k.nixcraft.org:1057   ESTABLISHED root       10501
tcp        0      0 rhx.test.com:32773      rhx.test.com:domain     TIME_WAIT   root       0
tcp        0      0 ns1.nixcraft.org:32775  ns1.nixcraft.org:domain TIME_WAIT   root       0
tcp        0      0 rhx.test.com:32774      rhx.test.com:domain     TIME_WAIT   root       0

Make sure iptables firewall is not blocking request on server:
# iptables -L -n
OR
# iptables -L -n | less
Make sure named is running:
# /etc/init.d/named status
If not start named:
# chkconfig named on
# service named start

Task: Use log files

You can use log files after starting/restarting bind to see error messages:
# tail –f /var/log/message
Output:

Nov 17 16:50:25 rhx named[3539]: listening on IPv4 interface lo, 127.0.0.1#53
Nov 17 16:50:25 rhx named[3539]: listening on IPv4 interface eth0, 192.168.0.5#53
Nov 17 16:50:25 rhx named[3539]: command channel listening on 127.0.0.1#953
Nov 17 16:50:25 rhx named[3539]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Nov 17 16:50:25 rhx named[3539]: nixcraft.org.rev:1: no TTL specified; using SOA MINTTL instead
Nov 17 16:50:25 rhx named[3539]: zone 0.168.192.in-addr.arpa/IN: loaded serial 12
Nov 17 16:50:25 rhx named[3539]: zone localhost/IN: loaded serial 42
Nov 17 16:50:25 rhx named[3539]: zone nixcraft.org/IN: loaded serial 12
Nov 17 16:50:25 rhx named[3539]: running

Task: Check zone file for errors

You can check zone file syntax and /etc/named.conf file using following utilities. named-checkconf command is named (BIND) configuration file syntax checking tool.
# named-checkconf /etc/named.conf
Output:

/etc/named.conf:32: missing ';' before 'zone'

Plesse note that if named-checkconf did not find any errors it will not display in output on screen.

Check zone file syntax for errors. named-checkzone is zone file validity checking tool. named-checkzone checks the syntax and integrity of a zone file. It performs the same checks as named does when loading a zone. This makes named checkzone useful for checking zone files before configuring them into a name server.
# named-checkzone localhost /var/named/localhost.zone
OR
#named-checkzone nixcraft.org /var/named/nixcraft.org.zone
Output:

zone nixcraft.org/IN: loaded serial 12
OK

Task: Testing BIND/DNS with utilities

You can use host and dig utilties to test your bind configuration.

  • host: host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa.
  • dig: dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.

List IP address associated with host names:
# host nixcraft.org
OR
# host www
Output:

www.nixcraft.org has address 192.168.0.6

Perform a zone transfer for zone name using -l option:
# host -l nixcraft.org

nixcraft.org SOA ns1.nixcraft.org. admin.nixcraft.org. 12 10800 900 604800 86400
nixcraft.org name server ns1.nixcraft.org.
nixcraft.org mail is handled by 10 mail.nixcraft.org.
nixcraft.org has address 192.168.0.5
gw.nixcraft.org has address 192.168.0.254
mail.nixcraft.org has address 192.168.0.7
ns1.nixcraft.org has address 192.168.0.5
w2k.nixcraft.org has address 192.168.0.1
www.nixcraft.org has address 192.168.0.6
nixcraft.org SOA ns1.nixcraft.org. admin.nixcraft.org. 12 10800 900 604800 86400

Other examples
# dig mail.nixcraft.org
# dig 192.168.0.5

SSH Public Key Based Authentication on a Linux/Unix server

last updated in Categories CentOS, Debian Linux, FreeBSD, Gentoo Linux, Howto, Linux, Linux desktop, Linux laptop, OpenBSD, RedHat/Fedora Linux, Solaris, Suse Linux, Sys admin, Tips, Ubuntu Linux, UNIX

The SSH protocol recommended a method for remote login and remote file transfer which provides confidentiality and security for data exchanged between two server systems. The SSH depends upon the use of public key cryptography. The OpenSSH server offers this kind of setup under Linux or Unix-like system. This how-to covers generating and using ssh public keys for automated usage such as:

  1. Automated Login using the shell scripts
  2. Making backups
  3. Run commands from the shell prompt and more
  4. Login without password