FreeBSD 7.2RC Released

Posted on in Categories FreeBSD, Hardware, Howto, Networking, News last updated January 25, 2009

The second of two planned Release Candidates for the FreeBSD 7.2-RELEASE cycle is now available. ISO images for Tier-1 architectures are now available on most of the FreeBSD mirror sites.

The freebsd-update(8) utility supports binary upgrades of i386 and amd64
systems running earlier FreeBSD releases. Systems running 7.0-RELEASE,
7.1-RELEASE, 7.2-BETA1, or 7.2-RC1 can upgrade as follows:

# freebsd-update upgrade -r 7.2-RC2

During this process, FreeBSD Update may ask the user to help by merging
some configuration files or by confirming that the automatically performed
merging was done correctly.

# freebsd-update install

The system must be rebooted with the newly installed kernel before continuing.
# shutdown -r now

After rebooting, freebsd-update needs to be run again to install the new
userland components, and the system needs to be rebooted again:

# freebsd-update install
# shutdown -r now

Linux / UNIX: Find out if your configuration files / security settings changed or not

Posted on in Categories Howto, Linux, Security, Sys admin, Tips, UNIX last updated September 16, 2007

How do you find out that somebody has accessed your system and changed your configuration or security settings? How do you verify file content? There is no simple answer to these questions. Personally, I use specialized tool such as tripwire and combination of perl / shell script, UNIX command line utilities.

Examine methods of storing and later checking the validity of your configuration files is one of the key task. This article provides some guideline. You will develop a script that you can use to generate information that checks the validity of a file or directory full of files. The recorded information includes the file path, a checksum of the file so that you can compare the file contents, and unique information about the file (inode, permissions, ownership information) so that you can identify differences should they occur:

The typical UNIX administrator has a key range of utilities, tricks, and systems he or she uses regularly to aid in the process of administration. There are key utilities, command-line chains, and scripts that are used to simplify different processes. Some of these tools come with the operating system, but a majority of the tricks come through years of experience and a desire to ease the system administrator’s life. The focus of this series is on getting the most from the available tools across a range of different UNIX environments, including methods of simplifying administration in a heterogeneous environment.

=> Systems Administration Toolkit: Testing system validity

Howto: Add a new yum repository to install software under CentOS / Redhat Linux

Posted on in Categories CentOS, Howto, Linux distribution, RedHat/Fedora Linux, Sys admin, Tips last updated July 18, 2007

CentOS / Fedora Core / RHEL 5 uses yum for software management. Yum allows you to add a new repository as a source to install binary software.

Understanding yum repository

yum repository configured using /etc/yum.conf file. Additional configuration files are also read from the directories set by the reposdir option (default is /etc/yum.repos.d and /etc/yum/repos.d.

RPMforge repository

Usually repository carries extra and useful packages. RPMforge is one of such repository. You can easily configure RPMforge repository for RHEL5 just by running following single RPM command:
# rpm -Uhv http://apt.sw.be/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
For 64 bit RHEL 5 Linux, enter:
# rpm -Uhv http://apt.sw.be/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

Now you can install software from RPMforge.

How do I install 3rd party repository manually?

Let us say you would like to install 3rd party repository from foo.nixcraft.com. Create a file called foo:
# cd /etc/yum.repos.d
# vi foo

Append following code:
[foo]
name=Foo for RHEL/ CentOS $releasever - $basearch
baseurl=http://foo.nixcraft.com/centos/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://foo.nixcraft.com/RPM-GPG-KEY.txt

Save and close the file.

Where,

  • [foo] : Repository name i.e. The [main] section must exist for yum to do anything.
  • name=Foo for RHEL/ CentOS $releasever – $basearch : A human readable string describing the repository name
  • baseurl=http://foo.nixcraft.com/centos/$releasever/$basearch/ : Must be a URL to the directory where the yum repository’s ‘repodata’ directory lives
  • enabled=1 : Enabled or disabled repo. To disable the repository temporarily, set the enabled to 0
  • gpgcheck=1 : Security feature, use GPG key
  • gpgkey=http://foo.nixcraft.com/RPM-GPG-KEY.txt : GPL file location

Also you need to import the gpg key for the repository as follows:
# rpm --import http://foo.nixcraft.com/RPM-GPG-KEY.txt

Now you are ready to install software from foo repository. For further information refer to yum.conf man page:
$ man yum.conf
$ man yum

Hope this tip will help you to configure repository as and when required.

See also:

Howto Setup yum repositories to update or install package from ISO CDROM Image

Linux command to gather hardware and software snapshot for troubleshooting

Posted on in Categories CentOS, Debian Linux, Gentoo Linux, Hardware, Howto, Linux, RedHat/Fedora Linux, Tips last updated May 1, 2006

When you work in tech support department and deal with inexperienced clients debugging problems turns into a nightmare. As a sysadmin, you won’t become too paranoid if less experienced people have root-access. As a consultant, you won’t feel isolated if you don’t have remote access to your systems. As a support engineer, you won’t become frustrated if a customer has fiddled around with some important config file and you have to find which. As a performance tuner, you can capture the state of the system configuration in between performance tests/benchmarks.

Luckily, some nifty tools can create a system’s hardware and software configuration snapshot. This kind of information is valuable asset while troubleshooting problems.

dconf (System config collector) is one of such tool. It allows to take your system configuration with you on the road, compare identical systems (like nodes in a cluster) to troubleshoot HW or SW problems, indeed a lifesaver.

Dconf is also useful in projects where you have to manage changes as a team. Dconf can run periodically and send out system changes to a list of email addresses so that they can be revised and discussed in group.

You can customize your dconf configuration for specific needs, like making a profile of your web server’s hardware or copy specific software configuration files to send out or compare with other systems.

As a sysadmin, you will not become too paranoid if less experienced people have root-access. As a consultant, you will not feel isolated if you do not have remote access to your systems. As a support engineer, you will not become frustrated if a customer has fiddled around with some important config file and you have to find which. As a performance tuner, you can capture the state of the system configuration in between performance tests/benchmarks.

Install dconf

If you are using Debian / Ubuntu Linux then type the command:
# apt-get install dconf
You can download Dconf for RedHat or Suse Linux here

Create a system’s hardware and software configuration snapshot

Once installed you can simply create a snapshot using dconf command:
# dconf
It will write snapshot in /var/log/dconf/ directory. To view current snapshot info, enter:
# zcat /var/log/dconf/dconf-$HOSTNAME-latest.log.gz
To check the latest changes against the previous snapshot:
# zdiff -u /var/log/dconf/dconf-$HOSTNAME-previous.log.gz /var/log/dconf/dconf-$HOSTNAME-latest.log.gz

See also: