on 02-27-2013 01:59 PM
After working on the SUSE linux system for a few years we've all become accustomed where to find the various utilities that we need when we are setting up servers or trying to diagnose problems. Here are a few things I've found useful. Hopefully they will benefit others.
Note: We have noticed that cutting and pasting commands from this online document sometimes replaces the dash "-" with a period "." so if you get an error, just make sure your pasted command looks the same.
RedHat vs SUSE Linux
Where to find the utilities you're used to getting out of Yast
For VSM 7 installs these utilities are present when the system is installed, but not on CPAM or IPICS.
Like Yast in SUSE, most of the utilities I'm comparing against Yast are GUI utilities that you would access from the desktop under the 'System' pulldown. If the utility has a "-tui" suffix, that means it's a Text User Interface and it can be run from a putty window.
Software Management
system-cdinstall-helper
- This tool works like Yast software management, it assumes you are installing software so it expects you to have an install disk available.
system-config-packages / system-install-packages
- These utilities are also like Yast's software management. They behave like a GUI front end for the command line 'yum' (Yellowdog Update Manager) utility.
The RPM commands you are used to using still work in RedHat, but most people that use RedHat will look for the 'yum' utility. It's a bit like Ubuntu's 'apt' and 'apt-get' utilities. Yum is a tool that you would use to manage what is currently installed and the system, or what packages that are available match the string you are searching for. It allows you to search the installed packages, but for what we normally do the command 'rpm -qa' still works fine.
RPM
Query for Cisco products
rpm -qa | grep Cisco
Install
rpm -ivh <package name>
Uninstall
rpm -e <package name>
To remove all Cisco packages:
rpm -qa | grep Cisco | xargs rpm -e
To install all the packages
rpm -ivh Cisco*.rpm
NTP and Timezone
system-config-date / system-config-time
- These are similar to Yast's Network services->NTP setup. You can set the system time and configure NTP / timezone with it.
The NTP commands at the command line interface are similar to what we use on SUSE today:
# ntpdc –p # ntpdc -c as # ntpq -c rl # ntpq -c rv
Start by running this command on all of their servers
# hwclock --show ; date ; date -u
You get back time in these formats:
Thu Aug 5 09:29:47 2010 -0.271860 seconds Thu Aug 5 09:31:13 PDT 2010 Thu Aug 5 16:31:13 UTC 2010
If the hardware clock is way off you can use
# hwclock --set --date=newdate
Where newdate might look like:
# hwclock --set --date="9/22/96 16:45:05"
it might be necessary to delete the /etc/adjtime file. You have to restart the ntp daemon afterward though.
To restart the ntp daemon
# /etc/init.d/ntpd restart
To query the local ntp info
# ntpq -p
To check the NTPD status
# ntpdc –p
Network Setup
system-config-network / system-config-network-gui
- The network services tab in Yast has many of these settings. You can edit the IP network/IPsec/DNS/Hosts file from this utility. On the desktop you can get to this utility from the system pulldown System->Administration->Network.
system-config-network-tui
- You can edit the interface hardware/IPsec/DNS/Hosts file from this utility in a tui (putty) interface like Yast's tui..
system-config-network-cmd
- network configuration command line tool. Running Yast from the command line allows the network configuration in a similar text user interface.
Without command line arguments this dumps the current network configuration to the screen in text format.
system-control-network
- Allows the users to bring up or shut down the network interfaces.
The command line equivalents would be
ifup
,
ifdown
, and
ifconfig
.
Firewall and Security settings
system-config-securitylevel
- this is the firewall configuration
system-config-securitylevel-tui
- the text user interface for the firewall configuration.
system-config-authentication
- password and NIS setup
authconfig-tui
is also available if needed from the command line
system-config-services
- Yast has this under System->"System Services (runlevel)". This tool allows you to graphically look at the services that are configured to run at each run level
The command line version of this tool is:
chkconfig --list
Display and Input Device settings
system-config-keyboard
- This would be in the Hardware section of Yast for keyboard layout
system-config-language
- Yast offers this in System -> Language
system-config-display
- this would be found in the Hardware section of Yast as 'Graphics Card and Monitor'
Yast has an icon for Remote Administration to allow VNC connections; RedHat’s equivalent is the command:
vino-preferences
.
Password Recovery
SUSE
:
Hit any key when Linux starts to boot to get to the boot menu
You get a page with 2 options for booting, the regular mode and safe mode. On the option line enter
init=/bin/bash
to tell the system to boot into the bash shell immediately. The file system should mount itself, but in case it doesn't, use this command:
mount -o remount,rw /
. To change the root password use the command
passwd
then
reboot
.
Redhat
:
Hit any key when Linux starts to boot to get to the boot menu
The system will present you with boot options. Highlight the line that starts with 'kernel' and press '
e
' to get to be able to edit the options. You will want to add a space then a number
1
. After adding the 1, press
enter
and then press
b
to start the boot process. You will be at a prompt where you can enter the commands
passwd
then
reboot
. Again, you might have to enter the command
mount -o remount,rw /
if the system has not mounted the root file system.
User and Group tools
system-config-rootpassword
- Yast's Security and Users tab, If you can get on the console, you can fix the root password.
system-config-users
- Graphical utility to edit user/groups on the system.
The console terminal program on SUSE is right on the bottom of the screen. To get to the terminal program on RedHat you need to use the pulldown: Applications->Accessories->Terminal
Other System Utilities
While we don’t often use these tools, it is they are needed on occasion.
system-config-lvm
- Yast has LVM under the System heading.
system-config-kdump
- Yast can get you this as a setting under System -> '/etc/sysconfig Editor'
MYSQL
CPAM
adding views:
mysql -u cpam -p --database=vxdb < /opt/cisco/cpam/import/MySQL_Views.sql
VSM
create new:
mysql –u root –p < /usr/BWhttpd/bas/db/mysql-create-6.3.0.sql
backup:
mysqldump -u root -p[root_password] [database_name] > dumpfilename.sql
...or this command will get you the dump out of the last backup:
V6.X
ls -tr1 /usr/BWhttpd/bas/db/backups | tail -n1 | (read -a line; tar -xzf $line --to-stdout /usr/BWhttpd/bas/db/dumps/VSOM_*.sql > /root/dump.sql)
V7.X
ls -tr1 /usr/BWhttpd/vsom_be/db/backup/*.gz | tail -n1 | (read -a line; tar -xzf $line --to-stdout usr/BWhttpd/vsom_be/db/backup/VSOM_*.sql > /root/bas_out.sql)
Restore a database from a dump file:
mysql -u root -p[root_password] [database_name] < dumpfilename.sql
Run the below command and get the output file dbspace.txt. This is to find out what is consuming disk space on db partition:
ls –lR /db > dbspace.txt
To repair mysql tables in vsom
# mysqlcheck -u root -p —repair bas <table_name>
Create a new mysql database called demo
mysql> CREATE DATABASE demo;
Create a new user called user1 for database demo
mysql> GRANT ALL ON demo.* TO user1@localhost IDENTIFIED BY 'mypassword';
Allow access to edit databases remotely
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%.example.com' IDENTIFIED BY PASSWORD 'some_characters' WITH GRANT OPTION
TCPDUMP Commands
tcpdump -i eth0 –s 2000 host <IP of client PC> –w <file>.pcap
tcpdump -i eth0 -n port 80 -l | tee tcp.pcap
tcpdump -i eth0 -n port 80 -s 0 -w tcp.pcap
tcpdump -i eth0 -S host xx.xx.xx.xx -s 0 -w tcp.pcap
tcpdump -i eth0 -S port 80 and not host xx.xx.xx.xx -l | tee tcp.pcap
date +%T --utc | ( read -a line;/usr/sbin/tcpdump -i eth0 -s0 -w packet-$line.cap host 10.154.66.151 )
Some helpful CPAM Commands
To get root: (log in as cpamadmin)
# sudo su
To get an ordered listing of the files:
# ls -alrth
To get to the ssh config page on a CPAM gateway
http://<address>/tac.shtml
To check the NTP sync, use below commands from CPAM ssh prompt.
Checking CPAM’s ntp sync.
/usr/sbin/ntpq -c peer /usr/sbin/ntpq -c assoc /usr/sbin/ntpq -c "pstat <association id from previous>"
Checking gateways sync from CPAM ssh.
/usr/sbin/ntpq -c "peer" <gateway IP address> /usr/sbin/ntpq -c "assoc" <gateway IP address> /usr/sbin/ntpq -c "pstat <assoc id from previous command>" <gateway IP address>
To check if the CPAM upgrade is preceding issue this command:
# ls –ltr /db/cpam/vxdb
Look for timestamps to increment on the .ibd files. Also check the webapp.log for errors.
To manually collect a CPAM showtech:
# /opt/cisco/cpam/bin/showtech.sh
To check the services on CPAM:
# /sbin/service cpamadmin <stop / start / status> # /sbin/service cpamacserver # /sbin/service mysql <stop / start /status>
To turn on badge preview
Go to: Admin -> System Configuration -> Disable batch badge printing (uncheck)
To reset a CPAM standby server in recent versions of CPAM, Go to the URL
http://<address>/cmd/reset
(Use with caution! There is NO 'Are you sure?' safety net)
Getting to be root on a cpam server
# sudo su -
Getting the mysql password
# grep local.pass /opt/cisco/cpam/properties/cpsm.runtime.properties
Getting a Showtech from the CLI:
# /opt/cisco/cpam/bin/showtech.sh
On CPAM Server, show tech is stored in
/opt/cisco/cpam/apache-tomcat/webapps/ROOT/
Getting the Session info:
Fetch the session information from the URL below :
http://CPAM_IP:9091/sessions.html
http://CPAM_IP:9091/clients.html
See what database processes are running:
1) SSH into the CPAM server as 'cpamadmin'
2) Get the CPAM database password
For the 'cpam' user:
# sudo grep password /opt/cisco/cpam/properties/vx.hibernate.properties hibernate.connection.password=9f6oDi7efO
For the 'root' user:
# grep rootpass /opt/cisco/cpam/properties/*
cpsm.runtime.properties:cpsm.runtime.store.local.rootpass=XXXXX
Get the CPAM database password from the output.
3) Use the MySQL command-line client to get the number of database process:
mysql -u cpam -p <enter_password> mysql> show processlist;
Getting the logs from the server by manually generating a showtech
# sudo sh –x /opt/cisco/cpam/bin/showtech.sh
This will create a .zip file with the logs and configuration in the current directory (run it from the cpamadmin user’s home directory /home/cpamadmin). The script takes at least 1 minute to complete due to some performance information it gathers, and you may see an error message regarding the permissions on “`cib.xml” that can be ignored.
Getting the decompressed config file from a CPAM gateway
1) Enable ssh for the gateway through GW webadmin
2) Login into gateway as root using sudo su
3) cd /mnt/flash
4) Use following command to create decompressed config file.
/physec/cmdcfg_fldump -cfg dump <Config file name>.cfg myconf.txt
5) Collect the myconf.txt and share it.
Linux Tricks
Link the java sdk to the 'java' for install
shell> ln -s s2sdk1.4.2_19 java
Follow a log as it is growing:
tail -f <filename>
Convert a file to linux from MS DOS
tr -d '\r' < inputfile > < outputfile >
Convert a file from MS-DOS to linux
dos2unix <filename>
Find system version:
cat /proc/version
To see the ip interface info and bring the ethernet port up.
ifconfig ifup eth0
To see the characteristics of the ethernet interface
ethtool eth0
Setting eth3 to eth0
vi /etc/udev/rules.d/30-net_persistent_names.rules
After the file is opened, delete the lines at the end of the file that start with SUBSYSTEM. Then reboot to have the system recreate those lines automatically with the correct eth0 and eth1 device names.
To see the active connections on a system (not listeners):
netstat -tupen
To see the listening ports on a system:
netstat -tuplen
To see the file system layout
df -k
To see the size of files in your directories
du -xhs /* | egrep [0-9.]+[MG] | sort -n
To pull 60 days’ worth of VSM Logs
Support-report –d 60
To list files in a directory in order by age
ls -t
To remove an entire directory and its subdirectories (use with caution!)
rm -rf dirname/
Run a script and tail a log at the same time:
./scriptname ; tail -F /logs/logname
Clear out a log or text file:
cat /dev/null > <filename>
Get an SMD file dump:
# export LD_LIBRARY_PATH=/usr/BWhttpd/lib
# /usr/BWhttpd/bin/smdfiledump <smd_file_name>
Verify an md5 checksum
# md5sum -c filename.zip.md5 filename.zip
Remove all but the 9 oldest files in the directory. (remember the 'tail' count starts at 0)
# ls -1 -t | tail +10 | xargs -i rm {}
Pull the title of all the known camera types supported by the VSM server from the bas devices xml file
# grep -i 'title=' /usr/BWhttpd/bas/src/conf/bas_devices.xml | cut -f2 -d'"' | cut -f1 -d'"'
VSM 7 Useful commands:
We can determine the utilization by running the following command:
# /usr/BWhttpd/bin/reposdbtestclient dumpstoragemonshmem
If they are logging on as localadmin user, they can run
# sudo /usr/BWhttpd/bin/reposdbtestclient dumpstoragemonshmem
You can verify how much video data there is for each recording by running the command:
# du -hsxc /media?/1???
Also, dump a list of the archive files to a text file, you can do this with the command:
# ls -lR /media? > /tmp/archivefiles.txt
In VSM 7 the system's MySQL databases have changed how they are accessed. If you need to start looking at tables on the live server, use these commands to get into the databases:
VSOM:
/usr/BWhttpd/vsom_be/db/mysql/bin/mysql --defaults-file=/usr/BWhttpd/vsom_be/db/mysql/my.cnf
VSMS
/usr/BWhttpd/mysql/bin/mysql --defaults-file=/usr/BWhttpd/mysql/ums/ums.cnf
VSMS:
Usage:
/usr/BWhttpd/bin/dbBackupRestore.sh <backup> <path> [-t]
/usr/BWhttpd/bin/dbBackupRestore.sh <configOnlyBackup> <path> [-t]
/usr/BWhttpd/bin/dbBackupRestore.sh <configOnlyBackup> <scheduled>
/usr/BWhttpd/bin/dbBackupRestore.sh <restore> <fileName> [-s]
-t : Do not tar report
-s : Include system configuration for restore
VSOM:
Backup Usage:
/usr/BWhttpd/vsom_be/db/vsom_backup.sh [-c] [-x] [-r protocol] [-a address] [-u username] [-p password] [-f filePath] [-d backupDestn] [-s sqlFile] [-m maxBackupSpace in MB] [-t] [-b]
-t : Do not tar report
Restore Usage:
/usr/BWhttpd/vsom_be/db/vsom_backup_restore.sh [-i] {[-l] [-c] [-n backupFileName]}/{[-x] [-r protocol] [-a address] [-u username] [-p password] [-f fileName]} [-s <0|1>]"
-s : system configuration. 0 to exclude(default is 0)
Excellent!! Thanks for this Gerald! Very helpful...
Vance
Hey Gerald, any chance you can format this into a text or PDF file we may download? The PDF Action above give me 17 pages! The Print Action still has HTML/CSS formating on it (and asyou mentioned may change some sysntax).
Err, RedHat, in v7 you may not be able to run many commands as the default 'localadmin', may need to open a terminal session and run sudo su for most of this.
Good point Cory. I normally use the command:
sudo su -
The dash at the end gets the environment variables that root is supposed to have.
Thank you soooo much for this little nugget of info! I don't know how it's eluded me for so long :-)
A note on the "hwclock" command.
When using NTP, once you set the clock at the system level, to avoid issues with the hardware clock on the systemboard resetting the time to a widely divergent value you should do the following.
hwclock --systohc
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: