HTML Form Images

Images used to indicate HTML form widgets:

Checked Radio Button
Checked Tick Box
Unchecked Tick Box

Yellow Screen Template

Shell script goes here

chora - Switching between Oracle databases

Introduction:

This code goes into a user's .bash_profile file. This file is normally hidden from a directory listing (any filename starting with a '.' is normally hidden), but can be seen by typing the command; 'ls -al', or just 'll'.

This creates the shell function; 'chora'. The advantage of a function over a local script is that it runs in the current shell and, therefore, doesn't have to be called like this; '. ./chora'.

There are 2 types of parameter for this function:

'?' - This reports the current SID and lists all available SIDs.
SID - Calling 'chora SID' swithes the user's environment to the new SID if it exists.

When the user logs in, this reports availability.

Aim:

Give users a quick and simple way of switching between SIDs.

Requirements:

Obviously, this only operates in an Oracle environment.

Procedure:

• Log in as the user.
• Open Terminal.
• # cd
• # vi .bash_profile
• Add the following lines. They would normally go somewhere between a line that sets the initial Oracle SID (e.g. 'export ORACLE_SID...'), and the umask line.:
• Best; Download here.
• Or; Cut and paste the lines of code between the dotted lines:
  

... export ORACLE_SID=`grep Y$ /etc/oratab | cut -d: -f1 | head -1` # ------------------------------ chora -------------------------------- chora () { if [ "$1" = "?" -o "$1" = "" ] then echo echo "Oracle SID is currently <$ORACLE_SID>" echo echo " Available:" for sid in `grep Y$ /etc/oratab | cut -d: -f1` do echo " <$sid>" done else if [ `grep Y$ /etc/oratab | cut -d: -f1 | grep $1` ] then export ORACLE_SID=$1 echo echo "Oracle SID changed to <$ORACLE_SID>" else echo echo "No such SID." fi fi echo } # If not on a terminal then don't output report. if [ "`ps -ef | grep ^$USER | grep 'grep grep' | grep pts`" != "" ] then clear echo echo "Oracle SID switcher:" echo " chora " echo echo " Available:" for sid in `grep Y$ /etc/oratab | cut -d: -f1` do echo " <$sid>" done echo echo " Currently:" echo " <$ORACLE_SID>" echo fi # ------------------------------ chora -------------------------------- umask 022 ...

Testing:

This will demonstrate that the function is available but won't switch SIDs until databases have been built:

• Source .bash_profile:
• $ . ./.bash_profile
• This returns with either a list of SIDs or an error message; 'grep: /etc/oratab: No such file or directory' if there are no databases installed.
• Run chora in query mode:
• $ chora ?
• This returns with either a list of SIDs or an error message; 'grep: /etc/oratab: No such file or directory' if there are no databases installed.

Shell Scripts

This post contains links to other posts that make up a library of Linux / UNIX shell scripts and techniques:

• chora - Switching between Oracle databases.
• Redirect Streams (stdin, stdout & stderr).
  

Install the Oracle Database

Introduction:

In this post, we will install the Oracle 10g Database Suite.

Aim:

An installed base-engine.

Requirements:

A configured Linux server.

Procedure:

• Reboot the server.
• Log in as root.
• Open Terminal.
• Set up sysctl.conf
  
• # cd /etc
• # vi sysctl.conf
• Add the following lines to the bottom of this file:
• # Oracle parameters:
• kernel.shmall = 2097152
• kernel.shmmax = 2147483648
• kernel.shmmni = 4096
• # semaphores: semmsl semmns semopm semmni
• kernel.sem = 250 32000 100 128
• fs.file-max = 65536
• net.ipv4.ip_local_port_range = 1024 65000
• net.core.rmem_default = 262144
• net.core.wmem_default = 262144
• net.core.rmem_max = 262144
• net.core.wmem_max = 262144
• Lodge the changes:
• # /sbin/sysctl -p
• Set security limits:
• # cd /etc/security
• # vi limits.conf
• Add the following lines just before the line; '# End of file':
• * soft nproc 2047
• * hard nproc 16384
• * soft nofile 1024
• * hard nofile 65536
• Set up pam:
• # cd /etc/pam.d
• # vi login
• Add the following line just before the comment; '# pam_selinux.so open should be the last session rule':
• session required /lib/security/pam_limits.so
• Check that the correct packages are installed:
• Run the following rpm commands. In each case, rpm should come back with at least the version indicated:
• # rpm -q setarch -> setarch-1.7-3
• # rpm -q tcl -> tcl-8.4.9-3
• # rpm -q xorg-x11-deprecated-libs -> xorg-x11-deprecated-libs-6.8.2-31
• # rpm -q openmotif -> openmotif-2.2.3-10
• # rpm -q compat-db -> compat-db-4.2.52-2
• # rpm -q compat-libstdc++-33 -> compat-libstdc++-33-3.2.3-47.fc4
• # rpm -q compat-gcc-32 -> compat-gcc-32-3.2.3-47.fc4
• # rpm -q compat-gcc-32-c++ -> compat-gcc-32-c++-3.2.3-47.fc4
• Create the oracle user:
• # groupadd oinstall
• # groupadd dba
• # groupadd oper
• # useradd -g oinstall -G dba oracle
• # passwd oracle
• Enter the password twice.
• Create oracle's home file system:
• # mkdir -p /u01/app/oracle/10.2.0.1/db01
• # chown-R oracle.oinstall /u01
• Change OS release information (Oracle thinks it can only run on certain OS's. It's wrong.):
• # cd /etc
• # vi redhat-release
• Comment out Fedora... line with a #
• Add line: redhat-3
• Reboot the server so that the kernel changes take effect.
  
• Set up oracle's account:
• Log in as oracle and set up oralcle's desktop.
• $ vi .bash_profile
• Add the following lines to oracle's .bash_profile right below the line; 'export PATH':
  

# Oracle definitions & locations. export ORACLE_BASE=/u01/app/oracle export ORACLE_HOME=$ORACLE_BASE/10.2.0.1/db01 export PATH=$PATH:$ORACLE_HOME/bin export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib export ORACLE_TERM=vt100 export ORACLE_SID=`grep Y$ /etc/oratab | cut -d: -f1 | head -1` umask 022

• And while you're here, add chora.
• Source .bash_profile:
• $ cd
• $ . ./.bash_profile
  
• Download Oracle 10g:
• This bit of the licence is important. We are going to get a Developer Licence - which is free - but, if you use this software for financial gain, you owe Oracle:
• We grant you a nonexclusive, nontransferable limited license to use the programs only for the purpose of developing a single prototype of your application, and not for any other purpose. If you use the application you develop under this license for any internal data processing or for any commercial or production purposes, or you want to use the programs for any purpose other than as permitted under this agreement, you must contact us, or an Oracle reseller, to obtain the appropriate license. We may audit your use of the programs. Program documentation may accessed online at http://otn.oracle.com/docs.
• $ mkdir oradb
• $ cd oradb
  
• Go here (from OTN - link through here to register) to get the software and download it to this directory - it is single file called; '10201_database_linux32.zip'. (I also burn it on to a CD. You never know when you'll need the install disk and why go through that download twice!)
• Unzip the file:
• $ unzip 10201_database_linux32.zip
• This unzips the file to the sub-directory; 'database'.
• Run the installer:
• $ cd database
• Open an xterm window: $ xterm &
• In the xterm window: $ ./runInstaller
• An Oracle Universal Installer (OUI) opens. (Get used to these types of windows. We are going to see a lot of them.)
• Installer actions:
• Select Installation Method:
• Oracle Home Location: /u01/app/oracle/10.2.0.1/db01
  
• Untick; Create Starter Database (additional 720MB) - (We will create a couple of databases later.)
• [Next]
• Specify Inventory directory and credentials:
  
• Enter the full path of the inventory directory: /u01/app/oracle/oraInventory
  
• [Next]
• Product-Specific Prerequisite Checks:
• The status of all of these should be 'Succeeded'. If some are not, this may still work but there is no guarantee. Before going on, you should check the OS changes we made above on this post.
• [Next]
• Summary:
• [Install]
• Execute Configuration scripts:
• Some scripts need to be run as root:
• Open Terminal.
• Switch to root: $ su -
  
• Enter root's password.
  
• # cd /u01/app/oracle/oraInventory
• # ./orainstRoot.sh
• This throws a few messages as it executes.
  
• # cd /u01/app/oracle/10.2.0.1/db01
• # root.sh
• This throws some messages and then asks for input:
• Enter the full pathname of the local bin directory: [/usr/local/bin]: Just hit enter.
• The script then puts a few files in the local bin directory, throws a few more messages and finishes.
• You can leave root's Terminal window open.
  
• Go back to the Installer...
• [OK]
• End of Installation:
• This bit is important. Two URLs are listed. Note these down. Mine are listed on my Server Specification.
• [Exit]
• Exit:
• [Yes]
• Go to root's Terminal:
• # cd /etc
• # vi redhat-release
• Change this back so that the only uncommented line reads; 'Fedora Core release 4 (Stentz)'.
• Correct file permissions:
• If you have a Metalink account:
• Go to oracle's Terminal.
• $ cd
• $ mkdir patches
• $ cd patches
• Download this patch to this directory (Platform of Language is 'Linux x86').
  
• $ unzip p4516865_10201_LINUX.zip
• $ cd 4516865
• $ export PATH=$PATH:$ORACLE_HOME/OPatch
• $ which opatch
• This should return a path to the opatch script.
• $ opatch lsinventory:
• This returns a number of messages, one of which is; Lsinventory Output file location : and a path.
• $ opatch apply
• This returns a number of messages cumulating in 'OPatch succeeded.'
• $ cd $ORACLE_HOME/install
• $ ./changePerm.sh
• This is and interactive script:
• Do you wish to continue (y/n) [n]: y
• Eventually, the script returns with a number of messages, including; 'Finished running the script successfully'
• If you don't have access to Metalink:
• Try this - WARNING: I haven't tested this. While this will probably work, it may relax file permissions to a greater extent than by applying the patch. The security implications for this are unknown - at least by me:
• Go to oracle's Terminal.
• chmod -R a+rX $ORACLE_HOME

Testing:

Not much to test at the moment. The Oracle software is installed but we don't yet have a database. Let's create a couple of these in the next step.

Configure Sendmail

Introduction:

Sendmail is the Linux service that sends and receives email. I will be setting up Oracle to use this to report database and workflow events.

What this configuration won't do is receive email - actually, it might but I won't be testing that. I don't need this for Oracle and that involves buying a domain name - something I just don't need.

Aim:

Set up Sendmail to be able to send email to anywhere.

Requirements:

A configured Linux home network that is up.

Procedure:

• Log in as root.
• Open terminal.
• # cd /etc/mail
• # vi sendmail.cf
• Find the line; '0 DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA' and comment it out; '#0 DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA'
• Save and exit.
• # vi local-host-names
• Add a new line: 'steveroach.org' (i.e. your domain name)
• Save and exit.
• # service sendmail restart
• The result of this is:
  

# service sendmail restart Shutting down sendmail: [ OK ] Shutting down sm-client: [ OK ] Starting sendmail: [ OK ] Starting sm-client: [ OK ] #

Testing:

• Send a test email:
• # echo Test | mail -s "Testing" my@email.com (use an email address you have access to)
• Check that the email has landed in your inbox. This may take a few minutes. If you can't immediately see it, check your junk bucket. It may have been wrongly flagged as spam.

Install PuTTY on the PC

Introduction:

PuTTY is just about the best Telnet/SSH Client and, what's more it's free. This allows you open a shell prompt to the Linux server from your PC.

And why would you want to do this?

The complete setup I am aiming at is one that looks very much like what I use at work. The Linux / UNIX servers are tucked away in the server room and everyone gets a networked PC. The first thing I do when starting a new contract is to install my favorite toolset. Right at the top of that list, if it is not already installed, is PuTTY.

If you find a better client, please tell me.

Aim:

Install and configure PuTTY.

Requirements:

A home network up and running.

Procedure:

• Get the software:
• Go here and download putty.exe for your OS.
• Run the executable.
• That takes you here:
  

• Enter connection details:
• Host name: lisa
• Port: 22
• Protocol: SSH
• [Open]
• At this point, the server's host key is stored. This is a one-time event and ensures that PuTTY is connected to the server it ought to be. This looks something like this (Actually, this shot is what you get if you reinstall the server and it generates new keys, but you get the idea.):
  

• Click [Yes]
• The client screen starts (click this image to see it properly):
  

• There's a couple of things I don't like about the default config; I like normal test to be green, and that blue colour for directories is WAY too dark. You'd spend all day squinting at it!
• Hover your mouse over the top of the PuTTY window and right-click.
• Change normal test colour:
  
• -Change Settings...-
• -Colours-
• -Default Foreground-
• [Modify]
• I use pure green - #00FF00
• Lighten up that blue:
• -ANSI Blue-
• [Modify]
• I grab the vertical slider on the right and drag it to about 3/4 of the way to the top.
• That's better:
  

Now, not only do you have PuTTY installed and configured, you've also tested ssh on the server. Well done.

Register Shared Folders

Introduction:

When we configured Linux, we set up Samba to share 2 directories; a public one and Steve's home directory.

Aim:

Register both of these directories on the PC.

Requirements:

• Linux is installed and configured.
• Likewise for Samba.
• The network is connected and up.

Procedure:

On the Server:

• Log in as root.
• Open Terminal.
  
• # cd /home/public
• # vi public_test.txt
• i(nsert) some text, save and exit.
• # chmod 777 public_test.txt
• # cd /home/steve
• # vi steve_test.txt
• i(nsert) some text, save and exit.
• # chmod 777 steve_test.txt
  

On the PC:

• Register lisa as a share:
• -Start-
• -My Network Places-
• [Search]
• Computer name: lisa [Search]
• Two locations are found (not sure why):
• Samba 3.0.14a-2 (Lisa)
• Samba 3.0.14a-2 (lisa)
• Double-click either one of them.
• Enter a linux user's name and password:
• Username: steve
• Password: *********
• You should see three items:
• public
• steve
• Printers and Faxes
• Navigate to public and steve in turn and open the test files you created.
• Close 'My Network Places'.

Testing:

• Check share is registered:
• -Start-
• -My Network Places-
• Check that there are 2 new folders here, one for public on lisa, the other for steve on lisa.

Configure DNS

Introduction:

DNS (Domain Name System) is the stuff that turn URLs into IP Adresses and vice versa.

Aim:

We are going to set this up so that an addresses local to the network are resolved locally, and any that are for the internet are passed on.

Requirements:

You will need the following:

• Your domain name (You need to make up a name for your network. I use steveroach.org partly because that's my name and partly because I used to own that domain. You can use whatever you like as it is hidden from the rest of the internet anyway. It's best to avoid any real domains or you won't be able to navigate the net properly.)
• Your server name.
• Your server IP address.
• Your PC name.
• Your PC IP address.
• Your ISP's DNS server IP addresses (If they are not on your ISP's home page, give support a call).
  

Procedure:

• Log in as root.
  
• Open Terminal
• # cd
• # mkdir dns
• # cd dns
• Copy the following scripts into this directory (I usually put them on a floppy - hint: Put in a floppy, right-click the links below, choose -Save Link as...-, navigate to the floppy, and [SAVE]):
• install.sh
• named.bind
• named.conf
• named.root
• zone.-DOMAIN-
• zone.ip6.local
• zone.localhost
• zone.rev.broadcast
• zone.rev.-DOMAIN-
• zone.rev.localhost
• zone.rev.zero
  
• Run the installer:
• # install.sh
• Enter the information asked for.
  
• Check the installation. Run the following commands:
• # service named restart
• # named-checkconf -z
• # service named status
• This is the result:

# service named restart Stopping named: [FAILED] Starting named: [ OK ] # named-checkconf -z zone steveroach.org/IN: loaded serial 1290 zone 0.168.192.in-addr.arpa/IN: loaded serial 1291 zone localhost/IN: loaded serial 1290 zone 0.0.127.in-addr.arpa/IN: loaded serial 1290 zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1290 zone 255.in-addr.arpa/IN: loaded serial 1290 zone 0.in-addr.arpa/IN: loaded serial 42 zone bind/CH: loaded serial 1290 # service named status number of zones: 8 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is ON recursive clients: 0/1000 tcp clients: 0/100 server is up and running #

• Add named to the boot scripts:
• # cd /etc/init.d
• # vi named
• Change the line; '# chkconfig – 11 89' to '# chkconfig 35 11 89'
• # chkconfig –-del named
• # chkconfig –-add named
• Set DNS logging:
• # cd /etc/sysconfig
• # vi syslog
• Change the line: 'SYSLOGD_OPTIONS="-m 0"' to 'SYSLOGD_OPTIONS="-m 0 -a /var/named/chroot/var/log"'
  
• Turn off IPv6:
• # cd /etc
  
• # vi modprobe.conf
• Add these lines to the bottom of the file:
• alias ipv6 off
• alias net-pf -2 ipv4
  
• Configure Firefox:
• Start Firefox
• Type; 'about:config' into address bar
• Type 'network' into filter field
• Right-click 'network.dns.disableIPv6'
• [Toggle] to 'true'
• Right-click 'network.http.pipelining'
• [Toggle] to 'true'
• Close Firefox
  
• Make resolv.conf permanent:
• # cd /etc
• # cp resolv.conf resolv.conf.local
• # vi resolv.conf.local
• Edit the file to look like this:
• search steveroach.org (your domain name)
• nameserver 127.0.0.1
• nameserver 203.50.2.71 (your ISP's primary DNS server IP)
• nameserver 139.130.4.4 (your ISP's secondary DNS server IP)
• # cd /sbin
• # vi dhclient-script
• Find the line; 'rm -f \$rscf' by typing: /rm -f \$rscf
• O(pen a new line)
• Add this new line to the script: cp /etc/resolv.conf.local /etc/resolv.conf
  
• Reboot the server.

Testing:

Extensive testing will be done later when the firewall is in and the network is connected.

Can't ping

Introduction:

I must confess, I had all sorts of problems with network connectivity once I came to test my NIC configuration, and this was partly my own fault. As a software engineer, I always assume that any problems I have are in software - especially right after a complex software installation or change. So, when I couldn't ping my PC from the server and vice versa, I went on a long fruitless search through my configuration. It took a post here to put me right (oh, and BTW, you should favorite that link right now).

This, then, is a diagnostic and fix for one possible problem that will not let you ping from your LInux box to your Windoze box and vice versa.

Aim:

Diagnose and fix a network problem where ping does not work.

Requirements:

You have got to this stage of your installation and the ping test has failed.

Procedure:

Diagnose:

• Log in as root.
• Open Terminal.
• # ifconfig
• You should get a result something like this:
  

# ifconfig eth0 Link encap:Ethernet HWaddr 00:0D:88:32:06:4A inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::20d:88ff:fe32:64a/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:27 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:2240 (2.1 KiB) Interrupt:10 Base address:0xe800 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1382 errors:0 dropped:0 overruns:0 frame:0 TX packets:1382 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1800890 (1.7 MiB) TX bytes:1800890 (1.7 MiB) #

• Look at the 4th line in the 'eth0' section. You should see the 'RUNNING' flag there. If you don't there is a hardware problem because that flag is only present when the network card sees a good connection.
• However, it is possible that you still have a hardware problem even when the 'RUNNING' flag is present. This is when you are plugged into a hub and there is either a problem with the hub or the other cable going into it.The hub tries to look, electrically, like a network card to the incomming cable. It may fool ifconfig into thinking that it has a good connection.
• The best thing to do here is disconnect the cables from both network cards and connect them together directly with a crossover cable. One you KNOW to be good. If you can ping with this carrying the connection, the problem is either with your hub or one of the cables.

Fix:

• Try reconnecting with normal CAT5 cables that you absolutely know to be good or change the hub.
  

Test Network Connections

Introduction:

Now we have a fully configured and connected Linux served home network. Let's make sure it all works...

Aim:

Test the network.

Requirements:

You have Linux installed and configured, the network is physically connected and you have rebooted both the server and PC.

Procedure:

Server Tests:

• Log in as root.
• Check ping:
• We are going to check that the server can 'see' all the devices on the network. If it can't do this, we are on a hiding to nothing. In the Terminal, type ping and either the IP address of the device or its name. Ping replies with a list of ping statistics about 1 second apart. As long as you get 'time=n.nnn ms' at the end of each of these lines, we are good at the moment. There is an example on this post. Type Ctrl-C to stop the listing.
• # ping 192.168.0.2 (self by IP)
• # ping lisa (self by name)
• # ping lisa.steveroach.org (self by full name)
• # ping 192.168.0.3 (the PC)
• # ping homer
• # ping homer.steveroach.org
• # ping 10.1.1.1 (the DNS IP)
• # ifconfig eth0
• Get the IP address of the ADSL modem, i.e. the one right after 'inet addr:'
• # ping the IP you just got.

PC Tests:

• Open a DOS window; -Start-, -Run-, Open: cmd, [OK]
  
• # ping 192.168.0.2
  
• # ping lisa
• # ping lisa.steveroach.org
• # ping 192.168.0.3
• # ping homer
• # ping homer.steveroach.org
• # ping 10.1.1.1
• # ping the IP you got for the ADSL modem.
  

1 Pixel in Table Trick

Black Pixel:

[ OK ] [FAILED]

Blog Tools

This post contains links to other posts containing a number of useful bits and pieces to make blogging life a bit easier.

• "Under Construction" Template
• Green Screen Template
• Yellow Screen Template
• Grey Screen Template
  
• 1 Pixel in Table Trick
  
• HTML Form Images
• HTML In-page Reference
• In-page Index
• Tables

Data Warehouse Definitions:

• Packages
  
• Functions / Procedures
• Mappings
• Process Flows:
• Modules
  
• Packages
  
• Flows
• Scripts
  
• Sequences
• Synonyms
  
• Tables
• Types
  

Green Screen Template

# Unix stuff # goes here

Configure ADSL

Introduction:

Here, we will configure ADSL by setting up the second NIC to communicate with the ADSL modem.

Aim:

Set up the server to be the external communications hub for the network.

Requirements:

None.

Procedure:

• Log in as root
• Configure the External NIC:
• -Applications-
• -System Tools-
• -Internet Configuration Wizard-
• -Ethernet Connection- [Forward]
• -D-Link System Inc RTL8139 Ethernet (eth0)- [Forward]
• Automatically obtain IP address settings with: [dhcp] [Forward]
• [Apply]
  
• -File-
• -Save-
• Information... [OK]
  
• (exit)
• Set up loopback (the GUI desktop needs this, amongst others):
• Open Terminal.
• # vi /etc/hosts
• Make sure these exist (put a 'tab' between the parts):

• 127.0.0.1     localhost.localdomain     localhost
  192.168.0.2   lisa.steveroach.org       lisa
  

Testing:

• Connect a normal CAT5 cable between the ADSL modem and the NIC.
• Reboot the Linux box.
• You should see the following during startup:
  

Bringing up interface eth0: [ OK ] Determining IP information for eth0... done [ OK ]

• Log in as root.
• Open Terminal.
• # ifconfig eth0
• This comes back with a few lines of information. The fourth line down (something like; 'UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1') should contain the flags 'UP' and 'RUNNING'.
• Now check out the line starting with 'inet'. Right now mine looks like; 'inet addr:10.1.1.2 Bcast:10.255.255.255 Mask:255.0.0.0'. What you want is the first IP address - in this case 10.1.1.2. Note that this can change between reboots or modem resets.
  
• # ping [that IP address you just got from ifconfig] (this is the ADSL modem assigned IP)
• # ping 10.1.1.1 (this is my ADSL modem fixed DNS IP)
• # ping www.blogspot.com (a domain that returns pings)
• In all cases, there should be a list of times for the ping round-trip. Type Ctrl-C to stop the listing.
• You can switch the cable back to your PC now, if you like - or stay connected as you are and do the next step; Get Latest Packages.
  

Under Construction Header

UNDER CONSTRUCTION

Disclaimer

To paraphrase the eloquent Jean-Daniel Dodin;

"I am not responsible of any damage on any computer as a result of anyone reading this blog. If you do any damage, _it is YOUR fault, NOT MINE_! Be careful when doing this stuff, and don't make any mistakes, because it can be fatal! Backup all your important data and check that everything you do is correct! What is described here worked on my computer, but it may or may not work on your computer. Although it should work for everyone, I can't guarantee anything. This is the last warning you get: BACKUP IMPORTANT DATA! Or, to put it short: Use at your own risk!"

So there.

Not only that, all of the stuff is here under the LGPL which pretty much means that you can do whatever you like with it - for free - but, if you use this stuff, you must also release it with the same licence (or license, if you're a septic). Yeah, I know it's not easy to enforce stuff like that and, well, no GPL has ever been tested in court anyway, but can we all just try to do the right thing and play nice together. You just know that stuff like this REALLY pisses the Beast of Redmond and M$ off, right, and that is NEVER a bad thing.

So enjoy!

Existing partition accessed during installation

Introduction:

This is a problem I hit during Fedora Core 4 installation. I already had a version of Linux installed on this machine (Redhat 7.2) so the hard drive was already partitioned. During FC4 installation, I decided to completely re-parition the disk, nuking everything that was already on it. However, when I came to run the new installation, something (I know not what), accessed one of the existing partitions. Or maybe something didn't. Whatever, the install THOUGHT something did and fatally spat the dummy. This, unfortunately is a show-stopper as far as the installation is concerned.

Aim:

To fix this, we first delete the existing partitions. This makes the machine look, to all intents and purposes, like a first-time install.

Requirements:

You will need disk 1 of 4 of the FC4 install disks. If you don't know what I'm talking about, go here.

Procedure:

This procedure is in response to the following popup messages during FC4 install:

"Error informing the kernel about modifications to partition /dev/hda2 - Device or resource busy. This means that Linux won't know about any changes you made to /dev/hda2 until you reboot - so you shouldn't mount it or use it in any way before rebooting."

followed by:

"The kernel was unable to re-read the partition table on /dev/hda (Device or resource busy). This means that Linux won't know anything nothing (sic) about the modifications you made until you reboot. You should reboot your computer before doing anything with /dev/hda."

Then follows an "Exception Occurred" popup with some debug information.

To fix this, do this:

• Insert the "Fedora 4: 1 of 4" CD.
• Reboot the server.
• At the boot: prompt, type "linux rescue".
• Choose a Language:
• -English- [OK]
• Keyboard Type:
• us [OK]
• Setup Networking: [No]
• Rescue: [Skip]
• This puts you into a Bourne command shell with the prompt: -/bin/sh-3.00#
• Delete all partitions:
• # fdisk /dev/hda
• You are now in fdisk. Type "m" at any time to get a list of commands.
• : p lists all your partitions. They have device names of /dev/hda1, /dev/hda2, etc.
• : d deletes partitions, asking for the partition number. Delete all of them.
• : w writes these changes and exits.
  
• That's it. Leave the CD in the drive and reboot (# halt shuts down and then you can turn the power off and on again).
• Restart the installation from scratch.
  

Problems, Fixes & Diagnostics

This post contains a number of links to posts that can get you out of trouble.

Linux:

• Existing partition accessed during installation.
• Can't ping.
  

Install Firewall

Introduction:

This covers intallation of 'iptables'; Linux's built-in firewall. iptables is a little more than a firewall, it also routes packets from the internet to the local network.

Aim:

Protect the network from intrusion.

Requirements:

None.

Procedure:

• Log in as root
• Open Terminal
• # cd
• # mkdir firewall
• # cd firewall
• Copy the following script into this directory - I usually put it on a floppy. (Hint: right-click the link and choose 'Save link as...'):
• iptables.sh
  
• Run the installer:
• # ./iptables.sh
  
• Make rules permanent:
• # service iptables save
• # service iptables start
• This is the result:
  

# service iptables save Saving firewall rules to /etc/sysconfig/iptables: [ OK ] # service iptables start Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: mangle nat filter [ OK ] Unloading iptables modules: [ OK ] Applying iptables firewall rules: [ OK ] #

Testing:

This will be extensively tested when the network is connected up.

Connect up Network

Introduction:

In this procedure, we will configure the PC to access the server and, though it, the internet.

Aim:

Physically insert the server into the local network and connect it to the ADSL modem.

Requirements:

• Your ISP's DNS server IP addresses: My ISP (Dodo) doesn't seem to publish these on their web site. I called up support and they handed them over in a flash.
• Your server and PC IP names and addresses.
• Your domain name.
  

Procedure:

There are three parts to this; finalise the server configuration, configure the PC to access the server, and physically connect up the network

Finalise the server configuration:

• Log in as root.
• -Desktop-
• -System Settings-
• -Network-
• -Hosts-
• [New]
• Address: 192.168.0.2
• Hostname: lisa.steveroach.org
• Aliases: lisa
• [OK]
• -File-
• -Save-
• Information: [OK]
• Ctrl-Q
  

Configure the PC:

• Configure NIC:
• -Start-
• -My Network Places-
• -View network connections-
• Right-click [Local Area Connection]
• -Properties-
• Hightlight; Internet Protocol(TCP/IP)
• [Properties]
• Use the following IP address:
• IP address: 192.168.0.3
• Subnet mask: 255.255.255.0
• Default gateway: 192.168.0.2
• Use the following DNS server addresses:
• [Advanced]:
• -DNS-
• [Add] the following addresses:
• 203.50.2.71
• 139.130.4.4
  
• [OK]
  
• [Close]
• Configure the 'hosts' file:
• Edit the file; C:\windows\system32\drivers\etc\hosts
• Add the line: 192.168.0.2 lisa.steveroach.org lisa
  

Physically connect the network cables:

This is what we are after.



Alternatively, if you don't use a hub, connect it all up like this:

• Connect the hardware with CAT5 cable.
• Make sure everything is on.
• Reboot the server.
  

Testing:

We will do a full test in the next section.

Configure samba

Introduction:

Samba allows non-Windoze computers to run Windoze-like print and file services. This lets you set up network printers - not that we'll be doing that here - and share files and directories across your network.

Aim:

We are going to set up two areas on the Linux server that can be accessed by the PC. One, /home/public, is freely acessible. The other, /home/steve, is my user's Linux home and is accessible from the PC but only by using Steve's Linux password.

Requirements:

You will need:

• Your domain name.
• Your server name.
• Your user's name.
  

Procedure:

• Log in as root
• Open Terminal
• # cd
• # mkdir samba
• # cd samba
  
• Copy the following scripts into this directory - I usually put them on a floppy. (Hint: right-click the link and choose 'Save link as...'):
• install.sh
• smb.conf
  
• Run the installer:
• # ./install.sh
• If you get a message; : bad interpreter: No such file or directory, go here.
• Enter your information at the prompts.
• Samba is magically configured.
• Add samba to init startup:
• # cd /etc/init.d
• # vi smb
• Change the line '# chkconfig: - 91 35' to '# chkconfig: 35 91 35'. (This means that the smb daemon will be started whenever Linux goes into runlevel 3 or 5.)
• # chkconfig --del smb
• # chkconfig --add smb
  
• Run the following command:
• # service smb restart
• and this is the result...
  

# service smb restart Shutting down SMB services: [FAILED] Shutting down NMB services: [FAILED] Starting SMB services: [ OK ] Starting NMB services: [ OK ] #

• Set up the smbpasswd file:
• # cd /etc/samba
• # cat /etc/passwd | mksmbpasswd.sh > smbpasswd
• # smbpasswd steve
• New SMB password: -steve's Linux account password-
• Retype new SMB passwd: -likewise-
• Create the public directory:
• # cd /home
• # mkdir public
• # chmod 777 public

Testing:

Some testing is embedded in the procedure. This will be fully tested when we connect the network.

Set up IP Forwarding

Introduction:

IP Forwarding allows your internal network to communicate with the internet.

Aim:

Have IP Forwarding to start during boot-up.

Requirements:

None.

Procedure:

• Log in as root
• Open Terminal
• # cd /etc/init.d
• Copy the following script into this directory - I usually put it on a floppy. (Hint: right-click the link and choose 'Save link as...'):
• ip_forwarding
  
• # chmod 755 ip_forwarding
• # chkconfig --add ip_forwarding
• # service ip_forwarding restart

Testing:

• # cat /proc/sys/net/ipv4/ip_forward
• This should return; '1'.
  

Software & Tools

This post contains links to other posts containing a number of useful techniques, procedures and scripts that are useful to the system administrator.

Software:

• Fedora Core 4.
• Oracle Database 10g Release 2 (10.2.0.1.0) for Linux x86.
• Oracle Enterprise Manager (Grid Control) (10.2.0.1.0).
• Oracle Client (10.2.0.1) for Windoze.
• Oracle Warehouse Builder (10.1.0.4.0) Server side.
• Oracle Warehouse Builder (10.1.0.4.0) Client side.
• Oracle Designer 10g (9.0.4.6)
  

Tools:

• ISO Recorder - Burning ISO Images.
• PuTTY - A Free Telnet/SSH Client.
• WinZIP - A compression / decompression utility.
  

My script won't run, mum.

Introduction:

For some reason, your shell script craps out. Let's debug it...

Aim:

To identify and fix problems with shell script execution.

1. bad interpreter

1. bad interpreter

Symptom:

when you run the script, you get the error message; 'bad interpreter: No such file or directory'

Investigation:

Run this:

$ head -1 'script name' | od -c

If your output looks something like this:

- 000000 # ! / b i n / b a s h \r \n
- ^
- |
- then your problem is right here -+

What it should look like is this:

- 000000 # ! / b i n / b a s h \n

What's probably happened is that this file has been sourced from a Windoze PC. Windoze notoriously adds a carriage return (denoted by /r in the example) & line feed (denoted by /n in the example) to the end of each line. *NIX only adds the line feed.

This is also an example of the use of the 'magic number' in a script. Where the first line reads '#!/bin/bash', this tell Linux to run the script in the bash shell. Likewise, '#!/bin/sh' tell it to use the Bourne shell.

Where Windoze adds the carriage return, Linix tries to use the /bin/bash[carriage return] shell and no such thing exists.

Fix:

Fortunately, the fix is easy:

• Move your script to a backup name:
• $ mv install.sh install.bak
  
• Open your script with vi:
• $ vi install.sh
• Read in your backup file:
• :r install.bak
  
• vi sometimes puts in a blank line at the top of the file. Delete this because the magic number has to be at the very start:
• :1 -> dd
  
• Save and exit:
• :wq
  
• If you want, delete your backup file:
• $ rm -f install.bak
  

Put an icon on the Desktop that runs a script

Introduction:

Say there's a script that you run fairly often and it's a pain to keep having to open up a Terminal and type it. This can be run by a launcher icon on the Desktop - well, under the right circumstances.

Those circumstances meaning, how you interact with it. If your script contains, for example, "ls -l", it will launch, list the directory and close - all before you get to see what's going on. This is only really useful for scripts that do something in background (e.g. writes something to a file), or are interactive (e.g. contain statements that ask for input).

Aim:

Create a Desktop icon that, when double-clicked, will run a shell script.

Requirements:

• Well, you need a Desktop and, for this particular example, root must have given you sudo permission to run /bin/mount - though there are many uses for this that need no sudo permissions at all.
• Do the 'User Actions' part of the 'Enable users to run normally excluded stuff using sudo' procedure.
  

Procedure:

This example creates an icon that mounts a floppy with a vfat file system.

• Create a shell script to mount a floppy:
• Open Terminal
  
• If ~/bin does not exist: $ mkdir bin
• $ cd bin
• $vi mount_floppy_vfat.sh
• Enter the line: sudo mount -t vfat /dev/fd0 /media/floppy (If you are root, you don't need the 'sudo' part.)
• Save and exit.
• $ chmod 744 mount_floppy_vfat.sh
  
• Create a launcher:
  
• Find a blank piece of desktop and right-click on it.
• -Create Launcher-
• Name: Mount Floppy (vfat)
• Generic name: Mount floppy
• Comment: 'Runs: sudo mount -t vfat /dev/fd0 /media/floppy'
• Command: [Browse]: Navigate to bin: -mount_floppy_vfat.sh-: [Open]
• Type: -Application-
• [No Icon]: This displays some icons. I use 'disks.png' for this: [OK]
• Run in terminal
• [OK]

Testing:

When you hit [OK], you should see the new icon on the Desktop - called 'Mount Floppy (vfat)'.

Put a floppy in the drive and double-click the icon. The first time you do this, it will ask for a password. Use your user password. The disk should whirr a bit and then the 'floppy' icon appears on you Desktop. Note: it may appear over the top of an existing Desktop icon. I don't feel the need to find a solution to this right now.

Double-clicking the 'floppy' icon should open a browser to the floppy's file system.

To unmount the disk; right-click the 'floppy' icon and choose -Unmount Volume-. The disk should unmout, the browser closes, and the 'floppy' icon disappears.

User Library Contents

This post contains links to other posts containing a number of techniques, procedures and scripts that are useful to Linux users.

1. Run normally excluded stuff using sudo.
2. Put an icon on the Desktop that runs a script.
3. Set up the Desktop.
   

Enable users to run normally excluded stuff using sudo

+++ WARNING +++ WARNING +++ WARNING +++

This technique is used to RELAX security. Be sure that you understand the implications of what you are doing and who you are letting do it. It is possible to completely open your system up to an intruder with this facility.

+++ WARNING +++ WARNING +++ WARNING +++

Introduction:

This is a basic introduction to sudo. A better page is here.

Aim:

A base Linux install excludes some users from running certain powerful commands. This technique allows you, the sysadmin, to allow users things they would not normally be able to.

Requirements:

You need root access for this.

Procedure:

This specific example allows any user to mount a floppy disk. This should only be done in a fairly well controlled environment, and for very good reasons. I'm doing it because I am the only user on this system, my server (and so the floppy drive) is locked away from the public, and I tend to move things about on floppies while configuring Linux and Oracle.

root actions:

• Log in as root and open Terminal.
  
• Edit the /etc/sudoers file (NOTE: Do not, under any circumstances, edit this file directly - use this):
• # visudo
• Go to the bottom of the file.
• Add a new line: ALL ALL=/bin/mount, /bin/umount
• Save and exit.

user actions:

• Log in as the user and open Terminal.
• $ sudo -l
• This responds with; Password: Enter your user password. (Note: You only need the password the first time you use sudo or after root has made changes.)
  
• You see a list of commands that you can run under sudo, e.g.:
• User Steve may run the following commands on this host:
• (root) /bin/mount
• (root) /bin/umount
  
• Put in a floppy and type the following:
• $ sudo mount -t vfat /dev/fd0 /media/floppy
• The floppy icon appears on the desktop and you can access the disk.
  
• $ sudo umount /media/floppy
• The floppy icon disappears from the desktop.

Options:

sudo Entry	Description
ALL ALL=/bin/mount, /bin/umount	ALL users can run on ALL servers the commands /bin/mount and /bin/umount

Sysadmin Library Contents

This post contains links to other posts containing a number of useful techniques, procedures and scripts that are useful to the system administrator.

Software:

1. Enable users to run normally excluded stuff using sudo.
2. Set up the Desktop.
3. Standard Approach to Passwords.
   

Hardware:

1. Tape Commands

Configure Linux Contents

There are a number of tasks to complete in order to configure Linux.

1. Configure ADSL.
2. Get Latest Packages.
3. Configure local NIC.
4. Configure DNS.
   
5. Set up IP Forwarding.
6. Configure Samba.
7. Install Firewall.
8. Connect up Network.
9. Test Network Connections.
10. Register Shared Folders.
11. Install PuTTY on the PC.
12. Configure Sendmail.
    

Configure local NIC

Introduction:

This procedure goes through configuring and testing an internal netwirk card.

Aim:

A configured Ethernet card that connects the server to the local (internal) network. This also names the server and establishes the domain name for your network.

Requirement:

Base Fedora Core 4 is installed.
You will need to invent three things:

1. The IP Address of your server. This should be taken from the Private IP Address range assigned to small networks - a.k.a. the 256*Class C Range. These are numbered; 192.168.0.0 - 192.168.255.255. I will use only two, one for the server (192.169.0.2) and one for the PC (192.169.0.3) (later,when I get around to connecting the network up).
2. Your domain name. For your network to work as a single entity, it needs a domain name. If you were a company, you - or marketing, god help us - would have made up something and, assuming that no-one else has already registered it, would use it publically and, in all likelihood, on your internal network, too. We, however, don't really need to register a name, unless, of course, we want to. As whichever name you choose will only be visible to your internal network it can be whatever you like. However, you don't really want something really famous - google.com, for example - because, if you do, you might mislead your net applications as to where services are available. I have chosen steveroach.org.
3. Your server name (a.k.a. alias): This can really be anything you like. Most people choose some variation on a theme for small networks. I have chosen "lisa" for my Linux server, and "homer" for my Windoze PC which, I reckon, is pretty appropriate.
   

NOTE: A full computer name looks like this: computer_name.domain_name. In my case, my server (lisa) full name is lisa.steveroach.org, and my PC (homer) full name is homer.steveroach.org.

Procedure:

• Log in as root
• -Applications-
• -System Tools-
• -Internet Configuration Wizard-
• Select Device Type:
• -Ethernet connection- [Forward]
• Select Ethernet Device:
  
• -Silicon Integrated Systems [SiS] SiS900 PCI Fast Ethernet (eth1)- [Forward]
• Configure Network Settings:
• Statically set IP addresses. (If you're not sure what to do here or you want to know why I'm using these particular settings, read the 'Requirement' section at the top of this post.)
• Address: 192.168.0.2
• Subnet mask: 255.255.255.0
• [Next]
  
• [Apply]
• Network Configuration:
  
• -Devices-
• -Inactive eth1 eth1 Ethernet-
• [Activate]
• Question: [Yes]
• Information: [OK]
• The device becomes active.
  
• Close Network Configuration window.

Testing:

• Check that you can ping yourself by alias and IP:
• Open Terminal
• # ping 192.168.0.2
• You should see something like this (this will run forever unless you stop it (type Ctrl-C to stop the display):

[root@localhost ~]# ping 192.168.0.2 PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data. 64 bytes from 192.168.0.2: icpm_seq=0 ttl=64 time=0.050 ms 64 bytes from 192.168.0.2: icpm_seq=1 ttl=64 time=0.042 ms 64 bytes from 192.168.0.2: icpm_seq=2 ttl=64 time=0.042 ms 64 bytes from 192.168.0.2: icpm_seq=3 ttl=64 time=0.043 ms 64 bytes from 192.168.0.2: icpm_seq=4 ttl=64 time=0.043 ms --- 192.168.0.2 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 3998ms rtt min/avg/max/mdev = 0.042/0.044/0.045/0.003 ms, pipe 2 [root@localhost ~]#

• # ping lisa
• You should see something like this:

[root@localhost ~]# ping lisa PING lisa.steveroach.org (192.168.0.2) 56(84) bytes of data. 64 bytes from lisa.steveroach.org (192.168.0.2): icmp_seq=0 ttl=64 time=0.051 ms 64 bytes from lisa.steveroach.org (192.168.0.2): icmp_seq=1 ttl=64 time=0.044 ms 64 bytes from lisa.steveroach.org (192.168.0.2): icmp_seq=2 ttl=64 time=0.044 ms 64 bytes from lisa.steveroach.org (192.168.0.2): icmp_seq=3 ttl=64 time=0.044 ms 64 bytes from lisa.steveroach.org (192.168.0.2): icmp_seq=4 ttl=64 time=0.043 ms --- lisa.steveroach.org ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 3998ms rtt min/avg/max/mdev = 0.043/0.045/0.051/0.005 ms, pipe 2 [root@localhost ~]#

• Check that the server name is set:
• Close all windows and reboot.
• On the detailed process-start list, you should see: Bringing up interface eth1 [ OK ] (eth0 won't work if the ADSL cable is not plugged in to the server. That's fine for this test.)
  
• On the left-hand bottom of the login screen the server name should be: lisa.steveroach.org

It is a VERY good idea that you check inter-connectivity at this stage. Any problems with this bit; go here:

• The PC (Note your network settings as you do this. You will be putting them back later.):
• -Start-
• -My Network Places-
• -View Network Connections-
• Right-click; -Local Area Connection-
• -Properties-
• From the list; 'This connection uses the following items:', highlight -Internet Protocol (TCP/IP)-
• -Properties-
• Take a note of all IP addresses here.
• Use the following IP address:
• IP address: 192.168.0.3
• Subnet mask: 255.255.255.0
• Defauly gateway: 192.168.0.2
  
• Disconnect the cable from the ADSL Modem and plug it into the hub.
  
• The server:
• Plug a normal CAT5 cable into the network card you just configured (if you're not sure which one it is, a green LED should go on when you plug the other end in). Plug the other end into the hub.
  

• Alternative cabling:
• If you don't have a hub, just connect the network cards directly together with a crossover cable.
  
• Run the following ping commands:
• On the server: # ping 192.168.0.3
• See the green screen example, above. You should see similar times.
• On the PC: # ping 192.168.0.2
• -Start-
• -Run...-
• Type 'cmd' [OK]
• This opens a DOS screen.
• Type: ping 192.168.0.2
  
• See the green screen example, above. You should see similar times.
• If all this checks out, restore the PC network settings and move its cable back to the ADSL modem. You should be back on the net - if not, reboot.
  

Set up the Desktop

Introduction:

This is to set up the desktop the way I like it.

Aim:

I'm after easy access to any tools I use regulary and a visual indication of what account I'm in.

Requirements:

At least base Fedora Core 4 installed.

Procedure:

When logged into the desktop of whatever account you want to set up.

• Set up the Terminal:
• -Applications-
• -System Tools-
• Right-click -Terminal-
• -Add this launcher to panel-
• The Terminal icon appears on the panel at the top of the screen.
• Click the new Terminal icon.
• -Edit-
• -Profiles...-
• -Default- [Edit]
• Set the colour:
  
• -Colors-
• Untick Use colors from system theme
• Built-in schemes: -Green on black-
  
• Set the scroll buffer:
• -Scrolling-
• Scrollback: 5000 [Close] [Close]
• If you are in as root - i.e. you're doing first-time configuration, add localhost to the xterm allowed server list. This is so that X Windows applications will run and the Oracle Universal Installer (oui), amongst others, is in that category:
• # xhost +localhost
• This comes back with: localhost being added to access control list
  
• # exit
  
• Set up the Background:
• -Desktop-
• -Preferences-
• -Desktop Background-
• Desktop Wallpaper: [No Wallpaper]
• Desktop Colors: [Vertical Gradient]
• Foreground colour - Click the [Top colour button - pale blue] just to the right of the [Vertical Gradient] button:
• I use different colours for each type of account:
• root: Red (#FF0000)
• oracle: Green (#00FF00)
• users: Blue (#0000FF)
• [OK]
  
• Background colour - Click the [Bottom colour button - grey] just to the right of the [Top colour button]
• -Black (#000000) [OK]
• [Close]
• Set the screensaver: (NOTE: You can't set this for root for security reasons. root should rarely be logged in and even then only for maintainance. You certainly shouldn't be logged in for so long as to reduce the life of your monitor because there is no screensaver on the account.)
  
• -Desktop-
• -Preferences-
• -Screensaver-
• Mode: -Only One Screen Saver-
• I use different screensavers for different accounts - well, there's enough of them? This helps me to know what account my terminal is logged into so that I don't go in and stuff something up:
• oracle: Molecule
• steve: XMatrix
  
• Untick Lock Screen After
• Close the Screensaver Preferences window.
• Wait 10min and the screensaver should start up.
• If I'm setting up root's desktop also like to enable all users to be able to mount floppies for everyone, I set up a desktop icon to run the mount command.
• Configure File Browser:
• -Applications-
• -System Tools-
• -File Browser-
• -Edit-
• -Preferences-
• -Views-
• List new folders using: -List View-
• Show hidden and backup files
  
• -Behaviour-
• Always open in browser windows
  
• [Close]
  

Server Specification

My server has is getting on a bit now but it still does the job fairly well. This information is well worth having to hand for a few reasons:

1. It's nice to know what you're playing with.
2. Some software has minimum hardware requirements. Sometimes you can be a bit below this and get away with it but, if the stuff just won't run, it may be time to drop some more memory in or upgrade your processor.
3. I am running, for the most part, free-licenced software, and that means support-by-Google. Often, a question to a tech froup will attract the reply; "what's your spec?". Sometimes this is a valid question, sometimes it's not, but it's far better to just hand over the data than get into a "you don't need to know that" / "oh, yes I do" exchange. So get your spec and keep it somewhere handy.
   
4. You're down the purb with your geek mates. The conversation has turned away from what version of ssh Carrie Anne Moss was running in The Matrix and towards a pissing competition over who has the best tin. Don't feel left out.

And here it is:

Hardware:

• Processor: Intel Pentium 4, 2.4GHz
• Memory:
• Hard drive:
• CDROM:
• DVD drive:
• Floppy drive:
• Sound card: Silicon Integrated Systems (SiS) Sound Controller
  
• Display: COMPAQ FP531 with NVIDIA GeForce 4
• Ethernet Cards:
• eth0: D-Link System Inc RTL8139 (The installed second card.)
• eth1: Silicon Integrated Systems (SiS) SiS900 PCI Fast Ethernet (The 'card' on the motherboard.)

Peripherals:

• Hub: NetComm 5-Port 10/100Mbps N-Way SmartSwitch NP2005
• ADSL Modem: D-Link ADSL Router DSL-205T
  

Software:

• Operating system: Fedora Core 4
  

Network:

• Domain name: steveroach.org
  
• IP Address:
• Server (lisa): 192.168.0.2
• Windoze PC (homer): 192.168.0.3
• Subnet Mask: 255.255.255.0
  
• DNS Server IP Addresses (from ISP):
• 203.50.2.71
• 139.130.4.4
  

Linux Users added:

• steve
• oracle

Oracle:

• Versions:
• Workflow: 2.6.4.0.0
  
• Database Instances:
• sta
• Contains the following schemas:
• steve - A developer's account.
  
• ctl - The Data Warehouse control database.
  
• sta - Incoming data - Staging. Created through OWB.
  
• val - Validation database. Created through OWB.
• ods - Operation Data Store. Created through OWB.
• wbr - The OWB Runtime Repository.
• wba - The OWB Runtime Access User.
• owf_mgr - Workflow Manager account.
  
• Host: lisa.steveroach.org
• Port: 1521
• SID: sta
  
• URLs:
• Database Control: http://lisa.steveroach.org:1158/em
• whs
  
• Contains the following schemas:
• whs - The Data Warehouse schema. Created through OWB.
• wbd - The OWB Design Repository.
• wbr - The OWB Runtime Repository.
• wba - The OWB Runtime Access User.
• repos_manager - The Designer Repository Manager User.
• des - A Designer User.
• owf_mgr - Workflow Manager account.
• Host: lisa.steveroach.org
• Port: 1521
• SID: whs
• URLs:
• Database Control: http://lisa.steveroach.org:5500/em
• Database Control Info: http://lisa.steveroach.org:5500/em/console/aboutApplication
• EnterpriseManager0.lisa.steveroach.org
• Contains the following schemas:
• ias_admin - Oracle Application Server admin
• URLs:
• iSQL*Plus: http://lisa.steveroach.org:5560/isqlplus
• iSQL*Plus DBA: http://lisa.steveroach.org:5560/isqlplus/dba
• Enterprise Manager Grid Control: http://lisa.steveroach.org:4889/em
• Ultra Search: http://lisa.steveroach.org:5620/ultrasearch
• Ultra Search Admin Tool: http://lisa.steveroach.org:5620/ultrasearch/admin
• Added Tablespaces:
• For Oracle Designer:
  
• constant_grow_indexes
• constant_grow_tables
  
• dependency_indexes
• dependency_tables
  
• diagram_indexes
• diagram_tables
• lob_data
• rapid_grow_indexes
• rapid_grow_tables
• system_meta_indexes
• system_meta_tables
• temporary_indexes
• temporary_tables
• version_indexes
• version_tables
• repos_rbs
• repos_temp

Standard Approach to Passwords

Introduction:

Not so much a library entry, rather something that sysdamins may want to use and promote to their users.

You need a lot of passwords these days. You have the unsavoury choice of using the same one (or anyway a handfull) for all accounts, or making up a new one every time and keeping them all somewhere secure - even though we are always told to NEVER write it down, etc.

Aim:

This is a standard approach to passwords that generates good secure passwords, yet you can remember what they are.

Requirements:

Being annoyed by the advice of security experts on one hand, and the (in)ability to remember a few dozen passwords on the other.

Procedure:

• Think of a four letter word - yes, THAT one if you insist. e.g. "cola".
• Think of a number between 0 and 99 inclusive. e.g. "64". (If yours was less than 10, stick a zero on the front of it - you need two digits.)
• All your passwords start with the first two letters of your word and the first digit of your number. e.g. "co6".
• All your passwords end with the second digit of your number and the last two letters of your word. e.g. "4la".
• For each system that you need a password for, assign an easily rememberd TLA (three-letter acronym for non-geeks). e.g. If, say, you have an HSBC bank account with online banking, use something like "hsb". That is the middle of your password.
• Putting it all together, your password, in this instance, is: "co6hsb4la", something that most security pixies will tell you is pretty damn secure.
• If your TLAs mount up, you can always write that bit down because, without the rest, they are pretty much useless.
• If you get it just right, you can come up with something that, if you squint a bit, looks a bit rude: bo1loc4ss!