I entered a small room of ten by ten in the middle of the slum. An old man was sitting there. The moment he saw me, his eyes sparkled and a smile spread across his face. He stood up and taking my hand in his, said “Please welcome, my child ...“. He started asking eagerly about how I am doing and all about me.
After I became a computer engineer, I went to meet him after quite a long time. He was very old by now. Few years ago, he had taken early retirement and thought about enjoying life. Unfortunately, he got sick and spent most of his money on medical expenses. As his son was not earning anything, he was forced to spend his remaining life in a slum.
He had spent his life very lavishly while he was young. After seeing him, I bowed and touched his feet for blessings. He was so happy while blessing me.
My mind went back fifteen years when I was in first year of college. At that time, my college decided to start graduation in Electronics announcing a fee of 1500/- rupees. As my father was very poor; he could not afford even this fee. I was very sad and as a final resort; had approached the same old man for help. Even he was in a financial crisis at that time; but he helped me because of which I got admission to Electronics. Years passed, I got nice marks and life moved further and finally got good job as a computer engineer.
He was utmost happy to see me. His expressions were enough to tell what was going inside his heart. He was proud of his investment of Rs 1500. After initial chatting, I got some clue that he is in a financial problem. I tried to offer him some money but he was not ready to accept. After lot of efforts, he accepted the small amount. He said that he doesn’t need money and he will manage somehow.
After half an hour, I bade him fare well. He suggested that I come again to meet him. I was so happy that I could help the person who had helped me.
A month passed. One day, a relative of the old man called on my mobile and informed me about the bad news. The old man had committed suicide by throwing himself in front of running train because he didn’t have money to purchase medicine.
I was speechless. My help to the old man was not enough. His money had turned my life but my money could not
Monday, August 25, 2008
Friday, August 22, 2008
Simple start with ZFS
Here is very simple steps to start with zfs
1. Create ZFS filesystem wih single disk.
bash-3.00# zpool create tank c0t9d0s0
invalid vdev specification
use '-f' to override the following errors:
/dev/dsk/c0t9d0s0 contains a ufs filesystem.
/dev/dsk/c0t9d0s0 overlaps with /dev/dsk/c0t9d0s3
If you face above error just add -f option as following.
bash-3.00# zpool create -f tank c0t9d0s0
2. How see zfs details?
Following command shows details of pool fs we just created.
bash-3.00# zpool list
NAME SIZE USED AVAIL CAP HEALTH ALTROOT
tank 16.9G 83.5K 16.9G 0% ONLINE
3. Now we need to create partitions in it. Let's create 5 Gb parttion.
bash-3.00# zfs set quota=5G tank/vol1
bash-3.00# zfs list
NAME USED AVAIL REFER MOUNTPOINT
tank 104K 16.6G 25.5K /tank
tank/vol1 24.5K 5.00G 24.5K /tank/vol1
4. How can extend it ?
Very simple. See fire following command.
bash-3.00# zfs set quota=10G tank/vol1
5. Again do zfs list see what is happended.
bash-3.00# zfs list
NAME USED AVAIL REFER MOUNTPOINT
tank 104K 16.6G 25.5K /tank
tank/vol1 24.5K 10.0G 24.5K /tank/vol1
bash-3.00# df -h
Filesystem size used avail capacity Mounted on
tank 17G 25K 17G 1% /tank
tank/vol1 13G 24K 13G 1% /tank/vol1
bash-3.00#
6. How to see statistics ?
bash-3.00# zpool iostat tank
capacity operations bandwidth
pool used avail read write read write
---------- ----- ----- ----- ----- ----- -----
tank 108K 16.9G 0 0 0 10
7. How to mount zfs partition at your desired mountpoint?
#
# zfs set mountpoint=/export/zfs tank/vol1
Effect will be shown as following if df -h command
tank/vol1 10G 24K 10G 1% /export/zfs
8. Finding zfs status
bash-3.00# zpool status
pool: tank
state: ONLINE
scrub: none requested
config:
NAME STATE READ WRITE CKSUM
tank ONLINE 0 0 0
c0t9d0s0 ONLINE 0 0 0
errors: No known data errors
=====================================================================================
For further study visit here:
1. http://www.solarisinternals.com/wiki/index.php/ZFS_Best_Practices_Guide
2. http://docs.sun.com/app/docs/doc/819-5461
1. Create ZFS filesystem wih single disk.
bash-3.00# zpool create tank c0t9d0s0
invalid vdev specification
use '-f' to override the following errors:
/dev/dsk/c0t9d0s0 contains a ufs filesystem.
/dev/dsk/c0t9d0s0 overlaps with /dev/dsk/c0t9d0s3
If you face above error just add -f option as following.
bash-3.00# zpool create -f tank c0t9d0s0
2. How see zfs details?
Following command shows details of pool fs we just created.
bash-3.00# zpool list
NAME SIZE USED AVAIL CAP HEALTH ALTROOT
tank 16.9G 83.5K 16.9G 0% ONLINE
3. Now we need to create partitions in it. Let's create 5 Gb parttion.
bash-3.00# zfs set quota=5G tank/vol1
bash-3.00# zfs list
NAME USED AVAIL REFER MOUNTPOINT
tank 104K 16.6G 25.5K /tank
tank/vol1 24.5K 5.00G 24.5K /tank/vol1
4. How can extend it ?
Very simple. See fire following command.
bash-3.00# zfs set quota=10G tank/vol1
5. Again do zfs list see what is happended.
bash-3.00# zfs list
NAME USED AVAIL REFER MOUNTPOINT
tank 104K 16.6G 25.5K /tank
tank/vol1 24.5K 10.0G 24.5K /tank/vol1
bash-3.00# df -h
Filesystem size used avail capacity Mounted on
tank 17G 25K 17G 1% /tank
tank/vol1 13G 24K 13G 1% /tank/vol1
bash-3.00#
6. How to see statistics ?
bash-3.00# zpool iostat tank
capacity operations bandwidth
pool used avail read write read write
---------- ----- ----- ----- ----- ----- -----
tank 108K 16.9G 0 0 0 10
7. How to mount zfs partition at your desired mountpoint?
#
# zfs set mountpoint=/export/zfs tank/vol1
Effect will be shown as following if df -h command
tank/vol1 10G 24K 10G 1% /export/zfs
8. Finding zfs status
bash-3.00# zpool status
pool: tank
state: ONLINE
scrub: none requested
config:
NAME STATE READ WRITE CKSUM
tank ONLINE 0 0 0
c0t9d0s0 ONLINE 0 0 0
errors: No known data errors
=====================================================================================
For further study visit here:
1. http://www.solarisinternals.com/wiki/index.php/ZFS_Best_Practices_Guide
2. http://docs.sun.com/app/docs/doc/819-5461
Friday, August 8, 2008
How to restrict sudo -s or su ?
It is very difficult to restrict sudo -s or su -. After struggling a lot , I found way to restrict it.
I am assuming that you have sudo implementation knowledge.
The Impact of sudo on Unix System Security
1) `sudo` improves on `su` in several ways:
2) `sudo` allows you to give privileged access to only some commands, instead of all commands.
3) `sudo` allows you to log all commands (and their arguments) executed as the privileged user.
4) `sudo` does not require the administrator to share the root password.
5) `sudo` allows you to limit the users who can use it by editing the sudoers file.
6) `sudo` times out after 5 minutes (by default).
Tips:
1. How to restrict sudo -s
If username is user1 then add following configuration in sudoers file
user1 ALL=(root) NOPASSWD:/usr/sbin/a*,(root)NOPASSWD:/usr/sbin/[c-r]*,(root) NOPASSWD:/usr/sbin/[t-z]*,(root) NOPASSWD:/usr/bin/a*,(root) NOPASSWD:/usr/bin/[c-r]*,(root) NOPASSWD:/usr/bin/[tuwxyz]*,(root) NOPASSWD:/bin/a*,(root) NOPASSWD:/bin/[c-r]*,(root) NOPASSWD:/bin/[tuvwxyz]*
Above file
1) Restrict any command in /usr/sbin , /bin and /bin/bin who alphabet starts from b,v,s ( i.e bash,vi,sudo and su etc )
2) It will not ask for password
2) How to log the usage ?
Add following line to sudoers files.
Defaults logfile=/var/adm/sudolog
I am assuming that you have sudo implementation knowledge.
The Impact of sudo on Unix System Security
1) `sudo` improves on `su` in several ways:
2) `sudo` allows you to give privileged access to only some commands, instead of all commands.
3) `sudo` allows you to log all commands (and their arguments) executed as the privileged user.
4) `sudo` does not require the administrator to share the root password.
5) `sudo` allows you to limit the users who can use it by editing the sudoers file.
6) `sudo` times out after 5 minutes (by default).
Tips:
1. How to restrict sudo -s
If username is user1 then add following configuration in sudoers file
user1 ALL=(root) NOPASSWD:/usr/sbin/a*,(root)NOPASSWD:/usr/sbin/[c-r]*,(root) NOPASSWD:/usr/sbin/[t-z]*,(root) NOPASSWD:/usr/bin/a*,(root) NOPASSWD:/usr/bin/[c-r]*,(root) NOPASSWD:/usr/bin/[tuwxyz]*,(root) NOPASSWD:/bin/a*,(root) NOPASSWD:/bin/[c-r]*,(root) NOPASSWD:/bin/[tuvwxyz]*
Above file
1) Restrict any command in /usr/sbin , /bin and /bin/bin who alphabet starts from b,v,s ( i.e bash,vi,sudo and su etc )
2) It will not ask for password
2) How to log the usage ?
Add following line to sudoers files.
Defaults logfile=/var/adm/sudolog
Subscribe to:
Posts (Atom)