About bentech4u

Feb.07

bentech4u 1 Linux

Ubuntu: iscsiadm: initiator reported error (24 – iSCSI login failed due to authorization failure)

i was trying to export one iscsi share from centOS server and my client is Ubuntu server.

well i know this will work on  CentOS/Redhat without any changes and i was under impression that , on ubuntu also will get same behavior.

On CentOS, below are the commands to create Iscsi target

Server

Install and enable services:
yum -y install target*
systemctl start target && systemctl enable target
# targetcli /backstores/block create name=ubuntu-iscsi dev=/dev/cl_centos/lv_scsi
# targetcli /iscsi create iqn.2017-02.com.example.kw:centos
# targetcli /iscsi/iqn.2017-02.com.example.kw:centos/tpg1/acls create iqn.2017-02.com.example.kw:ubuntu-archive
# targetcli /iscsi/iqn.2017-02.com.example.kw:centos/tpg1/luns create /backstores/block/ubuntu-iscsi
# targetcli /iscsi/iqn.2017-02.com.example.kw:centos/tpg1/portals delete 0.0.0.0 3260
# targetcli /iscsi/iqn.2017-02.com.example.kw:centos/tpg1/portals create 192.168.1.66 3260
# targetcli saveconfig

Allow TCP port  if firewalld is enabled.

# firewall-cmd –permanent –add-port=3260/tcp

All set from from target(server) side.

Client

On client side install iscsi packages

# apt-get -y install open-iscsi

edit /etc/iscsi/iscsid.conf and change like below

# To request that the iscsi initd scripts startup a session set to “automatic”.
# node.startup = automatic
 node.startup = automatic

and i manually edited /etc/iscsi/initiatorname.iscsi , added iqn number taken from server.Which is

InitiatorName=iqn.2017-02.com.example.kw:centos

restart service

# service iscsid restart

Do the discovery

# iscsiadm -m  discovery –type sendtargets –portal 192.168.1.66

And finally Login to target

# iscsiadm -m node –targetname iqn.2017-02.com.example.kw:centos –portal 192.168.1.66 –login

 

After this , the newly added disk will be displayed under fdisk. Below is the syslog

Feb 7 14:08:51 ubuntu kernel: [89946.433408] scsi host4: iSCSI Initiator over TCP/IP
Feb 7 14:08:51 ubuntu kernel: [89946.693040] scsi 4:0:0:0: Direct-Access LIO-ORG ubuntu-iscsi 4.0 PQ: 0 ANSI: 5
Feb 7 14:08:51 ubuntu kernel: [89946.745641] sd 4:0:0:0: Attached scsi generic sg4 type 0
Feb 7 14:08:51 ubuntu kernel: [89946.746061] sd 4:0:0:0: [sdb] 993222656 512-byte logical blocks: (509 GB/474 GiB)
Feb 7 14:08:51 ubuntu kernel: [89946.748472] sd 4:0:0:0: [sdb] Write Protect is off
Feb 7 14:08:51 ubuntu kernel: [89946.748475] sd 4:0:0:0: [sdb] Mode Sense: 43 00 00 08
Feb 7 14:08:51 ubuntu kernel: [89946.749300] sd 4:0:0:0: [sdb] Write cache: disabled, read cache: enabled, doesn’t support DPO or FUA
Feb 7 14:08:51 ubuntu kernel: [89946.771007] sd 4:0:0:0: [sdb] Attached SCSI disk
Feb 7 14:08:52 ubuntu iscsid: Connection9:0 to [target: iqn.2017-02.com.example.kw:centos, portal: 192.168.1.66,3260] through [iface: default] is operational now

 

Feb.02

bentech4u 1 Uncategorized

Fedora/Redhat Change proxy based on IP detection

HI All, i am giving some to tricks to simplify life of a Linux desktop user.

In my office environment , all networks are based on Class A and in home Class C. So everytime changing the proxy was little difficult for me. and finally i wrote something like below.

This will detect the IP class and change the system wide proxy.

#!/bin/bash
export DISPLAY=:0.0
IP_ADDRESS=$(ip addr | grep ‘state UP’ -A2 | tail -n1 | awk ‘{print $2}’ | cut -f1 -d’/’)
#echo $IP_ADDRESS
IP_CLASS=$(/usr/bin/ipcalc $IP_ADDRESS| egrep “Address class:” | awk ‘{print $3$4}’)
if [ $IP_CLASS == “ClassA” ];then
echo “Class A IP”
gsettings set org.gnome.system.proxy mode ‘manual’
gsettings set org.gnome.system.proxy.http host ‘proxy.example.com’
gsettings set org.gnome.system.proxy.http port 1234
gsettings set org.gnome.system.proxy.https host ‘proxy.example.com’
gsettings set org.gnome.system.proxy.https port 1234
gsettings set org.gnome.system.proxy.ftp host ‘proxy.example.com’
gsettings set org.gnome.system.proxy.ftp port 1234
gsettings set org.gnome.system.proxy.socks host ‘proxy.example.com’
gsettings set org.gnome.system.proxy.socks port 1234
else
echo “Class C”
gsettings set org.gnome.system.proxy mode ‘none’
EOF

 

i know this is not a neat script. But you can get some idea and develop more from this. 🙂

Dec.19

bentech4u 0 Uncategorized

Configure SFTP only + Chroot(Jail)

This tutorial describes how to give users chrooted SSH and/or chrooted SFTP access on Redhat/Centos(or more). With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. I will also show how to restrict users to SFTP so that they cannot use SSH

create a group for sftp users

# groupadd sftp-only

Create user (test1 is our user)

# useradd -c “SFTP User” -G sftp-only -s /bin/nologin test1

edit the sshd_config and add below changes

Subsystem sftp internal-sftp
Match Group sftp-only
ChrootDirectory /appl/data/input (or your directory)
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no

 

example of sftp connection

screenshot_79

 

ssh connection. And it’s dropped

screenshot_80

Aug.30

bentech4u 1 Linux

Transmission settings.json Reverting to Defaults

The transmission-daemon package from EPEL makes it easy to setup a command line bittorrent client on RHEL  or CentOS . However, I have encountered situations where modified settings in/var/lib/transmission/.config/transmission/settings.json revert back to their defaults upon starting the transmission-daemon service.

In particular, the rpc-authentication-required parameter will always revert back to false if set to true when using a default transmission-daemon install. This occurs because of certain switches being passed by the transmission-daemon init script found at /etc/init.d/transmission-daemon.

The particular line in /etc/init.d/transmission-daemon that is overriding certain parameters in /var/lib/transmission/.config/transmission/settings.json is the following:

 

DAEMON_ARGS="-T --blocklist -g $TRANSMISSION_HOME/.config/transmission"

The -T switch causes transmission-daemon to never require authentication, and the –blocklist switch enables peer blocklists. If you would rather your settings only be defined in /var/lib/transmission/.config/transmission/settings.json, remove those switches. I would suggest copying this line, commenting it out, pasting a new line, and removing the switches from the new line in case you ever want to revert to the default settings. The new DAEMON_ARGS line would then look like the following:

 

DAEMON_ARGS="-g $TRANSMISSION_HOME/.config/transmission"

Now, all settings will only be defined in /var/lib/transmission/.config/transmission/settings.json.

Take note, in order to change any settings in /var/lib/transmission/.config/transmission/settings.json, the transmission-daemon service must be stopped. Changes made while the service is running will be ignored and set back to their previous settings upon restart.

Aug.28

bentech4u 1 Solaris

Solaris Script:- Generate sar CPU & MEMORY of current month

HI

This is to generate comma separated values of CPU and Memory usage of current month. later we can export to .csv file for plotting graph in excel.

 

#!/usr/bin/bash
#Wrote on 18-08-2016 by Ben George
##################################
# Generate sar CPU & MEMORY of current month
##################################
PATH=/usr/xpg4/bin:$PATH
IFS=$’\n’ read -d ” -ra date < <(ls -l /var/adm/sa/ | grep `date +%b` | awk ‘{print $6″ “$7}’)
IFS=$’\n’ read -d ” -ra file < <(ls -l /var/adm/sa/ | grep `date +%b` | awk ‘{print $9}’)
printf “\n\n##— CPU AVERAGE —## \n\n”
echo $(sar -u -f /var/adm/sa/sa01 | awk ‘NR==4{print “Date,”$2″,”$3″,”$4”,”$5}’)
for i in “${!date[@]}”
do
cpuvalues=$(sar -u -f /var/adm/sa/”${file[$i]}” | grep -i average | awk ‘{print $2″,”$3″,”$4″,”$5}’)
echo “${date[$i]},$cpuvalues”
done
printf “\n\n##— MEMORY AVERAGE —## \n\n”
echo $(sar -r -f /var/adm/sa/sa01 | awk ‘NR==4{print “Date,”$2”,”$3}’)
for j in “${!date[@]}”
do
memoryvalues=$(sar -r -f /var/adm/sa/”${file[$j]}” | grep -i average |awk ‘{print $2″,”$3}’)
echo “${date[$j]},$memoryvalues”
done

 

NOTE: please request if you have difficulty in copy/paste. i will send you script through mail

Aug.17

bentech4u 0 programming,Solaris

Solaris script to generate average Disk I/O based on sar

HI

 

this is a simple script to generate average diskI /O based on sar reports. the output is given as comma separated and you can easily generate graphs by Excel or LibreOffice

 

#!/usr/bin/env bash
#Wrote on 15-08-2016 by Ben George
##################################
# Generate sar Disk IO of current month
##################################

PATH=/usr/xpg4/bin:$PATH

DATEROW=$(read -r date month < <(date ‘+%d %b’); days=(); for (( i = 1; i <= 10#$date; ++i )); do days+=(“$month$i”); done; printf ‘%s,’ “${days[@]}”)
echo “Device,”$DATEROW

lastfile=/var/adm/sa/sa$(date +%d)

for file in /var/adm/sa/sa[0-9][0-9]; do
[[ $file > $lastfile ]] && break
sar -d -f “$file”
done | awk -v RS= -F’\n’ ‘
$1 ~ /Average/ {
for (i = 1; i<=NF; ++i) {
if ($i !~ /vdc/)
continue;
split($i, row, ” “);
a[row[1]]=a[row[1]]”,”row[4] }
}
END {
for (disk in a)
print disk a[disk] }’

 

NOTE: if anyone is getting difficulty reading the script, please mail me i will send the script

Mar.23

bentech4u 0 Linux

Network Issue on VMWare Workstation – CentOS 7 & above

I was facing this issue with centos 7.2 release and device was not showing in my nmcli.

I tried many times adding/removing cards the reason is that the v7 3.10 kernel no longer supports the Ethernet Controller device And the solution is..

I added the following line to your  .vmx file and reboot system.

ethernet0.virtualDev = “e1000”

*replace ethernet0 with your card specific number