Friday, May 24, 2013

be lazy on that dual-homed system

@reboot route add default gw 6.6.6.1 eth0

exim4 add'l ports

and we all go oh wah oh wah ooooh wah.
i want my nice ubuntu box with exim4 to listen on other freaking ports to get around firewall rules.  but i am that cool.  or tired.
my ip address is 10.6.6.6

since i'm using the whole debconf thing:

go into /etc/exim4/update-exim4.conf.conf

dc_local_interfaces='127.0.0.1:10.6.6.6.8080:10.6.6.6.25'

see that colon?  that goes between ip addresses you are interested on listening on.  
see that octet and then period number?  yeah.  that's the port number you want to listen on.
now.  this is way different than the smarthost port to send to.  the smarthost gets ::port.
yeah.

issue:
# update-exim4.conf

maybe a little
# /etc/init.d/exim4 restart

vid: /var/log/exim4/mainlog:
2013-05-24 11:33:30 exim 4.69 daemon started: pid=24362, -q30m, listening for SMTP on [127.0.0.1]:25 [10.6.6.6]:8080 [10.6.6.6]:25

what does lsof say?

exim4     24362 Debian-exim    3u  IPv4 3386590       TCP localhost:25 (LISTEN)
exim4     24362 Debian-exim    4u  IPv4 3386591       TCP evil:8080 (LISTEN)
exim4     24362 Debian-exim    5u  IPv4 3386592       TCP evil:25 (LISTEN)
alright. time to go back to sleep.

Tuesday, May 14, 2013

solaris 8 root passwd reset

i have no idea where this came from. i was grepping on my system for some hints. and this appeared. apparently i had to reset a sol8 root password in 2005. and now i have to do it again...

reset unknown root password
solaris 8

follow these steps you will have to use a new password though.

You need to have physical access to the machine's console.

Note the root partition; Solaris 8 uses /dev/dsk/c0t0d0s0 on the Ultra5/10
and Blade 100, /dev/dsk/c0t1d0s0 for Blade 1000.

Press the STOP and A keys simultaneously, or, on an ASCII terminal or
emulator, send a ) to halt the operating system, if it's running.

Boot single-user from CD-ROM (boot cdrom -s) or network install/jumpstart
server (boot net -s). For Solaris 8 use the CD-ROM labeled "Installation".
(If it asks you for a prom password, see below.)

Mount the root partition on "/a". "/a" is an empty mount point that exists
at this stage of the installation procedure. For example: #mount
/dev/dsk/c0t0d0s0 /a

If the mount command fails and since "/a" always exists, then you either
typed in the wrong device, OR the system is seeing the root partition as
something else. Do a "ls /tmp/dev/dsk" and see what is there. "c0t6" things
are the CD-ROM, what is left is what one needs to try. On a Blade 1000/2000,
choose /dev/dsk/c1t1d0s0, and execute: #mount /dev/dsk/c1t1d0s0 /a

Set your terminal type so you can use a full-screen editor, such as vi. You
can skip this step if you know how to use "ex" or "vi" from open mode. If
you're on a sun console, type "TERM=sun; export TERM"; If you are using an
ascii terminal or terminal emulator on a PC for your console, set TERM to
the terminal type for example: TERM=vt100; export TERM.

Edit the passwd file, /a/etc/shadow (or perhaps in older versions,
/etc/passwd) and remove the encrypted password entry for root.

Type: "cd /; then "umount /a"

Reboot as normal in single-user mode ("boot -s"). The root account will not
have a password. Give it a new one using the passwd command.

PROM passwords: Naturally, you may not want anyone with physical access to
the machine to be able to do the above to erase the root password. Suns have
a security password mechanism in the PROM which can be set (this is turned
off by default). The man page for the eeprom command describes this feature.
If security-mode is set to "command", the machine only be booted without the
prom password from the default device (i.e. booting from CD-ROM or install
server will require the prom password). Changing the root password in this
case requires moving the default device (e.g. the boot disk) to a different
SCSI target (or equivalent), and replacing it with a similarly bootable
device for which the root password is known. If security-mode is set to
full, the machine cannot be booted without the prom password, even from the
default device; defeating this requires replacing the NVRAM on the
motherboard. "Full" security has its drawbacks -- if, during normal
operations, the machine is power-cycled (e.g. by a power outage) or halted
(e.g. by STOP-A), it cannot reboot without the intervention of someone who
knows the prom password

....

Let's start by inserting the Solaris installation CD-ROM and then 
shutting down the system. Press...

     Stop-A

This will bring you the OK prompt. Now type:

     boot cdrom -s

and after a few minutes you will automatically be logged in as root in 
single user mode. It is possible that you get messages from your system 
claiming that some partitions were not cleanly unmounted. If this is the case 
check the partition as follows (assuming that your root partition 
is mounted on /dev/dsk/c0t0d0s0):

     fsck -y /dev/dsk/c0t0d0s0

Now mount your root partition...

     mount /dev/dsk/c0t0d0s0 /a

and edit /a/etc/shadow. Find root's entry in this file and remove the 
second field (encrypted root password) so it looks like...

     root::98765::::::

After making your change, save the file and reboot the system.

Tuesday, May 7, 2013

tar or gtar that is the question

so i decided i'd tar up a directory and gzip it on the fly over ssh between two sun boxes.
why?  because my filesystem is small.  like painfully small. like you put stuff in tmp and you cause a little panic small.
oh, and i need a bizarre version of sun studio 11. install and find patches.  no thanks.

rude-solbox$ tar -c /opt/sunstudio11 | gzip -2 | ssh nice-solbox "cat > /opt/sunstudio11.tar.gz"

so i go to nice-solbox, start doing the usual tar xvfz junk and the following scrolls by:

@LongLink: typeflag 'L' not recognized, converting to regular file

that means trouble.

so, maybe using the gnu version of tar, gtar is in order.   let's take a look here:
/usr/sfw/bin/gtar or /opt/sfw/bin/gtar

yep.

re-run: 
rude-solbox$ gtar -c /opt/sunstudio11 | gzip -2 | ssh nice-solbox "cat > /opt/sunstudio11.tar.gz"

then gtar away.  coolness.