Archive for the ‘Red Hat RHEL’ Category.

Ulimit settings not being applied with SSH logins

On a RHEL5 server ulimit setting was not applied when I logged in using SSH. No matter what I did the setting remained the same. Doing a “su – ” to a user, however, worked like a treat. Strange! I did a bit of googling and found the following answer to my problem:

1. In /etc/pam.d/sshd add the line

session    required     pam_limits.so

2. In /etc/pam.d/login add the line

session    required     pam_limits.so

3. In /etc/ssh/sshd_config add

UsePAM yes

(this might already be in place in your config file – I’m not using a stock sshd_config)

4. reload SSH

/etc/init.d/sshd restart

Now change something in /etc/security/limits.conf

user1           soft    nofile  2048
user1           hard    nofile  4096

Log in as user1 – and voila!
ulimit -n should now show 2048 and ulimit -nH 4096

Missing device file

In our ESX environment, I extended a virtual disk from VirtualCenter and created a new partition on it using fdisk. The new partition was to be added to a Volume Group under LVM. But the OS (RHEL5 in this case) didn’t recognize the partition. “pvcreate” said it could not find the the device it was “Ignored by filtering” – As it turned out it was not so much a question of filtering as the fact that the device file was missing; /dev/sdb2 simply did not exist. I did a lot of searching and jumping through hoops for a solution that did not include a reboot (the server in question is a production server) – While there might very well be other solutions to this – the one I found turned out to be quite simple: Don’t use fdisk – use “parted” instead:

parted DEVICE
(parted) mkpart PART-TYPE START END
(parted) toggle PART-NUMBER FLAG

in my case it looked like this:

parted /dev/sdb
(parted) mkpart primary 53.7GB 107GB
(parted) toggle 2 lvm
(parted) print
Model: VMware Virtual disk (scsi)
Disk /dev/sdb: 107GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Number  Start   End     Size    Type     File system  Flags
 1      32.3kB  53.7GB  53.7GB  primary               lvm
 2      53.7GB  107GB   53.7GB  primary               lvm

And Voila! – you’ll have a new partition AND the corresponding device file!

Howto generate a random password i an jiffy!

The following one-liner will generate a random eight character string consisting of numbers as well as upper- and  lowercase letters.

echo `< /dev/urandom tr -dc A-Za-z0-9 | head -c8`

or

tr -dc '0-9a-zA-Z' </dev/urandom |head -c8; echo

If you need a shorter or longer password you can ajust the “-c8”-value.

And yes, I know…… a password should contain special characters as well. Please feel free to add a few periods and asterisks :-)

I found this on the net somewhere. I don’t remember where – sorry.

Add a vmdk to virtual RHEL5 server

To add a vmdk to a virtaul RHEL5 server, you first of all need to create the vmdk (d’oh!) – I won’t go into that here. Next, on the RHEL5 server do as root:

echo "- - -" > /sys/class/scsi_host/host0/scan (the spaces between the dashed are important)

This will cause the scsi bus to be rescanned and the new disk should be found. For the devicename check “dmesg”. Now you can partition the disk, add it to LVM or whatever.

Howto extend a ext3 filesystem in RHEL5

In RHEL5 ext2online is no longer available. However, do not despair – you can still grow your ext3 filesystems while online: The functionality has been included in resize2fs so to resize a logical volume, start by extending the volume:

# lvextend -L +2G /dev/systemvg/homelv

And the resize the filesystem:

# resize2fs /dev/systemvg/homelv (by omitting the size argument resize2fs defaults to using the available space in the partition/lv)

Expire password in Linux

If you need to force a user to change password at next login, simply use:

# chage -d 0 <userid>

Keep track of failed login attempts

To enable faillog to actually start logging failed login attempts you need to set up PAM to use the module “pam_tally.so”. To configure PAM open the file /etc/pam.d/system-auth in your favourite editor and add the following lines to the file:

auth required pam_tally.so onerr=fail deny=5
account required pam_tally.so

This should make sure that accounts are locked if the number of failed attempts exceeds 5. The counter is reset on successful login.

The behaviour of pam_tally has changed over time – this approach should work on at least Fedora Core 6+, RHEL 5, SLES10 and later.

In SLES 10 the PAM config-file is /etc/pam.d/login

Howto change MTU in Red Hat Linux

In Red Hat Enterprise Linux you can change the MTU (Maximum Transmission Unit) dynamically

# ip link set mtu eth0 512

or using ifconfg

# ifconfig eth0 mtu 512

but to make it permanent even after a reboot you need to add the MTU setting to the correct interface configuration file.

continuing the above examples, that would be:

add


MTU=512

to


/etc/sysconfig/network-scripts/ifcfg-eth0