20100429

AIX backup / restore

The commonly used mode of backup utility back up file systems by i-node. It uses the Level param of 0 - for full,
1 to 9 for incremental backups, and takes the predefined fileset as input (/, /home, /opt, /usr, /var, etc.).
If you want to use the ordinary directory, not the one of predefined filesets use the -i switch.
It takes the list of files from the standard input (back up by name), and when used in conjunction with hyphen sign
as the target device, it can be piped directly to dd, to put the output into the file.

$ find /etc | backup -i -f - | dd of=/backup/etc.bak

To list the content of backup archive use restore with the -T switch.

$ restore -Tq -f /backup/etc.bak

To restore the individually named file use -x switch.

# restore -xqf /backup/etc.bak /etc/passwd
x /etc/passwd

...or files (in verbose mode):

# restore -xqvf /backup/etc.bak /etc/passwd /etc/security/passwd
New volume on /backup/etc.bak:
 Cluster 51200 bytes (100 blocks).
    Volume number 1
    Date of backup: Thu Apr 29 12:22:13 2010
    Files backed up by name
    User root
x          560 /etc/passwd
x          288 /etc/security/passwd
    total size: 848
    files restored: 2

And to get back all the content of the specified subdirectory use the force of -d

# restore -xqdf /backup/etc.bak /etc/security
x /etc/security
x /etc/security/.idlck
x /etc/security/.ids
x /etc/security/.kst
x /etc/security/.profile
x /etc/security/acl
x /etc/security/aixpert
x /etc/security/aixpert/bin
x /etc/security/aixpert/bin/ISSServerSensor
x /etc/security/aixpert/bin/audit_report
x /etc/security/aixpert/bin/binaudit
[...]


Be aware that all the above actions has overwritten the original files.
0 komentarze
Etykiety: , ,

20100427

mktemp portability

If you ever need to create a script, to run in the closest possible way in all the unix flavours -
beware of HP-UX behaviour of mktemp command.

It is the only unix system (I know) where mktemp do not create randomly named file/directory.

The result of its actions is just a display of generated name.
2 komentarze
Etykiety: ,

Silence is golden 


$ touch .hushlogin
0 komentarze
Etykiety:

20100309

User interface error

Have you ever encountered similar problems during the n-time tryout of the SSL signing process?

# openssl rsa -in cakey.pem -out cakey.pem
Enter pass phrase for cakey.pem:
User interface error
unable to load Private Key
26116:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:403:

or...

# ./CA.pl -sign
Using configuration from /usr/lib/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem:
User interface error
unable to load CA private key
26676:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:403:
Signed certificate is in newcert.pem

This is a single-echo-pill solution.

ad. 1

# echo | openssl rsa -in cakey.pem -out cakey.pem
Enter pass phrase for cakey.pem:
writing RSA key

ad. 2

# printf "y\ny\n"| ./CA.pl -sign
Using configuration from /usr/lib/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem:
Check that the request matches the signature
Signature ok
Certificate Details:
[...]
Sign the certificate? [y/n]:

1 out of 1 certificate requests certified, commit? [y/n]Write out database with 1 new entries
Data Base Updated
Signed certificate is in newcert.pem

Enjoy.
0 komentarze
Etykiety: , ,

20100303

maximum number of instances of the package

Sometimes there is a need of existence of concurrent versions of the same package.
It is not a issue why, but how to achieve this behaviour.

During the normal installation procedure of the package, with the same name but different version then already installed one,
there is a chance to see a similar message:

# pkgadd -d somepkg*dstream
[...]
Current administration requires that a unique instance of the
<somepkg> package be created.  However, the maximum number of
instances of the package which may be supported at one time on the
same system has already been met.

No changes were made to the system.

To resolve the conflict change the value of MAXINST variable from inside the pkginfo file
(during the package build process).

For example, to allow the coexistence of maximum number of two packages use the following:

MAXINST=2


# pkgadd -d somepkg*dstream
[...]

Installation of <somepkg.2> was successful.
0 komentarze
Etykiety: ,

20100225

E.T. call ~home

After many years of unix systems administration, it is a pure pleasure to discover the trick
as simple as displaying the user home directory with ~username.

Examples:

$ echo ~adm
/var/adm
$ echo ~listen
/usr/net/nls
$ echo ~wisnios
/home/wisnios
0 komentarze

20100212

digression

command+shift+L rise a google search window with the results of the selected-piece-of-text query.
Piękne. It's beautiful.
0 komentarze
Etykiety:
Subscribe to: Posts (Atom)