How to mirror a boot disk under HP-UX

  Original text from: http://wiki-ux.info/wiki/How_to_mirror_a_boot_disk

Abstract

Using Logical Volume Manager (LVM) to mirror a HP-UX system boot disk is an standard security practice if the Mirror/UX bundle is available. The following article details the procedure to acomplish this task on HP-UX 11i systems with LVM boot disks.

Contents 1 Abstract 2 HP 9000 11i v1 (11.11) / 11i v2 (11.23) 3 HP 9000 11i v3 (11.31) with persistent DSF 4 Integrity 11i v2 (11.23) 5 Integrity 11i v3 (11.31) with persistent DSF 6 Automating LVM mirroring 7 Troubleshooting 7.1 HP 9000 7.2 Integrity 8 Monitor volume group syncronization 9 Reference 10 Authors

HP 9000 11i v1 (11.11) / 11i v2 (11.23)

1. Identify the available disk to mirror the vg00 logical volumes.

# strings /etc/lvmtab | grep dev
/dev/vg00
/dev/dsk/c3t3d0

# ioscan -funC disk
disk      0  1/0/1/0/0/1/3.0.6   sdisk    CLAIMED     DEVICE       HP 36.4GST336607FC
                           /dev/dsk/c3t6d0   /dev/rdsk/c3t6d0
disk      1  1/0/1/0/0/1/3.#.0   sdisk    CLAIMED     DEVICE       HP 36.4GST336607FC
                           /dev/dsk/c#t#d#   /dev/rdsk/c#t#d#

2. Create and populate the boot disk LIF area. Be sure to use the "-B" flag to allocate space for the BDRA

# pvcreate -fB /dev/rdsk/c#t#d#
# mkboot /dev/rdsk/c#t#d#

3. Change the AUTO file on both boot disks to hpux -lq so the host can boot without quorum if one mirror disk fails.

# mkboot -a "hpux -lq" /dev/rdsk/c#t#d#
# mkboot -a "hpux -lq" /dev/rdsk/c#t#d#

4. Check the boot string in the AUTO file. This command should output: "hpux -lq"

# /usr/bin/lifcp /dev/rdsk/c#t#d#:AUTO -

5. Add the disk to vg00.

# vgextend vg00 /dev/dsk/c#t#d#

6. Mirror all vg00 logical volumes

# lvextend -m 1 /dev/vg00/lvol# /dev/dsk/c#t#d#

7. Verify that the BDRA is up to date.

# lvlnboot -R

8. Add a line to /stand/bootconf so SD-UX knows which disks are boot disks.

# vi /stand/bootconf
l /dev/dsk/c#t#d#
l /dev/dsk/c#t#d#

9. Configure the second disk as an alternate boot path in the system NVRAM.

# setboot -p #/#/#/#/#.#.#
# setboot -a #/#/#/#/#.#.#

10. Check the status of the NVRAM configuration.

# setboot

HP 9000 11i v3 (11.31) with persistent DSF

Mirroing boot disks on HP-UX 11.31 HP 9000 system can been done using the legacy special devices files or the new persistent devices file of the new Mass Storage Stack, also know as Agile View. This document discuses Agile View.
1. Identify an available disk to add to vg00.

# ioscan -funC disk
Class     I  H/W Path       Driver S/W State   H/W Type     Description
=======================================================================
disk      5  0/1/1/0.1.0    sdisk   CLAIMED     DEVICE       HP 36.4GST336754LC
                           /dev/dsk/c2t1d0   /dev/rdsk/c2t1d0
disk      0  0/1/1/1.0.0    sdisk   CLAIMED     DEVICE       HP 36.4GST336754LC
                           /dev/dsk/c3t0d0   /dev/rdsk/c3t0d0

# ioscan -m dsf
Persistent DSF           Legacy DSF(s)
========================================
/dev/rdisk/disk7         /dev/rdsk/c3t0d0
/dev/rdisk/disk12        /dev/rdsk/c2t1d0

# ioscan -N -fnkC disk
Class     I  H/W Path  Driver S/W State   H/W Type     Description
===================================================================
disk      7  64000/0xfa00/0x0  esdisk   CLAIMED     DEVICE       HP 36.4GST336754LC
                      /dev/disk/disk7   /dev/rdisk/disk7
disk     12  64000/0xfa00/0x5  esdisk   CLAIMED     DEVICE       HP 36.4GST336754LC
                      /dev/disk/disk12   /dev/rdisk/disk12

# ioscan -m hwpath
Lun H/W Path      Lunpath H/W Path                 Legacy H/W Path
====================================================================
64000/0xfa00/0x0
                  0/1/1/1.0x0.0x0                  0/1/1/1.0.0
64000/0xfa00/0x5
                  0/1/1/0.0x1.0x0                  0/1/1/0.1.0

2. Use pvcreate and mkboot to format and populate the disk:

# pvcreate -f -B /dev/rdisk/disk7
# mkboot -l /dev/disk/disk7

3. Change the AUTO file on both boot disks to hpux -lq so the host can boot without quorum if one mirror disk fails.

# mkboot -a "hpux -lq" /dev/rdisk/disk12
# mkboot -a "hpux -lq" /dev/rdisk/disk7

4. Add the disk to vg00. Be sure to use the "-B" flag to allocate space for the BDRA.

# vgextend /dev/vg00 /dev/disk/disk7

5. Starting with the boot, swap, and root logical volumes, run lvextend to mirror each logical volume:

# /usr/sbin/lvextend -m 1 /dev/vg00/lvol1 /dev/disk/disk7
# /usr/sbin/lvextend -m 1 /dev/vg00/lvol2 /dev/disk/disk7
# /usr/sbin/lvextend -m 1 /dev/vg00/lvol3 /dev/disk/disk7
# /usr/sbin/lvextend -m 1 /dev/vg00/lvoln /dev/disk/disk7

6. Run the following lvlnboot commands to reestablish LVM’s knowledge of the root and boot file systems and primary swap and dump.

# /usr/sbin/lvlnboot -b /dev/vg00/lvol1
# /usr/sbin/lvlnboot -r /dev/vg00/lvol3
# /usr/sbin/lvlnboot -s /dev/vg00/lvol2
# /usr/sbin/lvlnboot -d /dev/vg00/lvol2
# /usr/sbin/lvlnboot -R

7. Add the block device special file of the HP-UX (second) disk to the file /stand/bootconf. The lower case "l" in the following command indicates that the disk is managed by LVM or VxVM.

# /usr/bin/echo "l /dev/disk/disk7" >> /stand/bootconf

8. If desired, set the alternate boot path to the mirror_disk using the Lunpath H/W Path. Check step 1.

# /usr/sbin/setboot -a 0/1/1/1.0x0.0x0

Integrity 11i v2 (11.23)

1. Identify the available disk to mirror the vg00 logical volumes.

# strings /etc/lvmtab
/dev/vg00
/dev/dsk/c0t6d0s2

# ioscan -fnkC disk
Class     I  H/W Path        Driver   S/W State   H/W Type     Description
===========================================================================
disk      0  1/0/0/3/0.6.0   sdisk    CLAIMED     DEVICE       HP 36.4GMAS3367NC
                            /dev/dsk/c0t6d0     /dev/rdsk/c0t6d0
                            /dev/dsk/c0t6d0s1   /dev/rdsk/c0t6d0s1
                            /dev/dsk/c0t6d0s2   /dev/rdsk/c0t6d0s2
                            /dev/dsk/c0t6d0s3   /dev/rdsk/c0t6d0s3
disk      1  1/0/1/1/1.#.0  sdisk    CLAIMED     DEVICE       HP 36.4GMAS3367NC
                            /dev/dsk/c#t#d0     /dev/rdsk/c#t#d0

2. Use the following commands to determine the size in megabytes of the (1) EFI, (2) HP-UX, and (3) HPSP partitions on the current boot disk:

# /usr/sbin/diskinfo -b /dev/rdsk/c0t6d0s1 \
| awk '{print $1 / (1024)}'
# /usr/sbin/diskinfo -b /dev/rdsk/c0t6d0s2 \
| awk '{print $1 / (1024)}'
# /usr/sbin/diskinfo -b /dev/rdsk/c0t6d0s3 \
| awk '{print $1 / (1024)}'

3. Create an IPF partition description file to create the EFI and OS partititions using your favorite method. Theses two example shows how to create a IPF description file with an EFI partition of 500 Megabytes and a HPSP partiiton of 400 Megabytes.

# print '3\nEFI 500MB\nHPUX 100%\nHPSP 400MB' > /tmp/idf

4. Use idisk to setup the disk partitioning using the file created above:

# idisk -wf /tmp/idf /dev/rdsk/c#t#d#

NOTE: There will be a prompt with a message saying the operation may be destructive and asks to continue. Answer yes for the operation to be successful. If the prompt is answered with only the 'y' character an error will be received along with a message user aborting.

5. Use the insf command to create device files for all the newly-created partitions.

# /usr/sbin/insf -e -H 

6. Use mkboot to format and populate the newly created EFI partition:

# mkboot -e -l /dev/dsk/c#t#d#

7. Change the AUTO file on both boot disks to "boot vmunix -lq" so the host can boot without quorum if one mirror disk fails.

# print 'boot vmunix -lq' > /tmp/auto
# efi_cp -d /dev/rdsk/c#t#d#s1 /tmp/auto /efi/hpux/auto  # Primary disk
# efi_cp -d /dev/rdsk/c#t#d#s1 /tmp/auto /efi/hpux/auto  # Alternate disk

8. Run the pvcreate command on the character device file for the HP-UX (second) partition of the mirror disk, using the "-B" flag to make the disk bootable, and the "-f" flag to overwrite any pre-existing data on the disk.

# /usr/sbin/pvcreate -f -B /dev/rdsk/c#t#d#s2

9. Extend the root volume group to the HP-UX partition of the mirror disk, using the block device file of the second EFI partition.

# /usr/sbin/vgextend /dev/vg00 /dev/dsk/c#t#d#s2

10. Starting with the boot, swap, and root logical volumes, run lvextend to mirror each logical volume on the volume group.

# /usr/sbin/lvextend -m 1 /dev/vg00/lvol1 /dev/dsk/c#t#d#s2
# /usr/sbin/lvextend -m 1 /dev/vg00/lvol2 /dev/dsk/c#t#d#s2
# /usr/sbin/lvextend -m 1 /dev/vg00/lvol3 /dev/dsk/c#t#d#s2
# /usr/sbin/lvextend -m 1 /dev/vg00/lvol# /dev/dsk/c#t#d#s2

11. Run the following lvlnboot commands to establish LVM’s knowledge of the root and boot file systems and primary swap and dump on the alternate disks.

# /usr/sbin/lvlnboot -b /dev/vg00/lvol1
# /usr/sbin/lvlnboot -r /dev/vg00/lvol3
# /usr/sbin/lvlnboot -s /dev/vg00/lvol2
# /usr/sbin/lvlnboot -d /dev/vg00/lvol2
# /usr/sbin/lvlnboot -R

12. Add the block device special file of the HP-UX (second) partition of the mirror to the file /stand/bootconf. The lower case "l" in the following command indicates that the disk is managed by LVM or VxVM.

# /usr/bin/echo "l /dev/dsk/c#t#d#s2" >> /stand/bootconf

13. If desired, set the alternate boot path to the mirror_disk using the hardware path. Check step 6.

# /usr/sbin/setboot -a 
# /usr/sbin/setboot -h 

14. If the mirror disk includes an HPSP partition, use the efi_fsinit command on the character device file for the HPSP (third) partition to initialize it with an EFI file system.

# /usr/sbin/efi_fsinit -d /dev/rdsk/c#t#d#s3

Integrity 11i v3 (11.31) with persistent DSF

Mirroing boot disks on HP-UX 11i v 3 (11.31) Integrity system can been done using the Legacy device special files or the Persistent device special file implemented by the new Mass Storage Stack, also know as Agile View. This document section discuses the newer method.
1. Identify an available disk to add to vg00.

# ioscan -funC disk
Class     I  H/W Path     Driver S/W State   H/W Type     Description
=====================================================================
disk      0  0/0/0/0.0.0  sdisk   CLAIMED     DEVICE       HP      Virtual LvDisk
                         /dev/dsk/c0t0d0     /dev/dsk/c0t0d0s2   /dev/rdsk/c0t0d0    /dev/rdsk/c0t0d0s2
                         /dev/dsk/c0t0d0s1   /dev/dsk/c0t0d0s3   /dev/rdsk/c0t0d0s1  /dev/rdsk/c0t0d0s3
disk      1  0/0/0/0.1.0  sdisk   CLAIMED     DEVICE       HP      Virtual LvDisk
                         /dev/dsk/c0t1d0   /dev/rdsk/c0t1d0

# ioscan -m dsf
Persistent DSF           Legacy DSF(s)
========================================
/dev/rdisk/disk18        /dev/rdsk/c0t1d0
/dev/rdisk/disk19_p1     /dev/rdsk/c0t0d0s1
/dev/rdisk/disk19_p2     /dev/rdsk/c0t0d0s2
/dev/rdisk/disk19_p3     /dev/rdsk/c0t0d0s3

# ioscan -N -fnkC disk
Class     I  H/W Path  Driver S/W State   H/W Type     Description
===================================================================
disk     18  64000/0xfa00/0x8  esdisk   CLAIMED     DEVICE       HP      Virtual LvDisk
                      /dev/disk/disk18   /dev/rdisk/disk#
disk     19  64000/0xfa00/0x9  esdisk   CLAIMED     DEVICE       HP      Virtual LvDisk
                      /dev/disk/disk19      /dev/disk/disk19_p2   /dev/rdisk/disk19     /dev/rdisk/disk19_p2
                      /dev/disk/disk19_p1   /dev/disk/disk19_p3   /dev/rdisk/disk19_p1  /dev/rdisk/disk19_p3

# ioscan -m hwpath
Lun H/W Path      Lunpath H/W Path                 Legacy H/W Path
====================================================================
64000/0xfa00/0x8
                  0/0/0/0.0x1.0x0                  0/0/0/0.1.0
64000/0xfa00/0x9
                  0/0/0/0.0x0.0x0                  0/0/0/0.0.0

2. Use the following commands to determine the size in megabytes of the (1) EFI, and (3) HPSP partitions on the current boot disk.

# /usr/sbin/diskinfo -b /dev/rdisk/disk19_p1 \
| awk '{print $1 / (1024)}'
499.969

# /usr/sbin/diskinfo -b /dev/rdisk/disk19_p3 \
| awk '{print $1 / (1024)}'
400

3. Create an IPF partition description file to create the EFI and OS partititions using your favorite method. Theses two example shows how to create a IPF description file with an EFI partition of 500 Megabytes and a HPSP partiiton of 400 Megabytes.

# print '3\nEFI 500MB\nHPUX 100%\nHPSP 400MB' > /tmp/idf

4. Use idisk to perform the disk partitioning in the available drive using the file created above.

# idisk -wf /tmp/idf /dev/rdisk/disk#

NOTE: There will be a prompt with a message saying the operation may be destructive and asks to continue. Answer yes for the operation to be successful. If the prompt is answered with only the 'y' character an error will be received along with a message user aborting.
Example:

idisk version: 1.43
********************** WARNING ***********************
If you continue you may destroy all data on this disk.
Do you wish to continue(yes/no)? yes

EFI Primary Header:
        Signature                 = EFI PART
        Revision                  = 0x10000
        HeaderSize                = 0x5c
        HeaderCRC32               = 0x5ca973b2
        MyLbaLo                   = 0x1
        AlternateLbaLo            = 0x3fffff
        FirstUsableLbaLo          = 0x40
        LastUsableLbaLo           = 0x3fffbf
        Disk GUID                 = f7cb4b9c-8f2d-11dc-8000-d6217b60e588
        PartitionEntryLbaLo       = 0x2
        NumberOfPartitionEntries  = 0xc
        SizeOfPartitionEntry      = 0x80
        PartitionEntryArrayCRC32  = 0x4ec7aafc

  Primary Partition Table (in 512 byte blocks):
    Partition 1 (EFI):
        Partition Type GUID       = c12a7328-f81f-11d2-ba4b-00a0c93ec93b
        Unique Partition GUID     = f7cb52cc-8f2d-11dc-8000-d6217b60e588
        Starting Lba              = 0x40
        Ending Lba                = 0xf9fff
    Partition 2 (HP-UX):
        Partition Type GUID       = 75894c1e-3aeb-11d3-b7c1-7b03a0000000
        Unique Partition GUID     = f7cb52f4-8f2d-11dc-8000-d6217b60e588
        Starting Lba              = 0xfa000
        Ending Lba                = 0x337fff
    Partition 3 (HPSP):
        Partition Type GUID       = e2a1e728-32e3-11d6-a682-7b03a0000000
        Unique Partition GUID     = f7cb5312-8f2d-11dc-8000-d6217b60e588
        Starting Lba              = 0x338000
        Ending Lba                = 0x3fffbf

EFI Alternate Header:
        Signature                 = EFI PART
        Revision                  = 0x10000
        HeaderSize                = 0x5c
        HeaderCRC32               = 0xfcc1ebde
        MyLbaLo                   = 0x3fffff
        AlternateLbaLo            = 0x1
        FirstUsableLbaLo          = 0x40
        LastUsableLbaLo           = 0x3fffbf
        Disk GUID                 = f7cb4b9c-8f2d-11dc-8000-d6217b60e588
        PartitionEntryLbaLo       = 0x3fffdf
        NumberOfPartitionEntries  = 0xc
        SizeOfPartitionEntry      = 0x80
        PartitionEntryArrayCRC32  = 0x4ec7aafc

  Alternate Partition Table (in 512 byte blocks):
    Partition 1 (EFI):
        Partition Type GUID       = c12a7328-f81f-11d2-ba4b-00a0c93ec93b
        Unique Partition GUID     = f7cb52cc-8f2d-11dc-8000-d6217b60e588
        Starting Lba              = 0x40
        Ending Lba                = 0xf9fff
    Partition 2 (HP-UX):
        Partition Type GUID       = 75894c1e-3aeb-11d3-b7c1-7b03a0000000
        Unique Partition GUID     = f7cb52f4-8f2d-11dc-8000-d6217b60e588
        Starting Lba              = 0xfa000
        Ending Lba                = 0x337fff
    Partition 3 (HPSP):
        Partition Type GUID       = e2a1e728-32e3-11d6-a682-7b03a0000000
        Unique Partition GUID     = f7cb5312-8f2d-11dc-8000-d6217b60e588
        Starting Lba              = 0x338000
        Ending Lba                = 0x3fffbf

Legacy MBR (MBR Signatures in little endian):
   MBR Signature = 0xd44acbf7

Protective MBR

5. Use the insf command to create device files for new EFI partitions. Use both the hardware path obtained from step 1.

# insf -e -H 0/0/0/0.1.0
insf: Installing special files for sdisk instance 1 address 0/0/0/0.1.0

# insf -e -H 64000/0xfa00/0x8
insf: Installing special files for esdisk instance 18 address 64000/0xfa00/0x8

6. Verified the newly create partition.

# ioscan -N -fnkC disk
Class     I  H/W Path  Driver S/W State   H/W Type     Description
===================================================================

disk     18  64000/0xfa00/0x8  esdisk   CLAIMED     DEVICE       HP      Virtual LvDisk
                      /dev/disk/disk#       /dev/disk/disk#_p2    /dev/rdisk/disk#      /dev/rdisk/disk#_p2
                      /dev/disk/disk18_p1   /dev/disk/disk18_p3   /dev/rdisk/disk18_p1  /dev/rdisk/disk#_p3
disk     19  64000/0xfa00/0x9  esdisk   CLAIMED     DEVICE       HP      Virtual LvDisk
                      /dev/disk/disk19      /dev/disk/disk19_p2   /dev/rdisk/disk19     /dev/rdisk/disk19_p2
                      /dev/disk/disk19_p1   /dev/disk/disk19_p3   /dev/rdisk/disk19_p1  /dev/rdisk/disk19_p3

# ioscan -fnkC disk
Class     I  H/W Path     Driver S/W State   H/W Type     Description
=====================================================================
disk      0  0/0/0/0.0.0  sdisk   CLAIMED     DEVICE       HP      Virtual LvDisk
                         /dev/dsk/c0t0d0     /dev/dsk/c0t0d0s2   /dev/rdsk/c0t0d0    /dev/rdsk/c0t0d0s2
                         /dev/dsk/c0t0d0s1   /dev/dsk/c0t0d0s3   /dev/rdsk/c0t0d0s1  /dev/rdsk/c0t0d0s3
disk      1  0/0/0/0.1.0  sdisk   CLAIMED     DEVICE       HP      Virtual LvDisk
                         /dev/dsk/c0t1d0     /dev/dsk/c0t1d0s2   /dev/rdsk/c0t1d0    /dev/rdsk/c0t1d0s2
                         /dev/dsk/c0t1d0s1   /dev/dsk/c0t1d0s3   /dev/rdsk/c0t1d0s1  /dev/rdsk/c0t1d0s3 

7. Use mkboot to format and populate the newly created EFI partition:

# mkboot -e -l /dev/disk/disk#

8. Change the AUTO file on both boot disks to hpux -lq so the host can boot without quorum if one mirror disk fails.

# print 'boot vmunix -lq' > /tmp/auto

# efi_cp -d /dev/disk/disk#_p1 /tmp/auto /EFI/HPUX/AUTO

9. Run the pvcreate command on the character device file for the HP-UX (second) partition of the mirror disk, using the "-B" flag to make the disk bootable, and the "-f" flag to overwrite any pre-existing data on the disk.

# pvcreate -f -B /dev/rdisk/disk#_p2

10. Extend the root volume group to the HP-UX partition of the mirror disk, using the block device file of the second (HPUX) partition.

# vgextend /dev/vg00 /dev/disk/disk#_p2

11. Starting with the boot, swap, and root logical volumes, run lvextend to mirror each logical volume:

# /usr/sbin/lvextend -m 1 /dev/vg00/lvol1 /dev/disk/disk#_p2
# /usr/sbin/lvextend -m 1 /dev/vg00/lvol2 /dev/disk/disk#_p2
# /usr/sbin/lvextend -m 1 /dev/vg00/lvol3 /dev/disk/disk#_p2
# /usr/sbin/lvextend -m 1 /dev/vg00/lvol# /dev/disk/disk#_p2

12. Run the following lvlnboot commands to reestablish LVM’s knowledge of the root and boot file systems and primary swap and dump.

# /usr/sbin/lvlnboot -b /dev/vg00/lvol1
# /usr/sbin/lvlnboot -r /dev/vg00/lvol3
# /usr/sbin/lvlnboot -s /dev/vg00/lvol2
# /usr/sbin/lvlnboot -d /dev/vg00/lvol2
# /usr/sbin/lvlnboot -R

13. Add the block device special file of the HP-UX (second) partition of the mirror to the file /stand/bootconf. The lower case "l" in the following command indicates that the disk is managed by LVM or VxVM.

# /usr/bin/echo "l /dev/disk/disk#_p2" >> /stand/bootconf

14. If desired, set the alternate boot path to the mirror_disk using the Lunpath H/W Path. Check step 1.

# /usr/sbin/setboot -a 0/0/0/0.0x1.0x0

15. If the mirror disk includes an HPSP partition, use the efi_fsinit command on the character device file for the HPSP (third) partition to initialize it with an EFI file system.

# /usr/sbin/efi_fsinit -d /dev/rdisk/disk18_p3

Automating LVM mirroring

The following script can be use to automate LVM bootable volume mirroring on HP-UX 11i.

#!/usr/bin/sh
#
# Script mk_mirror.sh adds $1 disk into vg00 if not already added
# and makes $1 mirror boot disk
# It comes with no support and HP makes no representations as to its
# fitness for purpose. It is up to whoever uses this program to ensure
# that whatever functionality it provides is what they require.
# (c) Wiki-UX.info (2010)
#
# Author: Andrew Miller
# Date: 2006.11.20
# Updated 2008.05.07: Alejandro Marin, support HP-UX 11.31 Agile Addressing,
# some command simplification and change of "if | then" style.
# Updated 2008.11.07: Alejandro Marin, correct boot auto file and mirror extensions,
# for Integrity. Add additional setboot information.
# Based on comments by Markus Vogt
# Updated 2009.07.28: Alejandro Marin, change Itanium AUTO file creation function
# to verify file creation instead of command execution (redundancyt)
# Based on comments by Markus Vogt
# Updated 2009.11.02: Alejandro Marin, change "print" to "printf" to create no-quorum AUTO boot file
# Based on comments by Alex Sandulak
# 
#
# Script mk_mirror.sh basically execute.
#  pvcreate -B /dev/rdsk/c#t#d# | /dev/rdisk/disk#
#  mkboot /dev/rdsk/c#t#d# | /dev/rdisk/disk#
#  mkboot -a "hpux (;0)/stand/vmunix" [ /dev/rdsk/c#t#d# | /dev/rdisk/disk# ]
#  vgextend /dev/vg00 [ /dev/dsk/c#t#d# | /dev/disk/disk# ]
#
#  for LV in $(vgdisplay -v vg00 | awk '/PV Name/ {print $3}')
#  do
#    lvextend -m 1 $LV [ /dev/dsk/c#t#d# | /dev/disk/disk# ]
#  done
#
#  lvlnboot -r $ROOTLV  (typically lvol3)
#  lvlnboot -s $SWAPLV  (typically lvol2)
#  lvlnboot -d $SWAPLV  (typically lvol2)
#  lvlnboot -b $BOOTLV  (typically lvol1)
#  lvlnboot -R /dev/vg00
#  lvlnboot -v /dev/vg00
#  Display setboot output and recommends "setboot -a 

"
# EOF Script description

#set -x # xtrace: echo commands after command-line processing
#set -v # verbose: echo commands before executing them

#########################################################
# function _run_cmd
#########################################################
_run_cmd() {

CMD=$1
RET_VAL=0

print "\n$CMD"
print -n "\nRun above command? [y/n] "
read RUN_CMD

if [[ $RUN_CMD = y || $RUN_CMD = Y ]]; then
print "\nRunning command \"$CMD\"..."
$CMD
STAT=$?
if [[ $STAT -ne 0 ]]; then
print "\nERROR: command $CMD failed.\n"
RET_VAL=$STAT
fi
fi

return $RET_VAL

}
#########################################################
# End function _run_cmd
#########################################################

#########################################################
# MAIN Program
#########################################################

SCRIPT=$(basename $0)

# Test that the physical volume argument is provided

if [[ $1 = "" ]]; then
print "\nERROR: argument required, exiting."
print "\nUsage: script \"$SCRIPT disk (c#t#d#) | (disk#)\" - to make the disk bootable"
exit 1
fi

# Identified if system is running Itanium or PA-RISC Hardware
# arquitecture.
# HP Itanium is ia64, e.g., "ia64"
# HP PA-RISC is 9000/800 (server) or 9000/700 (workstation)
ARCH=$(uname -m)

if [[ $ARCH = "ia64" ]]; then
ITANIUM=true
else
ITANIUM=false
fi

# Identified if system is running HP-UX 11i v3 to enforce Agile View paths
# instead of legacy paths.
OSREL=$(uname -r)

if [[ $OSREL = "B.11.31" ]]; then
DISK=$1
DSK="/dev/disk/"$DISK
RDSK="/dev/rdisk/"$DISK
SUBFIX="_p"
else
DISK=$1
DSK=/dev/dsk/$DISK
RDSK=/dev/rdsk/$DISK
SUBFIX="s"
fi

# Verify DISK is a valid physical disk
DISKINFO=$(diskinfo $RDSK)

if [[ $DISKINFO = "" ]]
then
print "\nERROR: disk $DISK is not a valid physical disk (per diskinfo), exiting."
exit 1
fi

# Check to see if disk $DSK is already a member of vg00
IN_VG=$(vgdisplay -v vg00 | fgrep $DISK)

if [[ $IN_VG = "" ]]
then
print -n "\nDisk $DISK is not in vg00, add to vg00? [y/n] "
read ADD_TO_VG

if [[ $ADD_TO_VG = y || $ADD_TO_VGG = Y ]]
then
print "\nWill add disk $DISK to vg00 on $(uname -n) before being mirrored..."
fi
fi

if [[ $ITANIUM = true ]]; then

# Itanium ia64 models require idisk run first to create EFI and HPUX partitions
# mkboot options: -l for LVM, -e for EFI, boot files copied from /usr/lib/efi

print "\nDisplay first and last usable block for partitioning $DISK"
_run_cmd "idisk -b $RDSK"

# Create partition description file for idisk to read to create EFI and HPUX partitions
# Partitions:
# 1) EFI - EFI Partition, 11.23, changed from default 100 MB to 500 MB
# 2) HPUX - LVM Partition
# 3) HPSP - HP Service Partition (Offline diagnostics), 400 MB

print "3" > ia64disk.partition.$DISK
print "EFI 500MB" >> ia64disk.partition.$DISK
print "HPUX 100%" >> ia64disk.partition.$DISK
print "HPSP 400MB" >> ia64disk.partition.$DISK

print "\nCreate EFI and HPUX partitions on $RDSK"
_run_cmd "idisk -wf ia64disk.partition.$DISK $RDSK"

if [[ $RET_VAL -ne 0 ]]; then
exit 1
fi

# Create new device files for the EFI partitions
_run_cmd "insf -e"

if [[ $RET_VAL -ne 0 ]]; then
exit 1
fi

# Use mkboot to format and populate the newly created EFI partition
_run_cmd "mkboot -el ${DSK}"

# Change the AUTO file contents to enable boot with low-quorum enable
# System will start /dev/vg00 if either physical volume fails
printf "boot vmunix -lq\n" > auto.${DISK}

if [[ ! -f auto.$DISK ]]; then
print "Cannot find auto.$DISK file"
exit 1
fi

# Use correct dsf to EFI partition according to the OS release.
_run_cmd "efi_cp -d ${RDSK}${SUBFIX}1 auto.${DISK} /efi/hpux/auto"

if [[ $RET_VAL -ne 0 ]]; then
exit 1
fi

# Verify EFI partition info on $DISK
print "\nDisplay new EFI partition info written to $RDSK."
_run_cmd "idisk ${RDSK}"

# Itanium ia64 models require the right EFI partition number specified
# Use correct dsf to EFI partition according to the OS release.
_run_cmd "pvcreate -B ${RDSK}${SUBFIX}2"

if [[ $RET_VAL -ne 0 ]]; then
print "\nAbove pvcreate command failed: try to pvremove before pvcreate:"

_run_cmd "pvremove ${RDSK}${SUBFIX}2"

if [[ $RET_VAL -ne 0 ]]; then
exit 1
fi

_run_cmd "pvcreate -B ${RDSK}${SUBFIX}2"

if [[ $RET_VAL -ne 0 ]]; then
exit 1
fi
fi # End of Itanium section

else

# PA-RISC models require only pvcreate and mkboot without EFI partition numbers
# mkboot options: -l for LVM, boot files copied from /usr/lib/uxbootlf
# Correct Agile View / Legacy dsf is already configure on $DSK & $RDSK
_run_cmd "pvcreate -B ${RDSK}"

if [[ $RET_VAL -ne 0 ]]; then
print "\nAbove pvcreate command failed: try to pvremove before pvcreate:"

_run_cmd "pvremove ${RDSK}"

if [[ $RET_VAL -ne 0 ]]; then
exit 1
fi

_run_cmd "pvcreate -B $RDSK"

if [[ $RET_VAL -ne 0 ]]; then
exit 1
fi
fi

# Change the AUTO file contents to enable boot with low-quorum
# System will boot from other disk if either disk fails
# Automatically install LIF and AUTO boot string
print "\nInstallating LIF area and setting AUTO boot flag\n"
print "\"mkboot -l $DSK\""
print "\"mkboot -a \"hpux -lq (;0)/stand/vmunix\" $DSK\""

print -n "\nExecute above commands [y/n]? "
read RUN_CMD

if [[ $RUN_CMD = y || $RUN_CMD = Y ]]; then
mkboot -l $DSK

if [[ $? -ne 0 ]]; then
exit 1
fi

mkboot -a "hpux -lq (;0)/stand/vmunix" $DSK

if [[ $? -ne 0 ]]; then
exit 1
fi
fi
fi

if [[ $ITANIUM = true ]]; then
if [[ $ADD_TO_VG = y || $ADD_TO_VG = Y ]]; then
_run_cmd "vgextend /dev/vg00 ${DSK}${SUBFIX}2"

if [[ $RET_VAL -ne 0 ]]; then
exit 1
fi
fi

else # End of Itanium section

# Add disk $DSK to vg00 if it is not already
if [[ $ADD_TO_VG = y || $ADD_TO_VG = Y ]]; then
_run_cmd "vgextend /dev/vg00 ${DSK}"

if [[ $RET_VAL -ne 0 ]]; then
exit 1
fi
fi
fi

print "\nMirroring all lvols in vg00 now..."
print -n "Enter the number of mirror copies for lvextend command: "
read MIRROR_NUM

if [[ $MIRROR_NUM -ne 1 && $MIRROR_NUM -ne 2 ]]
then
print "ERROR: number of mirror copies $MIRROR_NUM must be either 1 or 2, exiting."
exit 1
fi

for LV in $(vgdisplay -v vg00 | awk '/LV Name/ {print $3}')
do
if [[ $ITANIUM = true ]]; then
print "\nMirroring lvol $LV on ${DSK}${SUBFIX}2..."
lvextend -m $MIRROR_NUM $LV ${DSK}${SUBFIX}2
else
print "\nMirroring lvol ${LV} on ${DSK}..."
lvextend -m $MIRROR_NUM ${LV} ${DSK}
fi

print "\nCompleted mirroring lvol ${LV} on ${DISK}"
done

# Set BDRA Boot definitions
ROOTLV=$(strings /etc/mnttab | awk '$2=="/" {print $1}')
SWAPLV=$(swapinfo | fgrep dev | awk '/dev/ {print $9}')
BOOTLV=$(strings /etc/mnttab | awk '$2=="/stand" {print $1}')

#lvlnboot -r /dev/vg00/lvol3
lvlnboot -r ${ROOTLV}
#lvlnboot -s /dev/vg00/lvol2
lvlnboot -s ${SWAPLV}
#lvlnboot -d /dev/vg00/lvol2
lvlnboot -d ${SWAPLV}
#lvlnboot -b /dev/vg00/lvol1
lvlnboot -b ${BOOTLV}
lvlnboot -R /dev/vg00
lvlnboot -v /dev/vg00

print "Boot Definitions for Volume Group /dev/vg00:"
lvlnboot -v
print

print "\nRecommend setting $DISK as Alternate boot disk \"setboot -a \"."
print "\nRecommend setting $DISK as High Availability disk \"setboot -h \""
print "\nif supported on your platform.\n"
print "Current setboot definitions:\n"
setboot

print "\nRecommend setting AUTO boot flags to add the \"-l q\" option on your primary disk"
print "\nThe script only set the low-quorum option on the alternate boot."

# If the mirror disk includes an HPSP partition, use the efi_fsinit
# command on the character device file for the HPSP (third) partition
# to initialize it with an EFI file system.

if [[ $ITANIUM = true ]]; then
_run_cmd "efi_fsinit -d ${RDSK}${SUBFIX}3"
fi

print "\nMirrored lvols in vg00 is now completed:\n"
for LV in $(vgdisplay -v vg00 | awk '/LV Name/ {print $3}')
do
print "$LV: $(lvdisplay -v $LV | fgrep Mirror)"
done

print "\nEnd of script $SCRIPT."

# EOF mk_mirror.sh

Troubleshooting

HP 9000

Use the following procedure to verify the current state of boot data your primary and alternate boot disks.
1. Check that alternate boot path correspond to alternate boot disk

# ioscan -fnkC disk
# setboot

2. Check LVM boot pointers.

# lvlnboot -v

3. Check that LIF area exits and is populated on the alternate boot disk. Replace c#t#d# with the "dsf" of your alternave boot disk.

# lifls /dev/dsk/c#t#d#

4. Check the AUTO boot flag.

# lifcp /dev/dsk/c#t#d#:AUTO -

5. Check that /stand/bootconf contains both boot disks.

# cat /stand/bootconf

Integrity

Monitor volume group syncronization

If you need to monitor the advance of the volume group sincronization, you can use this script to quickly monitor extends that are still "stale". Running this command should give a lower value each iteration until it reachs zero.

while true
do
for lv in $(vgdisplay -v  | grep "LV Name" | awk '{print $3}')
do
lvdisplay -v $lv
done | grep -i stale | wc -l
sleep 10
done

Example:

# while true
> do
> for lv in $(vgdisplay -v vg00 | grep "LV Name" | awk '{print $3}')
> do
> lvdisplay -v $lv
> done | grep -i stale | wc -ldone | grep -i stale | wc -l
> sleep 10
> done
5
0

Reference

• Managing Mirrored File Systems
• Dynamic Root Disk and MirrorDisk/UX
• HP-UX 11i v3 Persistent DSF Migration Guide
• LVM Migration from Legacy to Agile Naming Model HP-UX 11i v3
• The Next Generation Mass Storage Stack
• HP-UX 11i Version 3: HP-UX System Administrator's Guide: Logical Volume Management HP 9000 and HP Integrity Systems (page 155)
• Mirroring a Boot Disk with LVM on HP-UX 11i for HP Integrity Servers (HP-UX 11.23)

How to Setup and Configure an OpenVPN Server on CentOS 6

One of the commonly asked questions from our users is how to add another IP address to their server. You can assign your own private IP address to your droplet by creating a VPN tunnel. Whether you want to build your own Virtual Private Network (VPN), or assign an SSL certificate to that IP address, you have several options. From all of the possible options, the most optimal ones are between PPTP and OpenVPN. A Point-To-Point Tunneling Protocol (PPTP) allows you to implement your own VPN very quickly, and is compatible with most mobile devices. Even though PPTP is less secure than OpenVPN, it is also faster and uses less CPU resources.

Step 1 - PPTP Installation

You will have to select one server to be responsible for handling out IPs to others and authenticating all of your servers into your VPN. This will become your PPTP Server.
On CentOS 6 x64:

rpm -i http://poptop.sourceforge.net/yum/stable/rhel6/pptp-release-current.noarch.rpm
yum -y install pptpd

On Ubuntu 12.10 x64:

apt-get install pptpd

Now you should edit /etc/pptpd.conf and add the following lines:

localip 10.0.0.1
remoteip 10.0.0.100-200

Where localip is IP address of your server and remoteip are IPs that will be assigned to clients that connect to it.
Next, you should setup authentication for PPTP by adding users and passwords. Simply add them to /etc/ppp/chap-secrets : Where client is the username, server is type of service – pptpd for our example, secret is the password, and IP addresses specifies which IP address may authenticate. By setting ‘*’ in IP addresses field, you specify that you would accept username/password pair for any IP.

Step 2 - Add DNS servers to /etc/ppp/pptpd-options

ms-dns 8.8.8.8
ms-dns 8.8.4.4

Now you can start PPTP daemon:

service pptpd restart

Verify that it is running and accepting connections:

Step 3 - Setup Forwarding

It is important to enable IP forwarding on your PPTP server. This will allow you to forward packets between public IP and private IPs that you setup with PPTP. Simply edit /etc/sysctl.conf and add the following line if it doesn’t exist there already:

net.ipv4.ip_forward = 1

To make changes active, run sysctl -p

Step 4 - Create a NAT rule for iptables

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE && iptables-save

If you would also like your PPTP clients to talk to each other, add the following iptables rules:

iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables -I INPUT -s 10.0.0.0/8 -i ppp0 -j ACCEPT
iptables --append FORWARD --in-interface eth0 -j ACCEPT

Now your PPTP server also acts as a router.
If you would like to restrict which servers can connect to your droplets, you can setup an iptables rule that restricts TCP connects to port 1723.

Zimbra reports “ Error: Queue report unavailable – mail system is down ”

During update from one version to another or sometimes when you reboot Zimbra you can get following error:  "Error: Queue report unavailable - mail system is down".

We can find that it does not starts correctly the service postfix MTA. But the system shows that everything is working properly:

zcs @ zimbra: ~ $ zmcontrol status
Host zcs.ilba.cat
        antispam                Running
        antivirus               Running
        convertd                Running
        ldap                    Running
        LOGGER Running
        mailbox                 Running
        mta                     Running
        opendkim                Running
        proxy                   Running
        snmp                    Running
        spell                   Running
        stats                   Running
        zmconfigd               Running

We reviewed logs and services and we see that the MTA is down:

zimbra@zcs:~$ tail -f /var/log/mail.log
Jan 22 11:08:00 zcs postfix/postqueue[19195]: fatal: Queue report unavailable - mail system is down

zimbra @ zcs: ~ $ netstat -nlpt | grep 25
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:7025            0.0.0.0:*               LISTEN      -

We proceed to restart the service postfix hand, indicates that it has raised correctly, but does not work:

Zimbra ZCS @: ~ $ / opt / Zimbra / bin / zmmtactl stop
/postfix-script: fatal: the Postfix mail system is not running
Stopping saslauthd...done.

Zimbra ZCS @: ~ $ / opt / Zimbra / bin / zmmtactl start
Rewriting configuration files...done.
Starting saslauthd...done.

zimbra @ zcs: ~ $ netstat -nlpt | grep 25
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:7025            0.0.0.0:*               LISTEN      -

The problem is that there is master.pid file, which tells the postfix that is raised, but it really is not raised. We looked:

root@zcs:~# locate master.pid
/opt/zimbra/data/postfix/spool/pid/master.pid

And delete it or rename it and then restart the MTA:

zcs root @: ~ # mv /opt/zimbra/data/postfix/spool/pid/master.pid /opt/zimbra/data/postfix/spool/pid/master.pid.ori

root@zcs:~# su - zimbra

Zimbra ZCS @: ~ $ / opt / Zimbra / bin / zmmtactl start
Rewriting configuration files...done.
Starting saslauthd...already running.
/postfix-script: starting the Postfix mail system

Rename a Linux MD Device

Often it may be necessary to change the name of an MD device in Linux. For example, say you are migrating from one RAID array to another. At one point you may have both arrays active, the old and the new. In the end you may wish to remove the old array and just have the new, but reuse the name as the old array.
In this example, md3 is the old array and md4 was created to be the new array. We’ve moved the data over to md4 already and now we want to rename md4 to be md3 from this point forward.
First, remove md3 completely (after dismounting the filesystem):

1 2	mdadm --stop /dev/md3 mdadm --remove /dev/md3

Next, dismount the new array (md4) and reassemble as md3:

3 4	mdadm --stop /dev/md4 mdadm --assemble /dev/md3 /dev/sd[abcdefghijk]1 --update=name

The magic here is “–update=name” which tells mdadm to update the superblocks which previously contained the name md4 with the new name you have specified.

Backup /etc/mdadm.conf and then update it with new info: 
mdadm --examine --scan > /etc/mdadm.conf

Check detailed status of raid:
mdadm --detail /dev/md3

Update /etc/fstab to point to correct disk and mount point

Another good example can be found on: http://www.cyberciti.biz/faq/linux-server-rename-an-mdadm-raid-array/

Mikrotik - Bruteforce login prevention

To stop SSH/FTP attacks on your router, follow this advice. This configuration allows only 10 FTP login incorrect answers per minute
in /ip firewall filter

add chain=input protocol=tcp dst-port=21 src-address-list=ftp_blacklist action=drop \
comment="drop ftp brute forcers"

add chain=output action=accept protocol=tcp content="530 Login incorrect" dst-limit=1/1m,9,dst-address/1m

add chain=output action=add-dst-to-address-list protocol=tcp content="530 Login incorrect" \
address-list=ftp_blacklist address-list-timeout=3h

This will prevent a SSH brute forcer to be banned for 10 days after repetitive attempts. Change the timeouts as necessary.

in /ip firewall filter

add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop \
comment="drop ssh brute forcers" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \
src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist \
address-list-timeout=10d comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new \
src-address-list=ssh_stage2 action=add-src-to-address-list address-list=ssh_stage3 \
address-list-timeout=1m comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage1 \
action=add-src-to-address-list address-list=ssh_stage2 address-list-timeout=1m comment="" disabled=no

add chain=input protocol=tcp dst-port=22 connection-state=new action=add-src-to-address-list \
address-list=ssh_stage1 address-list-timeout=1m comment="" disabled=no

If you want to block downstream access as well, you need to block the with the forward chain:

add chain=forward protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop \
comment="drop ssh brute downstream" disabled=no

To view the contents of your Blacklist, go to "/ip firewall address-list" and type "print" to see the contents.

Server 2008 R2 Enable the "Snipping Tool"

KB ID 0000383 Dtd 26/01/11

Problem

The Windows Snipping Tool is not in the default build of Server 2008 R2, it's part of the "Desktop Experience" feature.

In addition to SnippingTool.exe, this feature also enables, Windows Media Player, Desktop themes, Video for Windows (AVI support), Windows SideShow, Windows Defender, Disk Cleanup, Sync Center,Sound Recorder, Character Map, and the Windows Disc Image Burner.

Solution

Warning before you do this, when completed the server will reboot a few times as it configures the features, and pulls down updates. Plan in some downtime to carry out this procedure.
1. On the server > Open server Manager (ServerManager.msc) > Expand Feature > Add Features > Locate the Desktop Experience and select it.

2. When finished it will ask for a reboot, then reboot (quite a lot - I was worried it was in a reboot loop at one point).
3. When it comes back there's your snipping tool.

How to Clone/Backup Linux Systems Using – Mondo Rescue Disaster Recovery Tool

Here is very good HOW-TO regarding backup of Linux System. I am puting here just in case it is lost on original site http://www.tecmint.com/how-to-clone-linux-systems/ 

Mondo Rescue is an open source, free disaster recovery and backup utility that allows you to easily create complete system (Linux or Windows) Clone/Backup ISO Images to CD, DVD, Tape, USB devices, Hard Disk, and NFS. And can be used to quickly restore or redeploy working image into other systems, in the event of data loss, you will be able to restore as much as entire system data from backup media.
Mondo program is available freely for download and released under GPL (GNU Public License) and has been tested on a large number of Linux distributions.
This article describes Mondo installation and usage of Mondo Tools to backup of your entire systems. The Mondo Rescue is a Disaster Recovery and Backup Solutions for System Administrators to take full backup of their Linux and Windows file system partitions into CD/DVD, Tape, NFS and restore them with the help of Mondo Restore media feature that uses at boot-time.

Installing MondoRescue on RHEL / CentOS / Scientific Linux

The latest Mondo Rescue packages (current version of Mondo is 3.0.3-1) can be obtained from the “MondoRescue Repository“. Use “wget” command to download and add repository under your system. The Mondo repository will install suitable binary software packages such as afio, buffer, mindi, mindi-busybox, mondo and mondo-doc for your distribution, if they are available.

For RHEL/CentOS/SL 6,5,4 – 32-Bit

Download the MondoRescue repository under “/etc/yum.repos.d/” as file name “mondorescue.repo“. Please download correct repository for your Linux OS distribution version.

# cd /etc/yum.repos.d/

## On RHEL/CentOS/SL 6 - 32-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/6/i386/mondorescue.repo

## On RHEL/CentOS/SL 5 - 32-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/5/i386/mondorescue.repo

## On RHEL/CentOS/SL 4 - 32-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/4/i386/mondorescue.repo

For RHEL/CentOS/SL 6,5,4 – 64-Bit

# cd /etc/yum.repos.d/

## On RHEL/CentOS/SL 6 - 64-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/6/x86_64/mondorescue.repo

## On RHEL/CentOS/SL 5 - 64-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/5/x86_64/mondorescue.repo

## On RHEL/CentOS/SL 4 - 64-Bit ##
# wget ftp://ftp.mondorescue.org/rhel/4/x86_64/mondorescue.repo

Once you successfully added repository, do “yum” to install latest Mondo tool.

# yum install mondo

Installing MondoRescue on Debian / Ubuntu / Linux Mint

Debian user’s can do “wget” to grab the MondoRescue repository for Debain 6 and 5 distributions. Run the following command to add “mondorescue.sources.list” to “/etc/apt/sources.list” file to install Mondo packages.

On Debian

## On Debian 6 ##
# wget ftp://ftp.mondorescue.org/debian/6/mondorescue.sources.list
# sh -c "cat mondorescue.sources.list >> /etc/apt/sources.list" 
# apt-get update 
# apt-get install mondo

## On Debian 5 ##
# wget ftp://ftp.mondorescue.org/debian/5/mondorescue.sources.list
# sh -c "cat mondorescue.sources.list >> /etc/apt/sources.list" 
# apt-get update 
# apt-get install mondo

On Ubuntu/Linux Mint

To install Mondo Rescue in Ubuntu 12.10, 12.04, 11.10, 11.04, 10.10 and 10.04 or Linux Mint 13, open the terminal and add the MondoRescue repository in “/etc/apt/sources.list” file. Run these following commands to install Mondo Resuce packages.

# wget ftp://ftp.mondorescue.org/ubuntu/`lsb_release -r|awk '{print $2}'`/mondorescue.sources.list
# sh -c "cat mondorescue.sources.list >> /etc/apt/sources.list" 
# apt-get update 
# apt-get install mondo

Creating Cloning or Backup ISO Image of System/Server

After installing Mondo, Run “mondoarchive” command as “root” user. Then follow screenshots that shows how to create an ISO based backup media of your full system.

# mondoarchive

Welcome to Mondo Rescue

Mondo Rescue Welcome Screen

Please enter the full path name to the directory for your ISO Images. For example: /mnt/backup/

Mondo Rescue Storage Directory

Select Type of compression. For example: bzip, gzip or lzo.

Select Type of Compression

Select the maximum compression option.

Select Compression Speed

Please enter how large you want each ISO image in MB (Megabytes). This should be less than or equal to the size of the CD-R(W)’s (i.e. 700) and for DVD’s (i.e. 4480).

Define Mondo Rescue ISO Size

Please give a name of your ISO image filename. For example: tecmint1 to obtain tecmint-[1-9]*.iso files.

Enter Name of Mondo Rescue

Please add the filesystems to backup (separated by “|“). The default filesystem is “/” means full backup.

Enter Backup Paths

Please exclude the filesystem that you don’t want to backup (separated by “|“). For example: “/tmp” and “/proc” are always excluded or if you want full backup of your system, just hit enter.

Enter Exclude File System

Please enter your temporary directory path or select default one.

Enter Temporary Directory Name

Please enter your scratch directory path or select default one.

Enter Scratch Directory Name

If you would like to backup extended attributes. Just hit “enter“.

Enter Extended Backup Attributes

If you want to Verify your backup, after mondo has created them. Click “Yes“.

Verify Backups

If you’re using stable standalone Linux Kernel, click “Yes” or if you using other Kernel say “Gentoo” or “Debain” hit “No“.

Select Stable Linux Kernel

Click “Yes” to proceed further.

Proceed Cloning Process

Creating a catalog of “/” filesystem.

Creating Catalog for File System

Dividing filelist into sets.

Dividing File List

Calling MINDI to create boot+data disk.

Creating Boot Data Disk

Backing up filesytem. It may take a couple of hours, please be patient.

Backing up File System

Backing up big files.

Big Files Backup

Running “mkisofs” to make ISO Image.

Making ISO Image

Verifying ISO Image tarballs.

Verify ISO

Verifying ISO Image Big files.

Verify Big Files

Finally, Mondo Archive has completed. Please hit “Enter” to back to the shell prompt.

Backup Completed

If you’ve selected default backup path, you will see an ISO image under “/var/cache/mondo/“, that you can burnt into a CD/DVD for later restore.
To restore all files automatically, boot the system with Mondo ISO Image and at boot prompt type “nuke” to restore files. Here is the detailed video that demonstrates how to restore files automatically from CD/DVD media.

For other distributions, you can also grab Mondo Rescue packages at mondorescue.org download page.

Installing Pure-FTPd on Centos and creating virtual users

FTP virtual user is a user that can upload file on behalf of system user. For example you have a OS user “pradono” and the home directory is /home/pradono, a virtual user “test1″ that is setup on behalf of “pradono”, can upload file to /home/pradono/test1 and the file uploaded will have the ownership as “pradono”.

1. Installing Pure-FTPd using yum

Let’s start by adding an additional CentOS repo

[root@prod1 ~]# cd /etc/yum.repos.d/ [root@prod1 /etc/yum.repos.d]# wget http://centos.karan.org/kbsingh-CentOS-Extras.repo

And enable kbs-CentOS-Testing by editing /etc/yum.repos.d/kbsingh-CentOS-Extras.repo

[root@prod1 /etc/yum.repos.d]# nano -w kbsingh-CentOS-Extras.repo

Change enabled=0 to enabled=1

[...] [kbs-CentOS-Testing] name=CentOS.Karan.Org-EL$releasever - Testing gpgcheck=0 gpgkey=http://centos.karan.org/RPM-GPG-KEY-karan.org.txt enabled=1 baseurl=http://centos.karan.org/el$releasever/extras/testing/$basearch/RPMS/

Import the repo key

[root@prod1 /etc/yum.repos.d]# rpm --import http://centos.karan.org/RPM-GPG-KEY-karan.org.txt

Install pure-ftpd.

[root@prod1 /etc/yum.repos.d]# yum -y install pure-ftpd

2. Edit the Pure-FTPd config file

[root@prod1 /etc/yum.repos.d]# cd /etc/pure-ftpd/ [root@prod1 /etc/pure-ftpd]# nano -w pure-ftpd.conf

Make sure you have these options enabled

[...] # If you want simple Unix (/etc/passwd) authentication, uncomment this UnixAuthentication yes # If you want to log all client commands, set this to "yes". # This directive can be duplicated to also log server responses. VerboseLog yes # PureDB user database (see README.Virtual-Users) PureDB /etc/pure-ftpd/pureftpd.pdb # Automatically create home directories if they are missing CreateHomeDir yes

The CreateHomeDir option makes adding virtual users more easy by creating a user’s home directory upon login (if it doesn’t already exist).

3. Import OS users to Pure-FTPd FTP Users (Optional)

We can either import users with system-level accounts (defined in /etc/passwd) at once or create new users manually using pure-pw useradd. To import users that already exist on your system into the virtual user database, enter these commands:
The name has to be pureftpd.passwd. This creates pureftpd.passwd file.
pure-pw mkdb imports pureftpd.passwd to the puredb file, in this example /etc/pure-ftpd/pureftpd.pdb.

[root@prod1 /etc/pure-ftpd]# pure-pwconvert >> pureftpd.passwd [root@prod1 /etc/pure-ftpd]# pure-pw mkdb

Update: Just use UnixAuthentication yes in your pure-ftpd.conf file and you don’t need step 3 above.

4. Add a virtual user.

This adds a virtual user “test” to pureftpd.pass file

[root@prod1 /etc/pure-ftpd]# pure-pw useradd test -u doniking -g doniking -d /home/doniking/test Password:

Again, this imports the updated pureftpd.passwd file into a puredb file.

[root@prod1 /etc/pure-ftpd]# pure-pw mkdb

5. Testing.

We haven’t restarted pure-ftpd service yet until now. Let’s restart it.

[root@prod1 /etc/pure-ftpd]# service pure-ftpd restart Stopping pure-ftpd: [ OK ] Starting pure-ftpd: [ OK ]

Test the user

[root@prod1 /etc/pure-ftpd]# ftp localhost Connected to doniking.lan. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 2 of 50 allowed. 220-Local time is now 00:47. Server port: 21. 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. 500 This security scheme is not implemented 500 This security scheme is not implemented KERBEROS_V4 rejected as an authentication type Name (localhost:root): test 331 User test OK. Password required Password: 230-User test has group access to: 500 230 OK. Current directory is / Remote system type is UNIX. Using binary mode to transfer files. ftp>

6. Notes.

- Every time you add a virtual user, run

[root@prod1 /etc/pure-ftpd]# pure-pw mkdb

to import pureftpd.passwd to pureftpd.pdb.
- If you want to enable the OS users to ftp, you don’t need to use pure-pwconvert command as others suggest. Simply enable

UnixAuthentication yes

in your /etc/pure-ftpd/pure-ftpd.conf config file.

How to add Two Gateway on same Linux machine

Q:I have one test server that has Two Interfaces. To one interface i have assigned ip 172.16.122.1 and GW 172.16.xxx.xxx
Now i connected cable to second interface and gave it ip 10.2.2.98.
Now they both on different subnets.
So how do I add the second gateway in /etc/sysconfig/network file. And when i will try to ping then through which interface will it ping the remote system.

A:Technically you can have multiple default gateways but that is the realm of core internet servers, network load balancers, and so on for the most part.

Much more common is a requirement for multiple routes, each with its own router.
Example: You have a computer sitting between two networks, like this: 192.168.1.5/24 and 192.168.2.5/24
You use 192.168.1.1 as Default Gateway - that is the default route for anything not locally attached. Locally attached is explicitly defined as anything which is in any of the subnets on which you have an interface in the UP/RUNNING state and for which there is no explicit static route defined.
In this configuration you already have three routes: A route for everything locally on 192.16.8.1.0/24, with the gateway being your own IP address on that subnet. You have a similar route for the systems on 192.168.2.0/24... And finally you have a default route, that being for "0.0.0.0" pointing to the default gateway. (There are also some other "psuedo" routes on some operating systems, eg for accessing the loopback device, or for broadcast traffic)
Now say there is a router at 192.168.2.2 which provides access to a number of networks. Usually these are "internal" networks. You can now add "static routes" to these networks. Example for a network with subnet 192.168.5.0/24
Linux Example:

route add -net 192.168.5.0 netmask 255.255.255.0 gw 192.168.2.2

You can add multiple "static" routes through one router, or routes can use as many routers/gateways as needed.
You can view the table of known routes with the command

netstat -rn

The Linux specific command will show the same information in a slightly different format.

ip route show

The router(s) specified must "know" how to reach the target network, otherwise it will go to its own default gateway and forward your packets that way.
To make this configuration changes persistent you need to add it to the system configuration files. Static routes are relevant to one specific interface so they do not go into /etc/sysconfig/network. In stead these go into files located in /etc/sysconfig/network-scripts/

For example: /etc/sysconfig/network-scripts/route-eth0
You add "via" entries into this file for routes. These lines read like "Access network X via gateway Y on Network interface device Z.
Example

default 192.168.1.1 dev eth0
192.168.5.0/24 via 192.168.2.2 dev eth0
192.168.6.0/24 via 192.168.2.2 dev eth0

And so on.

How To Backup ESXi Configuration – The Missing Piece

“How do I Backup my ESXi USB Key?” Other than ripping the USB key out of a production machine… how was the user to do this? Well, vMA and the vCLI provide a method for this:

Backing up your ESXi Configuration:

To backup your ESXi configuration you’ll be using the vicfg-cfgbackup.pl command as follows:

• Download either the vMA or vCLI
• Launch vicfg-cfgbackup.pl:
  C:\Program Files\VMware\VMware vSphere CLI\bin>vicfg-cfgbackup.pl –save –server 192.168.15.253 –username root –password password backup.bak
• Note: The backup will be stored relative to your user “AppData” path:
  C:\Users\Username\AppData\Local\VirtualStore\

Restoring your ESXi Configuration:

Restoring your ESXi config can be done after you have the host up and responding over the network again by using the following:
C:\Program Files\VMware\VMware vSphere CLI\bin>vicfg-cfgbackup.pl –load –server 192.168.15.253 –username root –password password backup.bak
Note: You will be asked to reboot the host on restore.
Backing  up multiple hosts! – There is a script to backup multiple ESXi hosts on the VMware communities site here. Also in PowerCLI here!