Kickstart

Menu config file example

/tftpboot/pxelinux.cfg/default

default vesamenu.c32
Menu Background sm_bk.png
Menu Title Boot Menu

label install
   menu label ^Ubuntu-10.04
   kernel ubuntu-installer10/amd64/linux
   append vga=normal initrd=ubuntu-installer10/amd64/initrd.gz ks=http://10.10.4.58/ks10.cfg

label install
   menu label ^Ubuntu-12.04
   menu default
   kernel ubuntu-installer/amd64/linux
   append vga=normal initrd=ubuntu-installer/amd64/initrd.gz ks=http://10.10.4.58/ks12.cfg

LABEL Centos-5.8
    MENU LABEL ^Centos-5.8
    KERNEL centos58/vmlinuz
    APPEND initrd=centos58/initrd.img ramdisk_size=100000 ip=dhcp ksdevice=bootif ks=http://10.10.23.201/ks/ks.cfg
    IPAPPEND 2

LABEL Centos-6
    MENU LABEL ^Centos-6
    KERNEL centos6/vmlinuz
    APPEND initrd=centos6/initrd.img ip=dhcp ksdevice=bootif ks=http://10.10.23.201/ks/ks_co6.cfg

LABEL Centos-6-p1
    MENU LABEL ^Centos-6 p1p1
    KERNEL centos6/vmlinuz
    APPEND initrd=centos6/initrd.img ip=dhcp ksdevice=bootif ks=http://10.10.23.201/ks/ks_co6p1.cfg

LABEL Centos-6-em1
    MENU LABEL ^Centos-6 em1
    KERNEL centos6/vmlinuz
    APPEND initrd=centos6/initrd.img ip=dhcp ksdevice=bootif ks=http://10.10.23.201/ks/ks_co6em1.cfg

label expert
   menu label ^Expert install
   kernel ubuntu-installer/amd64/linux
   append priority=low vga=normal initrd=ubuntu-installer/amd64/initrd.gz --

label cli-expert
   menu label Command-^line expert install
   kernel ubuntu-installer/amd64/linux
   append tasks=standard pkgsel/language-pack-patterns= pkgsel/install-language-support=false priority=low vga=normal initrd=ubuntu-installer/amd64/initrd.gz --

label rescue
   menu label ^Rescue mode
   kernel ubuntu-installer/amd64/linux
   append vga=normal initrd=ubuntu-installer/amd64/initrd.gz rescue/enable=true -- quiet

label Local_drive
   localboot 0
   menu label ^Local Drive

prompt 0
timeout 60

Kickstart config file example:

/srv/kickstart/cs6ks.cfg

#platform=x86, AMD64, or Intel EM64T
install
key --skip
lang en_US.UTF-8
# Forces the cmdline installer to be used (debugging)
#cmdline
# System authorization information
auth  --useshadow  --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
#ignoredisk --only-use=sda,sdc,sdd
# Use text mode install
text
# Firewall configuration
firewall --disabled
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
#lang en_US
# Installation logging level
logging --level=info
# Use network installation
url --url=http://10.10.23.201/centos/6/os/x86_64/
# Network information
network --bootproto=dhcp --device=eth0 --onboot=on
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $1...1

# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone  America/Los_Angeles
# Install OS instead of upgrade
install
# Disk partitioning information
part /boot --bytes-per-inode=4096 --fstype="ext3" --ondisk=sda --size=500

# Web servers use 8G of swap
#part swap --bytes-per-inode=4096 --fstype="swap" --ondisk=sda --size=8000
# Changing swap for testing
part swap --bytes-per-inode=4096 --fstype="swap" --ondisk=sda --size=1000
# The rest goes to root
part / --bytes-per-inode=4096 --fstype="ext3" --grow --ondisk=sda --size=1

# Use WF Repo
repo --name=sm_base --baseurl=http://10.10.23.201/centos/6/os/x86_64/
repo --name=sm_updates --baseurl=http://10.10.23.201/centos/6/updates/x86_64/

%packages
@core
ntp
openssh-clients
openssh-server
strace
oprofile
screen
sysstat
lynx
-bluez-gnome
-bluez-libs
-bluez-utils
-ccid
-coolkey
-conman
-cups
-dosfstools
-ifd-egate
-irda-utils
-NetworkManager
-oddjob
-oddjob-libs
-pcsc-lite
-pcsc-lite-libs
-ppp
-redhat-lsb
-rp-pppoe
-stunnel
-wpa_supplicant
-ypbind
-yp-tool

%post --log=/root/my-post-log
# Remove all i386/i686 packages, we only want x86_64 packages.
rpm -e $(rpm -qa --queryformat='%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\n' | grep '\.i[3456]86$')

# XFS support
yum -y install kmod-xfs xfs*

# Disable services typically not needed.
for service in iptables ip6tables rpcgssd rpcidmapd iscsi iscsid ; do
        echo "Disabling some unneeded services."
        chkconfig $service off
        echo "Services disabled."
done

echo "exclude=kernel* *.i?86" >> /etc/yum.conf
rm -rf /etc/yum.repos.d/*
wget http://vmks.corp.example.com/sm6.repo
mv sm6.repo /etc/yum.repos.d/sm.repo
ntpdate -u ntp1
ntpdate -u ntp1
ntpdate -u ntp1
/etc/init.d/ntpd start
chkconfig ntpd on

# Converting from DHCP to static IPs
KSDEVICE=`LANG=C /sbin/route -n | awk '/^0.0.0.0/ { print $8 }'`
IP=`LANG=C /sbin/ifconfig $KSDEVICE | /bin/awk '/inet/ && !/inet6/{sub(/addr:/, ""); print $2}'`
HOSTNAME=`LANG=C /usr/bin/host $IP | /bin/awk '{sub(/\.$/, ""); print $5}' |cut -d"." -f1`
NETMASK=`LANG=C /sbin/ifconfig $KSDEVICE | /bin/awk '/inet/ && !/inet6/ {sub(/Mask:/, ""); print $4}'`
NETWORK=`LANG=C /bin/ipcalc $IP -n $NETMASK | /bin/cut -d\= -f2`
GATEWAY=`LANG=C echo $NETWORK | awk -F'.' '{print $1"."$2"."$3"."$4+1}'`
HWADDR=`LANG=C /sbin/ifconfig $KSDEVICE | /bin/awk '/HWaddr/ { print $5 }'`

cat << EOF > /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=$HOSTNAME
GATEWAY=$GATEWAY
EOF

cat << EOF > /etc/sysconfig/network-scripts/ifcfg-$KSDEVICE
DEVICE=$KSDEVICE
BOOTPROTO=static
IPADDR=$IP
NETMASK=$NETMASK
ONBOOT=yes
HWADDR=$HWADDR
EOF

# chef-client

if [ ! -e /etc/chef ]; then
        mkdir /etc/chef
fi

cat > /etc/chef/client.rb << EOCLRB
log_level        :info
log_location     STDOUT
chef_server_url  "http://chefserver:4000"
validation_client_name "chef-validator"
# Using default node name (fqdn)
EOCLRB
chmod 600 /etc/chef/client.rb

cat > /etc/chef/validation.pem << EOVALPEM
-----BEGIN RSA PRIVATE KEY-----
MIIE...Wg==

-----END RSA PRIVATE KEY-----
EOVALPEM
chmod 600 /etc/chef/validation.pem

# Install Chef packages
yum -y install rubygem-chef
chkconfig chef-client on
yum -y update

Apache Active Directory authentication

If your Linux server is setup with AD authentiction you can add Apache AD auth as well.

AD LDAP authentication

Install OpenLDAP packages:

yum -y install openldap-clients openldap-devel

Comment everything from /etc/openldap/ldap.conf except the following line:

TLS_REQCERT never

Make sure that you can run a simple LDAP query against domaincontroller.yourdomain.com

ldapsearch -x -LLL -D 'Igor Grinkin' -H ldaps://domaincontroller.yourdomain.com -W -b "CN=Domain Admins,CN=Users,DC=corp,DC=yourdomain,DC=com" -L cn=*

Modify vhost.

<Directory "/usr/share/icinga/">
   Options None
   AllowOverride All
   Order allow,deny
   Allow from all
   AuthName "Please enter your Corp AD credentials"
   AuthType Basic
   AuthLDAPURL "ldap://domaincontroller.yourdomain.com:389/OU=YourDomain,DC=corp,DC=domaincontroller,DC=com?samAccountName?sub?(objectCategory=person)"
   AuthLDAPBindDN "cn=joinaccount,CN=Users,DC=corp,DC=yourdomain,DC=com"
   AuthLDAPBindPassword "joinaccount password"
   AuthBasicProvider ldap
   AuthzLDAPAuthoritative off
   Require valid-user
</Directory>

Chef OS versions fork

On CentOS-5.8 the service is portmap. In CentOS-6.4 it got obsolete and replaced by rpcbind.  Here is the case statement for Chef.

# Start portmap or rpcbind
service "port" do
  case node["platform_version"]
    when "5.8"
      service_name "portmap"
    when "6.4"
      service_name "rpcbind"
  end
  action [ :start, :enable ]
end

Convert MS Word document to HTML

Convert a long Word doc with simple formatting to html.

1.  Save the doc as Web page, filtered with html extenstion

Some special characters will not look right, like ' and "

2.  Substitute those with vi editor

:1,$s/\%x92/'/g
:1,$s/\%x93/"/g
To insert Copyright Symbol  , insert
&copy;

Linux sed example - find a replace string in /etc/fstab.  Changing "sdb1" to "VolGroup00/local"

for i in `cat lists/dblist`; do ssh -t $i "sudo sed -i 's/sdb1/VolGroup00\/local/' /etc/fstab"; done

Linux parted from command line.  Remove partition number 1 on sdb.

parted -s /dev/sdb -- rm 1

MySQL cheatsheet

Login to the database called "testdb" as "root" with "coolpass" password:
# mysql -u root -pcoolpass testdb

Let's give user "testuser" all privileges with password "coolpass"
mysql> GRANT ALL ON *.* to testuser@'localhost' IDENTIFIED BY 'coolpass';
mysql> FLUSH PRIVILEGES;

Show me all the recent users:
mysql> select * from appusers order by UserId desc limit 2;

Show me all messages that were sent today:
mysql> select * from messagecenter where DateTime like '2013-08-16%' order by DateTime desc;

My SQL logging.  Let's see what mysql database is doing.
mysql> show processlist;
The number of rows will give you an idea how busy is the db.

If you want to watch history, you can send output to a log file.
First let's find out where the log is:
mysql> SHOW VARIABLES LIKE "general_log%";
+------------------+------------------------+
| Variable_name    | Value                  |
+------------------+------------------------+
| general_log      | OFF                    |
| general_log_file | /var/lib/mysql/db2.log |
+------------------+------------------------+
2 rows in set (0.00 sec)

Let's enable logging:
mysql> SET GLOBAL general_log = 'ON';

Let's see what it's doing:
tail -f /var/lib/mysql/db2.log

Turn off loggin:
mysql> SET GLOBAL general_log = 'OFF';

Extending partitions on Linux VMware virtual machines

Extending partitions on Linux VMware virtual machines

 I had to increase the hard drive size on one of the VMs and read this article:

http://www.techrepublic.com/blog/smb-technologist/extending-partitions-on-linux-vmware-virtual-machines/

In the comments people say that you can't do that if you are trying to expand primary root partition.  Not true.  Here is how:

1. Shut down VM and increase the hard drive size
2. If that Option is disabled consolidate your snapshots (delete them except the last one) 
3. Download Linux rescue CD iso
4. Mount iso as CDROM and boot your VM from it.
5. Use gparted utility that comes with Linux rescue CD to resize partition to max size
6. Reboot VM