Archive for the ‘AIX’ Category

wget behind proxy

Friday, March 26th, 2010

One of the ways to get wget to work behind proxy is to create .wgetrc file in the user’s home directory. In it put this:

http_proxy = http://proxy_server_yourdomain.com:8080/

if your proxy is using authentication, add also the following lines to your .wgetrc file

proxy_user=user
proxy_password=password

checking for installed APARS

Monday, October 12th, 2009
instfix -i -k <APAR #>

bash-3.00# instfix -i -k  IY73570
There was no data for IY73570 in the fix database.

bash-3.00# instfix -i -k  IY73723
All filesets for IY73723 were found.

multiple domains in one reverse zone

Monday, October 12th, 2009

This is quick and dirty way to jam all your subnets into one bind zone. This is not recommended way to run DNS, but if you are in a hurry and you want to get DNS working in your organization quickly without spending too much time setting up zones and name servers, you can get them to work easily in one zone. Forward requests are typically not a problem and they resolve fine when multiple subnets are  in the one zone file. Problem is with reverse records and you can get that to work in one zone file if you name your reverse zone file in-addr.arpa. Read more below:

After you create your zones, check zones with named-checkzone and correct any errors. If you get simiar error as: Jan 17 15:07:56 r2d2 named[4499]: mydomain.in-addr.arpa:326: ignoring out-of-zone data (21.161.27.172.in-addr.arpa)
that is because your zone is not considered authoratitive for the PTR records you are trying to put in. To define correct PTR zone, choose one of the following zones (example domain is 192.22.239.x):

zone “139.239.22.195.in-addr.arpa” IN {} (recommended)
zone “239.22.195.in-addr.arpa” IN {}
zone “22.195.in-addr.arpa” IN {}
zone “195.in-addr.arpa” IN {}
zone “in-addr.arpa” IN {}  // this could take almost any number of domains in one zone
zone “arpa” IN {} (discouraged)

Of course multiple PTR zones in one zone is not really recommended and maybe can be used only for internal DNS

correct PTR zone template is:

$TTL 60
in-addr.arpa. IN  SOA c3po.myzone.zone. root.c3po.myzone.zone. (
2007011703      ; serial, todays date + todays serial #
10800           ; refresh, seconds
3600            ; retry, seconds
604800          ; expire, seconds
3600 )          ; Negative caching TTL, seconds

in-addr.arpa.  IN NS  c3po.myzone.zone.
101.111.170.10.in-addr.arpa. IN PTR     c3po.myzone.zone.
15.24.24.10.in-addr.arpa.    IN PTR    net1.myzone.zone.

Forward zone template:

$TTL 60
myzone.zone. IN  SOA c3po.myzone.zone. root.c3po.myzone.zone. (
2007011703      ; serial, todays date + todays serial #
10800           ; refresh, seconds
3600            ; retry, seconds
604800          ; expire, seconds
3600 )          ; negative caching of TTL, seconds

myzone.zone.  IN  NS  c3po.myzone.zone.
localhost            IN  A     127.0.0.1
c3po.visops.zone.                  IN  A     10.170.111.101

net1.myzone.zone.        IN  A    10.24.24.15

localzone template:

0.0.127.in-addr.arpa. IN  SOA c3po.myzone.zone. root.c3po.myzone.zone. (
2007011703      ; serial, todays date + todays serial #
10800           ; refresh, seconds
3600            ; retry, seconds
604800          ; expire, seconds
3600 )          ; negative caching of TTL, seconds

0.0.127.in-addr.arpa.  IN NS  c3po.myzone.zone.

1.0.0.127.in-addr.arpa.  IN PTR localhost.

/etc/named.conf template (for bind 9.2 and later)

options {

directory “/var/named”; // the default

dump-file               ”data/cache_dump.db”;
statistics-file         ”data/named_stats.txt”;
memstatistics-file      “data/named_mem_stats.txt”;

};

logging
{
/*      If you want to enable debugging, eg. using the ‘rndc trace’ command,
*      named will try to write the ‘named.run’ file in the $directory (/var/named).
*      By default, SELinux policy does not allow named to modify the /var/named directory,
*      so put the default debug log file in data/ :
*/
channel default_debug {
file “data/named.run”;
severity  dynamic;
};
};

zone “myzone.zone” in {
type master;
file “db.myzone”;
};

zone “in-addr.arpa” in {
type master;
file “in-addr.arpa”;
};

zone “0.0.127.in-addr.arpa” in {
type master;
file “named.local”;
};

zone “.” in {
type hint;
file “named.ca”;
};

echo redirects with sudo don't work

Monday, October 12th, 2009

if you try something like sudo echo “This is test” >> /some/file_owned_by_root you’ll get : Permission denied” message.

The problem is that the redirect is opening a sub-shell which is owned by the user who intiated echo command and not root.  In this case this user doesn’t have permission to write to /some/file_owned_by_root.

Solution is to run:

sudo sh -c ‘echo “This is test” >> /some/file_owned_by_root’

sh -c will read the commands from the string and basically all the commands will be run as root (with sudo before sh -c)

“man sudo” also explains similar use case:

To make a usage listing of the directories in the /home partition.  Note that this runs the commands in a sub- shell to make the cd and file redirection work.

$ sudo sh -c “cd /home ; du -s * â sort -rn > USAGE”