Wednesday, August 26, 2009

Enable Oracle Application Server to run on port <1024 on HPUX

Below are the instructions, probably a little too detailed, on how to enable oracle to start httpd as root then fork to user specified in httpd.conf (em -> advanced properties -> httpd.conf) - For most people, Since Oracle App server is just a modified apache...Task 1 is the only thing you really have to do. You can then add the port in EM, and add the vhost directive in either ssl.conf or whatever file you're sourcing vhosts from.
--
Task 1: Enable Oracle HTTP Server to Run as Root for Ports Set to Less Than 1024 (Unix Only)
If you are on a UNIX system and you are changing the Listen port to a number less than 1024, perform these steps before you change the Oracle HTTP Server Listen port.
By default, Oracle HTTP Server runs as a non-root user (the user that installed Oracle Application Server). On UNIX systems, if you change the Oracle HTTP Server Listen port number to a value less than 1024, you must enable Oracle HTTP Server to run as root, as follows:
  1. Log in as root.
  2. Run the following commands in the middle-tier Oracle home:


    cd ORACLE_HOME/Apache/Apache/bin
    chown root .apachectl
    chmod 6750 .apachectl

Task 2: Use the portconfig Command to Change the Oracle HTTP Server Listen Ports
Use the following procedure to change the Oracle HTTP Server HTTP or HTTPS listen port:
  1. Set the ORACLE_HOME environment variable to the home directory of the Oracle Application Server instance where the Oracle HTTP Server resides.
    For example:


    (UNIX) setenv ORACLE_HOME /dev0/private/oracle/appserv1/

  2. On UNIX systems, set the LD_LIBRARY_PATH, LD_LIBRARY_PATH_64, LIB_PATH, or SHLIB_PATH environment variables to the proper values. The actual environment variables and values that you must set depend on the type of your UNIX operating system.

  3. Create an alias (on UNIX systems) to represent the portconfig command.
    For example, to execute the command as an alias on UNIX systems, enter the following command:


    alias portconfig '$ORACLE_HOME/jdk/bin/java -cp 
    $ORACLE_HOME/sysman/webapps/emd/WEB-INF/lib/emd.jar:
    $ORACLE_HOME/dcm/lib/dcm.jar:
    $ORACLE_HOME/sso/lib/ossoreg.jar
    oracle.sysman.ias.sta.tools.PortConfigCmdLine \!*'

  4. Use the newly created portconfig command as follows:


    portconfig -oracleHome ORACLE_HOME 
    -oldPort old_port 
    -newPort new_port 
    [-sso -url http://sso_host:port -user http_server_admin_user 
      [-site name_of_sso_partner_application]
      [-admin mod_osso_admin_user]
      [-vHost path_to_mod_osso_configuration_file]]
    [-webCache] [-debug]
    {-start | -restart}

    For example, on UNIX systems:


    portconfig -oracleHome $ORACLE_HOME -oldPort 7777 -newPort 7778 -webCache
Posted by William Nix at 12:31 PM 0 comments
Labels: , , , , , ,

Changing VSWIF IP in VMWare ESX

Pretty nice post on esxcfg commands...

Esxcfg command help
Esxcfg-firewall
Description: Configures the service console firewall ports
Syntax: esxcfg-firewall

Options:
-q Lists current settings
-q Lists settings for the specified service
-q incoming|outgoing Lists settings for non-required incoming/outgoing ports
-s Lists known services
-l Loads current settings
-r Resets all options to defaults
-e Allows specified service through the firewall (enables)
-d Blocks specified service (disables)
-o Opens a port
-c Closes a port previously opened by –o
-h Displays command help
-allowincoming Allow all incoming ports
-allowoutgoing Allow all outgoing ports
-blockincoming Block all non-required incoming ports (default value)
-blockoutgoing Block all non-required outgoing ports (default value)

Default Services:

AAMClient Added by the vpxa RPM: Traffic between ESX Server hosts for VMware High Availability (HA) and EMC Autostart Manager – inbound and outbound TCP and UDP Ports 2050 – 5000 and 8042 – 8045
activeDirectorKerberos Active Directory Kerberos - outbound TCPs Port 88 and 464
CIMHttpServer First-party optional service: CIM HTTP Server - inbound TCP Port 5988
CIMHttpsServer First-party optional service: CIM HTTPS Server - inbound TCP Port 5989
CIMSLP First-party optional service: CIM SLP - inbound and outbound TCP and UDP Ports 427
commvaultDynamic Backup agent: Commvault dynamic – inbound and outbound TCP Ports 8600 – 8619
commvaultStatic Backup agent: Commvault static – inbound and outbound TCP Ports 8400 – 8403
ftpClient FTP client - outbound TCP Port 21
ftpServer FTP server - inbound TCP Port 21
kerberos Kerberos - outbound TCPs Port 88 and 749
LicenseClient FlexLM license server client - outbound TCP Ports 27000 and 27010
nfsClient NFS client - outbound TCP and UDP Ports 111 and 2049 (0 – 65535)
nisClient NIS client - outbound TCP and UDP Ports 111 (0 – 65535)
ntpClient NTP client - outbound UDP Port 123
smbClient SMB client - outbound TCP Ports 137 – 139 and 445
snmpd SNMP services - inbound TCP Port 161 and outbound TCP Port 162
sshClient SSH client - outbound TCP Port 22
sshServer SSH server - inbound TCP Port 22
swISCSIClient First-party optional service: Software iSCSI client - outbound TCP Port 3260
telnetClient NTP client - outbound TCP Port 23
TSM Backup agent: IBM Tivoli Storage Manager – inbound and outbound TCP Ports 1500
veritasBackupExec Backup agent: Veritas BackupExec – inbound TCP Ports 10000 – 10200
veritasNetBackup Backup agent: Veritas NetBackup – inbound TCP Ports 13720, 13732, 13734, and 13783
vncServer VNC server - Allow VNC sessions 0-64: inbound TCP Ports 5900 – 5964
vpxHeartbeats vpx heartbeats - outbound UDP Port 902

Note: You can configure your own services in the file /etc/vmware/firewall/services.xml

esxcfg-firewall examples:
Enable ssh client connections from the Service Console:
# esxcfg-firewall -e sshClient
Disable the Samba client connections:
# esxcfg-firewall -d smbClient
Allow syslog outgoing traffic:
# esxcfg-firewall -o 514,udp,out,syslog
Turn off the firewall:
# esxcfg-firewall -allowIncoming
# esxcfg-firewall -allowOutgoing
Re-enable the firewall:
# esxcfg-firewall -blockIncoming
# esxcfg-firewall –blockOutgoing


Esxcfg-nics
Description: Prints a list of physical network adapters along with information on the driver, PCI device, and link state of each NIC. You can also use this command to control a physical network adapter’s speed and duplexing.
Syntax: esxcfg-nics [nic]

Options:
-s Set the speed of this NIC to one of 10/100/1000/10000. Requires a NIC parameter.
-d Set the duplex of this NIC to one of 'full' or 'half'. Requires a NIC parameter.
-a Set speed and duplex automatically. Requires a NIC parameter.
-l Print the list of NICs and their settings.
-r Restore the NICs configured speed/duplex settings. (Internal use only)
-h Displays command help

esxcfg-nics examples:
Set the speed and duplex of a NIC (vmnic2) to 100/Full:
esxcfg-nics -s 100 -d full vmnic2
Set the speed and duplex of a NIC (vmnic2) to auto-negotiate:
esxcfg-nics -a vmnic2


Esxcfg-vswitch
Description: Creates and updates virtual machine (vswitch) network settings
Syntax: esxcfg-vswitch [vswitch[:ports]]

Options:
-a Add a new virtual switch.
-d Delete the virtual switch.
-l List all the virtual switches.
-L Set pnic as an uplink for the vswitch.
-U Remove pnic from the uplinks for the vswitch.
-p Specify a portgroup for operation. Use ALL for operation to work on all portgroups
-v Set VLAN ID for portgroup specified by -p. 0 would disable the VLAN.
-c Check to see if a virtual switch exists. Program outputs a 1 if it exists, 0 otherwise.
-A Add a new portgroup to the virtual switch.
-D Delete the portgroup from the virtual switch.
-C Check to see if a portgroup exists. Program outputs a 1 if it exists, 0 otherwise.
-r Restore all virtual switches from the configuration file (Internal use only)
-h Displays command help


esxcfg-vswitch examples:
Add a pnic (vmnic2) to a vswitch (vswitch1):
esxcfg-vswitch -L vmnic2 vswitch1
Remove a pnic (vmnic3) from a vswitch (vswitch0):
esxcfg-vswitch -U vmnic3 vswitch0
Create a portgroup (VM Network3) on a vswitch (vswitch1):
esxcfg-vswitch -A "VM Network 3" vSwitch1
Assign a VLAN ID (3) to a portgroup (VM Network 3) on a vswitch (vswitch1):
esxcfg-vswitch -v 3 -p "VM Network 3" vSwitch1


Esxcfg-vswif
Description: Creates and updates service console network settings. This command is used if you cannot manage the ESX Server host through the VI Client because of network configuration issues.
Syntax: esxcfg-vswif [vswif]

Options:

-a Add vswif, requires IP parameters. Automatically enables interface.
-d Delete vswif.
-l List configured vswifs.
-e Enable this vswif interface.
-s Disable this vswif interface.
-p Set the portgroup name of the vswif.
-i or DHCP The IP address for this vswif or specify DHCP to use DHCP for this address.
-n The IP netmask for this vswif.
-b The IP broadcast address for this vswif. (not required if netmask and ip are set)
-c Check to see if a virtual NIC exists. Program outputs a 1 if the given vswif exists, 0 otherwise.
-D Disable all vswif interfaces. (WARNING: This may result in a loss of network connectivity to the Service Console)
-E Enable all vswif interfaces and bring them up.
-r Restore all vswifs from the configuration file. (Internal use only)
-h Displays command help.

Note: You can set the Service Console default gateway by editing the /etc/sysconfig/network file or through the VI Client under Configuration, DNS & Routing.

esxcfg-vswif examples:
Change your Service Console (vswif0) IP and Subnet Mask:
esxcfg-vswif -i 172.20.20.5 -n 255.255.255.0 vswif0
Add a Service Console (vswif0):
esxcfg-vswif -a vswif0 -p "Service Console" -i 172.20.20.40 -n 255.255.255.0


Esxcfg-route
Description: Sets or retrieves the default VMkernel gateway route
Syntax: esxcfg-route [ [] ]
can be specified in 2 ways: as a single argument in / format or as a pair.
is either an IP address or 'default'

Options:
-a Add route to the VMkernel, requires network address (or 'default') and gateway IP address.
-d Delete route from the VMkernel, requires network address (or 'default').
-l List configured routes for the Service Console.
-r Restore route setting to configured values on system start. (Internal use only)
-h Displays command help

esxcfg-route examples:
Set the VMkernel default gateway route:
esxcfg-route 172.20.20.1
Add a route to the VMkernel:
esxcfg-route -a default 255.255.255.0 172.20.20.1


Esxcfg-vmknic
Description: Creates and updates VMkernel TCP/IP settings for VMotion, NAS, and iSCSI
Syntax: esxcfg-vmknic [[portgroup]]

Options:

-a Add a VMkernel NIC to the system, requires IP parameters and portgroup name.
-d Delete VMkernel NIC on given portgroup.
-e Enable the given NIC if disabled.
-D Disable the given NIC if enabled.
-l List VMkernel NICs.
-i The IP address for this VMkernel NIC. Setting an IP address requires that the -n option be given in same command.
-n The IP netmask for this VMkernel NIC. Setting the IP netmask requires that the -i option be given in the same command.
-r Restore VMkernel TCP/IP interfaces from configuration file. (Internal use only)
-h Displays command help

esxcfg-vmknic examples:
Add a VMkernel NIC and set the IP and subnet mask:
esxcfg-vmknic -a "VM Kernel" -i 172.20.20.19 -n 255.255.255.0
Posted by William Nix at 11:45 AM 0 comments
Labels: , , , , ,

Serial Console on VMWare ESX

I primarily use HP ILO's on our DL360s. I never get ILO Advanced Pack..Its expensive, and I ues UNIX so, for my BSD and Linux machines I just use serial consoles... It beats buying the license...and I don't need the graphical stuff... Thats what X servers are for.

Compiled this from a defunct wiki from some edu, but its pretty much common sense. Just wanted to document it for those who care ;)

For an ESX Server:
This is about enabling the console of ESX server to be a serial port. Running an IP KVM for ESX servers seems a really expensive thing to do, when it just needs a shell.

This is a method I use for RHEL/CentOS. I had to modify it slightly for VMware ESX:
Edit /boot/grub/grub.conf
Add the following lines after "timeout=3" line

serial --unit=0 --speed=9600 --word=8 --parity=no --stop=1
terminal --timeout=8 serial console

* The first line tells GRUB to use the first serial port at a baud rate of 9600
* The second line gives the user 8 seconds to decide where GRUB should output it's information. * Please adjust port number and speed as per your setup.

Append the kernel entry in /boot/grub/grub.conf to add serial console:


kernel /vmlinuz ro root=UUID=675026ae-e3ee-4340-8614-9173f59d5bfb mem=300M quiet console=ttyS0,9600

Edit /etc/inittab to add a new line for agetty. I placed this after the mingetty entries:

s0:2345:respawn:/sbin/agetty -L -f /etc/issueserial 9600 ttyS0 vt100

Additional notes: - root logins are restricted over ttysX by default unless your ttysX is added to the securetty config. So, edit /etc/securettty and add your port to your config if you want to allow root logins.

For a VM:
To add a serial console to VMWare ESX, there's no way to do it either from the web console nor from their dinky vmware-console. There's just grayed out menu items that torment your soul leaving you with a bitter taste of unfulfilled possibilites. Yet there is hope!

Here I add serial console 0. serial0.present = "TRUE" serial0.fileType = "file" serial0.fileName = "/tmp/console.debian26_dan"

then add in your kernel boot options (ie, in /boot/grub/menu.lst) console=ttyS0,19200
like this: kernel /boot/vmlinuz root=/dev/sdc1 ro console=ttyS0,19200 console=tty0

now as you do crazy things to the kernel and crash it (ie, run zap), you can access your kernel log for debugging information in /tmp/console.debian26_dan.

NOTE: this enables a serial console for a guest machine on ESX. It does not enable a serial console for the ESX system itself, for that see above. ;p
Posted by William Nix at 8:22 AM 0 comments
Labels: ,

Friday, August 21, 2009

it is the whole thing.

see subject. no comment. sigh.
Posted by William Nix at 10:44 AM 0 comments

Tuesday, August 18, 2009

mpage!

so...i guess, i just screwed up when i was working with mpage before trying to get the fonts right. it appears now that Courier-Bold as a -F parameter is working. ;) Yay.

That's how you get darker color, Bob!
Posted by William Nix at 10:15 AM 0 comments

Monday, August 17, 2009

cups-pdf, cups, RHEL, Linux, and EPEL repositories...

Soo...you want to add some other packages...
OK!

su -c 'rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm'

they should now be available in yum...in my case, cups-pdf.

Posted by William Nix at 7:09 PM 0 comments
Labels: ,

Sunday, August 16, 2009

using firefox 3.5.x in Linux ... Its not just that easy, apparently.

I got tired of looking for a repo version and decided to get the bin pkg from Mozilla.

Here’s a really quick way to get 3.5.2 running on your Ubuntu or RHEL/CentOS system.

I removed the Firefox 3.0 that shipped... In this case, with CentOS. This tutorial taken from some Ubuntu user's post/page...I forget.

Open up Terminal (Applications > Accessories > Terminal) and run the following commands:

  1. cd /tmp
  2. wget "http://download.mozilla.org/?product=firefox-3.5.2&os=linux&lang=en-US"
    Note: Your download link may be different depending on your country and language. I got the link by clicking the download link, canceling the automatic download, right-clicking the “Your download should automatically begin in a few seconds, but if not, click here” link, and selecting Copy Link Location.
  3. tar xvjf firefox-*.bz2
  4. sudo cp -r firefox /usr/lib/firefox-3.5.2
  5. sudo mv /usr/bin/firefox /usr/bin/firefox.old
  6. sudo ln -s /usr/lib/firefox-3.5.2/firefox /usr/bin/firefox-3.5.2
  7. sudo ln -s /usr/bin/firefox-3.5.2 /usr/bin/firefox

Close Firefox and then reopen. You should now be running Firefox 3.5.2.

If for whatever reason you’d like to switch back to your previous version of Firefox, simply run the following commands from Terminal:

  1. sudo mv /usr/bin/firefox /usr/bin/firefox.bak
  2. sudo mv /usr/bin/firefox.old /usr/bin/firefox
Posted by William Nix at 3:27 PM 0 comments
Labels: ,

enable rpmfusion, epel for CentOS / RHEL5 to install other repos...

[root@caliban-centos ~]# su -c 'rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm'

[root@caliban-centos ~]# su -c 'rpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/5/i386/rpmfusion-free-release-5-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/5/i386/rpmfusion-nonfree-release-5-0.1.noarch.rpm'

- this should then allow software to be pulled from rpmfusion!
Posted by William Nix at 3:22 PM 0 comments
Labels: ,
Subscribe to: Posts (Atom)