Showing posts with label solaris. Show all posts
Showing posts with label solaris. Show all posts

Debugging sendmail

27.4 - tracking alias and forward expansion
44.4 - tracking file permission checks

debugging categories

server# sendmail -v -d27.4 -d44.4 -bv recepient
safefile(/etc/mail/sendmail.cf, uid=0, gid=0, flags=6000, mode=400):
safedirpath(/etc/mail, uid=0, gid=0, flags=6000, level=0, offset=0):
        [dir /etc/mail] OK
        [uid 0, nlink 1, stat 100444, mode 400]         OK
safefile(/etc/mail/local-host-names, uid=0, gid=0, flags=6580, mode=400):
safedirpath(/etc/mail, uid=0, gid=0, flags=6580, level=0, offset=0):
        [dir /etc/mail] OK
        [uid 0, nlink 1, stat 100444, mode 400]         OK
safefile(/etc/mail/relay-domains, uid=0, gid=0, flags=6580, mode=400):
safedirpath(/etc/mail, uid=0, gid=0, flags=6580, level=0, offset=0):
        [dir /etc/mail] OK
        [uid 0, nlink 1, stat 100444, mode 400]         OK
safefile(/etc/mail/generics-domains, uid=0, gid=0, flags=6580, mode=400):
safedirpath(/etc/mail, uid=0, gid=0, flags=6580, level=0, offset=0):
        [dir /etc/mail] OK
        [uid 0, nlink 1, stat 100444, mode 400]         OK
safefile(/etc/mail/masquerade_domain_file, uid=0, gid=0, flags=6580, mode=400):
safedirpath(/etc/mail, uid=0, gid=0, flags=6580, level=0, offset=0):
        [dir /etc/mail] OK
        [uid 0, nlink 1, stat 100444, mode 400]         OK
safefile(/etc/mail/masquerade_exception_file, uid=0, gid=0, flags=6580, mode=400):
safedirpath(/etc/mail, uid=0, gid=0, flags=6580, level=0, offset=0):
        [dir /etc/mail] OK
        [uid 0, nlink 1, stat 100444, mode 400]         OK
safefile(/etc/mail/virtuserdomains, uid=0, gid=0, flags=6580, mode=400):
safedirpath(/etc/mail, uid=0, gid=0, flags=6580, level=0, offset=0):
        [dir /etc/mail] OK
        [uid 0, nlink 1, stat 100444, mode 400]         OK
safefile(/etc/mail/trusted-users, uid=0, gid=0, flags=6580, mode=400):
safedirpath(/etc/mail, uid=0, gid=0, flags=6580, level=0, offset=0):
        [dir /etc/mail] OK
        [uid 0, nlink 1, stat 100444, mode 400]         OK
safedirpath(/var/spool/mqueue, uid=0, gid=0, flags=4, level=0, offset=0):
        [dir /var/spool/mqueue] OK
alias(recepient)
safefile(/etc/mail/aliases.db, uid=0, gid=0, flags=584, mode=400):
safedirpath(/etc/mail, uid=0, gid=0, flags=584, level=0, offset=0):
        [dir /etc/mail] OK
        [uid 0, nlink 1, stat 100644, mode 400]         OK
aliaswait(implicit:/etc/mail/aliases)
forward(recepient)
forward: trying /home/user/mailTest/home/.forward.server+
include(/home/user/mailTest/home/.forward.server+)
   ruid=0 euid=0
safedirpath(/home/user/mailTest/home, uid=43649, gid=40, flags=1985, level=0, offset=0):
        [dir /home/user/mailTest] mode 41777 FATAL
        [dir /home/user/mailTest/home] World writable directory
safefile(/home/user/mailTest/home/.forward.server+, uid=43649, gid=40, flags=1b87, mode=400):
safedirpath(/home/user/mailTest/home, uid=43649, gid=40, flags=1b87, level=0, offset=0):
        [dir /home/user/mailTest] mode 41777 FATAL
        [dir /home/user/mailTest/home] World writable directory
include: not safe (uid=43649): World writable directory
recepient... forward: /home/user/mailTest/home/.forward.server+: World writable directory
forward: trying /home/user/mailTest/home/.forward+
include(/home/user/mailTest/home/.forward+)
   ruid=0 euid=0
safedirpath(/home/user/mailTest/home, uid=43649, gid=40, flags=1985, level=0, offset=0):
        [dir /home/user/mailTest] mode 41777 FATAL
        [dir /home/user/mailTest/home] World writable directory
safefile(/home/user/mailTest/home/.forward+, uid=43649, gid=40, flags=1b87, mode=400):
safedirpath(/home/user/mailTest/home, uid=43649, gid=40, flags=1b87, level=0, offset=0):
        [dir /home/user/mailTest] mode 41777 FATAL
        [dir /home/user/mailTest/home] World writable directory
include: not safe (uid=43649): World writable directory
recepient... forward: /home/user/mailTest/home/.forward+: World writable directory
forward: trying /home/user/mailTest/home/.forward.server
include(/home/user/mailTest/home/.forward.server)
   ruid=0 euid=0
safedirpath(/home/user/mailTest/home, uid=43649, gid=40, flags=1985, level=0, offset=0):
        [dir /home/user/mailTest] mode 41777 FATAL
        [dir /home/user/mailTest/home] World writable directory
safefile(/home/user/mailTest/home/.forward.server, uid=43649, gid=40, flags=1b87, mode=400):
safedirpath(/home/user/mailTest/home, uid=43649, gid=40, flags=1b87, level=0, offset=0):
        [dir /home/user/mailTest] mode 41777 FATAL
        [dir /home/user/mailTest/home] World writable directory
include: not safe (uid=43649): World writable directory
recepient... forward: /home/user/mailTest/home/.forward.server: World writable directory
forward: trying /home/user/mailTest/home/.forward
include(/home/user/mailTest/home/.forward)
   ruid=0 euid=0
safedirpath(/home/user/mailTest/home, uid=43649, gid=40, flags=1985, level=0, offset=0):
        [dir /home/user/mailTest] mode 41777 FATAL
        [dir /home/user/mailTest/home] World writable directory
safefile(/home/user/mailTest/home/.forward, uid=43649, gid=40, flags=1b87, mode=400):
safedirpath(/home/user/mailTest/home, uid=43649, gid=40, flags=1b87, level=0, offset=0):
        [dir /home/user/mailTest] mode 41777 FATAL
        [dir /home/user/mailTest/home] World writable directory
include: not safe (uid=43649): World writable directory
recepient... forward: /home/user/mailTest/home/.forward: World writable directory
recepient... deliverable: mailer local, user recepient
Posted by at 9/27/2012 07:00:00 AM 0 comments
Labels: ,

Extracting files from Solaris packages 

server# gunzip procmail-3.22-sol10-sparc-local.gz
server# pkgtrans procmail-3.22-sol10-sparc-local .

The following packages are available:
  1  SMCprocm     procmail
                  (sparc) 3.22

Select package(s) you wish to process (or 'all' to process
all packages). (default: all) [?,??,q]: all
Transferring  package instance
server# ls
SMCprocm                         procmail-3.22-sol10-sparc-local
Posted by at 9/27/2012 05:46:00 AM 0 comments
Labels:

Solaris iostat 

bash-3.00# iostat -Td -zxn 1 100
                    |  ||| |  +---> reps         
                    |  ||| +------> interval
                    |  ||+--------> pretty-print device names
                    |  |+---------> extended statistics 
                    |  +----------> omit zero-stat devices
                    +-------------> adds a time stamp at the top
         
Mon Jun 11 18:03:25 2012
                    extended device statistics
    r/s    w/s   kr/s   kw/s wait actv wsvc_t asvc_t  %w  %b device
    6.0   13.0  192.0  239.4  0.0  0.5    0.0   28.3   0  20 nfshost:/vol/vol26/user1
  166.0   94.0 5312.7 3008.4  0.8  6.3    3.2   24.2  48 100 nfshost:/vol/vol8/user2
   46.0    0.0 1407.8    0.0  0.0  1.0    0.0   22.0   0  39 rshare:/mnt/prod/RISK
   22.0    0.0   66.5    0.0  0.0  0.7    0.0   30.7   0  68 nfshost:/vol/vol10/user3
Posted by at 6/11/2012 06:08:00 PM 0 comments
Labels:

Solaris has no seq's

no problem!

[SunOS: marc@admin ~]$ cat `which seq`
#!/usr/bin/env perl

use strict;

sub Usage {
        die "usage: $0 [lower-bound(optional)] [upper-bound]\n";
}

foreach (@ARGV) {
        chomp;
        if (!/\d+/) {
                Usage();
        }
}

my ($lower, $upper);
Usage() if $#ARGV > 1;
if ($#ARGV == 0) {
        $lower = 1;
        $upper = $ARGV[0];
} else {
        $lower = $ARGV[0];
        $upper = $ARGV[1];
}

while ($lower <= $upper) {
        print $lower, "\n";
        $lower++;
}
Posted by at 4/01/2012 06:16:00 AM 1 comments
Labels: ,

Install OpenSSH 5.9p1 on Solaris 10 x86

Download the following packages from Sunfreeware:


openssh-5.9p1-sol10-x86-local.gz
libgcc-3.4.6-sol10-x86-local.gz
openssl-1.0.0e-sol10-x86-local.gz
tcp_wrappers-7.6-sol10-intel-local.gz
zlib-1.2.5-sol10-x86-local.gz
http://www.sunfreeware.com/ossh
http://www.sunfreeware.com/ossh.xml


gunzip each file.
install each file with pgadd -d [filename]

add SSHD user:

bash-3.00# mkdir -p /var/empty/sshd
bash-3.00# useradd -d /var/empty/sshd -s /bin/false -c "Privilege-separated SSHD" sshd


generate host keys:

bash-3.00# ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key
bash-3.00# ssh-keygen -t dsa -f /usr/local/etc/ssh_host_dsa_key


remove native ssh package:

bash-3.00# pkgrm SUNWsshcu SUNWsshdr SUNWsshdu SUNWsshr SUNWsshu


add ossh to smf:

bash-3.00# mv -f ossh /lib/svc/method/; chmod 555 /lib/svc/method/ossh
bash-3.00# mv -f ossh.xml /var/svc/manifest/network/
bash-3.00# svccfg import /var/svc/manifest/network/ossh.xml
bash-3.00# svcadm enable ossh
bash-3.00# svcadm restart ossh
bash-3.00# svcs -a | grep -i ssh
online 17:49:25 svc:/network/ossh:default
Posted by at 9/10/2011 03:00:00 AM 0 comments
Labels:

solaris 10 and proftpd

Today, a co-worker asked me to install proftpd on solaris 10 (sparc). So I installed the package, but it was complaining about a missing libssl.so.0.9.8. However instead of upgrading openssl, we chose to downgrade proftp (yes, I know...)

bash-3.00# ftp localhost
Connected to localhost.
ld.so.1: proftpd: fatal: libssl.so.0.9.8: open failed: No such file or directory
ftp> quit

I'm not really a Solaris person (actually I hate it, but my paycheck depends on it. Linux rocks!).

So my plan was:
  • check the installed version of proftpd
  • backup its config file and uninstall the package
  • download a couple of packages from www.sunfreeware.com (lower version)
  • try these packages out
Here's how I did it, all thanks to google:


bash-3.00# pkginfo | grep ftp
application SMCpftpd proftpd <- here is our package
system SUNWftpr FTP Server, (Root)
system SUNWftpu FTP Server, (Usr)

bash-3.00# pkginfo -l SMCpftpd | grep VERSION
VERSION: 1.3.2

bash-3.00# ftp ftp.sunfreeware.com
ftp> bin
ftp> hash
ftp> prompt
ftp> cd pub/freeware/sparc/10
ftp> mget proftpd-1.3.0-sol10-sparc-local.gz proftpd-1.3.1-sol10-sparc-local.gz
ftp> quit
bash-3.00# gunzip proftpd-1.3.0-sol10-sparc-local.gz
bash-3.00# gunzip proftpd-1.3.1-sol10-sparc-local.gz

bash-3.00# cp -a /usr/local/etc/proftpd.conf /usr/local/etc/proftpd.conf.orig
bash-3.00# pkgrm SMCpftpd
bash-3.00# pkgadd -d proftpd-1.3.0-sol10-sparc-local

bash-3.00# vi /usr/local/etc/proftpd.conf
...
ServerType inetd
...

bash-3.00# inetadm -l ftp
SCOPE NAME=VALUE
name="ftp"
endpoint_type="stream"
proto="tcp6"
isrpc=FALSE
wait=FALSE
exec="/usr/local/sbin/proftpd -c /usr/local/etc/proftpd.conf"
user="root"
default bind_addr=""
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=TRUE
default tcp_wrappers=TRUE
default connection_backlog=10

bash-3.00# inetadm -m ftp proto="tcp"
bash-3.00# inetadm -m ftp exec="/usr/local/sbin/in.proftpd"
bash-3.00# svcadm disable ftp; svcadm enable ftp


no more Solaris please!
Posted by at 5/25/2010 09:36:00 AM 0 comments
Labels: ,
Subscribe to: Posts (Atom)