Forwarding the syslog to another server on network

quinta-feira, 25 de outubro de 2012

I'm using a linux to receive my logs for this explanation.

LogServer:
usually the syslog conf path for syslog on linux is /etc/sysconfig/syslog (red hat for example)
Setup the syslog on linux with the bellow options:

SYSLOGD_OPTIONS="-m 0 -r"
*.* /var/adm/messages

Refresh the syslog
# kill -HUP syslogPid

HP-UX :
Setup the syslog on HP-UX with the bellow options:
syslog conf path: /etc/syslog.conf
*.debug @LogServer

Get the syslog pid to refresh the process:
ps -ef | grep syslog

# kill -HUP syslogPid

Wrapper - Block the root password change

sábado, 20 de outubro de 2012

For security reason is good dont give the "power" to change the root password for everyone :-)

Create a list of users that you want to deny the change of password.:
# vi /usr/local/etc/passwd_not_allowed
root
bin

Now create the wrapper:
# vi /tmp/passwd
file=/usr/local/etc/passwd_not_allowed
user=$1
grep -q ${user] ${file} && echo "${user} - You don't have access to change this passwd"  && exit
/usr/bin/passwd.dist ${User}

Set the right permissions:
# chmod 755 /tmp/passwd

Move the real passwd for another place:
# mv /usr/bin/passwd /usr/bin/passwd.dist

Put your wrapper in the place of passwd:
# mv /tmp/passwd /usr/bin/

Now you can configure a sudo for this script, if you don't want move the passwd bin you can create the wrapper in another place.

Renaming a logical volume

segunda-feira, 1 de outubro de 2012

old name: /dev/vgwow/lvol1
new name: /dev/vgwow/data_lv

# umount /dev/vgwow/lvol1
# ll  /dev/vgwow/lvol1                                      take note of the minor ( e.g 0x010001 )
brw-r-----   1 root       root        64 0x010001 Dec 31 17:59 lvol1
#       create new logical volume name
# mknod  /dev/vgwow/rdata_lv c 64 0x010001
# vi /etc/fstab                                               ( reflect the new logical volume  )
# mount -a

# rmsf /dev/vgwow/lvol1
# rmsf /dev/vgwow/rlvol1