Linux

convert security.fdb to security2.fdb in firebird

I have to migrate from firebird 1.5 to 2.0. And of course there was a databases migration. The security.fdb as it is said in /opt/firebird/upgrade/security_database.txt is not compatibile:

You can’t use pre-2.0 security database in firebird 2.0 or higher directly.
If you try to put old security.fdb into firebird’s new home directory with
new (security2.fdb) name, you will get a message - cannot attach to password
database. That’s OK and is by design. In order to be able to use old database,
you must run appropriate upgrade script - security_database.sql. To do so:
1. Put your old security database in some known to you place (not new home directory). Always have a copy of it!
2. Start firebird using it’s new, native security2.fdb.
3. Convert your old security database to ODS11 (i.e. backup and restore it using gbak from firebird 2.0). Without this step you will get failure running security_database.sql!
4. Connect to restored database as SYSDBA and run the script.
5. Stop firebird.
6. Copy upgraded database to firebird’s home directory (as security2.fdb).
7. Start firebird.

but point 3 is not explained. so… let’s rock…

To be sure - You have to change native sercurity2.fdb password to same as your sysdba in previous version of firebird has, and check if firebird is running!

# /opt/firebird/bin/changeDBAPassword.sh
Please enter current password for SYSDBA user: oldpassword
Please enter new password for SYSDBA user: masterkey

STEP 1 (make a copy of security.fdb):

# /opt/firebird/bin/gbak -user SYSDBA -password masterkey /opt/firebird/security.fdb /opt/firebird/security.fbk

if you get following error you have to chown security.fdb to firebird user!

gbak: ERROR:I/O error for file “/opt/firebird/security.fdb”
gbak: ERROR: Error while trying to open file
gbak: ERROR: Permission denied
gbak:Exiting before completion due to errors

STEP 2 (restore the database):

# /opt/firebird/bin/gbak -rep -user SYSDBA -password masterkey /opt/firebird/security.fbk /opt/firebird/security.fdb

STEP 3 (database conversion):

# /opt/firebird/bin/isql -user SYSDBA -password masterkey -i /opt/firebird/upgrade/security_database.sql /opt/firebird/security.fdb

STEP 4 (stop the firebird):

# service firebird stop:

STEP 5 (overwrite the old security fdb):

cp security.fdb security2.fdb

that’s all… simple don’t you think so?

Tags: firebird database conversion

Friday, November 14th, 2008 Linux, Security No Comments

transmission-1.40 at centos 5 libcurl problem

When I tried to update my transmission (1.34) bittorent client to newest version 1.40 at centos 5 I got a configure error:

Requested ‘libcurl >= 7.16.3′ but version of libcurl is 7.15.5

and it is true… libcurl in centos 5 is now 7.15.5 and probably will not be updated in a short time. As a solution, I tried to rebuild a fedora 8 src package.

What I need was: curl-7.16.4-8.fc8.src.rpm and rpmbuild in my centos system. You will probably need nss-devel and nspr-devel so install it before running rpmbuild. Let’s rock:

rpmbuild –rebuild –define ‘dist .el5′ curl-7.16.4-8.fc8.src.rpm

after some time you should get files:

-rw-r–r– 1 root root 675076 Nov 11 10:19 curl-7.16.4-8.el5.i386.rpm
-rw-r–r– 1 root root 206491 Nov 11 10:19 curl-devel-7.16.4-8.el5.i386.rpm

of course, you can download them from my repo (click at them). Now you can easly install both:

# rpm -Uvh /usr/src/redhat/RPMS/i386/curl-*
Preparing…                ########################################### [100%]
1:curl                   ########################################### [ 50%]
2:curl-devel             ########################################### [100%]

Tags: centos, libcurl, transmission

Tuesday, November 11th, 2008 Linux, Tips No Comments

software raid 10 at linux

Today I was looking for some performace tests at linux filesystems, and I found some pages, where raid 10 at linux has been done by merging two raid 1 into raid 0, or simmilar…

Maybe some of you does not know, that linux mdadm support raid10, as you can see below:

# mdadm –create /dev/md2 –level 10 –raid-devices=4 /dev/sda5 /dev/sdb5 /dev/sdc5 /dev/sdd5
mdadm: array /dev/md2 started.

and check:

# cat /proc/mdstat
Personalities : [raid1] [raid10]
md2 : active raid10 sdd5[3] sdc5[2] sdb5[1] sda5[0]
4481920 blocks 64K chunks 2 near-copies [4/4] [UUUU]
[======>..............] resync = 32.2% (1445184/4481920) finish=0.3min speed=160576K/sec

Tags: Linux, RAID10

Friday, November 7th, 2008 Linux, Tips No Comments

re-add disk to mdadm array

Sometimes you can meet the situation when you lost a drive by accident from your mdadm configuration, as you can see below, two of my arrays has lost a drive:

# cat /proc/mdstat
Personalities : [raid1] [raid0]
md3 : active raid1 sdc2[0] hde2[1]
195358336 blocks [2/2] [UU]

md2 : active raid0 sdc1[0] hde1[1]
97675008 blocks 64k chunks

md1 : active raid1 sda1[0]
104320 blocks [2/1] [U_]

md6 : active raid1 sdb4[1] sda4[0]
958084352 blocks [2/2] [UU]

md0 : active raid1 sda3[0]
14659200 blocks [2/1] [U_]

to re-add it to array just:

# mdadm /dev/md1 -a /dev/sdb1
mdadm: re-added /dev/sdb1
# mdadm /dev/md0 -a /dev/sdb3
mdadm: re-added /dev/sdb3

now - my array is alive and kicking again

# cat /proc/mdstat
Personalities : [raid1] [raid0]
md3 : active raid1 sdc2[0] hde2[1]
195358336 blocks [2/2] [UU]

md2 : active raid0 sdc1[0] hde1[1]
97675008 blocks 64k chunks

md1 : active raid1 sdb1[1] sda1[0]
104320 blocks [2/2] [UU]

md6 : active raid1 sdb4[1] sda4[0]
958084352 blocks [2/2] [UU]

md0 : active raid1 sdb3[2] sda3[0]
14659200 blocks [2/1] [U_]
[>....................] recovery = 1.8% (272128/14659200) finish=2.6min speed=90709K/sec

unused devices:

Tags: mdadm, re-add disks

Tuesday, September 23rd, 2008 Linux, Tips No Comments

create vswitch from commandline

VMware ESX supports some comandline tools, and if you would like to create a new virtual switch without a lot of clicks at vmware infrastructure client, you can easly use:

esxcfg-vswitch -a testvswitch:80

where:
-a - means add
testvswitch - is name of your virtual switch
:80 - is number of port’s you would like to have

Tags: command line, esx, ports, vmware, vswitch

Tuesday, September 23rd, 2008 Linux, Tips, vmware No Comments

resolution: test every disk even if its state is NEW

Some time ago, I bought six samsung 1TB drives (P/N HD103UJ), and 3 of them has been damaged (they were pretty new, and I bought them directly from distributor!)!. Two of them has read-write errors (called bad sectors ) and one does not spin up (it has S.M.A.R.T error just at system boot). Why I chose Samsung? Because this was the only one which produced 1TB with 3 plates (6 heads). Now, because I do not trust Samsung at all I bought just a newness Seagate 1TB (P/N ST31000333AS) (same 6 heads). Samsung was a trauma for me, I wonder if Seagate has same problems. I tested this two drives, and just at start I found sth strange. One of disk does not start in one of SATA ports (another disk worked fine (I swapped them). Anyway after booting up the system, I started testing:

# smartctl -A /dev/sdf |grep On
9 Power_On_Hours 0×0032 100 100 000 Old_age Always - 0
# smartctl -A /dev/sdg |grep On
9 Power_On_Hours 0×0032 100 100 000 Old_age Always - 3

Why one of disks has 3 working hours and one has 0? Maybe because they were tested by support?

now is a time for whole surface test:

# badblocks -s -v /dev/sdf
Checking blocks 0 to 976762583
Checking for bad blocks (read-only test): done
Pass completed, 0 bad blocks found.

# badblocks -s -v /dev/sdg
Checking blocks 0 to 976762583
Checking for bad blocks (read-only test): done
Pass completed, 0 bad blocks found.

now - I am little bit more sure and I can use it

so maybe some performance test? because I do not have enought time to use bonnie++ I use a simple dd.
read:

# dd if=/dev/sdf of=/dev/null bs=1M count=8000
8000+0 records in
8000+0 records out
8388608000 bytes (8.4 GB) copied, 72.6436 s, 115 MB/s

# dd if=/dev/sdg of=/dev/null bs=1M count=8000
8000+0 records in
8000+0 records out
8388608000 bytes (8.4 GB) copied, 69.6747 s, 120 MB/s

write:

# dd if=/dev/zero of=/dev/sdg bs=1M count=8000
8000+0 records in
8000+0 records out
8388608000 bytes (8.4 GB) copied, 70.9014 s, 118 MB/s

# dd if=/dev/zero of=/dev/sdf bs=1M count=8000
8000+0 records in
8000+0 records out
8388608000 bytes (8.4 GB) copied, 71.8908 s, 117 MB/s

nice

Tags: HD103UJ, ST31000333AS, test hard disk

Wednesday, September 17th, 2008 Linux, considers 1 Comment

enabling interrupts - vmware esx 3.5i hangs at this

After making my magic usb key with vmware I was trying to install vmware esx 3.5i at HP ProLiant DL160 G5 (two quadcore processors, a lot of ram, and 4 sata 1TB disks). But with no success… The problem was that installer hanged up at “enabling interrupts” screen.
The solution I found here you should just add acpi=off to your bootloader promt, as it is said in the vmware communities:

to enable installing ESX on HP Proliant DL160 G5 you should:

1. Press Tab on very first screen of ESXi install
2. Move cursor just after first tgz filename and write “acpi=off”
3. press Enter and ESXi successfully install on DL160G5
4. Be careful because after this setting is lost and problem appears again - solution:
a) disconnect HDD, connect to computer with Win XP (Marti: or another else!), then edit boot.cfg on second partition andin second line set “kernelopt=acpi=off”
b) after starting ESX go to console (Alt-F1, see also “usupported” mode and “enable SSH in ESX” topics) type vi /bootbank/boot.cfg and set “kernelopt=acpi=off”

Tags: DL160 G5, enabling interrupts, esx 3.5i, vmware

Tuesday, September 16th, 2008 Linux, cribs, vmware No Comments

vmware esx 3.5i at usb drive with sata support

Yes, it is unsupported, but who cares? As you can read even microsoft does not support windows at vmware :). The VMware ESX 3.5i is free for some time. It is VMware answer for Microsoft’s Hyper-V - I think. Because the system compatybility is rather thin, and I would love to repleace my VMware Server machines with this top product! Because I have just two scsi disks, and a lot of others (sata for example) I would love to make use of it at this machine. What I need is: vmware esx 3.5i iso and a big (1GB is minimum!) pendrive. Let’s rock!

mount the vmware iso

# mount -o loop /storage/VMware-VMvisor-InstallerCD-3.5.0_Update_2-110271.i386.iso /mnt/vmCD/

then copy a install.tgz file to some place and extract it:

# cp install.tgz /storage/
# tar xvzf install.tgz

then take a look at file usr/lib/vmware/installer/VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd.bz2 “unbzip” it!

# bunzip2 VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd.bz2

then you will have one file, which is a disk image (yes, it’s bigger than 32MB thin install of esx, but it has much more drivers):

# ls -al VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd
-rwxr-xr-x 1 root root 786432000 sie 13 05:00 VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd

now we are going to write the image at the thumbdrive… it is at /dev/sda in my system

# dd if=VMware-VMvisor-big-3.5.0_Update_2-110271.i386.dd of=/dev/sda

after this, you have a bootable USB key (look if your bios support it!)! thanks to: vm-help for its tutorial

Tags: 3.5i, bootable usb, esx, sata support, vmware

Tuesday, September 16th, 2008 Linux, Tips, vmware 2 Comments

Failed dependencies while installing Kerio mail server at centos 5

while installing kerio mail server 6.5.2 at fresh centos 5 install (CentOS release 5.2 (Final)) i got sth like this:

# rpm -Uv /home/users/mrybak/kerio-kms-6.5.2-6426.linux.i386.rpm
error: Failed dependencies:
libstdc++.so.5 is needed by kerio-kms-6.5.2-6426.linux.i386
libstdc++.so.5(CXXABI_1.2) is needed by kerio-kms-6.5.2-6426.linux.i386
libstdc++.so.5(GLIBCPP_3.2) is needed by kerio-kms-6.5.2-6426.linux.i386
libstdc++.so.5(GLIBCPP_3.2.2) is needed by kerio-kms-6.5.2-6426.linux.i386

but I had libstdc++ libraries as you can see:

# rpm -qa |grep libstdc
libstdc++-devel-4.1.2-42.el5
libstdc++-4.1.2-42.el5

but:

# locate libstdc
/usr/lib/libstdc++.so.6
/usr/lib/libstdc++.so.6.0.8

so i have newer version that is needed, so:

# yum search libstdc
Loading “fastestmirror” plugin
Loading mirror speeds from cached hostfile
* base: ftp.cvut.cz
* updates: ftp.cvut.cz
* addons: ftp.cvut.cz
* extras: ftp.cvut.cz
libstdc++-devel.i386 : Header files and libraries for C++ development
compat-libstdc++-33.i386 : Compatibility standard C++ libraries
libstdc++-devel.i386 : Header files and libraries for C++ development
libstdc++.i386 : GNU Standard C++ Library
libstdc++.i386 : GNU Standard C++ Library
compat-libstdc++-296.i386 : Compatibility 2.96-RH standard C++ libraries

this is what I need, and after:

# yum install compat-libstdc++-33
Loading “fastestmirror” plugin
Loading mirror speeds from cached hostfile
* base: ftp.fi.muni.cz
* updates: ftp.fi.muni.cz
* addons: ftp.fi.muni.cz
* extras: ftp.fi.muni.cz
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
–> Running transaction check
—> Package compat-libstdc++-33.i386 0:3.2.3-61 set to be updated
–> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
compat-libstdc++-33 i386 3.2.3-61 base 232 k

Transaction Summary
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

Total download size: 232 k
Is this ok [y/N]: y
Downloading Packages:
(1/1): compat-libstdc++-3 100% |=========================| 232 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: compat-libstdc++-33 ######################### [1/1]

Installed: compat-libstdc++-33.i386 0:3.2.3-61
Complete!

everything goes well…

[root@msuno ~]# rpm -Uv /home/users/mrybak/kerio-kms-6.5.2-6426.linux.i386.rpm
Preparing packages for installation…
kerio-kms-6.5.2-6426.linux

Thank you for installing Kerio MailServer 6.5.2!

THANK YOU

Tags: centos, kerio mail server, libstdc

Wednesday, September 10th, 2008 Linux, Tips 1 Comment

signature verification failed - PLD Linux

For some time I have this warning:

poldek:/all-avail> upgrade pam-*
Processing dependencies…
pam-0.80.1-14.i686 obsoleted by pam-0.80.1-17.i686
pam-libs-0.80.1-14.i686 obsoleted by pam-libs-0.80.1-17.i686
There are 2 packages to install, 2 to remove:
I pam-0.80.1-17.i686, pam-libs-0.80.1-17.i686
R pam-0.80.1-14.i686, pam-libs-0.80.1-14.i686
Need to get 520.9KB of archives (520.9KB to download).
After unpacking 1.3MB will be used.
Retrieving ac-updates::pam-libs-0.80.1-17.i686.rpm…
………………………… 100.0% [139.9K (99.0K/s)]
Retrieving ac-updates::pam-0.80.1-17.i686.rpm…
………………………… 100.0% [381.0K (230.0K/s)]
error: pam-libs-0.80.1-17: signature verification failed
error: pam-0.80.1-17: signature verification failed
There were signature verification errors. Proceed? [N/y]

and finally I would love to make it clean!

But when I tried to do (followed by pld docs!!!):

rpm –import ftp://ftp.pld-linux.org/dists/2.0/PLD-2.0-Ac-GPG-key.asc

i got:

error: ftp://ftp.pld-linux.org/dists/2.0/PLD-2.0-Ac-GPG-key.asc: import read failed(-1).

So if you are scarred of “man in the middle” just to this:

wget -q ftp://ftp.pld-linux.org/dists/2.0/PLD-2.0-Ac-GPG-key.asc
rpm –import PLD-2.0-Ac-GPG-key.asc

best regards!

Tags: PLD, poldek, RPM, signature verification errors

Thursday, August 14th, 2008 Linux, Security No Comments

Marti’s Home

you can’t be as good as God, but you can be close!